Hello all. I got a Pixel 6 on black Friday and installed Graphene OS. I am in the process of moving everything over from my current phone and was wondering if there is a different keyboard I can use. I currently use voice-to-text often and would like to retain that feature. Am I able to securely use gboard without giving up my privacy?
Different Keyboard Security
- Edited
Meierme Gboard is a fine option, and as far as I can tell, it doesn't require Sandboxed Google Play or the network permission for its core functionality. However, it might need that for voice-to-text. Someone that uses that should weigh in.
Welcome to GrapheneOS, by the way!
matchboxbananasynergy so when I try to enable it I get a popup saying that it has the potential to collect all of the data I "give it" ie: anything I type. Is there a way to prevent that, or is that a generic popup?
Meierme if you're referring to when you make Gboard your default keyboard/input option, that's a standard warning/notification. You would get the same thing no matter what keyboard you tried to make your default.
@matchboxbananasynergy @Meierme this doesn't appear to work without network permission and/or Play services. I have only GSF installed and no network permissions on either Gboard or GSF. When voice typing is enabled, I do not receive the "Speak now" prompt when holding the mic icon.
Thank you for your help. I hope with everything I am trying to download and add, that I'm not defeating the purpose of using GrapheneOS. Is there some sort of security/privacy check I can do when I'm done? To make sure no apps are collecting personal data.
mythodical So there is a new feature with Gboard that downloads the voice assistant onto your phone and it says it can be used in offline mode once downloaded. I wonder if giving it temporary network access while it downloads, then revoking it after would allow me to use it.
- Edited
Meierme If your primary goal is data privacy, you'll need to think carefully about which apps you install, and also which apps you grant network permission. This may often mean finding alternative solutions to apps you once used, or in some cases doing without them entirely.
Apps generally have only the privileges that you explicitly grant to them directly or indirectly; directly by way of permissions, and indirectly by way of Android's inter-process communication (IPC) protocol. IPC is essentially an app's ability to share information with another app through mutual consent. There is currently no easy way to know which apps share what with each other, but whatever is shared would have to be agreed upon by the app's developer(s).
You can find other threads here relating to IPC if you're interested in learning more.
mythodical It's possible that you would also need a speech-to-text app, as GrapheneOS doesn't have one by default.
Meierme I hope with everything I am trying to download and add, that I'm not defeating the purpose of using GrapheneOS.
That depends on what you think the purpose of GrapheneOS is. GrapheneOS is an OS that substantially improves security and privacy. It's not specifically about avoiding Google or Google Services, although it's great for that if that's your goal.
Sandboxed Google Play, all other Google apps, and all apps in general for that matter, are sandboxed the exact same way on GrapheneOS. They only have access to what you allow them, and you get much greater control with the network and sensors permission, as well as Storage Scopes which obsoletes the standard storage permissions in pretty much every case.
I guess what I'm trying to say is that how you use GrapheneOS is up to you. There's no specific purpose to defeat. GrapheneOS provides features for every use case, and enhances security and privacy without sacrificing compatibility.
[deleted]
mythodical what can the network permission do if you have every other permission revoked? Say One app only has network but everything else is gone. What information could I be giving it?
- Edited
[deleted] in the absence of any other permissions, an app with network permission would be able send home any information you explicitly give it, and any information given to it by any other app via IPC.
[deleted]
mythodical oh I see. Don't most apps need network permission to run properly?
mythodical matchboxbananasynergy
So I got voice-to-text to work with Gboard. What I had to do was to go to Gboard settings > Voice Typing > turn on "Faster Voice Typing". I then had to download "speech Services by Google" and wait for it to download what it needed.
After that was done, I was able to remove network permissions for both apps. So far it works well.
Meierme that's great, glad to hear it worked out in the end!
- Edited
[deleted] it's true that most communication and social media apps require network access to function properly and, excluding private messaging apps like Signal, you can't really expect much privacy while using these apps.
There are many apps however, which sometimes handle your most sensitive data, that shouldn't necessarily require network access. Photo managers and image galleries, audio players and recorders, document readers and scanners, text editors, password managers, calendars, contacts, keyboards, dialers, file managers and encrypted container managers, and personal health apps are all examples of apps that you may not wish to grant network permission when data privacy is paramount.
17 days later
Meierme So I got voice-to-text to work with Gboard. What I had to do was to go to Gboard settings > Voice Typing > turn on "Faster Voice Typing". I then had to download "speech Services by Google" and wait for it to download what it needed.
How do you know it downloaed what it needed ?
For now, I have 2 language on GOS. ENglish now works OffLine but not french... NOt sure why ( I'm talking about Voice Typing).