Let me preface by saying that I have thoroughly read the Usage Guide, the FAQ and the Features for the Sandboxed Google Play services. I am looking for some examples of actual GOS users who use the Sandboxed Google Play Store to install paid apps, and/or to manage updates and install their apps.

I think a step by step guide with explanations that are less opaque would be useful for users like me who might not know the exact meaning of "the compatibility layer teaches it how to work within the full app sandbox".

Something to the effect of,
If you want to install a paid app

  1. Go to apps > Google Play Services > Install
  2. Grant it these permissions, or deny it these permissions. That will only give Google servers the name of the type of your device, (or whatever info it will give whom)
  3. Create a new google account using a VPN to sheild your IP.

Basically, I would like to know explicitly how people are using the Google Services and Play Store, what permissions they granted each part, if they log in with a burner google account, if they use a sudo phone number, privacy.com credit card or what methods they use, what data goes where when their technique is employed. What profile are you using it in and for what apps?

I know a lot of you don't use any of the Google Services, and that is awesome. But for those of you who do use it, and especially those who pseudonomously use the Play Store to buy apps, I'd be interested in your approach, and your permissions settings. I can do without it, but if it can be done without much compromise of my anonymity and user data I would like to know how to do it properly.

I mostly want to buy Symphonium Music and Cast Player, and there are no workarounds. There is Shuttle 2, Finamp, an APK of Poweramp, but Symphonium seems pretty amazing if you have your music on a Jellyfin server and some locally on phone.

    I use google play services on the owner profile signed in with a burner account, no phone number added to it.
    Only gave network and notification permission to all 3 google apps, only google play services have battery usage as unrestricted, play store have the permission to install apps.

    I dont use VPN, as my i chose to have a dynamic ip system from my internet provider and i didnt head anything about them being logging the traffic and so, my ip changes after every modem restart, (i have scheduled to reboot modem every night) I also have nextcloud dns setup configured in the modem.

    I donot purchase anything from google anymore.

    If you need to purchase something try
    1: check if the developer access any payments outside google play store, poweramp supports this.
    2: try to get a google play card and redeem to your account, purchase using that balance.

    as per the Matrix chats i have seen, for some users it worked and others are not able to redeem the card, maybe we need to wait few days to get this feature enable after creating an account, not sure.
    try with a small amount first.

      • [deleted]

      • Edited

      gato

      If you do not have a problem using Google apps, simply install them.
      If you need paid apps, you need to sign in with the account that you used for buying those apps, so it rules out throwaway account.

      From reading privacy and security focused sites one might be overwhelmed and maybe even a little paranoid.
      There is a reason why there are information about how to mitigate data gathering etc., but there are for people with certain threat models.

      If we rule out people who don't care at all, there are people:

      • who just want to minimize data gathering (IMO - most of the people searching for alternative OS, ending up with GOS, CalyxOS, LineageOS)
      • who want to avoid big companies (Apple, Facebook, Google...), even selectively at all costs or maybe with some compromises (secondary profile etc.)
      • really in danger (IMO - absolute minimum of people)

      We could discuss these groups or sub-groups but that is not the point here. I believe that in most cases, people here are not really in a danger from personal-targeted attack, but just do not want other companies to simply take their data just because there are some on someone's phone. From your comment I would guess that you do not have a problem with Google. So, in your case, you can use gmail account for Google play and still do not use it for anything other than that. In this way you can use those paid apps. I would only recommend to check permissions of those apps and consider if network access for those apps is necessary. Of course, you could try to find alternatives for your paid apps, if there are some... etc.

        [deleted] Thanks for the reply. I do definitely have a problem with Google and their surveillance practices. I am not in danger and I don't necessarily have a problem with using google code on my phone as long as it is not sending identifying information about me to google. I bought my phone with cash so as to not be identified that way. I am unclear what information is sent to google, if any, if you enable the sandboxed play services. Some say just the phone model, and some say it can identify all apps in that profile, and some say it can access your contacts list. I enabled Play Services bc I had to in order to activate my esim, and through that process it broke my Signal notifications, so I reinstalled signal with Play Services enabled, and now they work.

        There are definitely alternative apps, but I was curious if others have methods of buying apps though google play store pseudonymously, and without revealing any info to google other than the phone model. the gift card suggestion is good, and I might try privacy.com CC to see if that will work, if I decide to log into the play store.

        I was also curious what permissions of the google play services could revoked without breaking notifications. Signal, which uses websocket and doesn't need Play, tries to enable a different notification method when it detects Play installed. Cheogram notifications worked fine without Play and with.

        W1zardK1ng Thanks. Yeah, I've purchased Poweramp APK in the past, but as I've got a Jellyfin server now with my full music library, Symphonium adds a lot of functionality over Poweramp, and unfortunately doesn't accept payments outside of Google Play. Shuttle 2 is nice, but not as nice as Symphonium and a little crammed on a small Pixel 4a. I actually found out about Symphonium from this forum, so I figured someone might have some sneaky advice on purchasing it the most private way.

        In case anyone is wondering, I was able to log into the google play store through VPN with a burner google account, and purchase Symphonium with a privacy.com credit card and pseudonym. I was then able to uninstall google play services and then had to individually uninstall GSF and the Play Store. The App still works fine as far as I can tell so far without Play Services, but Shuttle 2 on the other hand doesn't open now.