Sorry for the redundant info for those that knew. I just find out today in one of my phones that does not have playstore signed in.
That is great privacy wise as now I can install app for the first time through aurora and then continue to update it with playstore.
So how do I 'sign out' of my play store?
(Currently I'm not giving Play Store network permissions)
lcalamar If you are not giving network permission does that mean you are not signed in?
Why this might be helpful is that some people do not like some of the security aspects of aurora store. So you can install an app firstly through aurora or another user and then update it without sign in, better privacy.
[deleted] You can make a dedicated throwaway account for using a specific install of Google Play. Using an account is not a privacy loss by itself. You can use a virtual number if they require phone number verification due to poor IP reputation from using a VPN service.
[deleted] Creating a dedicated throwaway account for this purpose isn't going to reduce your privacy. Aurora Store signs into a thowaway account by default. The much weaker chain of trust for the initial app install is still an issue if you update them via the Play Store. Why are you fine with using a throwaway account with Aurora Store and updating them with the Play Store but aren't fine with using a throwaway account with the Play Store?
GrapheneOS Out of topic but when I made a new gmail account for my mother (in stock android using the add another google account inside settings), there's a button saying you can skip adding phone number and the account was made with little-to-no info (aside the name) including with no phone number.
Is there any explanation for that? Because I checked recently that phone number is a requirement when signing up in the browser.
GrapheneOS The much weaker chain of trust for the initial app install is still an issue if you update them via the Play Store.
Didnt know about that, I thought if I continue to update with play store any issue will be solved. Thanks for the info but yea I am just paranoid when it comes to google.
xalaw31044 they use phone number as an ID, maybe they are using your phone hardware as ID and dont need phone number?
xalaw31044
This is not based on any official info, but I'm fairly certain they have automated systems in place to flag registrations for abusive behavior (bots, mostly). If you didn't have a vpn on and used the phone to make it, those are probably two biggest "green" flags for them. Also, just because they don't require phone number instantly, they may do so later on. Many people have posted about that happening to them. I recommed set up TOTP 2FA to maybe avoid it.
[deleted] you're correct, there was no vpn turned on and the account was created on the phone.
I don't know if I should implement 2FA because my mother isn't tech savy, and we don't live in the same house anymore so I can't assist her all the time.
Don't know if Google will suddenly decided to require a phone number because no info (other than name) is given. Will update if ever something happens in the next months. (The account was recently created a month ago.)
xalaw31044 since their code is not open source you can only speculate. Some of the ID for a phone that I know are IMEI and google advertising id. Considering you used stock android and you have google play services with its full capability, they can read those info and store them.
One of the reasons they ask for phone numbers in my opinion is for automated bots accounts. They can not create "unlimited" accounts because they will need unlimited phone numbers. Same goes for hardware id IMEI, they can not create unlimited accounts because they need unlimited imei. They are bound and it would cost more money to create new bots.
Imo thats why they let you register without phone number on new device. Btw i tried to create one account with graphene and they asked for phone number.
[deleted] Ok thanks I get it now.
[deleted] Btw i tried to create one account with graphene and they asked for phone number.
I'm assuming this isn't within the browser—but could it be that google is able to detect custom roms when making an account through the phone? Were you using a vpn during that time?
