An option you can take if this app does not have to be installed in your GoS phone is tails. There's an app that does metadata removal for photos and videos.
An ordinary app without network access: this can harm my privacy?
Aurora Store is dangerous and insecure, it doesn't provide privacy benefits over using sandboxed Play Services on GrapheneOS.
Using it is officially not recommended by the project.
- Edited
pxlkng you will have to do better than that in the future. Depends on the app and what you permit it to do. Still comes from Play Store as a multitude of other Play Protect verified malware.
What do you mean by "do better than that"?
- Edited
This doesn't change anything of the fact that Aurora Store is dangerous and insecure with no privacy benefit over using sandboxed Google Play.
Last time we argued about this you cited AI as your source and it had to be removed by the mods because AI content is forbidden and it was misinformation.
pxlkng my answer to this is there remains a lot of misinformation in this forum that doesn't get removed. I said I consulted AI (among other sources) but my statement was not citing it but my own summation, so removing it wasn't really appropriate. So if anyone has anything to add on tracking capabilities of Google libraries in apps with network access in absence of Play services, please contribute here.
grayway2 that will be fantastic if the app communcation scope comes out. I have to apps using the app communcation channel for ads promotion. Blocking that channel will massively enchance both privacy and security protection
ARCemployee of course but it's extremely complicate for the team to implement this feature correctly.
I really hope they work on this App communication scope feature! That would be a nice feature to have and without it, it seems risky to use any non-Foss Apps.
I think the problem with creating new profiles is that this drain the ram and battery. It would be nice to be able to use at least few apps like whatsapp in the owner profile, but very restricted.
It would be amazing if you guys implement App communication scopes. The default could be preventing any communication between the apps, them the user choose with app the given app can communicate. In this way there is less change to have leaks and most of the apps don´t need to communicate with other apps to work.
ARCemployee That will be fantastic if the app communcation scope comes out. I have to apps using the app communcation channel for ads promotion. Blocking that channel will massively enchance both privacy and security protection
We'll see. But I think people may be assuming that an app that is blocked from talking to Google Play will just shrug its shoulders and go back to doing what the user wants it to.
However, some of those apps will crash and others will throw up some error message and quit. And why wouldn't they? If a game was written to show ads, that's because the game author wants to be paid by the advertisers. If ad serving is blocked, then the game author won't be paid.
I think IPC filtering might turn out to be mildly useful at assuring users that an app that is marketed as privacy-preserving actually is privacy-preserving, and at assuring users that an app that normally doesn't talk to other apps hasn't been taken over by malware. Those are useful. But I do not expect IPC filtering will convert privacy-invasive apps into privacy-respecting apps.
I also think we shouldn't wait for app communication scopes which I can imagine is very difficult if not impossible to implement and it would most likely break functionality because of the nature many apps are designed.
I would rather rely on compartmantalization, GrapheneOS implementation of android permission model and other various features provided by the OS to further separate and sandbox apps behaviour.
Choice of tools that work flawlessly is important here, some apps are designed to not work if certain conditions are not met. In other words, you can't expect that every app that you throw at the OS which can be pretty restrictive will play nice.