Did I deanonymize myself?

limper

Hello GOS community,

I came for little advice. I want to switch from Aurora store to Play Store, I use only owner profile. When I get the phone (Pixel 9 Pro), I enabled OEM on public WiFi, after flashing GOS I enabled always on and block connections without VPN. After that I installed Google Play Services. Problem is after downloading all apps, I had problem with one restricted on GEO, my VPN provider doesn't offered that country so I used other one. But somehow, my always on VPN and block connections without disabled and I leaked my own home IP address. When I realized it, I immediately turned it back on. My question is if it make any sense now to make anonymous Gmail account and logging it into Play Store, when I used owner profile with GPS installed without VPN? Since according to this article https://cascade.weblog.lol/how-to-create-and-use-a-google-account-anonymously-on-grapheneos#anonymous-phone-verification

"It is UNACCEPTABLE to log in to this account on any profile which already has/had Play Services as every profile on Android has an app ID based unique identifier which can be used by Google or other parties to deanonymize you."

"It is recommended to use the Always on VPN and Block connections without VPN features on GrapheneOS on profiles with this Google account. Note that Sandboxed Play Services is always active if it's enabled, so even disabling Always on VPN for a split second can deanonymize your account."

Will my account will still remain anonymous or this mistake basically kill it?

Thanks upfront for any help. I wish all of you a Merry Christmas!

IcyScroll

Hello and welcome!

limper somehow, my always on VPN and block connections without disabled

Do you mean that the toggles in system settings got disabled in the background? That seems rather impossible. Could you expand on that part? What were you doing before that happened?

limper I had problem with one restricted on GEO, my VPN provider doesn't offered that country so I used other one.

Were you changing active VPN provider app or did you just connect to a different country?

Probably9857

IcyScroll

limper my VPN provider doesn't offered that country so I used other one.

They were switching between VPNs.

Probably9857

IcyScroll That seems rather impossible.

Definitely possible. If you disable & re-enable a VPN from system settings, always on and block connections will be off, regardless of their previous state. Try it.

Not what I would expect, but there is a kind of logic to it: you just turned it off, so how could it possibly be always on?

limper

IcyScroll no, it doesn't disabled in background, as @Probably9857 mentioned, I was switching between VPNs since country I needed was not able in first and main one.

IcyScroll

Probably9857 I meant that it doesn't seem to be possible for it to get turned off in the background, without any user interaction.

limper

Bump

de0u

limper Honestly it's not clear what you're trying to achieve. It isn't really possible to be 100% anonymous, in the sense of concealing all information about you from everybody. If you use a VPN, that conceals which web sites you visit from your ISP, but your VPN service knows which web sites you visit. If you install a tracking-focused social media app and use it to access things that interest you, the app may well figure out who you are based on your interests alone.

The cited piece provides specific detailed directions but doesn't start off with a threat model, and your question also doesn't state a threat model (i.e., which information you want to conceal from whom, and which resources it is plausible will be brought to bear against you). Without a threat model it's hard to say whether any given individual piece of information leakage is problematic or not, or how applicable any given list of must-do/must-not-do directives is.

To be clear, I OEM-unlocked my device on my home network because I was not trying to conceal from Google the association between the device serial number/IMEI and me. Apparently for the author of that web page such an association would be "UNACCEPTABLE", though no reason is clearly stated. There isn't a single recipe that must be followed, because people have different goals.