• Off Topic
  • Is installing Google Maps in main profile a smart idea?

rndmE Could it make sense to just build an empty WebView-App which contains maps.google.com?

You might want to try this

what is Google Maps able to communicate to other apps? Can they communicate as they want and it just depends on the developers of these apps what they share?

Google Maps is able to communicate with another app what itself and that other app have both been programmed to share. Inter app communication works on a mutual consent basis.

Can they communicate as they want and it just depends on the developers of these apps what they share?

So as I said, in theory yes.

I would maybe be fine with having Google Maps installed in my device if I'd be sure that it would not tunnel traffic or gather data from my other two Google apps.

No way to be sure of that at the moment. That doesn't mean it happens; I personally think it is unlikely that Google uses inter-app communication to circumvent such uncommon and marginal roadblocks to data collection.

What else does Maps communicate to the Google servers that I may not have on my screen besides the data that is necessary for using Maps?

Again, no way to know.

Are there thoughts from the GOS team about features like denying communication between chosen apps

This feature is planned, although no ETA.

    rndmE Which features of Google Maps do not work without them?

    I believe they pretty much all work. The main difference is that sandboxed Google Play is required for network/bluetooth-assisted geolocation which is pretty much necessary for determining location indoors and also probably gives a fix faster.

    Without sandboxed Google Play, geolocation is GPS only, more private but slower than when using Google's location service on top.

    Also, here's some more info about the planned feature to restrict inter-app communication: https://nitter.net/GrapheneOS/status/1636042398043086850

    Thanks a lot for your reply.
    Although it wasn't what I've hoped for, it at least confirms the correctness of my thoughts.

    I totally agree with you that I tend to say: Google won't tunnel data from app B through app A to the internet, but I'm not sure if I should risk that.
    The webviewed GMaps seems to work quiet well - not as smooth as the official app, but good enough.

    Great to hear that this app seperation feature is already planned even if there is no date for it yet.

    Is the traffic between apps protected in some way?
    I guess, there is no existing way or app that can deny the traffic and if one existed, it would need root, just like a non-VPN firewall, right?

    Is there a nice source of knowledge for how exactly the addressing for inter-app-communication is designed?
    As far as I can imagine after reading the source of your second post: It just addresses via the localhost and a port?

    Your reply on the Maps features (with-)out Play Services is very useful for me, thanks.

      rndmE Is the traffic between apps protected in some way?
      I guess, there is no existing way or app that can deny the traffic and if one existed, it would need root, just like a non-VPN firewall, right?

      I am not aware of such an app but it would probably require very special access, yes, and I imagine this kind of functionality would be hard to implement well and in a way that doesn't compromise security.

      Is there a nice source of knowledge for how exactly the addressing for inter-app-communication is designed?

      If you want to learn about the way it works, I really don't know, although the keywords for this I think are IPC or interprocess communication if you want to search around.

      As far as I can imagine after reading the source of your second post: It just addresses via the localhost and a port?

      As far as I understand, the GrapheneOS account only mentioned localhost access as something that might at some point become configurable independently from external network access, the current situation being that both are covered by the Network permission. I.e. the Network permission might be split in two in the future.

      I don't think inter-app communication (IPC) was the direct subject of the tweet you mention, rather that tweet was more an elaboration in relation to the broader topic of cross-app data leaks, since in theory localhost can also be used by apps to communicate with each other. But I don't think IPC has a direct relation with localhost or even with the network in general, although I only have surface-level knowledge about all this.

      Back to Maps: FWIW, my setup is the following; Maps along with sandboxed Google Play installed in a dedicated user profile with nothing else installed, and Google location services enabled. I figured since I tend to give my location to Google through Maps when I need it anyway, there is no reason not to use Google's location service and make the most out of it. The fact that it's installed in a secondary profile is important to me as it is separated from the rest of my phone usage. Although, I only use Maps rarely.

      In your OP you seemed to say that you find this kind of setup too inconvenient. I assume this is because of having to switch profiles?

      rndmE
      I share your opinion about Google Maps - especially valuations etc. are unbeatable in my opinion - so I don't want to do without Maps completely.

      I therefore use Maps mostly in the browser - that's enough for me for quick searches, ratings and a rough orientation. If I want to use Google Maps as a navigation system, I switch to another user profile where the Play services are installed anyway due to other apps. I have also installed Google Maps here and then use it for navigation.

        Murcielago So what is the downside of having Google Maps it a separate profile? Sure it could be collecting GPS and some metadata, but it would be so limited there theoretically would be no way to tie any of that data to me, right?

          • [deleted]

          233328 You might want to try this

          Sir, what's the difference BTW use this app and open GMaps in a browser tab?
          Thanks

            [deleted] Overall, I think it's similar to loading Maps in a private browsing tab with but without the toolbar. It seems more practical and the webview configuration is a little bit hardened. Here's an overview: https://gitlab.com/divested-mobile/maps#features

            Example of hardening:

            //Disable some WebView features
            mapsWebSettings.setAllowContentAccess(false);
            mapsWebSettings.setAllowFileAccess(false);
            mapsWebSettings.setBuiltInZoomControls(false);
            mapsWebSettings.setDatabaseEnabled(false);
            mapsWebSettings.setDisplayZoomControls(false);
            mapsWebSettings.setDomStorageEnabled(false);
            mapsWebSettings.setSaveFormData(false);
            //Change the User-Agent
            mapsWebSettings.setUserAgentString("Mozilla/5.0 (Linux; Android 12; Unspecified Device) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.79 Mobile Safari/537.36");

            It blocks some Google tracking:

            //Blocked Domains
            blockedURLs.add("analytics.google.com");
            blockedURLs.add("clientmetrics-pa.googleapis.com");
            blockedURLs.add("doubleclick.com");
            blockedURLs.add("doubleclick.net");
            blockedURLs.add("googleadservices.com");
            blockedURLs.add("google-analytics.com");
            blockedURLs.add("googlesyndication.com");
            blockedURLs.add("tpc.googlesyndication.com");
            blockedURLs.add("pagead.l.google.com");
            blockedURLs.add("partnerad.l.google.com");
            blockedURLs.add("video-stats.video.google.com");
            blockedURLs.add("wintricksbanner.googlepages.com");
            blockedURLs.add("www-google-analytics.l.google.com");
            blockedURLs.add("gstaticadssl.l.google.com");
            blockedURLs.add("csp.withgoogle.com");

            //Blocked URLs
            blockedURLs.add("google.com/maps/preview/log204");
            blockedURLs.add("google.com/gen_204");
            blockedURLs.add("play.google.com/log");
            blockedURLs.add("/gen_204?");
            blockedURLs.add("/log204?");

            protonuser2
            I see many more advantages than disadvantages to using Google Maps in a separate profile.

            In particular, the fact that apps cannot use IPC across profiles is a major pro argument for me. The only real downside in my opinion is convenience (switching profiles just to quickly use Google Maps may be inconvenient).