Basically what the title says. Can someone please explain in detail which disadvantages I have when I use Sandboxed Google Play Services, especially when it comes to loss of privacy?
I know that GPS have hard-coded DNS servers so adblocking via a private DNS server such as Adguard in the OS is of no use.
What exactly does Google learn about me when I user GrapheneOS's sanboxed GPS?
To what extent is my privacy affected when using Sandboxed Google Play Services?
Themble It has the same privacy implications as any other app. Since it's put in the regular app sandbox, it needs explicit consent through permissions to access sensitive information such as your location, files, and contacts. You can also revoke sensors and network access through GrapheneOS's added permissions.
What Play Services does with the information you give it is up to itself and can change over time. Google's privacy policy is probably the best place to see how they handle that data.
So if I used Sandboxed GPS in a work profile (not recommended, I know), and I only granted the Play Services app exclusively the "Network" permission, I assume it would be of not much use to select the "GrapheneOS" option in Internet connectivity check, would it? As far as I understand it, this would only make me more stand out from the crowd and Google would know anyways when I connect my phone to the Internet via the identifiers (IMEI, Mac,...) they gather through Sandboxed GPS?
- Edited
I believe that IMEI is not accessible to Sandboxed GPS because GPS is treated as a user app.
To quote chillcat from the GrapheneOS matrix room (sorry chillcat if this is inappropriate, note I'm not speaking for chillcat by quoting them) when re sponding to: "Is there any identifier the sandboxes play services can see which would allow this sort of cross-profile correlation (like IMEI on a normal installation)?"
mainly battery level, full list of apps in a profile, storage left, sim country code and ip address can theoretically be used to correlate 2 user profiles
From this and my own understanding, I assume that means IMEI and MAC address are not available to Sandboxed GPS. Someone please correct me if I'm wrong.
I assume it would be of not much use to select the "GrapheneOS" option in Internet connectivity check, would it?
It would still be useful. You blend in with other GrapheneOS users that way as far as your ISP is concerned. If you use Google's servers then you blend in more with them to your ISP (although they may still be able to figure out you use GrapheneOS based on update checks, attestation checks, etc.).
Google would know anyways when I connect my phone to the Internet via the identifiers (IMEI, Mac,...) they gather through Sandboxed GPS?
No regular apps have access to unique hardware identifiers like your MAC and IMEI. https://grapheneos.org/faq#hardware-identifiers
MetropleX changed the title to To what extent is my privacy affected when using Sandboxed Google Play Services? .
2 months later
Hello,
I hope it is ok, when I post here, the topic is very similar.
I understand, that Sandboxed Play Services for example do not have direct access to location, files or contacts, if I do not permit it.
But as I understand, Play Services can interact with other apps a lot.
Just one example for my question: One uses Sandboxed Play Services with network permission only. And uses GBoard without network permission. Could GBoard than "tell" the Play Services relevant data (in worst case, what he or she is typing via GBoard)? And could Play Services provide those information to Google afterwards?
Or in other words: How many or what data is shared via other (Google) apps with Sandboxed Play Services?
Thank you and best regards!
GraphyGraphy
Technically, yes. Apps within the same profile can communicate with others using IPC (inter-process communication).
If this is a concern for you, think about what kind of data you provide to an app. Gboard can log your keystrokes and it can circumvent blocked network permissions and send the data to another Google app. Does it? Probably not.
A keyboard is a special case. It is used everywhere. Other than that, I wouldn't worry about Google apps on GrapheneOS, even with IPC. They can only access what you give them. Give them nothing, and they have nothing to send back to Google. Use storage scopes always and limit other permissions.
Thank you very much!!
GBoard is so comfortable... :) And Google Camera, too. But both apps than (theoretical) could share sensitive data.
But if network-access is not permittet to both apps and Play Services, they cannot share wirh google, right?
Thank you very much for the great support and best regards!
GraphyGraphy
Correct. If every Google app has network access blocked there's no possible way for any of them to communicate with Google's servers.
Top, thank you very much!!
Best regards
To be clear though, if you block network to play services, you won’t receive notifications as well. That’s the major trade off
Thank you, yes, I know.
For me it is OK, although Signal uses a lot oft battery without Google Push.
Thank you and best regards