Will using GrapheneOS protect my anonymity while using Snapchat? For example, if my snap gets reported will my real IP be able to be doxed?
Also, if I get banned on snap using grapheneOS, can I make a new one without Snapchat detecting that it’s from the same device?
I’ve heard a lot of conflicting information as to whether Snapchat is really compatible with Graphene to begin with.
bobsandvagene Snapchat works on GrapheneOS (at least with Sandboxed Play Services, don't know if it works without). Your IP will not be hidden by default but you can anchieve this with a VPN or Orbot.
If you get banned and try to create a new account Snapchat can know that it is still the same installation as per GOS documentation
Apps can generate their own 128-bit or larger random value and use that as an identifier for the app installation. Apps can create data in their app-specific external storage directory by default without needing permission, and in the legacy storage model before API 29 that data persists after the app is uninstalled, so it can be used to store an ID that persists through the app being uninstalled and reinstalled. However, external storage is under control of the user and the user can delete this data at any time, including after uninstalling the app. In the modern storage model, this data is automatically removed when the app is uninstalled. GrapheneOS includes Seedvault as an OS backup service which must be explicitly enabled, and it has the option to automatically restore app data when an app is reinstalled, so it wouldn't lose track of it being the same profile.
The ANDROID_ID string is a 64-bit random number, unique to each combination of profile and app signing key. The 64-bit limitation means it isn't particularly useful due to the possibility of collisions. It's tied to the lifetime of profiles and does not persist through profile deletion or a factory reset. This is comparable to an app targeting the legacy storage model storing a 64-bit random value in the app-specific external storage directory. In the future, GrapheneOS will likely change this to be tied to the lifetime of app installations rather than profiles. An app could still track the identity of the profile through data you give it access to or via data another app chooses to share with them.
Thank you. Is there any way to obfuscate the GOS documentation? Can Mulvad or Orbot help with this, or can those tools completely hide my identity while using these apps? Im aware VPNs have limits, and smart phone privacy is far behind that of computers.
bobsandvagene You can install Snapchat in an extra profile. When you want/need a new Android ID you'll have to delete the profile, create a new one and install snapchat there.
Ok so just confirming 1,000,000%, creating a new profile in Graphene (like a new qube in qubes) will allow for bypassing a Snapchat ban because it will recognize it as a new device?
bobsandvagene Ok so just confirming 1,000,000%, creating a new profile in Graphene (like a new qube in qubes) will allow for bypassing a Snapchat ban because it will recognize it as a new device?
Issue #2314 may be of interest.
This won't work at all.
These days there are many ways code can fingerprint the hardware of a device. This is much easier in a mobile device. The fingerprinting is not always obvious like canvas fingerprinting and may be proprietary (ie, the App queries an API that launches a memory/graphics test and developes a hash and then stores it on a server off the device linked to you). In Graphene there is a consistent media device ID that survives resetting the device and exists across all profiles. Profiles help to compartmentalize. They only provide some anonymity if youve ever done anything KYC with the hardware linked to an ID. You can try it but they will likely know it's you. They used to not do this and got tons of bots scammers and ad fraud and so they implemented lots of stuff to try to identify hardware. They do not tell people what it is. You can try and a new profile could be enough. There are posts on here about creeps.js ans other fingerprinting that show the problem.
Graphene OS is a harder OS for someone to hack or break into BFU and it does not have spyware backed into the OS. But Apps know it's Graphene if they are big corporations, they notice the absence of spyware.
A lot of times when people like Daniel are asked about reducing the fingerprint attack surface of Graphene, they say it's pointless because there are some things you can't block. In other words, to prevent the code from fingerprinting, you would have to spoof hardware. There have been talks among the developers about virtualizing inside Graphene, but it would be so mich work and if that happens, it will be far in the future.
At the same time, Graphene is fighting the Play Integrity API monopoly and so they may not want to totally prevent fingerprinting attacks because Graphene OS is really supposed to be a secure distro, not a distro for doing sketchy things.
But your understanding of things is wrong. It's not clear why you are mentioning Qubes. Qubes is configured for extreme compartmentalization and virtualization but does not inherently prevent fingerprinting within a virtualized environment.
bobsandvagene this also depends how they've banned you and whether it is hardware based or IP based or based on biometrics.
As someone who as never gotten banned on any platform, including this forum, and always tells the truth, you may want to reconsider your approach.
I have a friend who got banned on this discuss Graphene forum. My friend used fingerprint obfuscation and Graphene and the forum knew it was my friend right away. Also to clarify this friend is not actually me. We are different people.
angela I genuinely appreciate this informed response. It’s very refreshing and serves as an important reminder that you don’t know what you don’t know. You can never get to the bottom of the barrel when it comes to computer science. There’s always something new to learn. It’s like a Mandelbrot sequence that repeats itself forever. Ironically, you can actually write a Mandelbrot in code.
A question regarding the use of Mulvad and Orbot - can these tools be used in conjunction with one another to further obfuscate my identity on an android with Graphene? I understand from what you said that hardware fingerprinting on smartphones is largely unavoidable with today’s technology, but I’m just trying to think of things that can create more obstacles to digital tracing.
I mentioned Qubes because, especially when used with Whonix, it also utilizes hardware isolation, but in a different way.
