• General
  • Doesn't installing Google Play void the point of privacy?

One thing I've never understood about GrapheneOS...when you put Google based apps on it, doesn't it immediately defeat the purpose of installing a custom OS anyways? There are certain apps that I'm not going to be able to get away from. A good example of this is Google Maps. I navigate places often, and nothing beats it for speed and accuracy.

So if I want to install it, I somehow have to get Google Play on the device, right? And once I do that, isn't Google's data farming crap stuffed all through my phone now? I feel like for a daily driver phone, there's no winning here. Does Graphene have some special way to protect against that?

    Resupply8986 The purpose of a custom android ROM is to execute custom code in a custom operating system env.

    The play store/google services on GOS is sandboxed, you can also use a different user and use end session to kill the users processes.

    That's about it, GOS isn't about stopping you from using applications that harm privacy. Its about giving you the option to not use them in the first place. Key word is option

      I read in a previous thread that once you install Google Play and log in, Google can still track and connect you to that account even after you log out. Is that correct? If so, does deleting Google Play trifecta eliminate this tracking?

        Resupply8986 One thing I've never understood about GrapheneOS...when you put Google based apps on it, doesn't it immediately defeat the purpose of installing a custom OS anyways?

        If there were just one purpose, we could debate whether or not that one purpose would be defeated. But different people have different purposes.

        As raccoondad wrote, it is possible to install Google Play etc. in a secondary profile, use it every Thursday, and turn it off completely the rest of the week. It would also be possible to install Play while on vacation for month, and then delete it completely. Neither of those is possible with Google's stock Pixel OS (or many other AOSP variants).

        The way I've always thought about it was that with GOS, privacy is the default.

        That's the mentality that I think the devs and everyone on this forum believe should be the standard of the Internet. Privacy is the default, and if we choose to surrender privacy for some convince, then that is our choice. Pick and choose which areas of your life are important to you and what your threat model requries.

        Resupply8986 So if I want to install it, I somehow have to get Google Play on the device, right?

        Google Maps doesn't require Google Play to work. On GrapheneOS, geolocation is GPS-only by default, which works mostly fine when in a car/outside.
        However, if you need accurate location while underground or inside buildings, you will want to install Google Play and opt into Google's location service, although it is probably a hit to privacy since for that to work, Google Play needs more invasive access (compared to using just Maps with 'Allow only while using the app' location permission). More info here: https://grapheneos.org/usage#sandboxed-google-play-configuration

        I suggest you try using Maps by itself first and see if it works well enough for you. If not, setup sandboxed Google Play for geolocation. You can also create a dedicated user profile just for navigation, that way sandboxed Google Play won't be able to continue following you around if you shut that profile down when you're done navigating.

        GrapheneOS is always a better choice than an Android delivered with the phone, in case of a Pixel phone, Vanilla Android.

        GOS provides a trustable and privacy-friendly OS which you will never have if you use the default ROM of your Android phone.
        I recommend you to read about the rights of Google Play apps (if installed) on GrapheneOS. They are treated like any other app and don't have access through wide areas of your OS where you never will know how far these rights really go.
        On a default ROM, I personally expect, that simply everything can and potentially will be read by and transmitted to Google.

        Conclusion:
        GOS with Google Play Services is still way better than any stock Android can be.
        You can't fix a rotten ground by building a clean house on it.

        SaguaroPelikan I read in a previous thread that once you install Google Play and log in, Google can still track and connect you to that account even after you log out. Is that correct? If so, does deleting Google Play trifecta eliminate this tracking?

        It might eliminate the tracking, but it does not eliminate Google's ability to track. There are ways Google can maintain a device fingerprint.

          raccoondad Google Play services don't have invasive privileges like stock OS as they run in a sandbox like any other application, the only downside to confidentiality would probably be to use a Google account, it's up to you to see if it's worth it, I use Google Play services on a second profile for my bank application and the main profile without.

          The purpose of a custom android ROM is to execute custom code in a custom operating system env

          A friendly reminder that GrapheneOS is not a ROM, we should be precise to avoid misunderstandings.

          • KS1 likes this.

          p338k can you say more about the mechanics of how that would work.

          For example, I install Google Play and log in with my personal account, then log out, delete all the apps downloaded from the store, including later Google Play itself (store, services, etc.). How would Google continue to still have data from my phone going to their servers or an ability to track in general?

            SaguaroPelikan

            Any app that uses the Google SDK with proprietary Google code can send data to Google if given network permissions. Since Google could retain a device fingerprint, it could continue to collect data tied to your identity using other apps besides the Play ones.

              p338k would reinstalling GOS fresh and not using Aurora or Google Play but sticking to F-Droid eliminate the potential for Google to track?

                • [deleted]

                I can only agree with @raccoondad that GrapheneOS gives you the option NOT TO USE these services in the first place. Even without it you can let Google (and others) fingerprint, link and track your device and activity, just not to such extent as with Play Services present.

                SaguaroPelikan

                If you avoid apps that send data to Google, Google will have a difficult time tracking you. You would also need to practice good web browser privacy discipline. F-Droid doesn't guarantee privacy, and it has some potential negative security implications, but at least it doesn't have proprietary Google code.

                To eliminate Google tracking, you would have to avoid all cameras, microphones and other communication with anyone tracked by Google. That is difficult for most people.

                  p338k I've left the term vague in this case. How do you define "tracking" here?

                  In the same vein, wouldn't deleting Google Play in the example above at least eliminate the data sharing to Google?

                    SaguaroPelikan

                    Tracking can include knowing which apps you use and how often. It could also include knowing what you do on those apps.

                    Google couldn't get your location information useless you gave some app that sends information to Google permission to access your location. Google could track your location indirectly through other peoples microphones and cameras, but that is well beyond the scope of anything GrapheneOS can stop.

                    Deleting Google Play would prevent Google from sending information using Google Play, but it wouldn't prevent other apps from sending information to Google. You would need to avoid using apps that send information to Google to avoid that tracking.

                    Deleting Google Play also wouldn't stop Google from tracking your web browsing activity if you provide your identity online to any entity that shares information with Google.

                    Edit: I am not asserting that Google performs this level of fingerprinting and maintenance of linked "shadow identities." I am merely asserting that Google is capable of tracking an individual even without direct login information if it so chose to implement such extraordinary tracking measures.

                      p338k "Google could track your location indirectly through other peoples microphones and cameras, but that is well beyond the scope of anything GrapheneOS can stop."

                      I don't really think this is possible, seeing as that would require access to the network stack that's handled by the operating system. You would have to do something very hacky and most likely unstable for firmware based tracking like that.

                        raccoondad

                        No special firmware based tracking is necessary. People sending your voice and pictures to Google with timestamps and locations is sufficient. Avoiding other people's cameras and microphones would be necessary to eliminate Googles tracking ability. Using GrapheneOS cannot stop other people from sending information about you to Google.