If im using mostly Google based apps, is it still worth using GOS?

oci3o

As the title says, if I'm still using a few Google apps, is there still a benefit to GOS?
I'm thinking mostly the Network toggle so I could shut off things like network to the gboard.

Any advise?

Thanks!!

eautalus

oci3o In my opinion no, i switched to GOS and then I realized that I rely a lot on Google Apps and I went back to stock.
Before you switch to GOS, I recommend that you reduce your reliance on Google apps as much as possible.

treequell

If you care about security and privacy, then definitely. The network toggle is one benefit, yes.

The Features page outlines all of the improvements in privacy and security of GrapheneOS, above and beyond that which is provided by stock Android: https://grapheneos.org/features. You might be particularly interested in Sandboxed Google Play, amongst other features.

psudo

eautalus
What Google apps gave you issues, and how long ago did this happen?

I use quite a lot of Google apps with sandboxed google play, and I think the only issue I've had is using hardware keys over NFC.

And to answer OP, it's absolutely worth it to use GrapheneOS even if you use a lot of Google apps. You'll be able to gain a lot of privacy by not letting Google Play have unrestricted access to your phone, in addition to the increased security.

Subliminal

use google sandboxed in secondary user profile. it gives you a lot of peace of mind. that its in a different profile even if you use the google profile a lot you can always switch it off and feel secure

[deleted]

It is absolutely worth switching to GOS but considering that you will be using sandboxed Google Play Services with unrestricted network, using Google apps that are deeply interlinked with them is unwise. Yes, they won't be collecting as much information from you as they would if they ran as a privileged system app, nevertheless thinking you are safe from tracking and analytics you are making a huge mistake. I am not here to light fires against using sandboxed Google, but GOS dev team insisting on reducing attack surface and at the same time supporting its use for the sake of functionality (compatibility) don't really fit together. I bet I am not the only person who thinks the same. Whatever you do, weigh your options. Sometimes less is more.

matchboxbananasynergy

[deleted] I think the team has been quite clear about Sandboxed Google Play but we seem to have to re-explain things frequently, so I will try once more.

I know you know all of the things I will say here, but I am stating them for the purposes of completeness and to potentially assist OP and others who stumble upon this thread in the future.

Sandboxed Google Play is optional.
Google apps on GrapheneOS are sandboxed just like any other app.

Yes, GrapheneOS goes to great lengths to reduce attack surface, and a major way in which it does this is allowing you to use apps which rely on Google Play Services in a way that doesn't give them privileged access over what other apps would have. If you think that Play Services does something you don't like, you're free to not use it, but whatever Play Services can do on GrapheneOS, so can any other app. That simple fact, compared with the fact that it is, again, optional, makes it a great feature for people to be able to use their phones in any way they see fit.

Exactly because Play Services/Store etc. are just regular apps on GrapheneOS and run as such, they can also be confined to a specific profile, unlike Stock OS where they have a birds' eye view of all of them. That means that people can even choose on which profiles they want to use Play Services and end the session of that profile or profiles whenever they want to ensure that they're not running at all.

The reason why I'm mentioning all of this is because it seems quite backwards to think of Sandboxed Google Play as a bad thing when it is optional and implemented in a way that doesn't give it any additional power over your phone. Any app can include Google libraries, and many do. A lot of things that those libraries do also work independently of Play Services and don't require it.

There's only upside from providing this feature and allowing people to install 3 apps that unlock a whole lot of functionality for people who want to benefit while not giving Google apps privileged access to your device. Whether people want to use it is entirely up to them, but in my humble opinion, they should have the option to.

Pacienco

[deleted]

GrapheneOS do not really have a choice due to Google's pervasive presence on mainstream Android distributions. sandboxed-play-services would be a highly unlikely project if useful daily functionality and apps were not so heavily tied to Google's services and integration.

In that way I think the target of your frustration is Google rather than it having anything to do with GrapheneOS.

AloofChocolate

What is needed in GOS, is a pi-hole type blocking system that works across the entire system, a lot of apps are chatty at best when using the play store apps or other installer software.

[deleted]

matchboxbananasynergy Thank you, I (always) appreciate your opinion and your input into any discussion. You have my respect. I wish I had your patience.

I understand that having GOS on your device gives you powerful privacy and security controls. It is entirely individual's choice how they wish to use them to make their "world work".

In the future I will refer to this forum as a "further reading material" rather than one of my primary sources of information and social interaction (validation of my views). Wish you all the best.

uxisimportant

matchboxbananasynergy
Can you clarify, if a user installed Google Services (while not being logged into a Google account) and you are not utilizing multiple user profiles. So Google Services is on your primary profile, and that is your only profile.

What info exactly can that app get?
What info does Google receive?
What info can the trackers built into proprietary apps get?
Is there any benefit of different profiles when Google services is on your primary?

The same reply seems to be common in the community, but I can never find actual clarification on these 3 questions.

For example, for #1 using Instagram for an example. Instagram would have access to what permissions you give it. So if you deny contacts for example, they cannot see contacts. But if you allow all photos and video, they can scan all your photos and videos if they wish theoretically?
Beyond that

do they get cell provider info? Hardware IDs?
Can they see all the apps you have installed?
What info do they get while running in the background?
If I permit location "while app is in use", if Instagram is running in the background for notifications for example, is that considered "in use"? Or only while the app is physically present visually on the screen?
Can Instagram get INFO from the other apps on your device? Or only the names of the apps?
Like what potentially identifiable information can they get?

And that leads right into #2
What info does Google receive? Obviously not being signed in would be a plus. But of course metadata can easily be used to build a profile. I assume they will receive plenty of info about the device such as HWIDs, Location, Cell Tower connected to, IP, list of apps, etc.
But what info can they not get, that they would otherwise be able to if this was stock Android? Is it the exact same info, but it's just not tied to a Google account?

#3 What info can the trackers on apps get? For example Adsense, etc. Stuff Privacy Exodus would scan for and find.

#4 Is there any benefit to using a secondary profile? For example if I put all my banking apps on my primary profile with Google services, would I get any more protection if I moved all my banking stuff to the secondary profile with google services still there?
Or would those apps just not be able to see the other apps in that profile and that's really the only protection? I think this answer would be cleared up, once I understand #1 and #2.

Lastly, yes I get it would be most private to not have any of these apps. And if I do, to have the primary profile without Google services, and put them in the secondary profile.
My questions are more trying to understand, if I were to use a GrapheneOS device as your typical Android phone. 1 profile, everything in that, Google Services enabled. What data can apps and Google not get, that they otherwise would be able to on a stock Pixel for example.
This has confused me constantly. There is a big convenience factor here, and I think it is important that users clearly understand.
I feel there is information on the site, but it does not clearly answer these things unless it's been updated lately and I missed it. I've read over the website multiple times, and am really left with not a ton of clarity on these specific things.

GrapheneLover

Graphene is most defiantly still recommended to use even if you are going to be using Google Apps, due to the great security measures and offerings it has, such as long passwords and the locked down user profile system just a few to name.

[deleted]

uxisimportant this has been mentioned so many times. Someone with knowledge and time on their hands should do a write up on this. BTW, some of these things are already mentioned on https://grapheneos.org/ , just take your time to read all through, lot of answers are already there.

uxisimportant

Everything I could find on the website I couldn't find an answer that explains things in a clear enough way to my questions. Maybe again I'm missing something? Idk.
Also if it's been mentioned many times, I would not be opposed to seeing the replies to those answers. I couldn't find much when searching, however maybe I'm using poor search terms.