this post was submitted on 03 Oct 2024
0 points (NaN% liked)

DeGoogle Yourself

8799 readers
1 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

[email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

founded 4 years ago
MODERATORS
 

Google's latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the Cybernews research team has discovered that it potentially has remote management capabilities without user awareness or approval.

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews...

... “The amount of data transmitted and the potential for remote management casts doubt on who truly owns the device. Users may have paid for it, but the deep integration of surveillance systems in the ecosystem may leave users vulnerable to privacy violations,” Nazarovas said...

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 1 month ago (1 children)

Can't speak to what others are saying about Graphene but Calyx is amazing if you prefer a FOSS-centric option but still want GMS/GSF compatibility. Bootloader relocking is a requirement for their devices.

[–] [email protected] 0 points 1 month ago (1 children)

Calyx doesn't actually support Google Play Services or Google Services Framework. It uses microG, a sometimes buggy workaround that requires root access and has pretty poor compatibility. GrapheneOS on the other hand uses the official Google Play binaries, but isolates them in the Android application sandbox, instead of installing them as system apps with special privileges (like it is the case on stock Android). You can read more about it at https://grapheneos.org/features#sandboxed-google-play

[–] [email protected] 0 points 1 month ago (1 children)

Counterpoint here, I really dont trust google no matter how "sandboxed" Graphene claims them to be. In my experience microg works fine for my needs. Can you elaborate on MicroG needing root? To my understanding that is only required on ROMs that don't require Sig. Spoofing, and Calyx does support it, specifically and only for MicroG.

[–] [email protected] 0 points 1 month ago

Can you elaborate on MicroG needing root? To my understanding that is only required on ROMs that don’t require Sig. Spoofing, and Calyx does support it, specifically and only for MicroG.

I'm not entirely sure if all of microG needs to run as root, but I'm pretty sure that some parts do. Nonetheless, microG runs in the priv_app SELinux domain instead of untrusted_app, reducing the isolation and granting it more access to sensitive APIs. Sandboxed Google Play on GrapheneOS on the other hand is a normal application that can be installed and uninstalled by the user, running in the untrusted_app domain. It is tightly controlled by the Android permission mechanism, and doesn't have any permissions by default.