Pro and Cons of using Google Play vs. Aurora
[deleted] Sharing what apps you install with random strangers is a 'privacy benefit'?
I mean privacy towards Google which won't identify and monetize you when using Aurora or F-Droid wisely. Is there any reason/evidence to believe Aurora compromises your privacy compared to play store? For me this is like a watered down version of using the Tor Browser for privacy benefits compared to using Google Chrome. I have been wrong before though, so could you please elaborate what privacy risks you see?
[deleted]
- Edited
N1b I mean privacy towards Google which won't identify and monetize you when using Aurora or F-Droid wisely.
Google will still get info about your device model unless you spoof it in Aurora store's settings, and Aurora store also connects to Google for Internet connectivity checks.
N1b Is there any reason/evidence to believe Aurora compromises your privacy compared to play store?
Using Play store on GrapheneOS with a throaway account is a lot better than using Aurora store, since you won't be giving random strangers history of what apps you install. No user app can access Hardware identifiers on Android 10 and above, So I don't really think there is a privacy risk with Play store if you use a throaway account on GrapheneOS.
N1b For me this is like a watered down version of using the Tor Browser for privacy benefits compared to using Google Chrome.
Lol Far from It. Tor browser's threat model is very, very and very different from Aurora store's. BTW Tor browser is for anonymity, anonymity and privacy are different.
N1b so Google should only get the data other apps share over PS and GSF. If you don't depend on notification forwarding, you can also disable the profile running in the brackground.
Really thank you for that reply!
Oh so Apps share data over Play Service and Google Framework do you have some examples for this? I thought only the Keyboard App could access Clippboard and the active App in the foreground?
I tried to find how to deactivate the profile running in the background. In FAQ it says something about ending session when you press the Power button while beeing in the Profile and chosing end session. So this is shutting the profile down? Vs what i did is the swiping 2 times down and then clicking on the profile icon down, that is more the "hot swap" where the profile keeps running in the background?
Really thank you for posting the link to the discussion:
https://discuss.grapheneos.org/d/6338-google-apps-and-google-accounts/23
That is exactly the dead cat i was looking for. The sandboxed Google Playstore sounded to good to be true and here it is.
it is a bit to much to digest all of this now, i will go back to this tomorrow when i am less tired, but one question i already have regarding this:
It was a bit of back and forth in the other thread with the question whether the login will be shared exclusively with google apps (don't plan to use them except maybe maps) or if it will be shared with other apps/all the other apps? Do you know if there has been a more a definitive answer to this?
Really thanks for the great answer so far!
- Edited
It is important to note (due to the comment above regarding "Sandboxed Google Play sounded too good to be true") that on GrapheneOS, the Google Play apps can only access/do what every other app you install can. That's the entire point of the approach. They're made to work within the regular app sandbox. If Google Play can do it on GrapheneOS, so can any other app.
Therefore, when evaluating whether it's the approach you want to go for, when asking a question about what Google Play can and cannot do on GrapheneOS, you can instead ask "can a regular app do X?" instead, and the same thing would apply.
In my personal opinion, for the vast majority of people/use cases, using Sandboxed Google Play on GrapheneOS is the way to go. Using Aurora Store can make sense sometimes, but mostly doesn't, especially given how unreliable it is as of late (I'm only really evaluating Play Store and Aurora Store as a Play Store frontend here, because realistically almost everybody is going to need to download an app that's only available there at some point).
I'm assuming that you've read these already, but just in case you haven't done so yet, or for future reference for people who may find their way here in the future, please give two sections on the website a read to get a better understanding of the design philosophy and implementation of Sandboxed Google Play:
https://grapheneos.org/features#sandboxed-google-play
https://grapheneos.org/usage#sandboxed-google-play
[deleted]
matchboxbananasynergy Using Aurora Store can make sense sometimes, but mostly doesn't, especially given how unreliable it is as of late
@BlueSky Especially when you consider that Play apps often run Google code irregardless of where you got them from, no Play services required. So you're getting questionable benefits at the cost of flaky and unreliable performance and less compatibility than when using Sandboxed Google Play.
BlueSky I tried to find how to deactivate the profile running in the background. In FAQ it says something about ending session when you press the Power button while beeing in the Profile and chosing end session.
In the owner profile, go Settings -> System -> Multiple Users -> <Username> -> Allow running in background
The notification forwarding is in the same section, but you must navigate there when logged in to the user profile (since it can be allowed by all users independently).
N1b
Awesome thanks.
Just to check that i understand this correctly. In the GOS help is written:
GrapheneOS enables support for ending secondary user profile sessions after logging into them. It adds an end session button to the lockscreen and in the global action menu accessed by holding the power button. This fully purges the encryption keys and puts the profiles back at rest. This can't be done for the owner profile without rebooting due to it encrypting the sensitive system-wide operating system data.
My understand of this would be that if i press the powerbutton and chose end session that the disk space where the secondary userprofile is stored, is fully encrypted again, and the keys are purgerd from the ram. So if the phone would get in the Hands of a malice actor the data in the 2nd Userprofile would completely encrypted.
Right or wrong?
The one thing that confuses me /why i am not sure if i understood this right is the sentence about the ownern profile. The system data in the Owner profile can't be encrypted and the keys purged?? i mean it needs those files to run GOS so the keys need to be there to unencrypt the files on the fly?
Hope i described it right what i mean.
BlueSky My understand of this would be that if i press the powerbutton and chose end session that the disk space where the secondary userprofile is stored, is fully encrypted again, and the keys are purgerd from the ram. So if the phone would get in the Hands of a malice actor the data in the 2nd Userprofile would completely encrypted.
Right or wrong?
Correct. They would need to know your PIN / passcode to get in.
BlueSky The one thing that confuses me /why i am not sure if i understood this right is the sentence about the ownern profile. The system data in the Owner profile can't be encrypted and the keys purged?? i mean it needs those files to run GOS so the keys need to be there to unencrypt the files on the fly?
The Owner profile cannot end session since core operating system functions are in the Owner profile. You need to use it for certain global settings and to manage all other profiles. The Owner profile is encrypted but to purge the keys you need to turn the phone off or reboot it. Keys for Owner will not be on the system if the Owner profile was not unlocked once after boot.
Hi,
so there might be another "problem" as well: Apps can share data with each other.
One example: Someone uses Gboard without network permission to avoid sending all typed content to google. If that person also uses Sandboxed Play Store and Play Services he or she does not know what data Gboard shares with Play Services and what data Play Services then sends to goolge. Or am I wrong?
This problem would not appear with Aurora instead of Play Store.
Best regards
I miss Aurora as it was. It is now pretty useless except for updating installed apps. I've had to run with sandboxed Google (not that I understand it a lot). One difference for me using Aurora was having ratings by Exodus on each app letting me know how many trackers an app included. That was valuable. Exodus as a stand alone app doesn't seem to search new apps just the ones already installed. I may be wrong.
I absolutely hate both Google and Apple, I finally escaped the Apple Mafia and the less I have to do with Goolag the better.