• General

  • Using GOS with real Google account

Anyone using GOS on their Pixel with their real Google account and use it as-if it were (or close to) stock? A lot of the videos and reviews I read online about GOS are usually from the "I don't want to exist online" but I still want a smartphone approach. Not many who use GOS as if it was just another ROM (or even stock).

I prefer Android overall versus iOS. I've used stock and custom Android ROMs for many, many years. I simply want a highly secure, custom "ROM" that allows a lot of options to tweak and tune as I want and not share or leak my data where I don't want it going. I thought of setting up the owner profile with all the usual Google apps/services and then maybe one or two additional profiles for "Social" apps and another profile for apps that I use for work, but that's basically it.

I'm still gaining over stock Pixel Android, yes? And not losing anything in terms of how much data does Google ingest, record, take from me??

    There's nothing wrong with that approach and it's not uncommon among GOS users. Using GOS doesn't mean that you need to de-google, run separate profiles, etc. It's totally up to you.

    sumactea I simply want a highly secure, custom "ROM" that allows a lot of options to tweak and tune as I want and not share or leak my data where I don't want it going

    GrapheneOS is not really a "modder ROM" (in fact, referring to it as a "ROM" at all will raise some hackles). The supported build is non-rooted, so people who want to tweak UI features, switch fonts, etc., will need to build their own variant from source. This can be done, and the build instructions are detailed. But the result won't really be GrapheneOS, and support on this forum is focused on people running an official build. It's possible to customize GrapheneOS, but the project's focus is on security and privacy, not on customization.

    Please note that I don't speak for the GrapheneOS project.

        de0u Fair point. I'm not looking for a rooted ROM to do all sort of customization. It was my only frame of reference I could think of when installing something non-stock on an Android phone.

        I would probably install a new launcher and icon packs, that sort of thing. Just want something as close to stock experience, but better in terms of security, data leakage, and google being nosy about how (and where) I use the phone.

          sumactea It's best not to use a custom launcher with an icon pack if you want to stay close to the standard experience, you're also adding an attack surface.

          It's not a bad idea to use GOS with your real Google account, I do and other users choose not to.

              what do you call a 'real' google account.. just out of curiosity?
              i use graphene as I would use a stock pixel or a samsung.

                • [deleted]

                • Post #8

                m4ri0g in this case you are using a real Google account. If you provide false information in the registration process or in some way try to obfuscate registration of your Google account, you may call it "anonymous" (which in the best case is a wishful thinking, in regards to protecting your anonymity).

                    Xtreix Can you elaborate on custom launchers and icon packs adding to a user's attack surface?

                        m4ri0g Real account meaning not an anonymous account. However, the more I think about this (and it's been quite some time since I created my first Google account) I wonder what sort of information would Google ask when creating a new account? I'm starting to think there aren't any benefits to using my original Google account except to use app purchases from a long time ago. I've already moved my email accounts Protonmail. I don't use/need any Google cloud services. I checked out all my data. I could close my primary "real" Google account and it would have zero impact.

                        I could just use cookiemonster@gmail.com to download apps from the Play Store and keep them updated. For app logins, I use per-app anon email addresses where I can or unique account names per app/website.

                        Realizing I could/should be less dependent on Google mothership functions and features. Ultimately, if I just need to get apps and keep them updated, then what does it matter if I use my old original Google account or not?

                          sumactea You trust a new user interface from a third party that becomes an overlay, rather than trusting the original interface provided by AOSP, you're setting up a new party to trust.

                          This doesn't mean that an alternative launcher like Kiss Launcher is malicious, and some launchers offer interesting choices in user interface, it will also take you away from the stock experience, which is what you don't want according to your comment.

                              Xtreix My meaning behind "stock experience" was not to mean "pure AOSP" but more along the lines of typical android experience where I can customize the UI to my liking.

                              Point taken on launcher concerns. I was always skeptical of Nova after they were bought out. I wonder if locking down a custom launcher (no network access, no sensors, etc etc) would render is usable, but keep it from doing things it shouldn't.

                                I use GOS, just as my previous phones, with my real Google account, just don't use many G services

                                  sumactea just the one owner profile. Just do what works for you and adjust as you needs and skills change. I don't need multiple profiles but you may benefit from using them. Installing GOS doesn't automatically obligates us to run in hardcore zero trace anonymity mode.

                                    I have a google account only for my phone and I never added my real name to it. I never log into that account on any other device than my phone.

                                    When I first learned using the internet I got taught to never use your real name online and only log into a website if you absolutely have to.

                                    I am still sticking to that advice.

                                    [deleted] i never have provided a google account my real information...
                                    when i get a new device a toss the google account and create a brand new one just for that device. I guess I have never own a real account then

                                        • [deleted]

                                        • Post #19

                                        m4ri0g Tracking, whether in the presence or absence of Google Play is an incredibly complex issue. My question would be, do you use apps where you provide personally identifiable information such as contacts, social media, banking/payment apps or similar? If you do, chances are you have leaked some of that information. Despite recent Android changes, apps still have plenty of opportunity to collect various software and hardware IDs and something what I would call zero day IDs, which by themselves can be enough to uniquely identify you. That, coupled with any collected personal info can lead to your true identity.

                                        I am painfully aware tracking isn't going to disappear any time soon, if ever, by removing the perpetual collection Google Play provides along with more than likely IPC. Unfortunately, I am also reliant on certain proprietary apps with network access where data collection and remote analytics is expected.

                                        Now, some may say that many people do not worry about this, as long as they operate in a safe environment with quick updates and extra features GrapheneOS provides. But then again, at least as many do.

                                          sumactea Anyone using GOS on their Pixel with their real Google account and use it as-if it were (or close to) stock? A lot of the videos and reviews I read online about GOS are usually from the "I don't want to exist online" but I still want a smartphone approach

                                          No, there are plenty of users that just want security and think privacy is a nice to have. I honestly don't care about Google Play Services having my "real" name or data. Its not in my threat model. However hardened_malloc is a must for me.