• Off Topic
  • Anyone use only one profile with play services?

I’ve been struggling a bit lately juggling between profiles. I finally narrowed it down to two: one with google play services and the owner profile without.

Now I’m thinking of just using the owner profile for everything with google play services installed for ease. A bit concerned about privacy implications but I’m not sure if it’s warranted. I have a pretty limited need outside of the default apps but here is how I’m setup today:

Owner profile (no play services)

Signal
Antennapod
Newpipe
Protonmail
Mullvad vpn
Aegis 2fa
Bitwarden

2nd profile (with play services for push notifications)

Google maps
WhatsApp
Mullvad vpn

Any input/feedback would be much appreciated!

    Kenny33 You have a similar setup to me. 99% of my smartphone usage can be done in the Owner without Play Services and with just E2EE Messengers, Open Source and Progressive Web Apps. I have a Play Services profile for limited use cases but which are essential for managing my childrens devices with Family Link, my carriers app, Banking, Shopping, and Travel. 95% of the time that profile is switched off and only gets logged into to do a job and to sign out. All my Google account settings are audited with features turned off, restricted and data regularly deleted.

    I then create ad hoc profiles for other uses that need Play Services but not a Google account that once the task is complete get deleted.

    • [deleted]

    • Edited

    I'm currently between Pixels but that's what I've been using even though the recommended way is to install apps depending on Google Play in a separate user profile. A couple of glaring problems I discovered with this approach were:

    • Installing and updating apps in the Owner profile in a robust manner. I really didn't want hunt down APKs, verifying signatures and looking up information about whether they self-update or are at all dependent on GSF. In addition, not all of them even publish standalone APKs. I also didn't want start introducing extra parties to the equation such as AuroraStore.

    • For those that didn't come with built-in updaters, I had to set up an RSS feed to track new releases.

    • Having to grant a good bunch of them battery optimization exceptions rather than granting it to the Google Play services only and even then I found notifications to be not as reliable as through FCM.

    • Many of Google's libraries also directly contact Google's services from the apps using them regardless of whether Play services is present. Your personal assortment of apps likely doesn't include them, but the point still stands.

    Given they're regular apps, I just couldn't justify the gains of moving them to a secondary profile at the expense of aforementioned gripes, but I'm willing to have my mind changed.

    When I first put GOS on my phone I wanted a higher level of anonymity than I do do now. I ran separate profiles like mentioned above for banking and what not. After a couple years I'm not as worried about things as I used to be. I switched to one profile. The control GOS gives us is pretty much a sweet spot for me. I use fake names on email accounts, VPN accounts, pretty much anything with a subscription.
    If I were to get deeper into the shadier side of society as I was before I'd revert to multiple profiles. As things stand I love the convenience of dialing in a tight main profile and enjoying.
    All threat models are different.

      Fhggyy5767

      I feel like I’m heading in the same direction as you…

      Do you run play services on your single profile?

        Kenny33 Yes. Why not, you know? Phones tight as hell as it is. It fits my purposes with all the control over the apps.

          Fhggyy5767 It fits my purpose

          This alone is why most discussions along this thread are never going to provide the answers most people want and is bang on the money.

          The idea is that GrapheneOS secures you enough to provide the best platform for you to consider your privacy from and implement what "fits your purpose".

          Consider your threat model and move forward.

          Remember what one of us does isn't always going to the best play book for you. Only YOU can decide that.

          GrapheneOS is for Everyone™ but as Captain Planet would say "The power is Yours!"

            MetropleX

            That’s fair and also, love the Captain Planet quote :)

            I will say, as a relative newb, seeing how other ppl setup has been quite useful for me. I don’t often know which threat models to consider, what the various trade offs are, etc… to be able to make an educated decision without having some examples to consider.

              Kenny33 Would be nice if some members can chime in and explain things they do for protection and why. Say me for example, right now I'm pretty much not worried about having a super high brick wall up as far as Google is concerned. I'm sure they can gather info about me to a certain extent. Not as much as they would if I was running stock and didn't have the control we have over the apps. Now, if you're a drug dealer, user, politically active or have people targeting you, you would want higher walls around your device"these are just for examples". What are you protecting yourself from? Why did you install GOS? Is it to protect your personal information from being whored out by Google? Is it just because you want more control and you're not sweating things? Personally I've had two Iphones hacked. The Apple security tech told me my account was so corrupt they deleted my account. That's why I got into GOS "besides the fact that Iphones annoy the hell out of me" . This is just to get your mind thinking about a couple things to consider. I've been on GOS since the release of the P3a and now on a 6th gen and haven't been compromised. Like I said just food for thought. Didn't want to leave you hangin. Others on this site are light-years more knowledgeable than I am and I'm sure will have better info on the subject.

                Fhggyy5767

                Appreciate the thoughtful response!

                “Is it to protect your personal information from being whored out by Google?” This really resonated with me.

                I would like to opt out of as much general mass surveillance as possible as I have concerns of big tech/govt essentially going big brother on us like China (social credit scores, etc…) It still shocks me when I learn how much info can be gathered on someone without a warrant, no clue what they are grabbing with authorization.

                I actually have a very limited security threat model. No real physical security threat and with limited apps I don’t think a huge cyber attack surface.

                  Kenny33 Only thing on my device that has my name tied to it is a banking app. Even my service provider "T-Mobile" has a fake name. Just use the prepaid service. Pay my bills with a credit card I load that's basically a gift card with no name tied to it. I could just login to my bank on Vanadium and then I'm not connected to this device at all for the most part. Apps are just convenient. I also use Google voice to get verification codes and don't give that number out. That works for me and we're all different with different situations. I like it this simple.

                  Kenny33

                  Google etc going after me directly (or indirectly under a warrant from authorities), is not a threat model that figures highly to me. BUT... One thing that rings true to some is the 'Facebook kills teenagers' argument i.e.:
                  I object to big tech's and the personal data industry's business practices, but in so far as it is legal where I'm at, I'm pretty powerless beyond lobbying local politicians. One thing I can do is say 'not in my name'. To that end, I want to be able to say, with truth, that I have not consented to their collection, processing, and sale or transfer of my data, at least in part just to keep my conscious clean, and make me feel I've done something. As such I don't choose to use their services, even with fake names or apps. It's just voting with my feet.

                  If they choose to do it anyway, as their systems and software don't check well enough that they have my current and active consent, well at least I know I haven't willfully consented to that. For sure, this costs me a lot in terms of convenience (no WhatsApp! And using Signal that doesn't even notify reliably - afterall they have constructed an effective monopoly in supply of a number of critical goods and opting out of all that hurts), but my conscious is cleaner... I am interested as to the legal position (esp when in europe), if they do routinely collect my personally identifiable data by default anyway... if anyone knows? In installing GOS, did I click yes to something I'd not read properly?

                  Just chiming in with my 2 cents here. I have 2 profiles, one "main" profile that has my everyday apps that don't require play services and one "google" profile that has play services along with the apps that require it, are known to hoard data or are apps I just don't need up and running on a daily basis. Only 3 apps have constant network permissions in that profile, my doorbell camera app, my work email and protonmail (which will probably be moved to the non google profile). All others have all permissions revoked and are only turned on on an as needed basis.

                  Kenny33 And to add something else. I have had no social media for over five years. Deleted and never looked back. The only one I gave a try was Facebook. It was for around six months then I deleted it.

                  i like the typical setup of owner without gplay, and 1 profile for those apps that require play.

                  unfortunately i use google fi which requires play and in the owner profile. it sort of limits my choices.