Hi! I recently switched to Graphene OS. I don´t know if this is a stupid question. When I registered at Google play, it said that Google may record when I use the apps I download. That made me wonder, can they monitor the use of apps that are downloaded from Play even with GOS? And is it better for privacy to use websites directly instead of their apps?
How much does Google know about usage of Play services?
[deleted]
- Edited
NinjaShark it is not a stupid but a perfectly valid question since whenever I was running sandboxed Google Play on my GrapheneOS installation I could not shake the feeling that I DO NOT know what it is doing with network access and regarding inter app communication so I showed it the door. Now most of the things I need to get done online, I can do via website (which may take more than one click but does the job) apart from pain in the heel called WhatsApp. I sleep much better. My setup is simple and definitely will not work for everybody.
- Edited
NinjaShark
When google play is present it gathers a lot of info about you through what "it can see" and permissions given it, and through apps (if those apps have any meaningful info about you and share/collude with PS). There are ways to use PS on GOS while protecting privacy, but you need to learn about them.
There is too much to say here. You need to research the privacy problems of Google Play store and how to mitigate them.
Here are some posts that'll give you some ideas on the subject:
https://discuss.grapheneos.org/d/8985-new-grapheneos-user-adtech-mitigation/6
https://discuss.grapheneos.org/d/9358-using-apps-with-known-trackers-with-no-google-play-services/2
https://discuss.grapheneos.org/d/8731-bare-minimum-setup-for-google-cloud-messaging-to-work/9
https://discuss.grapheneos.org/d/2299-install-apps-from-gplay-rep-fdoid-rep-or-githubwebsite/
Thanks for your answers. But one thing I am still wondering is whether apps that don´t collect a lot of data themselves can still be monitored by Google if downloaded from Play store. And is it better then to download them from Aurora store if it´s possible?
Apps downloaded from the Aurora store are downloaded from the Play store and tied to some account.
NinjaShark It can't monitor when or how apps are used. Those are privileged permissions not available to it. The whole point of the approach on GrapheneOS is that they're regular sandboxed apps. They cannot do anything more than other regular sandboxed apps. It's no different than installing another app, including Google apps. Each app which uses Google Play includes the Google Play SDK inside their app and most of the Google Play SDK dependent libraries have at least some functionality without it. For example, Firebase Ads and Analytics work without Google Play. It's a misconception that Google Play is required for apps to use Google libraries and services.
User2288 You're making it seem as if Google Play has some kind of special access or capabilities on GrapheneOS which is not the case. It cannot do anything more than other regular apps. You're also propagating the misconception that using Google services requires Google Play. Apps can and do use Google services and share information with Google without Google Play. They're regular sandboxed apps and do not add any additional access to what the Google libraries used by those apps can already do. The Google libraries used by apps can fundamentally do everything that sandboxed Google Play can do if they choose to do it. They choose to implement full fallback code for some libraries but not others. One of the main reasons is because having fallback code increases the size of each app using the library, potentially significantly. The code also has to be updated via apps for the update where the app developer updates the libraries, which app developers are often very neglectful in doing. In some cases there are other reasons for the functionality not having a fallback such as not wanting each app to fall back to maintaining their own FCM connection and running a foreground service. They could do it, but choose not to. The whole point of sandboxed Google Play being regular apps is that you're not granting any additional access to Google Play compared to running the Google Play SDK as part of the apps using it.
NinjaShark They're regular sandboxed apps and do not have the ability to see what other apps are doing or to access their data. Apps using Google Play are choosing to use Google libraries, which are there regardless of whether you have Google Play. Those libraries often have fallback code to work without Google Play, but many of them don't so they won't do anything without it present, but they could. Downloading apps from Aurora Store is less secure and does not reduce trust in the Play Store. Aurora Store is a frontend to the Play Store, but does not verify the packages it downloads from it came from the Play Store and only secures the downloads via HTTPS with every WebPKI Certificate Authority trusted and no Certificate Transparency like browsers.
- Edited
NinjaShark what I meant was whether the apps downloaded exist in the same "sandbox" as Play
Apps are sandboxed individually. They do not "exist in the same sandbox as Play" (or anything else for that matter).
Right, that may have been a stupid question. I just wanted to be sure.
[deleted]
NinjaShark no question is too stupid for ones level of knowledge or understanding. If you think that Google Play has too much access to your data, try playing with its permissions or scopes (one at the time) and if something breaks, you can revert to previous state.
GrapheneOS You're making it seem as if Google Play has some kind of special access or capabilities on GrapheneOS which is not the case.
How am i making it look that way?
GrapheneOS You're also propagating the misconception that using Google services requires Google Play.
How am I doing that? What did i say that suggests such a thing?
How exactly are Play Services just treated as regular sandboxed apps when they provide backends for so many other applications like handling FCM stuff? Are exceptions made for Play Services or is every app capable of getting its tendrils all over everything? Clearly I'm missing something.
whaym Are exceptions made for Play Services
no
whaym is every app capable of getting its tendrils all over everything?
Not really how this works. I'd suggest you reread what the project account said in earlier posts. It's all explained there.
In short, the only reason Google is relied upon so much is because app developers choose to rely on Google's services. So, to answer your question, the only way an app can "get its tendrils over everything" is if apps are written to communicate with said app(s) with tendrils. If this concerns you, make sure you're using apps that don't rely on Google Play to work. No app, whether it's Google Play or otherwise, can force another app to share information if they're not programmed to do so.
[deleted]
other8026 "make sure you're using apps that don't rely on Google Play to work"
There are/were malicous apps out there that don't need Google Play to work.
Instead we should look at what sorts of (dangerous) permissions app requests in order to work. Google Play Services require a whole lot of "privacy umfriendly" permissions in order to provide functionality for its well constructed ecosystem of apps to work well. Yes, you can deny some, some you can't if you want to ensure that it at all works.
Using GrapheneOS mitigates hatdware ID collection and fingerprinting and provides its own backends for certain services, but let's not forget and like someone said Google employs a whole army of hackers, excuse me, security researchers to break any such mitigations from working by employing new state of art technologies (questionable but highly probable) they don't shout out loud about using. So I assume zero trust when it comes to using their proprietary suite.
[deleted] There are/were malicous apps out there that don't need Google Play to work.
Right, but the question was about Google Play or Google apps, so I was talking about Google Play and other Google apps.
[deleted] Instead we should look at what sorts of (dangerous) permissions app requests in order to work.
No argument there. Apps can't share information they don't have.
[deleted] Google Play Services require a whole lot of "privacy umfriendly" permissions in order to provide functionality for its well constructed ecosystem of apps to work well. Yes, you can deny some, some you can't if you want to ensure that it at all works.
This is part of what the compatibility layer does so Google Play and Google Play Services don't break when they don't have access to things they expect access to.
[deleted] Using GrapheneOS mitigates hatdware ID collection and fingerprinting and provides its own backends for certain services, but let's not forget and like someone said Google employs a whole army of hackers, excuse me, security researchers to break any such mitigations from working by employing new state of art technologies (questionable but highly probable) they don't shout out loud about using. So I assume zero trust when it comes to using their proprietary suite.
I'm not going to discuss hypotheticals. If you don't trust Google, or if you think that Google has some ability to access personal data despite not having access, then don't use Google apps. GrapheneOS project members, people who are way smarter than me when it comes to this kind of thing, say that Google doesn't have any privileged access. I'm going to trust their judgement when it comes to these things.