• Off Topic
  • PSA: Aurora Store will be down for a while!

  • [deleted]

  • Edited

This is way off-topic and not related to GOS, but these last couple of weeks i've seen a bunch of posts talking about some issues with aurora store, so here are some words from the developer themself:

UPDATE 2:

Hey all, Bit unfortunate but Aurora Accounts are aggressively block by Google, which makes sense as we are growing in numbers. Yayy!!

However we have to take down Dispenser (Anonymous Login Provider) in order safeguard our account.

We're going to take a step back & figure out smarter way to do things.

Will bounce back soon!

Thanks ❤️

UPDATE: should be up again:

Anonymous logins should be ok now, rate-limiting issues fixed 😃

Disable Search in custom tab from Advanced Setting to get good old search working again!!

[that last part only applies to the nightly build]

ORIGINAL POST: I could share the aurora's dev team message that they sent on their telegram channel as an fyi:

🔧🪛🔨 Dear users, we are atempting to fix the Rate Limited issue but for that, the token dispenser needs to be taken offline for a while. This may take between a few days and a week (or more) but please be asured we are working to solve this problem as soon as possible. ⏳

Once the token will go offline, you will only be able to login with a personal account. So install / update your apps while you can.

❌ The token dispenser is now offline.

    Thanks for posting this... at least we now know whats happening and that there's a solution on its way. Appreciated!

    UPDATE: should be up again:

    Anonymous logins should be ok now, rate-limiting issues fixed 😃
    
    Disable Search in custom tab from Advanced Setting to get good old search working again!!

    Still not working for me. Installed nightly and that isn't working either.

      • [deleted]

      • Edited

      Strive1154
      If this makes any sense to you, UPDATE 2 is the update to UPDATE

      Any recommendations on how to update apps ?
      Have some updates that didnt finish via aurora today .
      Make a second profile with play store and update in second profile ?

        • [deleted]

        • Edited

        Skyway This is what I do. I have a few official website APKs that either update themselves or at least let me know there is a new version. A few others I keep an eye on using RSS. Some people use Obtanium, but I don't have dozens of apps to justify adding it to my update flow. The rest are demoted to a separate Play profile. I don't need Google play services as much as I need a reliable way to get and update apps. It's a little clunky, but it works for me.

        @Skyway and @Strive1154
        Aurora works with Google (throwaway) account. You may need to create such and use it instead of anonymous login. Then even the search function works.

        Skyway Make a second profile with play store and update in second profile ?

        Sounds like an option, too. Haven't tried it, though.

          Oggyo From what I read using your Google account on aurora could possibly result in your account being suspended. I think using aurora would be against googles TOS.

          Would it be much different privacy wise to use the throwaway account with the Google play store vs. Aurora?

            Strive1154 aurora could possibly result in your account being suspended

            Yes, that's why use throwaway instead of real/production one.

            Strive1154 Would it be much different privacy wise to use the throwaway account with the Google play store vs. Aurora?

            I'm not so sure, maybe not much. But one big difference - when you log in to the Play Store app it automatically creates an account entry in Passwords and Accounts and it (eventually) can be enumerated by other apps. The account you use in Aurora stays there for the app.
            However, using a throwaway account Google will still be able to fingerprint you based on the unique sets of apps installed in order to offer you updates. That's why Aurora anonymous accounts were the preferred way - like VPN/Proxy used by large groups of people and Google is trying to crack this down.

              Oggyo yeah I'm hesitant to get my throwaway google account banned because it was a hassle for me to set it up without requiring a phone number.

                Strive1154 yeah I'm hesitant to get my throwaway google account banned because it was a hassle for me to set it up without requiring a phone number.

                OK, this is going a bit off-topic but today I created my additional throwaway Google account. And it didn't ask me (mandatory) for a phone number. Not sure what are the conditions this depends on. Only Name, DOB.
                However, when I signed for the 1st time in Aurora it asked me for a phone number or recovery email to validate my login. And here is when I used my other throwaway account (non-Google, but maybe doesn't matter) as a recovery email of the recently created one.
                So far, so good. That's I suggested this as a solution I already prove it in practise.

                Strive1154 how could I remove this entry manually?

                Just navigate to Settings | Passwords & Accounts and select the Google account in mention. then the three dots a the top and remove.
                Sorry, I don't have it on my phone but basically, this is the procedure. However, this is the case you sign in to Google Play Store. Signing in to Aurora will NOT add that account to Passwords & Accounts list.

                  Related question... if a GrapheneOS user has the sandboxed Google Play installed, and that Google account is compromised, can the attacker auto-install (push) an app to the device without needing approval from the user of the phone?

                    Graphite No. As you know, Play Store is a regular sandboxed app on GrapheneOS. As such, like all other apps, it has to prompt you before it can install an app. It can update it without telling you if it's the last app to install/update it, but the initial installation always has to be approved.

                      Oggyo And it didn't ask me (mandatory) for a phone number. Not sure what are the conditions this depends on. Only Name, DOB.
                      However, when I signed for the 1st time in Aurora it asked me for a phone number or recovery email to validate my login.

                      Google has become extremely hostile towards anonymous accounts. The last few times I've made them, managing to bypass the phone requirement, they have been locked fairly quickly. The only anon accounts I've been able to keep alive are ones I made years ago.

                      • de0u replied to this.

                        matchboxbananasynergy
                        It used to be that you could update apps with the play store even if they were installed from Aurora but it seems that does not work anymore, at least in my case. Play store throws an error when trying to list updates

                        54ysysw5y4s5n Google has become extremely hostile towards anonymous accounts.

                        That might be a side effect of governments pressuring them more about international sanctions, GPDR compliance, protecting minors from controversial ideas, etc.

                        As much as those goals might be meritorious, they are not really compatible with anonymity. And "deep-pockets" companies are more likely to be sued.

                        Maybe they are just angry about missing out on tracking data, but maybe it's not just that.

                        [deleted] very helpful information, thanks. Maybe someone can keep us updated when it is fixed.