• Off Topic
  • What information does Google Play Store get on GrapheneOS if I sign in?

I don't think anyone can answer that definitively, as it will depend on which apps you have installed alongside Play Store/Services, what permissions are granted to those apps, and what information you provide via those apps.

    • [deleted]

    mythodical Well lets say the apps that I need with will have the only permissions it needs to function. Currently I have an iPhone and and 11 apps no permissions for any app except my 2fa app has camera access. I don't give apps permissions to location except maps, but everything else is completely permission-less

    I think that a more productive way to ask this question would be to generalize "Google Play Store" and replace it with "app".

    The entire premise of the Sandbox Google Play compatibility layer is that it teaches those apps to play nicely in the same app sandbox as all other apps. For example, if you install Google Play Store and Uber, these apps have the exact same access to things (guarded by permissions etc.) There's nothing inherently privileged/special about Play Store or any of the Google apps in GrapheneOS.

      [deleted] Apps in Android can communicate with each other via mutual consent. That means that both apps have to agree to share data with one another.

      If that's a concern for you, you can compartmentalize your apps in different user profiles as you see fit, as apps cannot communicate with the aforementioned mutual consent across profiles, as apps aren't even aware of each others' existence across profiles.

      I hope that helps!

        [deleted] I'm probably not the average example, so sharing my setup is probably not as useful.

        I think that in general, there is no right or wrong way to set things up. In order to make good choices, it makes sense to get a better understanding of what user profiles provide, and what they don't, and then decide what fits your situation.

        [deleted] My incentive for using GOS is not only security, but also data privacy.

        My understanding is that many apps use components of Google Play Services/Store and the Google Services Framework (GSF) to facilitate notifications, telemetry, advertising, and other data manipulation.

        Since apps can share data between each other with mutual consent, I assume at the very least that any apps made by the same developer will likely have some data-sharing enabled between them.

        If I use an app that does not have network permission granted (for example, Gboard) but which can share data mutually with another app that does have network permission (for example, Play Services/Store), then I view that as a potential privacy concern.

        I assume that any information collected via Google Service/Store APIs may pass through Google's servers on its way to wherever it's going, and therefore I try to minimize the amount of Google-dependent apps on my phone.

        For this reason, I do not use the Play Store/Services, as they pretty much require network permission to function properly.

          • [deleted]

          mythodical So do you use the aroura store for apps that are not available otherwise?

            [deleted] Yep, I use the Aurora Store for Play Store-only apps (Google Camera, Gallery, Gboard, financial apps, etc.), and I typically download the APKs for all other apps directly from their Github repositories; though Neo Store and Droid-ify are popular options for off-Play apps too.

            I do use GSF (for Google Camera and a few other apps), but I give it zero permissions so I'm not too concerned about it.

              • [deleted]

              mythodical okay that's nice to know! Do you happen to know if email apps like proton get notifications at all if they are not using google play services, that is something I am kind bummed about

                [deleted] That I don't know, sorry. I do have a proton account, but rarely use it and haven't tested it on GOS yet. I use K-9 Mail for multiple accounts however, and it works great without Play. It supports IMAP Idle for push notifications, which is pretty much instantaneous. Signal of course works great too without Play.

                  • [deleted]

                  mythodical do you know if k-9 can get microsoft 365 emails say for work?

                    matchboxbananasynergy You said that apps can share information by "mutual consent", but the HUGE question is how do I, as Joe User, determine which apps share information by "mutual consent"? Is this done with specific request to me to grant rights or that since they both have the Network App permission, they can share data?

                      dcd-graphenediscuss how do I, as Joe User, determine which apps share information by "mutual consent"?

                      There is no easy way to verify this, as far as I know, which is why I typically err on the side of caution.

                      It seems logical that any apps that feature advertising or in-app purchases will potentially sideload information to/from Play Services/Store via IPC (inter-process communication).

                      It also seems logical that apps made by the same developer will mutually share information with each other via IPC; for example, Meta's Facebook, WhatsApp, and Instagram apps, or Google's Play Services/Store with any one of the many Google apps.

                      In my opinion, iOS and Android are both inherently hostile to user privacy. A multi-billion dollar industry has been built around knowing what we do every minute of the day. GrapheneOS does an excellent job of mitigating this right out of the box, but the threat to privacy increases with each additional app that we ourselves install.