[deleted]
I suspect that Facebook and Instagram apps are designed to communicate with one another. The sandbox does not prevent them from sharing data, but it does prevent them from collecting data from other applications that are not designed to communicate with Facebook, Instagram, etc.

    matchboxbananasynergy With Android 15, your owner profile will also have a "nested" profile called Private Space which will allow you to have a profile to isolate apps in without having to switch users.

    What would be the difference between the Private Space and the Work Profile? And can you have both at the same time?

    edit: For example, the work profile has a separate VPN slot from the main profile and (with Shelter as the work profile manager) it's possible to share and access files across profiles when needed. Would this be any different with a private space?

      • [deleted]

      • Post #7

      matchboxbananasynergy

      so if I want instagram and facebook to have no knowledge of each other, you mention "profiles"

      is there a video showing the profile feature, I'm curious to how it works? is it easy to jump back and forth between profiles without needing to restart the phone?

          matchboxbananasynergy With Android 15, your owner profile will also have a "nested" profile called Private Space which will allow you to have a profile to isolate apps in without having to switch users.

          Can i have android 15 with the pixel 7a? I mean with grapheneos. Right now i have android 14/but those features you are talking about are something i want to have. Or do i have to upgrade my device for that?

          "In the future, GrapheneOS will also have an "Restrict app communication" feature to restrict communication between apps in the same profile."

          This grapheneos feature will be avalable for me in any case right? When will it be avalable? Like Pi multiple thumb

              Qurstionquoter

              I don't believe the "Restrict app communication" feature has an ETA. I think I first heard someone mention it is on the roadmap a year ago iirc

                Xtreix
                That depends entirely on whether Graphene updates the same way as Stock does. I'm not sure if new Android versions would be considered important from a security perspective or not. If so, GOS may provide users updates up to 18. If not, then fair enough. Point still remains that the 7a will have A15 (and at least A16, if not 17/18) anyway.

                Also, if Xtreix is right, and the updates are the same as Stock, could that be made clearer on the FAQ section? It makes it seem like all updates are supported up to the dates in the table, which is obviously not useful if that's not the case.

                • de0u replied to this.

                    Xtreix They are very unlikely to stop providing OS updates. We already see that Pixel 6 and 6 Pro are being included in Android 15 QPR1 betas, which are coming out in December, months after they'd supposedly stop getting OS updates. It just doesn't make sense for Google to add more work for themselves.

                        Dumdum That depends entirely on whether Graphene updates the same way as Stock does.

                        So far that has not been the case. So far all devices that are not EOL receive the same version of GrapheneOS.

                        I am aware of these exceptions:

                        1. When released, the Pixel 8 series was behind for around a month, because of a glitch in Google's release process.
                        2. At present the project is issuing "legacy extended support" releases from time to time for various devices. But my understanding is that the project plans to stop doing that soon, so that instead of trying to support some devices on A13, some on A14, and some on A15, eventually all devices receiving updates will be on the same Android release.

                        Please note that I do not speak for the GrapheneOS project. I don't know when the project might stop releasing updates for various devices (though I suspect it may turn out to be soon for the Pixel 4 and Pixel 4 XL, and maybe also the Pixel 4a). I suspect the labor to maintain the older devices is increasing, and I suspect the number of users is dropping.

                          matchboxbananasynergy I suppose Google will have to change its update table in the future so that it reads much more clearly, if its bizarre dates for pre-8 series models can be revoked, then that's much better.

                              Xtreix You have to keep in mind that the dates provided by Google are not an end-of-life date. It's a minimum support guarantee.

                              It seems that they were being cautious at the start which is why 6th and 7th gen have the "3 years of OS updates" and "5 years of security updates". They realized that would be silly and would require more work on their end than just being on the latest Android version, which is why they unified the support guarantees starting with 8th gen.

                                11 days later

                                I was under the impression the "sandbox" is provided by GrapheneOS. It's actually from Android 15? Sandbox is the term I've seen elsewhere. Is it the same as a profile? I'm also curious how the profile feature works, as @[deleted] asked. Apologies for bumping this conversation to the top again.

                                  alltheqs the "sandbox" is provided by GrapheneOS. It's actually from Android 15?

                                  Sandboxing is standard within Android (not just 15). Only thing that Graphene provides in terms of "sandboxing" is Google Play (and maybe the Scopes if that counts as extensions to the sandbox?)

                                  And no, it is not the same as a profile. Profiles are completely separate spaces on your phone. Sandbox is just a border / wall that goes around apps and restricts access from other apps (besides IPC)

                                    [deleted] is there a video showing the profile feature, I'm curious to how it works? is it easy to jump back and forth between profiles without needing to restart the phone?

                                    No need for a restart. It's easy to use, but still has a bit of inconvenience compared to using only one profile. Why don't you try it for yourself?

                                      The Google Play sandbox information is what confused me in the first place. I should have linked this at the top. If I have Google Play in its own sandbox, and I install the Notion app with Google Play, does Notion go in its own sandbox, or does Google have access to the data there? It sounds like Google will be aware of the app but not have access to it unless I explicitly give Google access to Notion data. That shouldn't be an issue since I don't know why I would need to share data between the two, aside from the initial download.
                                      My main interest in Graphene is to not be giving all my information to Google.

                                      Is it possible to have Google Play in its own profile, but download apps to a different profile? Is that overkill?

                                      • de0u replied to this.

                                        alltheqs If I have Google Play in its own sandbox, and I install the Notion app with Google Play, does Notion go in its own sandbox, or does Google have access to the data there?

                                        On Android systems, every non-privileged app is sandboxed (runs in its own sandbox).

                                        On Google's OS, the Play ecosystem apps are privileged system apps, so they are not sandboxed. On GrapheneOS the Play ecosystem apps are not privileged system apps, so they are sandboxed.

                                        On Google's OS, the Play ecosystem apps have elevated abilities to access the internal data of regular apps, but on GrapheneOS they don't.

                                        alltheqs Is it possible to have Google Play in its own profile, but download apps to a different profile? Is that overkill?

                                        That may make sense for some apps, but not apps that need access to services provided by the Play ecosystem, which must be in a profile with the Play ecosystem apps.

                                        alltheqs The Google Play sandbox information is what confused me in the first place. I should have linked this at the top.

                                        It might be productive to quote a specific sentence or two that would benefit from interpretation and then ask a specific question about that quoted part. If all somebody has to go on is a report that a large piece of text is confusing in a general sense, it may be difficult to provide specific clarification.

                                                de0u
                                                You say that on Google’s OS, the Play ecosystem apps have elevated privileges to access the internal data of normal apps. Surely they can’t read your encrypted messages on Signal, Whatsapp etc.?

                                                • de0u replied to this.

                                                    Cold_Beer You say that on Google’s OS, the Play ecosystem apps have elevated privileges to access the internal data of normal apps. Surely they can’t read your encrypted messages on Signal, Whatsapp etc.?

                                                    Honestly I don't know exactly who can access what when. But in the limit if you run WhatsApp on Android and you open it up and display a message, WhatsApp decrypts the message and then displays it to you by running a mountain of code written by Google.

                                                    Is some of the code that handles the cleartext message part of Play in particular? I don't know. But fundamentally running a secure messaging app on an OS places a lot of trust in the authors of the OS.