Users: Contribute Location data for future network location usage.

Xtreix

balint Not available yet.

vacuum0

BeaconDB says they are not ready to allow downloads of their database due to privacy concerns. Are there privacy concerns with us contributing to their database? It would be good if GrapheneOS could spoof precise location with this location, so apps that request precise location get approximate location. The Bluesky thread already suggested location scopes and this spoofing could be part of that.

missing-root

vacuum0

Let's do this step by step

local privacy

While scanning, you use GPS and (if you didnt change that) A-GPS via GrapheneOS proxies. Should be very private.

You may have Bluetooth enabled, not sure if this theoretically makes you trackable. But it is a fine drawback for me.

You may have wifi enabled, which should be pretty much fully private.

You may have cell data enabled, which means your ISP knows where the device with that ID and phone number is.

So, of course it is more private to not stumble data, but you need to do this once for every path you make, never again.

database

If you submit data there, a GPS point and surrounding networks will appear in the database.

The BeaconDB dev is trustworthy I think. They have good intentions. They could totally track you, but likely dont. All they would know is where some device was and at which surrounding networks.

There is no ID or account or anything, so people uploading data are not tracked. The data itself is controlled to prevent tampering (you need to know some surrounding networks when uploading new data)

wifi owner privacy

Unlike apple, google and probably all others, beaconDB wants to "geo-hash" the wifi SSIDs (names) and MacS so that you cannot get a single location if you only know one SSID or MAC address.

You can also always add nomap to your wifi name to prevent addition to the database.

Mobile hotspots will also always be left out from the database.

So in result, BeaconDB is fine.

Franco

Hello, for testing I just covered an new area nearby my place. How long does it take to be reflected on https://beacondb.net/map/?

Franco

It appears now, it took a few hours to be processed.

vayun

Hey I recently found out about BeaconDB and I put together this non-privileged app that uses the Mock Location option in the developer settings to set the phone's location to the location provided by BeaconDB. App is available here if you want to try it out:

https://github.com/vayun-mathur/Alternative-Location-Services

HMC

Isn't this this the same method used by the likes of G and A to track users when GPS location services is not available (including deliberately disabled)?

No thanks.

missing-root

HMC

Yes Google, Apple, Garmin, Samsung and way morw all have this network location system.

But GrapheneOS has not many system apps that could always access your ("fine", i.e. network) location.

So no, this just improves location for when you need it.

LeslieFH

You can install Neostumbler from Accrescent, and when you first run it, it asks you if you want to set the endpoint to beaconDB, so there's even no need to enter the address manually. :-)

moddel

What is the status of Network Location on GrapheneOS?

For example, in the post linked above:

"We provide emulated network location support to use apps depending on network location without it. We're in the process of implementing our own network location client with support for choosing between multiple services. It's currently being tested and polished up to ship it."

This was 5 months ago, has progress been made since them?

More generally speaking, how does GrapheneOS provide network location? In the documentation it states "GrapheneOS provides network-based location as an op-in feature with out own implementation"
Okay, great where are the details of this? How does it work?

More importantly, how does it compare to MicroG implementation which allows you to use multiple Network-based Geolocation modules such as Apple WI-Fi, GSM Location Services, Local NLP, Mozilla etc.

It seems like this would be the largest pitfall to moving to GrapheneOS- how well can I open a mapping application like Organic Maps and get my location easily and accurately.

soupslurpr

moddel hello, network location is now implemented in GrapheneOS. You can read about what's in the latest OS release and future plans here: https://grapheneos.org/features#network-location

moddel

soupslurpr
Yes I have already read that page however I find it unclear.

The first few paragraphs describe a new GrapheneOS service based on Wi-Fi Access Points (APs)." then the last paragraph states Users can currently choose between using our proxy to Apple's service or directly using Apple's service.

It also says the service is based on APs while Apple's service uses APs, cell towers and Bluetooth.

So which is it, a new AP only service or a proxy to Apple's service.

Is this currently the only option for network based location? If so then what did Graphene use 6 months ago before this service.

Are you using Graphene, can you clarify?

soupslurpr

moddel I'm using GrapheneOS and I'm the main developer working on network location, let me clarify.

The feature is separate from the service. The feature is ours, while currently only Apple's service can be used to retrieve the data needed to determine your position.

It just needs to retrieve the data from a service (by sending network identifiers), then calculates your position on-device from the data it got using a robust algorithm.

It says that our feature will be extended to support cell towers in the near future, meaning it can make use of cell tower data and use that data to determine your position. Apple's service does support cell towers so it can get the data for them from that.

Apple and Google also use Bluetooth beacons but Wi-Fi works fine so we don't support it.

Users can currently choose between using our proxy to Apple's service or directly using Apple's service. We're in the process of building our own database and service based on data from multiple sources including Apple's service. Unlike the Apple and Google services, our service will provide support for fully offline usage based on database downloads rather than requiring sending network identifiers to the service to fetch data for them.

So this means we'll make our own service you can select to use to get the data, and it'll also support downloading databases so you can use network location offline.

\
\
\

Before network location was implemented, and when network location is turned off, GrapheneOS reroutes network location requests to GNSS (GPS, Galileo, etc).

moddel

Thank you for taking the time to answer! Can you confirm if my understanding is correct:

soupslurpr The feature is separate from the service. The feature is ours, while currently only Apple's service can be used to retrieve the data needed to determine your position.

Okay so the network location feature if Graphene's:
"Unlike Google's service and similar to Apple's service, our feature provides local position estimation based on retrieving location data for nearby networks from a service."

So there is a Graphene feature that allows for network location from a service. Currently only Apple's service is supported? If so then the apple service allows getting position from cell towers and wifi APs however Graphenes feature can only [currently] use the AP data but in the future it will be extended to use cell towers as well. Is this correct?

Is this new feature similar to the Apple Wi-Fi location module that microg uses?
Microg also has several other location modules "GSM location Service, Local NLP Backend,Merged Wi-Fi Location Service, Mozilla Location Service, Trains Location, Nominatium address lookup etc."

In the future GrapheneOS will make its own service which will work with this new feature.

soupslurpr Before network location was implemented, and when network location is turned off, GrapheneOS reroutes network location requests to GNSS (GPS, Galileo, etc).

What happens now, assuming no google play services installed, does GrapheneOS reroute network location request to this new service?

What happens if the service cannot provide a location, does it fallback to GNSS? Are there any plans to implement more than on service such as the microg implementations?

How about real life application. Take an OSS Mapping app like Organic Maps, is it able to use the GrapheneOS network location feature to get fine grained location from the apple location service?

Finally, does wifi scanning need to be turned on in order to take advantage of this new feature?

soupslurpr

moddel

moddel So there is a Graphene feature that allows for network location from a service. Currently only Apple's service is supported? If so then the apple service allows getting position from cell towers and wifi APs however Graphenes feature can only [currently] use the AP data but in the future it will be extended to use cell towers as well. Is this correct?

Well Apple's service provides the locations of cell towers and Wi-Fi APs, but otherwise this is correct.

moddel Is this new feature similar to the Apple Wi-Fi location module that microg uses?

Likely a a little similar, but I can't comment on any specifics since I haven't read that code.

moddel What happens now, assuming no google play services installed, does GrapheneOS reroute network location request to this new service?

No, by default it's off because it reduces privacy. Network location requests will be rerouted to GNSS. If network location is on, then this feature will be used.

moddel What happens if the service cannot provide a location, does it fallback to GNSS?

Well, the way location in Android works there are multiple providers. So the network location provider just won't provide a location. Apps can decide what to do.

moddel Are there any plans to implement more than on service such as the microg implementations?

As of this time, there aren't any plans to add support for more services other than our own in the future.

moddel How about real life application. Take an OSS Mapping app like Organic Maps, is it able to use the GrapheneOS network location feature to get fine grained location from the apple location service?

Organic Maps does request a location from the network location provider and works great with it. Location accuracy varies, but 10 to 50 meters is what I've seen it usually get when using Apple's service for the positioning data.

moddel Finally, does wifi scanning need to be turned on in order to take advantage of this new feature?

Either Wi-Fi or Wi-Fi scanning needs to be on. So if Wi-Fi is off, Wi-Fi scanning needs to be on or it won't work. if Wi-Fi is on, Wi-Fi scanning doesn't need to be on if you want it to not work when Wi-Fi is off.

moddel

soupslurpr Organic Maps does request a location from the network location provider and works great with it. Location accuracy varies, but 10 to 50 meters is what I've seen it usually get when using Apple's service for the positioning data.

How to enable it inside Organic Maps. There is a setting:

"Google Play Location Services
Quickly determine your approximate location using Bluetooth, WiFI, or mobile network."

Is the Google play location services mentioned here the Network Location service feature?

Okay so this is a major usability drawback to GrapheneOS. If network location services

soupslurpr

moddel No, that toggle in Organic Maps is whether it uses Google Play Location Services or the OS ones.

However, GrapheneOS reroutes apps using the Google Play Location Services to the OS. So even if it's on, it won't have any privacy impact since it won't actually use those services (as long as rerouting is on in GrapheneOS Settings, which is the default).

There's more detail about this in the usage guide in the following section https://grapheneos.org/usage#sandboxed-google-play if you want to know more.

moddel

soupslurpr However, GrapheneOS reroutes apps using the Google Play Location Services to the OS.
So even if it's on, it won't have any privacy impact since it won't actually use those services (as long as rerouting is on in GrapheneOS Settings, which is the default).

Thanks this is quite helpful. When you say OS ones, you are referring to the new Network Location feature or the GPS or both? Which one is sent the request first or are they both sent the request at the same time?

soupslurpr There's more detail about this in the usage guide in the following section https://grapheneos.org/usage#sandboxed-google-play if you want to know more.

I have read this page 4 or 5 times and it is the hardest part of GrapheneOS to understand. I think the description on this page are high level and hard to conceptualize. Maybe this is off topic for location but you are a developer so I would like to ask.

The alternative implementation, microg, is more hackey and plays a cat and mouse game with google, but it is open source and easy to understand by looking directly at the code.

I understand that GrapheneOS sandboxes Google play services, I see this mentioned over and over but how does restricting Google Play services to a regular user sandbox protect the privacy of the user?

For example, microg state in the Google device registration:
"[This toggle] registers your device to Google services and creates a unique identifier. microG strips identifying bits other than your Google account name from registration. How does GrapheneOS's implementation handle this?

on the webpage microg Google Network Connection webpage:
https://github.com/microg/GmsCore/wiki/Google-Network-Connections

"For all of them, we strip device identifier (MAC addresses, IMEI, etc) from requests where they normally would be (and if required use random but valid identifiers instead)."

Okay so this is pretty clear. Now, how does Grapheneos handle these identifiers when Sandboxed Google Play Services is installed? Here it states: (https://grapheneos.org/faq#hardware-identifiers):

"As of Android 10, apps cannot obtain permission to access non-resettable hardware identifiers such as the serial number, MAC addresses, IMEIs/MEIDs, SIM card serial numbers and subscriber IDs." so now Google Play is a regular user app so it does not have access to these identifiers.

What does GrapheneOS send to the Sandboxed version of Google Play Services when the google server is expecting to get these ids? Is it sending randomized identifiers, a string of zeros, nothing at all, something else?

Thank you for your work on GrapheneOS, awesome project to be a contributor to.

soupslurpr

moddel

moddel Thanks this is quite helpful. When you say OS ones, you are referring to the new Network Location feature or the GPS or both? Which one is sent the request first or are they both sent the request at the same time?

Happy to help.

Ah, so I mean the OS location services rather than Sandboxed Google Play's. It gets routed to GPS (GNSS), NETWORK, or FUSED depending on what the app requests, you can read the code here https://github.com/GrapheneOS/platform_packages_apps_GmsCompat

Specifically for provider selection, see the following part https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/blob/3425f1114fb2609fd6053304fcf7e37aa7c05071/src/app/grapheneos/gmscompat/location/OsLocationProvider.kt#L22

moddel What does GrapheneOS send to the Sandboxed version of Google Play Services when the google server is expecting to get these ids? Is it sending randomized identifiers, a string of zeros, nothing at all, something else?

I don't have much experience with the Sandboxed Google Play part of things, but it definitely can't read the actual IMEI or other identifiers other apps can't read as stated in the FAQ. It doesn't have special permissions that other user-installed apps don't.

You can try looking at the source code for GmsCompat but I don't think there's anything like what you described for this.

de0u

moddel I have read [the GrapheneOS "Sandboxed Google Play"] page 4 or 5 times and it is the hardest part of GrapheneOS to understand. I think the description on this page are high level and hard to conceptualize. [...] I understand that GrapheneOS sandboxes Google play services, I see this mentioned over and over but how does restricting Google Play services to a regular user sandbox protect the privacy of the user?

I think part of the problem is that there is such a spectrum of engagement with Play, and Play is so big.

For example, let's say GrapheneOS's sandboxing of Play successfully manages to randomize all identifiers (this is suspected to not be the case, see Issue #2314). Let's say a user pays for an e-mail program using a Google account that is supported by a gift card that was bought using some cryptocurrency (I don't know if this is still feasible).

But what if the e-mail program is using Play's licensing library? And what if the e-mail program uses an e-mail address as part of the licensing data?

If a user puts personally-identifying information into an app, and the app uses a Play library to share the information with Google (or uses any library to share the information with any third party) then no amount of subterfuge on the part of GrapheneOS's sandboxing of Play can recover from that. Also, my understanding is that microG, at least in the past, downloaded and ran some Google library code. If so, then if a user puts personally-identifying information into an app, and the app uses microG code to process the information, again there is no way to recover from that.

moddel What does GrapheneOS send to the Sandboxed version of Google Play Services when the google server is expecting to get these ids? Is it sending randomized identifiers, a string of zeros, nothing at all, something else?

I expect that the source code for the various shim methods will reveal that (personally I have no idea -- I don't use Play at all).

moddel

de0u I expect that the source code for the various shim methods will reveal that (personally I have no idea -- I don't use Play at all).

Yes I have been looking though https://github.com/GrapheneOS/platform_packages_apps_GmsCompat for these shims but haven't found it yet.

de0u I don't use Play at all).

How do you handle notifications and location? Without Google Play, these are second rate experiences.

de0u

de0u I expect that the source code for the various shim methods will reveal that (personally I have no idea -- I don't use Play at all).

moddel Yes I have been looking though https://github.com/GrapheneOS/platform_packages_apps_GmsCompat for these shims but haven't found it yet.

This might be a starting place: https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/blob/3425f1114fb2609fd6053304fcf7e37aa7c05071/gmscompat_config#L209

de0u

de0u I don't use Play at all.

moddel How do you handle notifications and location? Without Google Play, these are second rate experiences.

It depends on what one is seeking to optimize. For certain usage patterns GNSS provides adequate localization, and it is unmatched in terms of privacy.