• General

  • Play Integrity API and Future of GrapheneOS

[deleted]
Then please dont spread your speculation around without some evidence. Its irresponsible and could easily make things more difficult for new users who dont share the same level if paranoia.

For example, the new users who dive head first into believing that they need to use separate profiles for everything just because others do so and portray that as the only secure solution in relation for apps that run with Google Play. The main advice given to these people is to not bother at first!

Your comments as an experienced user can have them ignoring a powerful feature in GrapheneOS. That may be right for you, but not for others. Believe what you want, but here is a place of facts, not beliefs.

    • [deleted]

    • Post #19
    • Edited

    Tryptamine Okay. I just have to reiterate like you said for those newcomers, that with its use you are basically bringing another trust party into play and in fact not very privacy respecting despite all the available toggles (and let's not start pulling out all those online articles mentioning user data misuse, which predominantly happen on stock devices) and Google Play Store opens a door to a whole world of potentially harmful apps (and that is not to say that all FOSS apps are harmless). You just have to do your research and learn how to restrict the environment and conditions those apps operate in to achieve desired functionality if possible without giving up too much privacy and convenience. It is and evolving battle and using Google Play Services on GrapheneOS will undoubtedly create app compatibilty problems in the future.

        [deleted] It is and evolving battle and using Google Play Services on GrapheneOS will undoubtedly create app compatibilty problems in the future.

        Not at all clear what you mean here, and the conversation seems to drifting away from what the thread's topic is about.

        I'd appreciate if you could please stick to what the thread is about instead of trying to push your opinions on different topics on all threads. This goes for everyone, not just @[deleted].

            • [deleted]

            • Post #21

            matchboxbananasynergy sorry, if you think I am mumbling here, you are welcome to delete all my posts in this thread. I have a pretty good idea what I mean.

              matchboxbananasynergy got it. Apologize if that's what it seems like I'm doing... My intention was to stick to facts here rather than speculative reasoning, but I can see how my posts could be misconstrued. Feel free to delete as you see fit!

              Bringing it back to the initial topic;

              Yeah, I really hope that more apps don't use stronger Play Integrity checking, but so far that is few and far between... Hope it stays that way, or...

              Would be incredible if hardware based attestation were to have a surge in popularity! However I really wonder why that hasn't been the case... It seems to me that would provide a much stronger form of attestation than using play integrity, but I've never heard a story to date that an app has switched to it. I'd love to be wrong on this point!

                Tryptamine I've confirmed that turning on the toggle "Reroute location requests to the OS" prevents your device giving location to Location History, completely! Its an opt in thing in GrapheneOS.

                What's this then? Where is it and do you have a bit more info as to what it does or what it's for?

                    mmmm
                    That is the default setting. It makes all apps which request location from Google Play instead have the request routed to the OS location provider. Google Play does not need location permission.

                        25 days later

                        PacoBell yeahhh this is why I waited until I upgraded before playing any of this stuff. I can actually just keep the previous phone as a dedicated machine on stock OS to ensure compatibility, while the new daily driver remains separate.

                          9 months later

                          • Eevol

                            • Post #29

                            dln949 i imagine its proprietary, but i wonder if there could be a foss project that tries to emulate it. donw know much about that possibility heheh.