this post was submitted on 10 Jun 2024
30 points (100.0% liked)

DeGoogle Yourself

8807 readers
38 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 4 years ago
MODERATORS
 

Hi! What would be the best way to limit play serbices to only selected apps. I still need notifications to work from them, but would like to be sure that google can't access anything else

you are viewing a single comment's thread
view the rest of the comments
[–] Roopappy@lemmy.ml 4 points 5 months ago (3 children)

I'm really interested in Graphene and Google privacy, but what does it mean when you say "Sandboxed? Like... I want to use Google Maps, does Google still track me? Maybe only when the app is open, and not when it's closed?

[–] jet@hackertalks.com 4 points 5 months ago

For grapheneos sandboxed means the Google apps are just regular apps, they don't have privilege, they're not escalated, they are exactly the same as other apps. Very specifically, it means Google services are only accessible in the user/profile that they are installed in, and not phone wide

If you use a Google service, or an app that interacts with the Google apps, then Google knows about it. In graphene OS you can choose what apps have access to Google services, by running them in a different profile.

[–] MxRemy@lemmy.one 4 points 5 months ago (1 children)

I don't really understand this stuff super well, but... I suspect what it means is that Google can track you while google maps is open, BUT since it doesn't have access to the rest of your phone, they'll have no idea who you are anyway?

[–] mctoasterson@reddthat.com 4 points 5 months ago* (last edited 5 months ago) (1 children)

And you can also not log into Google Maps. It still lets you use map and navigation etc. But it is denied any explicit methods of identifying you and is left with only probabilistic methods (i.e. you are searching from the same network and therefore same public IP as another device that is known to Google as being associated with your account).

[–] jet@hackertalks.com 1 points 5 months ago

This would only be true if you're using Google maps through a privacy respecting web browser like mull.

If you're using the Google maps app, it has hardware identifiers, and can uniquely identify the phone. No guessing required

[–] Andromxda@lemmy.dbzer0.com 1 points 5 months ago

but what does it mean when you say "Sandboxed?

By default, on a normal Android device, Google Play services are installed as a system application. It means that you can't remove it, and it can grant itself the permissions it needs. In contrary, regular user apps run in the Android application sandbox. They are installed by the user, have distinct permission controls that are enforced by the operating system and can be uninstalled at any time. Sandboxed Google Play is a compatibility layer created by the GrapheneOS team, which allows you to run Google Play services (which would normally require system privileges) to run as a normal user app in the regular application sandbox.