Oh cool, a very expensive browser that you can never own! /s
this post was submitted on 26 Jun 2025
42 points (92.0% liked)
Privacy
39239 readers
777 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
My first thought was standardization. Install all the fonts in the world (or only say you have the default Windows fonts installed), lie about the OS and say you use Windows 11, pick a standard canvas, etc.
Randomization, that is also an approach that can work too, and probably with basically no compromises except having your activity be frequently flagged as suspicious by Proton Mail, presumably.
I downloaded the app just to see what the interface looked like and when I got to the app, it turns out that you can't access the app without automatically signing up for a subscription (even though there's a free trial period, for me this is clearly a redflag).
„We ArE sOOoO pRivAtE“
Based on closed source Webengine running on OS known for data collection™
I thought webkit was gtk?
WebKit is its own rendering engine that is open source
https://webkit.org/licensing-webkit/
but thats just the rendering engine. How https://developer.apple.com/documentation/webkit/wkwebview integrates WebKit is closed source
Still, it wouldn’t be in their interest to gather data
running on OS known for data collection™
What? You mean Android?
android is another one
Agreed
I'll still argue that Apple is on paper less bad than Android, but being closed-source we never know, especially since they are willing to lie to protect their interests. They're often hit with FUD though.
We really need the 'freedom' of android and the aesthetics and 'ease of use' of ios, without the proprietary bullshit, vendor lock-in and the privacy nightmare
Just use a custom rom already.
You'll either end up installing google play services which will put you in a similar privacy nightmare, although it might not run as root anymore, or not use it and be locked out of the vast majority of apps, and at this point that's not a modern smartphone anymore
Well, microg (even if it has some proprietary blobs) + you can disable the nonpriviliged gms on graphene.
microg might be the best bet but isn't it a pain to make it work with graphene? Graphene pushes sandboxed services
All apps doing store verifications will keep you out though, and that's annoying. Fuck the play integrity api
Divestos was cool while it lasted (nonpriviliged microg, graphene patches, etc.), I just use lineageos with microg. It's the best thing I have on my Redmi and OnePlus (when I will actually fully repair it). Edit: never actually used Divestos.
Still, it wouldn’t be in their interest to gather data
My sources say otherwise.. Apple has an interest in collecting your data.
What? You mean Android?
I know this is not really a thing where you come from, but here on lemmy we read the OPs text first before commenting, which also would have answered all your questions, but if you really need it: The Browser is based on Propriatery Apple Software and only runs on it
My sources say otherwise.. Apple has an interest in collecting your data.
It does for sure, but it will always be far less aggressive about it than Google. Most sensitive data is either stored in device and semi-handled there, or quickly deleted (although we know everything that goes to a USA server is likely stored forever)
A lot of this data can be opted out on installation, which can’t really be said for Android iirc
Android also runs Google play services and their other proprietary software with root access on your device, push the Play Integrity API which essentially locks out devices that don’t run their software with root access or dare to use non authorized roms (non authorized you say? Hmm.. really similar to Apple…)
Both OS suck big time and I can only hope Android and Apple are freed from the BS done by their owners, and app devs finally stop discriminating users for caring about their data and privacy
but here on lemmy we read the OPs text first before commenting, which also would have answered all your questions
This went over your head. I know the post was about Apple and I was pointing out that android is likely worse for privacy
I know this is not really a thing where you come from
Personal attacks. You love to see it. Really shows the kind of person you are. Why opt for verbal violence and try to discredit me?
but it will always be far less aggressive about it than Google
Whataboutism. Browser advertises itself as privacy respecting, yet builds on a non Privacy respecting OS. If they really wanted to protect the user, they would be open source, (at least the methods of protecting the user from tracking) firefox based and availible for linux and Android FOSS, similar to everything else (Firefox, Molly, Signal, etc). My whole Comment was about how they advertise themselves as Private, yet fail to address the most basic privacy concerns, essentially being an oxymoron. This was not about „which OS is less evil“ but „why did they not opt for the not at all evil?“
Android also runs Google play services
False. AOSP does not have Gservices, and has enough forks for hardware (Linaege, Graphene, Calyx, /e/)
Both OS suck big time
See my point about AOSP.
I know the post was about Apple
So you just posted some random comment just because?
and I was pointing out that android is likely worse for privacy
Also false, see my Point about AOSP.
yet builds on a non Privacy respecting OS
What would be the alternative? Android is also a non privacy respecting OS and is even worse.
firefox based and availible for linux and Android FOSS
That's nice, but no one uses android FOSS and everyone is using google play services. Firefox is also not very privacy respecting but that's out of the subject anyways.
False. AOSP does not have Gservices, and has enough forks for hardware (Linaege, Graphene, Calyx, /e/)
Yes, and it's not usable for your everyday life. Enjoy running less than 10% apps on the market. All forks add Google Play services support because it's pretty much mandatory nowadays.
So you just posted some random comment just because?
I'm just going to write again what I wrote
This went over your head. I know the post was about Apple and I was pointing out that android is likely worse for privacy
because you made it seem like Apple was a bad solution and as there's only android left, you made it seem like it was privacy respecting
Also false, see my Point about AOSP.
I disagree, see my point about AOSP too
btw google are making aosp harder to use now, see grapheneos's post
All of your Points are either already answered by me, ad hominem, or random assumptions without data backing it up.
random assumptions without data backing it up
Be my guest, uninstall GPServices and see. It's known that all mainstream apps require it. Things like youtube obviously, and all google apps, uber, lyft, reddit, bank apps, discord (unsure), mcdonalds, burger king, yuka... many smaller apps and many games as well. If they work by luck, then you likely won't have notifications. There's no easy database for this and you probably know it
Then, for the privacy points, then you also know google's privacy policy. Google play services is closed source, so yea, good luck finding proof for this, just like for apple
ad hominem
where? Criticizing something specific inherently implies there is a better alternative, or you wouldn't be focused specifically on apple. I'm saying android is not and AOSP is not viable due to being an outdated user experience and supporting much much less apps and features, as well as not really being used without play services
Be my guest, uninstall GPServices and see
Never had it installed in the first place.
no bank apps? no google maps? no fast food or taxi app? no 'mainstream' social media? that's your only phone?
You're one of rare people then. I couldn't do it.
where? Criticizing something specific inherently implies there is a better alternative, or you wouldn’t be focused specifically on apple. I’m saying android is not and AOSP is not viable due to being an outdated user experience and supporting much much less apps and features, as well as not really being used without play services
Your whole comment is hinging pretty hard on the AOSP point, as that's almost definitely the alternative the user was referring to.
no bank apps? no google maps? no fast food or taxi app? no ‘mainstream’ social media? that’s your only phone?
The only ones there that are anywhere close to essential are banking and Google Maps. Maps has alternatives that I've seen people use as well, such as Organic Maps. More importantly is most of these can be done in a single app, a web browser.
I've done both app and phone browser banking, and they're pretty interchangeable, just set up site shortcuts on your home screen instead. Similar to fast food, I don't use taxis. Social media is the main offender here but most mainstream social media sucks dick.
Why do you need these things as apps?
I've done both app and phone browser banking, and they're pretty interchangeable, just set up site shortcuts on your home screen instead
Won’t work for things like neobanks (revolut, n26, trade republic, sumeria)
Also many banks have a disastrous web interface in my country, and card 2FA is sometimes only done on the app for internet payments
I know not having the app makes me unable to get Burger King offers, or use the Yuka app, both of which I really need
Won’t work for things like neobanks (revolut, n26, trade republic, sumeria)
Ya know, fair enough there ngl, I forgot about those and it definitely makes a difference if you're reliant on an app.
Also many banks have a disastrous web interface in my country, and card 2FA is sometimes only done on the app for internet payments
Yeah, not much can be done about bad web design. I found that me during a period abroad, it was a worthwhile compromise, but sometimes it can be brutal to deal with.
I know not having the app makes me unable to get Burger King offers, or use the Yuka app, both of which I really need
Gotcha, but in that case, it's effectively them bribing privacy concessions from you. That's part of the payment trade-off there.
I don't really disagree with your points here; it highlights the importance of threat modelling. On a country-by-country basis, things may be far easier or harder. For example, when I was in Japan, I used fewer privacy-questionable apps due to less cultural and technological impetus than I have in the States. The differences you're having issues with are likely heavily based on both infrastructure and value differences between much of the comm and you. I frankly make many privacy compromises compared to others here myself, but that is less do to the alternative being backwards but more so due to it being ever so slightly more inconvenient.
I believe you got it right. There’s an important part of me but it’s clear that it’s not ready for mainstream use due to too many edge cases
I know it made it really annoying for me to hear that X OS works nice and stuff when I didn’t have the same experience at all because I wasn’t willing to make the same compromises
I still believe this should be highlighted more. I feel that is talked about in the Windows vs Linux debate but pretty silenced when it comes to Normal vs Custom phone ROM, where I believe the problems are indefinitely harder to solve
GrapheneOS
It pretty much just sandboxes google play services. You still need to use it for many things and you can see it's deeply integrated in many places.
My main point is
Android also runs Google play services
is incorrect as a general statement about Android. I used GrapheneOS as an example but there are plenty of other Android ROMs that also don't come with Google Play Services or any Google at all.
https://lemmy.super.ynh.fr/comment/363277
you need to use (and install it) to use the vast majority of apps
You still lose access to notifications, and some apps straight up don't work (those using Play integrity, but not only)
To be fair i've not tried fucking up with this too much but I know it's implemented in a lot of apps
To be fair i've not tried fucking up with this too much
We could tell.
Sorry, but what you are dismissing as "They only... You still... You lose..." is very ignorant.
What the GrapheneOS team has achieved is technically impressive, sandboxing Google Play is something no other project has done yet, and now with Private Spaces you can essentially split your profile in two and decide which apps you want Google Play to run through, and which you don't.
I put all the privacy intrusive apps in the private Space and installed Google services there, and I only open that space about once a week to keep in touch with some friends. The rest of the week I'm enjoying a fully degoogled phone using only FOSS apps and a bank that doesn't require Google services to be installed.
The team deserves all the praise they get for building the most secure (and ironically, private) OS in the market right now, even with Google being so antagonistic to them. The phone is fully functional and we're definitely not living 10 years in the past.
You should give it a proper try and form a facts-based opinion, or stop talking about it altogether.
Private spaces aren’t perfect, can’t run two version of a same app on different profiles
What the GrapheneOS team has achieved is technically impressive
Sure but it’s not nearly enough for me
The phone is fully functional and we're definitely not living 10 years in the past.
Not my experience with it
You should give it a proper try and form a facts-based opinion, or stop talking about it altogether.
That’s what I did and I hated it. So many small problems, things that took time:
- Android carauto thing not working well or requiring specific permissions without really telling me how private this all is
- having to install apps for basic things because the default provided ones are… really not great, including a keyboard that actually works with password managers and credentials auto completion
- phone taking quite some time to start after updating because it’s optimizing apps or something, then optimizing apps again in background which eats the battery
- having things not work because of play integrity
- mobile NFC payment not working (Google Pay)
- super frequent Android bugs when switching Google play accounts (is this specific to graphene or is it Google play that is fucked? I don’t know)
- no way to reset or cheat the profile/unique advertising ID used for apps, so they can track you even after a reinstall (this really should be implemented. Advertising a privacy phone without that is sad)
- google play having deep integration in most apps, like wtf I get a rating popup from google play? Was expecting better privacy, they essentially know most apps I’m on at all time
- play store seems to know all apps on my phone, even those not installed through it?
I probably forgot a lot. And yes, many problems are not specific to graphene but to custom ROM but that was my experience with it
Also, I must stress that it was also my first experience with Android. Always have been an iOS user. I switched back.
So yea, while having sandboxed is good, it’s still phoning home all the time
Hold on, you think GrapheneOS isn't perfectly private (and you'd be right, it isn't, and their main focus is security anyway) but you think iPhones are better?
Why, because Apple told you it is? Because they have some gimmicks that sound good on paper but don't actually protect your data in any real way?
Okay dude. Reach out to me whenever cus i got a bridge to sell you.
Also, everything you said is incorrect, and so is your conclusion. But I don't think we'll ever see eye to eye on this so why bother.
I'll check the video, thanks for sharing
Hold on, you think GrapheneOS isn’t perfectly private (and you’d be right, it isn’t, and their main focus is security anyway) but you think iPhones are better?
I think Graphene without play services is a lot better than iPhones, and with play services, it's worse
Why, because Apple told you it is?
Because play services are deeply integrated into many apps, and Google is known for not E2EE anything and being an advertising company. They have an enormous interest in gathering as much data as possible for commercial purposes, while Apple likely only have a statistical interest for their business decisions
A lot of what apple offers is wind and I'm aware of it, but having even a small thing is better than giving out your data to the monster that is Google.
If you manage to sell me Android then congrats, because I fucking hate Apple but hate Android even more because of Google
Do you believe a Samsung phone (or any authorized ROM with relatively good price/performance ratio) running with their provided OS for example would be better than an iPhone?
No, I don't. Samsung and other authorized OEMs run stock Google services so there's no benefit to using them. Those devices are also substantially inferior to the Pixel in terms of security features anyways.
The only phone I recommend is a Pixel with a properly set up GrapheneOS install, making use of profiles and private spaces depending on which apps you want to expose to Google Play Services/Framework, and which you don't.
Ideally your most used profile is filled exclusively with FOSS or privacy-respecting apps that can run without Google services. And I'm talking about going really deep even on elemetary things like using an offline keyboard like Heliboard or FUTO that won't send everything you type to Google/Microsoft/Apple. Or using Gboard but with network access blocked.
Yes, this set up takes time and some research, but it's the only way you can guarantee your data is properly split between what is just for you to see, and what others see.
A device that is truly yours and not someone else's to mine for data and spy on you, possibly getting you in trouble in the future when a government demands your data from Google/Apple.
But if you're not willing to put in the work to set it up, then I don't recommend any other Androids. Stay on iPhone instead.
Alright, thanks for your answer. That was my reasoning for everything: I didn’t believe running graphene was usable because it wasn’t for my use case, and I assumed it would be the case for everyone (wrongly obviously, although we’re on Lemmy so people here and on this community are probably more tech savvy)
False.Graphene does not have Gservices installed by default
Did I say it did? Maybe I worded it wrong but I meant that you need to use (and install it) to use the vast majority of apps, and it's deeply integrated, in the play store and apps.. and affects many parts of android
If you do install it, which you probably will unless you're okay with living 10 years in the past and losing time, then you're pretty much back to square one
If you do install it, which you probably will unless you’re okay with living 10 years in the past and losing time, then you’re pretty much back to square one
Non-sandboxed play services have vastly more permissions and access to device information; it's a step back from not having it, but utterly disengenuous to call it back to square one. It has far more privileged permission, and as you admit yourself, we don't know what is in its code, so we don't know what it is potentially doing with that permission.
yea I guess, I meant it goes from spyware to really intrusive
I'm typing this via GrapheneOS and I don't at all feel like I'm living 10 years in the past lol.
Even if I was, at least the internet would be a less shitty place than it is now, there would be almost no LLM/AI crap, I wouldn't constantly have to be as vigilant against big corps datamining my privacy as much as I am now.... Actually, 2015 was a pretty decent time compared to now. Got a time machine?
I’m typing this via GrapheneOS and I don’t at all feel like I’m living 10 years in the past lol.
and you don't have play services installed?
no LLM/AI crap
oh so you're one of them
I have read the article and honestly compared to others considering the times we live in it’s really not that bad (it is bad, don’t get me wrong).
That said I really miss my Nokia 3210…
Exactly my thoughts, unfortunately my first thoughts when reading UNIQUE and INNOVATIVE technology these days are - ok it’s likely bullshit.
yep
Like, you want to actually contribute against fingerprinting? Make a repo with documentation on how you want to achieve it and publish a firefox fork as example.
If you want change in the software world, you have to make a blueprint everyone can use or at least get an idea and let them have the freedom of implementing it their own way