• General
  • Tracking phone identifiers, even if reset?

I know standard Android has its base identifiers of sorts and certain apps have access to certain parts of these.
I know GrapheneOS essentially blocks some of this as well.
Assuming one is looking to utilize a device and later be able to wipe it, what sort of risk factors could one expect around the following:

  1. Installing Google Play Store and related services
  2. Signing into a Google account to utilize said services
  3. Using Google Fi for cellular connection, especially with a data-only SIM card (not eSIM as they are not available for data-only). Also adding in the privileged eSIM management with this and its added scope.

I'm looking around the general thought of whether the Google Fi/SIM card and phone can be linked back, if you would dispose of the card entirely and recycle it, or use a separate account entirely (most likely separate if ever at all), as well as Google play and Google account sign-in. If someone took the device, could they find whether it was the one used with a specific Google account, or does Google only see a dummy serial, IMEI, etc.?

I know some identifiers change when resetting a device, but not all. I'm wondering how much the Google Services Framework and alike have access to with that, and what all could be linked back. Unless someone states otherwise, I'll assume based on the FAQ that general user apps have access to none of this information.

Another part to add in that I missed is how user profiles could potentially play a role with all of this.

I'm pretty much thinking about going with no SIM/airplane mode and doing WiFi only for it, but still curious on other thoughts to consider.

On stock android your imei is sent to google when you connect to the internet (before you sign in to a google account).
On grapheneos sandboxed google play does not have access to your imei. If you use e-sim a privileged app google has access to your imei.
If you use google fi, google has access to your imei.
https://grapheneos.org/faq#hardware-identifiers

    nrt On stock android your imei is sent to google when you connect to the internet

    But you need to do it to get the OEM unlocking for installing Graphene, correct?

    • nrt replied to this.

      Google will get your IMEI in order for you to install GOS, but the good news are that Google will not know who this IMEI belongs to (if you don't give them the info voluntarily). Other hardware identifiers are not transmitted, but cgro0550 makes a good point about canvas fingerprinting here which will probably interest you.

      Btw. it's advised that you do the OEM unlocking on a public WiFi somewhat far away from your home location so Google doesn't get ahold of your IP or other identifiers.

      Oh if you change the Google Fi account, you should also change the device and vice versa if you don't want Google to instantly connect the 2. It's a very uncomfortable threat model and you should make sure that hiding your identity from Google is really that important to you (compared to sharing no or limited private data with Google which is easy to achieve in GOS). This video might be interesting regarding being anonymous with GOS, it does a good job presenting the difficulties.

      nrt hi regarding the e SIM comment, can you explain more please

      • nrt replied to this.
        7 days later

        What about WiFi networks and such? Does sensors grant this access (i.e. disable sensors access to block it)? Kind of need to be able to connect to a network somehow, and wired isn't always feasible. Hotspot would be the best for mobile, second to public hotspots at public places (ex. coffee shops, stores, etc.).

          Dubz No, disabling the sensors permission does not block WiFi connections. Please refer to the Features page for info about what the sensors permission does:

          Sensors permission toggle: disallow access to all other sensors not covered by existing Android permissions (Camera, Microphone, Body Sensors, Activity Recognition) including an accelerometer, gyroscope, compass, barometer, thermometer and any other sensors present on a given device. When access is disabled, apps receive zeroed data when they check for sensor values and don't receive events.

          https://grapheneos.org/features#:~:text=Sensors%20permission%20toggle%3A%20disallow,and%20don%27t%20receive%20events.

          • Dubz replied to this.

            treequell So to clarify, apps can always see the SSID that I'm connected to and/or nearby SSIDs? Is there any way to stop this outside of wired only connections? Sounds like a major security hole when trying to anonymize oneself. You can easily track users based off that.

              treequell Okay, so they would require either "Nearby devices" or "Location" permission to do so? Obviously the second would invalidate the anonymous part of the location, but as long as they don't have nearby devices permission, that should suffice? This is good to know. Thank you!

                Dubz To access the SSID of your current WiFi network, the app would require the ACCESS_FINE_LOCATION permission. Some apps use only the ACCESS_COARSE_LOCATION permission instead.

                a year later

                Settings > Apps > Special app access > Wi-Fi control

                Is there anything specific that allows apps by default?
                Should we be checking this religiously? If so, can it be a forefront permission rather than hidden away?
                Does this supersede or depend on any other permission?
                How does it play into this? I assume if it can control the Wi-Fi it can turn it on and see SSIDs nearby (possibly even with Wi-Fi disabled).

                That could be used to calculate someone's location easily, or narrow down the possibilities greatly.