New to Graphene, really enjoying it but its a learning curve. Scared myself a little here.
I set up a user profile with the intention of only running Tor browser on it (i.e. only Tor browser installed, although also Orbot for possible use of other apps later). My threat model is corporate surveillance (here, mostly of health information). It has cellular data turned on only.
I have found that when I go through the permissions on the profile, there are a surprising number of things that have network access. I have listed them out below.
I can't switch network off for some of these apps - its grayed out, like com.google.android.iwlan. Although wifi is off on this profile also. So is Bluetooth.
Firstly, I'm just surprised. Second, I'm worried about a correlation attack - there's no personal information on this profile, no contacts/phone/SMS, but I don't understand what hardware or other identifying information is available, even with the Tor Browser or Orbot.
Location is off in this profile, but does e.g. Print Service Recommendation Service figure it out from network information?
Does the lack of Google Play Services/Framework/etc mean that these apps cannot communicate 'out' to the Google servers?
Confused. The ones I am most worried about are ** in the list below.
Network
Allowed
- Ad privacy
- Android Services Library
- Auditor
- Calendar
- Calendar storage
- Captive portal login
- com.android.ondevicepersonalization.services **
- com.android.federatedcompute.services **
- com.android.imsserviceentitlement **
- com.android.sdksandbox
- com.google.android.iwlan **
- Default print service **
- DeviceLockController
- Download Manager
- Dynamic System Updates
- Gallery
- ImsService
- Info
- Intent Filter Verification Service **
- Messaging
- Operator communications
- Orbot
- OsuLogin
- PacProcessor
- Phone
- Print Service Recommendation Service
- ProxyHandler
- RcsService
- RemoteProvisioner
- Settings
- Tor Browser
- Vanadium
- Vanadium System WebView
- Wallpaper and style
- Work Setup
Not Allowed