ryrona thank you for the thorough answer!
Identifiers across private space and profiles
Carlos-Anso Another great answer. This is good info to know. I'm not running the same apps on different profiles. But I am trying to keep a few nosey apps from having enough info about my device (that they undoubtedly sell), that someone could connect with identifiers to my other profiles or apps.
Carlos-Anso
Interesting
I've check out fingerprintjs-android and it appears that these identifiers and data points can be accessed without the app being granted any permissions.
Does this mean that any app would be able to uniquely identify any device with near 100% certainty provided that they integrate a library like fingerprintjs-android?
If so this means that any app would be able to uniquely identify your device whenever they like.
The only thing necessary is for the developer to push an update which integrates a fingerprinting library.
Furthermore, I don't believe there is going to be any way for the user to notice that this type of fingerprinting takes place, nor are there going to be any stumble blocks of any kind (like requiring the granting of additional permissions.)
To add onto this, apps can also read the value set for various user settings.
a month later
is there any way a feature could exist where you could spoof certain identifiers? such as spoof that you are using a pixel 7 when you are actually on a pixel 8? etc?
rellhom is there any way a feature could exist where you could spoof certain identifiers? such as spoof that you are using a pixel 7 when you are actually on a pixel 8?
It depends on what you're trying to achieve. It wouldn't be that hard to fool people who are easy to fool, but people who were serious would see that you were using a Pixel 8 that would be pretending to be a Pixel 7, and would plausibly be extra-interested.
rellhom Is it the case that "people who were serious" can also see that we are using a privacy OS in general and plausibly be extra-interested?
It's hard to answer that question in the abstract. Personally, part of my operating assumption is that if anybody genuinely well-resourced (national government, criminal gang) decided to spend genuine resources ($100,000?) on breaking into my phone, it would happen. Or if a rogue police officer wanted to acquire a detailed location track for me going back a few months, it would happen. Meanwhile, if anybody working for my carrier decides they want to see which devices connect to GrapheneOS web servers, they will turn up my device.
Meanwhile, I don't particularly want to Google to know who I text and call, or to have a location track for me, and I think they mostly don't. I don't want Facebook to know who my friends are, and I think they mostly don't.
For me those are very different problem classes. "They" aren't one group of people, and "they" don't all have the same abilities. Part of my thinking is that there is no way to carry around a cellular-connected device, and to use cloud services, and meanwhile to conceal everything about me from everybody. I believe it is necessary to decide what you want to conceal from whom, and how much effort/inconvenience/money you are willing to pay.
In answer to your question: if you use "privacy software" in a general sense, then it's pretty likely that somebody in a general sense will detect that. If you use Vanadium, or Brave, or Mull, etc., some web sites that want to detect that will probably detect it. If you use a VPN, your cellular carrier will know that you are using a VPN, and your VPN provider will know which web sites you use.
Meanwhile, if you use Google Voice, or Google's dialer, or RCS, probably Google does know who you call and text. If you use Facebook, they probably know where you live and when you wake up and sleep.
Personally I don't believe it's possible to spend lots of time online but to remain inside a general privacy bubble. To some extent, spending more time/effort/money can improve privacy, especially if the time/effort/money is focused on privacy from specific entities. But after a point increasing the amount of time/effort/money by modest amounts no longer results in even modest privacy increases. It is possible to spiral into spending more and more time/effort/money while still feeling that somebody still knows things about you. I prefer to avoid that.
And there are specific "privacy" things that I personally suspect result in increased attention. IMEI editing... data-only international-roaming SIM cards... I suspect those things aren't adding privacy for most people who are doing them.
Just my thoughts!
a month later
yellow-leaves Does this mean that any app would be able to uniquely identify any device with near 100% certainty provided that they integrate a library like fingerprintjs-android?
Sorry for the late reply. It is not an easy question to answer. Depends on many things and your question is not totally clear - fingerprint to compare against what? What a different app on the same device sees? When both apps run at the same time? If it is uninstalled and then reinstalled? etc.
The post you reply to more or less answers your question.
Having control over DRM ID will help, but as my comment explains there are many other ways. Some can be addressed with careful opsec.
5 days later
I was flabbergasted by the revelations in your post, I had no idea about all those variables which are (for the most part) needlessly exposed to apps and how easily they could be used for fingerprinting.
For this very reason I just had to ask, Is this in fact true?
Carlos-Anso fingerprint to compare against what? What a different app on the same device sees? When both apps run at the same time? If it is uninstalled and then reinstalled?
It's appears to me that any app developer could easily integrate a fingerprinting library into their app allowing them with to uniquely detect devices in the first two scenarios listed below.
When it comes to the third scenario I am however less sure, please lend me your thoughts.
Different apps could detect that they're are running on same device whether there in the same profile or not as long as they both run at the same time
Detect whether the app had been installed at prior point on the same device regardless of profile.
Detect whether different apps, running in different profiles at different times where running on the same device.
lets just assume the apps are able compare identifiers somehow.
Could they identify that they're running on the same device with reasonable accuracy?
yellow-leaves
I would agree with your first 2 points.
Regarding the 3rd its not black and white and depends on many factors.
Clearly theres things that will increase or decrease confidence, frequency of you using the apps, measures you may or may not take between opening the different profiles. For example rebooting, changing the amount of free storage, time zone, locale, removing SIM.
Theres lots of data points I listed in the post above, and certainly more, that two apps in different profiles can collect and have potential to be part of a fingerprint or when logged over time would increase confidence that the apps were installed on the same device. Need to consider each point how it could be used, potential ways to mitigate its use for this purpose.
If you suspect two different apps, or the libraries within those apps, may be collecting data on you to somehow fingerprint you or link your usage of the apps, and its very important that your usage of those two different apps can not be linked by any of those developers, or anyone they may share the data, it would be well worth considering running the apps on different devices. Otherwise you need to be very careful.
Running apps in different VMs will be useful when that is available. There are apps now available that make it possible to run different operating systems within their environments. No great solutions though. Using websites/web apps instead of apps will change what the app/service provider can collect about you.
When using such methods again you need to consider what data can be collected in each case which may be able to link your usage.