Private Space: Observations, launchers, and more

mythodical

I thought I'd share some notes from my recent experience using Private Space.

I've always avoided Google Play on my GOS devices, but I'm increasingly aware of the security risks associated with some third-party stores. I wanted to see what it would be like to use Play and Play Services in the Owner profile alongside other apps that are already associated to my real identity.

I would then use Private Space along with a VPN for more anonymous (logged-out) browsing, media scraping, and torrenting, with these apps managed via Obtainium and/or Droid-ify.

My overall goal was to increase general app integrity, and potentially lower battery usage through the use of Play Services for notification delivery, while implementing app and storage isolation where deemed necessary.

This approach has worked as expected but not without several unresolvable pain points...

Secure, but not as secure as other options

It's worth mentioning for newcomers that once Private Space is unlocked, a device restart is required to fully close Private Space's encrypted filesystem. The Private Space "lock" function does terminate any apps running in that space, but access to the data stored within this secondary filesystem is still possible as the encryption keys remain loaded until the device is restarted. My understanding is that this is necessary to allow for unlocking Private Space via biometrics after first unlock (AFU).

Using a full-fledged user profile will provide greater security, as its encryption keys can be unloaded upon closing the session (and the use of biometrics can be avoided altogether).

Extracting your data from Private Space

Android doesn't include a means of extracting files from the Private Space profile. Any connected USB storage appears only under the Personal (Owner) profile, and USB-to-PC transfers only work for full-fledged profiles. If you need to backup or extract data from your Private Space, you'll need to use a third-party app to send files to the Personal side (or send it to a cloud service, remote server, etc.).

Sharing items between Personal and Private apps

In-app sharing appears to default to the source app's origin (Personal or Private). For many apps, sending multiple items from Private to Personal, or vice versa, will require you to navigate to the opposite tab in the Sharing Link menu for each and every occurrence. Android appears to have no notion of a last used space for the Share destination. Some apps, such as Chromium-based browsers, do remember the last-used destination and even provide a direct shortcut to it within their context menus.

Android's generic sharing menu, displayed whenever copying something (text, image, etc.), always defaults to the Personal tab in the Sharing menu, regardless of the source app's location. This gets tiresome quickly with repetitive sharing (such as when sending links to a downloader). This one is particularly painful for me, as I prefer to use the generic menu in order to prevent the source app from tracking where things were shared.

Launchers and Private Space

Very few third-party launchers currently support Private Space, and what follows are my own observations from those I could find.

For the sake of comparison, the default GrapheneOS launcher provides very basic support for Private Space. Once Private Space is enabled in the device settings, it appears at the bottom of the Apps menu. Users can lock/unlock Private Space from this location as well, but cannot incorporate private apps into the Home screen in any way.

Please do share if you're aware of any other launchers that support Private Space.

µLauncher

µLauncher (FOSS) provides the best integration of Private Space thus far. Users can:

Easily unlock/hide Private Space using the padlock icon shown in all of its app menus, and will be automatically prompted to unlock when using a gesture to access the Private Space menu
Add PS apps alongside regular apps in the Favorites menu
Assign gestures to access the Private Space app menu and/or toggle the Private Space lock
Assign gestures to launch specific private apps

Note that all private apps are prefixed with 'Private', and this prefix cannot be changed. The 'Private' prefix is also not taken into account for sort order, which can result in menus like this:

Private Aurora Store
Brave
Private Brave
Files
Private Files
Gallery
Private Gallery
Gboard

Kvaesitso

Kvaesitso (FOSS) provides basic Private Space support:

Private Space apps and controls are accessed via the All Apps menu tab
Users can add private apps alongside regular apps in Favorites, including those shown on Home screen
Users cannot integrate Private Space in any other way (no actions or direct dialing of private contacts, etc.)

Lawnchair

Lawnchair (FOSS) nightly builds, as of v15, provide very basic Private Space support:

Private Space apps and controls are provided at the bottom of the All Apps page
Users cannot add private apps to the Home screen, nor integrate private apps or actions in any other way

Smart Launcher

SmartLauncher 6 (proprietary) provides bare-bones Private Space support:

Provides a dedicated Private Space app page via the All Apps kebab menu
Smart Launcher can lock/unlock Private Space via this kebab menu too
Users cannot add private app icons to the home screen nor integrate private apps in any other way (no assignable actions, etc.)
Very cumbersome if you access Private Space frequently

fid02

mythodical It's worth mentioning for newcomers that once Private Space is unlocked, a device restart is required to fully close Private Space's encrypted filesystem.

There will be a similar end session button for Private Spaces in an upcoming release, perhaps the next one, according to current release notes for 2025051900.

mythodical Android doesn't include a means of extracting files from the Private Space profile. Any connected USB storage appears only under the Personal (Owner) profile

Not correct. It's the AOSP Files app that doesn't support USB in Private Spaces. If you try it with Google's Files app it works fine. Android has support for it but the Files app doesn't.

mythodical and USB-to-PC transfers only work for full-fledged profiles.

Seems to be correct.

RockHyrax

mythodical

Lawnchair (FOSS) nightly builds, as of v15, provide very basic Private Space support:
Private Space apps and controls are provided at the bottom of the All Apps page
Users cannot add private apps to the Home screen, nor integrate private apps or actions in any other way

I would like to point out that you can indeed add Private Space apps to your homescreen alongside owner apps. The caveat is you can only do so for newly installed apps within Private Space. Once Private Space locks, you will not be able to move that app on your home screen.

I have also found a weird work around within Lawnchair to move already installed apps within Private Space to homescreen without having to reinstall them. Steps to reproduce:

Have Private Space unlocked
Switch Launcher to default Launcher
Switch Launcher back to Lawnchair. After switching back to lawnchair, your Private Space should appear as Work Profile. While viewing Work Profile you should be able to move apps to your homes screen.
Restart phone and Work Profile should now be called Private Space and app configuration should remain the same on homescreen.

I have been using Lawnchair Nightly with Private Space with this configuration for about 4 months now with no issues.

Berlino

If you activate the option to add new apps to the home screen in Lawnchair, the shortcuts are also placed on the home screen for user apps in the private space after you have installed an app (~~I have not tried to place/group these private space icons in a home screen folder, so I can't tell if this will work~~ just tried, it works for grouping in folders).

Unfortunately, you have to have it activated from the start of the private space setup to be able to have all desired user apps from the private space as a shortcut on the home screen.

See: https://discuss.grapheneos.org/d/20505-love-the-private-space-feature-possible-to-move-app-positions/4

mmobder

fid02 according to current release notes for 2025051900

What's looks awesome, is that as I understood, PS will be enabled to non-owner accs, except for auto-lock. Thanks for pointing out the update!

buscopina

Regarding Kvaesitso: I kind of like the launcher very much, but it's somewhat hard to customize it accordingly. The homescreen is nice but when it comes to add favorites and make use of tags, it shows just too much / or too little :)

With private space I have the problem that it constantly asks for unlock an app. So PS is set to auto lock when rebooted but when I would like yo open an app from PS it requires an unluck of PS and an additional fingerprint / Pin for opening the app...
I don't see that with the built in launcher.

AttemptUndertook

@GrapheneOS - Any chance the default launcher would support adding Private Space apps to the home screen in the near future?

mmobder

AttemptUndertook sounds somewhat controversial re the ! purpose of PS. Samsung I think doesn't support it either

AttemptUndertook

mmobder

I understand the controversial part, but I also heard that Private Space can be used as a replacement for a Work Profile since it is more secure and don't have to use another app.

With Work Profile, I am able to add apps to my home screen. I am just looking to replicate that same functionality with Private Space. Maybe a toggle within Private Space settings to allow apps to be added to Home Screen would solve this issue.

jefla

MultiLauncher also supports private space.
https://github.com/DroidWorksStudio/mLauncher

AttemptUndertook

RockHyrax

I understand that there are FOSS launchers out there that allow adding Private Space apps to the Home Screen and @mythodical has done a great job testing and outlining those for us.

My question is, will the GOS default launcher support adding Private Space apps to the Home Screen in the future? I would rather not download another launcher just for this, but if this not on GOS's roadmap, then I will.

Thank you.

yam8449

RockHyrax Is there some trick with Lawnchair to add PS apps to the home screen? I just created a PS and installed accrescent, but there's no ability to long press and slide it to the home screen for me. I'm on the latest nightly as well.

I even tried your suggestion of changing launchers to no avail.

RockHyrax

yam8449 make sure you have the setting "Add new apps to home screen" enabled within Lawnchair app settings.

Any new app installed within private space should appear on your home screen.

yam8449

RockHyrax Unfortunately that isn't working for me, I'm using the latest nightly too. What version are you on?

RockHyrax

yam8449 most current nightly build. i update it quite often (usually whenever there is a new nightly release)

i think you may have a misunderstanding. you are not able to add existing apps from private space to home screen. only newly installed apps will automatically appear on homescreen after downloading.

see this thread here:

https://discuss.grapheneos.org/d/20505-love-the-private-space-feature-possible-to-move-app-positions

yam8449

RockHyrax Yea, I'm trying by installing from accrescent with "add new apps to home screen" enabled. BUT, I did uninstall Lawnchair, then reinstalled it with obtanium and PS is showing up as work profile now with me being able to manipulate apps!

RockHyrax

yam8449 i believe by default apps installed via Accrescent do not show up on home screen, even on stock launcher from I experienced.

Nice I'm glad you got the weird Work Profile glitch working allowing you to configure your home screen to your liking.

I will say be careful making changes within Lawnchair app settings after you get your setup configured. Any minor setting change will reset all your PS apps layout lol