how to know if a app is privacy friendly or not?

yourmother

GrapheneOS Aurora Store and Exodus contain inaccurate information about permissions and what they dubiously refer to as trackers. This is not how things actually work. They're misinterpreting how the Android permission model works and are misinterpreting the requested low-level permissions as what an app will receive. That's not how it works.

if Aurora Store and Exodus show inaccurate information about permissions and trackers then how do i know if a app is privacy friendly or not?

Lets take Wps Office as a example, it has 12 trackers according to aurora store
how do i know this app is privacy safe if the number of trackers means nothing?

spring-onion

Although you should rightfully take the listed trackers with a grain of salt, I'd argue they aren't useless altogether. Don't base your decision making on them but for a first look they can give you a rough idea.

The most straightforward way is to read the respective privacy policy, which for wps office, is quite dubious.

Eirikr70

The question is more complex than just a number of trackers. First you have to make it clear what is your threat model. Mine is just giving as little data to the Big Tech as I can. For someone else it will be preserve one's anonymity in regards to the Iranian government.
Then according to your model you can set up tools to mitigate your risk : I use the Adguard DNS, ... You can also choose the apps you need according to their status in regards to your model : I will think about it twice before using a Google app. You can choose open source apps that are known to be privacy-friendly if you can't audit the code by yourself : you trust "the community" that someone has been auditing the app some day ... And give the apps just the permissions they need : I use GBoard for is ease of use, with no permission, particularly no network permission. That is the way I manage my "threat" model.

yourmother

i also wondering if you u install a app like wps office and block Network in App Permissions.
can a app than still do any harm? i mean.... without a internet connecting they cant do a thing i guess?

Delaney

yourmother In theory, the app could run an exploit which gives it access to the internet from a different angle, such as accessing another app with network permissions granted. Admittedly, this scenario would demand a sophisticated attack and thus likely would not be wasted on trivial targets. But regardless, believing you can neutralise malicious code by revoking permissions is not a safe way of thinking.

yourmother

Delaney In theory, the app could run an exploit which gives it access to the internet from a different angle, such as accessing another app with network permissions granted. Admittedly, this scenario would demand a sophisticated attack and thus likely would not be wasted on trivial targets. But regardless, believing you can neutralise malicious code by revoking permissions is not a safe way of thinking.

i thought that grapheneos sandboxed all apps and this where stopt apps communicate with each other

E24

Apps without network access could still communicate with other apps that DO have network access through IPC unless I'm mistaken

[deleted]

yourmother https://grapheneos.org/usage#sandboxed-google-play