Threat Model

Rando1000

I apologize if this has been asked so much already but I am stuck on my understanding of googles services and how they relate to my threat model (which is in development)

I'm coming from a stock android device with all previous apps installed from the play store through the gmail account I've had my since I was much younger.

I am starting to get tired of how much tracking is done by all of these companies and am working on implementing a home server and just recently picked up a pixel 10 after learning about GOS.

I am trying to understand the sandbox approach to google services. It seems like if I log into my long time gmail account on my owner profile, and use my phone as normal, I will be better off then I was before but by how much? This is were I am stuck. I have a burner account I made a longtime ago but would like to understand the benefits it would gain me. So far I can only tell that it would only stop google from making a list of the apps I have downloaded to this phone, or that I even have a pixel (still not clear on how many hardware identifiers they get).

The other app I am stuck on is google chat or messenger. I have never used this but have a lot of family wanting me to use RCS messages. It seems like this would have to be tied to my personal gmail. This seems like the only app that would require my google identity.

If I start with my original google account and eventually move to a random one, will google be able to associate the hardware?

Thanks

gMan

Rando1000 maybe this will help you?: Usage guide | GrapheneOS

N1b

Rando1000 The other app I am stuck on is google chat or messenger. I have never used this but have a lot of family wanting me to use RCS messages. It seems like this would have to be tied to my personal gmail

Many things you can do here. Of course Signal is the obvious alternative, but if none of your family members are there it won't be useful. Install it and see how much you can convince and nudge people without being too annoying. You could also isolate the Google Apps (alongside Google Services) in a different user profile and activate notification forwarding so you see whenever your receive a message.

Rando1000 If I start with my original google account and eventually move to a random one, will google be able to associate the hardware?

On GrapheneOS they won't get hardware identifiers so once set up (best on a public network first because you have to connect to the internet once before installation), Google can not associate you and the hardware. But I guess you rather wanted to know whether Google can associate the user, which they very likely will. They can profile you on many things such as app install base, phone number, contacts etc. and without a clear cut and some very careful OPSEC you can expect Google to know it's you on that random account. They just won't know its this specific Pixel device you're using so you'll have plausible deniability in this regard.

Rando1000

gMan Thanks, I have read through this multiple times already but I know over time over time I will be coming back to it as my understanding grows.

tux_

What Graphene buys you is sovereignty over your device in the sense that Google cannot remotely push unwanted updates and/or extract information any more than ordinary apps can. That being said, Google services are a privacy nightmare, sandboxed or not. For that, you're on the right track with the home server, but realistically it will be difficult to de-google overnight.

Rando1000

tux_ This was a great reply. Thank you. It added some clarity and I am starting to understand the bigger picture and were graphene can fit into my life.

It will be a slow process and I will have to make constant deliberate changes over time.

N1b

Indeed, you get back control over your data. Remember that privacy is never about hiding in the woods and disappear, it's all about controlling what you're sharing with whom. People just aren't used to that kind of agency anymore and have given up privacy for convenience.

Many users are happy with GOS and Sandboxed Google Play, because not just is Google less invasive this way, but you can always take away more access from them if you want. Others further mitigate app communication with different user profiles or PWA, and some just want to get rid of Google and big tech altogether and remove everything proprietary.

You're simply back in the driver seat on your own device (most people are not as Google or Apple basically have a rootkit installed and more control). If you're not a tech enthusiast, I recommend you take it slow one step at a time and use GOS with default settings and Play Services installed. Every step towards higher privacy comes with inconveniences and potential unexpected bevavior and this way you can slowly adapt to your personal privacy. Along the way you'll learn a lot and not become frustrated and give up altogether. If you're anything like most people here, you'll end up loving your agency and can't imagine going back to Stock Android or iOS where your threat model can't be realized.

Rando1000

N1b I have decided against RCS for now, sticking with sms, but I will have to revisit this and decide which one is the lesser of the 2 evils.

I have installed Molly and found a few friends on there. I will push that communication method more. I have decided against RCS for now, but will revisit it in the future.

I went ahead and logged in with the old burner gmail account. It wasn't ever used for anything and never had a phone number. However my main email was set as the recovery email. I removed this and any other data but I know this could be an easy method to figure out who I am. However I'll take this risk, as it will only ever be used to get apps and be used behind a VPN. However I am curious if google can see my phone number. I gave play store no other privileges other then network, but upon logging I'm, it asked me if I wanted to add "this" phone number as a recovery number. I said no. I also got notifications telling me google play attempted to access my sensors. If it can see the phone number, then it can defiantly tie this account to my personal gmail used for years.

gta3

Why don't you ditch gmail for a start and begin using a separate provider?

As for recovery number u can always use a separate sim card and only use it wen needed.

Good going on the molly front, that's a start
Simplex is also solid as doesn't require a phone number during registration

Regarding molly / signal, I was able to convince those who wouldnt budge and install it, by offering them $5 or lunch at work break... Such small amount hardly effects my life but made my circle use molly

Rando1000

gta3 I do have an alternate email. I just have not figured out how I want to implement it yet. Depending on who you talk to or what video you watch, everyone has a different answer.

For the recovery number I'm more wondering if google can view my sim number without me giving them access.

I'll work on the Molly thing. It could be a good Google Meet Alternative.

I'm still going back and forth on using minimal google services. I'm trying to explain to myself why I wouldn't use my real identity for the play store, but have no other google apps on the owner account, and minimal other apps here. Then as I reduce use of gmail, they will simple see my play store app collection and very minimal locational services. Why is that so bad?