• General

  • Tracking level of a Google account in the OS

I have read the docs and all the official website, however I am still can't be sure about how much data a sandboxed Google account can send and get from the profile it is installed into.

[removed]

[removed] [He] basically says that GrapheneOS does not solve Google tracking by sandboxing it, hence he advises do not use any Google account on it. He says that "soft-identifiers and web-workers" can track you. But I don't think web-workers can see Google account used by the OS, as Android browsers won't let them see it. And about soft-identifiers such as ADV ID (and others? which ones?)

How much truth are there? I mean of course Google will get some data if I use a brand new Google account just for Play Store. But which data exactly will Google get?

  1. IP Address
  2. ADV ID
  3. List of installed apps
  4. Phone model and OS version
  5. Account used in other apps which relay to Google Play Services?
  6. ?

Let's also make an example: in a user profile with Google enabled, I have : WhatsApp and a Bank app.

Can Google associate the phone number I use in WhatsApp with the Google ID in that user profile? Can it associate the account I use to login in my bank app to the Google ID?

    Hi @digital I removed some parts of your post because they mention a YouTuber who is known to spread misinformation. I don't want him to get any traffic from this forum, so I've removed the link, and mentions of his insecure phone and OS.

    One problem with microG is that it actually uses proprietary Google "blobs," so it's not as "deGoogled" as some people might expect.

    I'd suggest reading two sections on the website: one on hardware identifiers and the following one on non-hardware identifiers. After reading those two sections, you should have an idea of what regular apps can access, including Google apps.

    digital Can Google associate the phone number I use in WhatsApp

    No, not unless WhatsApp shares it on purpose or if they use some Google service and accidentally leak it via crash logs or something. But considering how big Meta is, I'd imagine they use their own internal stuff rather than rely too much on Google libraries for such things (but this is just a guess, I don't actually know).

    digital Can it associate the account I use to login in my bank app to the Google ID?

    Again, depends on how the app works. If the app doesn't share that info with Google, or if you don't use Google for single sign on somehow, then I can't think of a way for the info to be leaked to Google.

          6 days later

          other8026 No, not unless WhatsApp shares it on purpose or if they use some Google service and accidentally leak it via crash logs or something. But considering how big Meta is, I'd imagine they use their own internal stuff rather than rely too much on Google libraries for such things (but this is just a guess, I don't actually know).

          Meta has an actually weird connection with Google. First, WhatsApp backups are synced to Google Drive, unencrypted. Yes, Meta gave Google (for free? who knows) the contents of the messages of billions of users that it claims not to have itself. I don't even think there was a possibility to encrypt the backups for several years (now there is, I don't know when it became a feature). Even though backups were optional, they were the only way to transfer to a new phone for years.
          Also, WhatsApp (and logic would suggest Facebook and IG apps as well, but haven't checked myself as I don't use them) uses Google's DNS to bypass the system's DNS.