instead of blocking network access of an Ad infested note taking app
how about using an ad free alternative?
As simple note taking app I am using Notally: https://github.com/OmGodse/Notally
you can get it also on the google play store.
instead of blocking network access of an Ad infested note taking app
how about using an ad free alternative?
As simple note taking app I am using Notally: https://github.com/OmGodse/Notally
you can get it also on the google play store.
Find a FOSS alternative.
boldsuck yeah fair point but again I'm looking for the opposite a completely offline Notes app that can't communicate with anything ever and anything I'm finding has some form of cross app or cross system communications with it either visible or non visible in the background its very hard for me to understand why I can't revoke all the permissions on gos from the app and completely isolate it yet if i dont use it for 6 months it can autobrick/isolate itself why can't we toggle this on for individual apps as an option with a selectable timeframe that would be nice to have the choice to instakill anything that I'm not currently running or at least have the toggle right now all my apps are running in the background sucking up data battery and processing half or ever 3/4s don't need to be something simple like a notes app will still work perfectly fine without any sort of supports or outside communications as soon as youd decide to wake it up my vision would be almost like a cryostasis where the app is in a cryo chamber completely frozen until I decide to thaw it out by opening it I can add my note or whatever then as soon as a close it the app cryos itself back up immediately and ceases any and all forms of functionality almost like locking it up in a deep underground nuclear bunker this doesn't just apply to this app either all the other apps I have like Snapchat Facebook messenger Instagram all talk with each other and well and share info with eachother like how is it that I can make a completely brand new Facebook account and as soon as I open the account there's like all the people I know and talk to giving me the option to add them as friends with a fresh account with a burner email and zero personal info that shit is sketchy anyone that I have phone numbers for in my contacts or have added as friends on other platforms or even people in my same area location come up on there despite me removing all permissions except network now I understand that apps can use IP to track locations but its more then that maybe I'm just tripping but the amount of info common apps are scraping on people is nutz gos has made incredible strides in terms of tricking things into thinking everything is okay and I'm very much looking forward to the new app isolation update to see what kinda 5 star meals they have been cooking up and can't wait love the team and everything they stand for and thank them for all the incredibly hard work they have been putting in nonstop for us all !!!
iak the most simple answer to your question about desired functionality is to disable an app until you next need it (or using an automation app that puts the app to sleep as soon as it registers it running at a cost of increased battery usage). I have also a long time been saying that the most privacy invasive app is sandboxed Google Play itself which is why I don't use it because it bridges all the gaps within all other privacy unfriendly BS.
The GOS website has a section under Usage:
[...] Google Play apps [...] you install them within a specific user or work profile and they're only available within that profile. Only apps within the same profile can use it and they need to explicitly choose to use it.
https://grapheneos.org/usage#sandboxed-google-play
The notes app chose to use GPlay in the same profile as GPlay, and then Gplay served it ads.
Exactly like the GOS website says it would.
Try typing your notes in a separate profile that does not have GPlay & co installed on it.
Hey,u get the ads from the Google apis from the sandboxed play services, there are four solution to resolve this problem :
1) Uninstall Google play services, the app will be completely offline.
2) revoke Network access to Google play services, so the app can't access ad apis. Not best solution since notifications that rely on play services won't work properly anymore.
3) use piracy, install lucky patcher from a trusted source and remove the Google Ads components from the app and repackage it and reinstall it. Not ideal solution either because the dynamics of lucky patcher is not really security oriented.
4) use a different profile without play services and install the app there and use it on that profile.
[deleted] I don't understand why we cant have our cake and eat it too here I would like to be able to have play services on my phone but be able to isolate it to certain apps that require it like g maps or whatever no reason IMO that Im not able to revoke play services permissions individually on a per app basis but again hopefully this is fixed
Mintou 5) disable play services permission for the individual app cutting off all communications with play services
6) enable insta disable on the individual app itself so that whenever its not open on screen it puts itself to sleep automatically
...on a serious note at this point I'm kinda just requesting features lol I understand what needs to be done to fix this problem thanks for all the help everyone and hopefully in the future we can all look forward to having a more simplified complete privacy experience with minimal inconveniences on the base os shoutout to the entire gos team love y'all ! Keep up the great work !!!
There is a planned IPC scope feature.
@NewUser That's not accurate. You're misinterpreting the microG toggle for FCM as an overall toggle for whether apps can use it. The toggle for FCM doesn't work correctly because Google Play or a spoofed implementation being present results in apps using it for push instead of their own push implementation. If you try to use Signal alongside it with the toggle disabled, Signal won't have working push notifications. It does not change the fact that other apps in the same profile can see it and use it. It's only a toggle for one specific feature.
DivestOS still gives it the privileged ability to pretend to be Google Play despite it not implementing the same security checks, which introduces serious security flaws and would not meet the standards for GrapheneOS.
iak Apps within the same profile can communicate with mutual consent. You're using this app in the same profile as sandboxed Google Play, which provides an API for showing ads. The API doesn't permit network access so they don't mark it as requiring the INTERNET permission. Similarly, FCM only allows receiving push messages rather than sending data so they decided to use their own permission for it rather than the INTERNET permission and their own permission isn't user-facing.
For now, you put the app in a separate profile from other apps you don't want it to be able to be able to talk to. We have a planned App Communication Scopes feature to provide control over app communication within profiles too. It wouldn't really be any easier to add a special case of the feature for a specific app and that wouldn't be in the spirit of GrapheneOS. The whole point of sandboxed Google Play is that it runs as regular sandboxed apps unable to do more than other apps and controlled by the same permission model including our enhancements to it like our existing Storage Scopes and Contact Scopes features similar to our planned App Communication Scopes feature. App Communication Scopes is being actively worked on but it's difficult to implement correctly and as always we care deeply about doing things properly, not taking an insecure shortcut not providing real privacy and security as many people often propose doing.
GrapheneOS Thank you very much looking forward to this update can't wait to take it for a spin on my device appreciate you guys taking the time to do things right I don't know about everyone else but I know for myself I really don't know shit about jack here so i completely understand how what im saying isnt very doable or functional or even possible I'm just spitballing basically as i have a creative brain with limited knowledge I'm also asking questions to learn more about how everything works and in the process figuring out more and more its been a very enlightening process love the team love the community love the os keep up the awesome work Thank you again for everything all the best !!!
GrapheneOS Apps communication scope feature? That's a great piece of news. Thank you.
Apps communication scope will really take grapheneos to next level.
Update : please don't recommend people to use "lucky patcher", not only it's hard to find a trusthworthy source that distributes the updated version, but also the "ads removal feature" don't work with all apps. Example : https://play.google.com/store/apps/details?id=com.maps.politicalmapofindia
Mintou I am not using this apk on main profile, however I tried it. Like, c'mon - h2f? it's luckypatchers[.]com and quite easy to find.