Can one of you geniuses make a "de-googled G-board"

pizzadequeso

Take the gboard app, remove bloats and tracking. or make a revanced version.

Is it possible?

Johnnyloans

It'd be extremely difficult. A small % of programmers could attempt it.

NoahRaketic

Why would you want that? All tracking can be disabled through the in-app privacy toggles. Not to mention that "revanced"-style patching would annihilate security and privacy (the very thing you want) and forking it would be illegal.

If you want a different keyboard that has nice features, look into Heliboard or Florisboard.

EverettHitch

Great, just don't give it network permission and don't use it in conjunction with Play services because the two are likely to exchange snippets of data via IPC. Get it with Aurora and you're good to go.

NoahRaketic

EverettHitch No, they should not get it with Aurora. Aurora does not verify signatures, so there's no guarantee that the app is authentic. The official Play Store will be the most secure way to get the app.

EverettHitch Great, just don't give it network permission and don't use it in conjunction with Play services because the two are likely to exchange snippets of data via IPC.

They do not exchange usage data if the user turns off telemetry in their privacy settings.

NoahRaketic

EverettHitch Let me remind you of the advice you gave:

EverettHitch Get it with Aurora and you're good to go.

Nowhere did you mention verifying the signatures against the official Play Store.

schklom

Aren't Heliboard and Florisboard attempts at this?

NoahRaketic

schklom No, they're keyboards of their own.

naibed

schklom heliboard made an announcement https://makertube.net/w/cQECfDkuLGR9eUQquUEo4K

Datasapiens

EverettHitch don't you dare questioning his marvelous mind!!!

EverettHitch

Datasapiens there is nothing worse than normie assimilating GrapheneOS and regurgitating other people's nonsense before they dip deep enough into it.

NoahRaketic

EverettHitch there is nothing worse than normie assimilating GrapheneOS and regurgitating other people's nonsense before they dip deep enough into it.

What you're assuming is not accurate. You are not installing apps securely using Aurora, and your ego doesn't change that. You also do not avoid Google tracking.

NoahRaketic

EverettHitch Your only assurance that the a APK you're receiving is not tampered is TLS. The app's signing key is not verified. This is not secure enough for app installation.

EverettHitch

NoahRaketic I don't have anything to prove to you only just that you may be wrong. Aurora uses official Play store links to get their apps.

NetRunner88

EverettHitch
Aurora was already discussed on the forum about lack of security vs. Google Play
Same for Fdroid

Google play is the only secure and reliable way to get apps.
You should try to read and learn

NoahRaketic

Datasapiens it is much simpler - you install the gboard and forget to disable telemetry. That's it, your passwords are gathered and sent to playservices via IPC and to google via playservices API 🤷🏻‍♂️

This is not the case. They don't send all your keystrokes to Google, even with all telemetry enabled.

EverettHitch

NoahRaketic @userofgos and how in heaven do you know that for liking the post? Google apps have been designed by a mass of developers to talk to one another whether you like it or not.

NoahRaketic

EverettHitch
You can read an evaluation of Gboard here:
https://www.scss.tcd.ie/Doug.Leith/pubs/gboard_kamil.pdf
The information relevant to your question is in section 9.3.

Novalissoide

Users overestimates the spying capabilities of Google Play in this environment. It is expecting privilieges that it won't get in this OS.

Datasapiens

Novalissoide you don't need special privilege to gather text you type with gboard, which may be a password, and send it to google via IPC - playservices - google API chain

EverettHitch

Before mods step in let's just presume that as it's been said two apps can exchange data if they mutually agree to it and Google apps have no reason not to.

EverettHitch

NoahRaketic this is not a peer reviewed scientific article.