IPC questions

groove_untie145

Hi guys, I just wanted to ask some questions I've had a look on the forums and haven't been able to really get something concrete

What specific types of data can Google Play Services potentially access from other apps in the same profile via IPC?
Are there documented cases of apps using IPC to bypass individual app permissions so let's say something like a nonlocation app getting location data through Google Play Services that has location permission?
Does GrapheneOS completely prevent IPC between apps in different profiles, or are there any system-level IPC channels that cross profile boundaries?
In my current setup (all apps on owner profile), what categories of data could theoretically be accessible to Google Play Services through IPC?

de0u

groove_untie145 What specific types of data can Google Play Services potentially access from other apps in the same profile via IPC?

That's not how it works. Apps that use Google Play can choose to send information to Play, or can choose to request information from Play.

groove_untie145 Are there documented cases of apps using IPC to bypass individual app permissions so let's say something like a nonlocation app getting location data through Google Play Services that has location permission?

With some frequency people are unhappy that an app without Network permission fetches advertisements via Play. Apps without Network permission could send information via Play as well.

groove_untie145 In my current setup (all apps on owner profile), what categories of data could theoretically be accessible to Google Play Services through IPC?

Theoretically, anything and everything that the apps choose.

groove_untie145 Does GrapheneOS completely prevent IPC between apps in different profiles, or are there any system-level IPC channels that cross profile boundaries?

At the moment there is a hole related to the loopback interface that apps could use to collude, if apps in multiple profiles are running at the same time.

groove_untie145

de0u Thanks for taking the time to write that out and provide a great understanding of this for me. I think I might just setup a secondary profile where I install my banking apps and other play services required apps.

Given the details that I know have that should be enough to work off of in terms of creating a secondary profile for proper segmentation

Eirikr70

GrapheneOS is working on giving the user the ability to decide which app can talk to which app. This has been an ongoing work for months. I hope that in spite of the recent changes in Google's strategy regarding AOSP and the impact it has on their load, they will manage to do it.

groove_untie145

Eirikr70 It would be a great feature that is for sure. I did not even know this, thanks.

generalnie7

Eirikr70 Recently they also mentioned on Mastodon making it possible to have many private spaces per profile, which seems much easier to implement and would solve the problem for maaaany users. I hope they can figure it out soon, would love to see that feature, but have no idea how far it could be from now.

MineralWater

The best way at the moment to deal with this is to install only apps that are truly necessary and feed those with a minimum of data.

For example, if you can always use the website and not the app the service might promote. Go to the Amazon website instead of installing their app etc.. Services like Instagram who don't even allow you to access their content without the app are highly suspicious, because this is a warning.

I know that if that is thought further it's inevitable to come to the conclusion that this path leads to using a smartphone almost like a dumb phone, but when it comes to privacy, that's unfortunately the status quo for the moment.

groove_untie145

MineralWater

MineralWater For example, if you can always use the website and not the app the service might promote. Go to the Amazon website instead of installing their app etc.. Services like Instagram who don't even allow you to access their content without the app are highly suspicious, because this is a warning.

I agree with this and I try to do this wherever possible by using stuff via the browser. You can actually do this with Instagram too I have found, with less features. Still possible though.