[deleted]
Lol I don't think they (Google wallet developers) would even dare to move away from Play Integrity API.
Play Integrity API and Future of GrapheneOS
I dream of a solution to install banking applications without having the Sandbox play services. They managed to make gcam work without having Google services but not the banks ... I'm sure there is a way to create a Sandbox thing like the play services but just to make the banks work.
9 months later
Fsck, Niantic is placing their Ingress Prime game behind GPI STRONG_INTEGRITY starting 5/27. I'm thinking this decision is the writing on the wall for all the rest of their properties, including the rather popular Pokémon Go franchise. I've already sent their support contact a plea to support the hardware attestation API and allowlist GOS' verified boot keys. I really don't want to have to relegate my current phone to "burner" status and revert to the stock image just to be able to enjoy these games.
My Arculus wallet is throwing an integrity check error after an update from April 8 2024
Is this the issue being discussed re: integrity api?
What can be done?
adamc1999 If the app is using Play integrity API, they need to either add support for whitelisting GrapheneOS (for which we provide a guide), or stop using these checks.
[deleted]
To add my two cents, GrapheneOS has a great future without using Google Play Services. No one is forced to use them and in fact not using them gives one much higher level of privacy than if you did. Not talking here about security, that comes with the OS and its setup in both cases.
- Edited
[deleted] Is it really a higher level of privacy?
What if you turn off your all data collection preferences in your Google account, or never sign in?
Some may not trust this to be honored, but if it wasn't, then Google would be called out on it once people still were seeing personalized ads after turning off Web and App Activity and using Google apps and search. They haven't been, out of millions of users...
I've confirmed that turning on the toggle "Reroute location requests to the OS" prevents your device giving location to Location History, completely! Its an opt in thing in GrapheneOS.
One can do many things to make use of Google (Sandboxed) Play privacy respecting, yet I keep seeing assumptions and speculation like this, and I've tested as thoroughly as I can to try and disprove these speculative remarks. Nothing I have ever seen points to Google not respecting its privacy controls, and why should they be special and untrusted when other companies are trusted?
Sandboxed Google Play is an excellent feature! I dont think we should be discouraging others from using it! Especially when there are no hard facts presented for why, only one's feelings on the matter and one's speculation.
[deleted]
Tryptamine I mention the overall picture not the granularity off whichever toggle. You are welcome to believe in whatever it is that you believe in and use whatever it is that you use to make you happy and satisfied. I will not get nerdy here like you.
[deleted]
Just to add to my previous comment, I should have said great future with or without Google Play Services and I was in no way hinting against its use.
- Edited
[deleted]
Then please dont spread your speculation around without some evidence. Its irresponsible and could easily make things more difficult for new users who dont share the same level if paranoia.
For example, the new users who dive head first into believing that they need to use separate profiles for everything just because others do so and portray that as the only secure solution in relation for apps that run with Google Play. The main advice given to these people is to not bother at first!
Your comments as an experienced user can have them ignoring a powerful feature in GrapheneOS. That may be right for you, but not for others. Believe what you want, but here is a place of facts, not beliefs.
[deleted] can't edit my last comment, just saw this.
Yeah, that's a lot better! Thank you.
[deleted]
- Edited
Tryptamine Okay. I just have to reiterate like you said for those newcomers, that with its use you are basically bringing another trust party into play and in fact not very privacy respecting despite all the available toggles (and let's not start pulling out all those online articles mentioning user data misuse, which predominantly happen on stock devices) and Google Play Store opens a door to a whole world of potentially harmful apps (and that is not to say that all FOSS apps are harmless). You just have to do your research and learn how to restrict the environment and conditions those apps operate in to achieve desired functionality if possible without giving up too much privacy and convenience. It is and evolving battle and using Google Play Services on GrapheneOS will undoubtedly create app compatibilty problems in the future.
[deleted] It is and evolving battle and using Google Play Services on GrapheneOS will undoubtedly create app compatibilty problems in the future.
Not at all clear what you mean here, and the conversation seems to drifting away from what the thread's topic is about.
I'd appreciate if you could please stick to what the thread is about instead of trying to push your opinions on different topics on all threads. This goes for everyone, not just @[deleted].
[deleted]
matchboxbananasynergy sorry, if you think I am mumbling here, you are welcome to delete all my posts in this thread. I have a pretty good idea what I mean.
- Edited
matchboxbananasynergy got it. Apologize if that's what it seems like I'm doing... My intention was to stick to facts here rather than speculative reasoning, but I can see how my posts could be misconstrued. Feel free to delete as you see fit!
Bringing it back to the initial topic;
Yeah, I really hope that more apps don't use stronger Play Integrity checking, but so far that is few and far between... Hope it stays that way, or...
Would be incredible if hardware based attestation were to have a surge in popularity! However I really wonder why that hasn't been the case... It seems to me that would provide a much stronger form of attestation than using play integrity, but I've never heard a story to date that an app has switched to it. I'd love to be wrong on this point!
Tryptamine I've confirmed that turning on the toggle "Reroute location requests to the OS" prevents your device giving location to Location History, completely! Its an opt in thing in GrapheneOS.
What's this then? Where is it and do you have a bit more info as to what it does or what it's for?
mmmm
That is the default setting. It makes all apps which request location from Google Play instead have the request routed to the OS location provider. Google Play does not need location permission.
Carlos-Anso thanks for the info!
