A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 2.97K Posts
- 74.6K Comments
- Modlog
In order to have google apps and google services on an android installation that doesn’t have them yet, you need to sideload them. LineageOS has a list of GApps zips and here’s an example of how to install them for a FairPhone running LineageOS.
If you look into the zip
/system/system_ext/etc/permissions/privapp-permissions-google-system-ext.xml
, you can see all the permissions given to it a system application.android.permission.RECOVERY, android.permission.MANAGE_USERS, android.permission.INTERACT_ACROSS_USERS stand out the most. These permissions allow the phone to be started, arbitrary apps to be installed and users to be created with new permissions.
Google Services doesn’t need to have access to camera or any other component as it can install whatever it likes that has access to those.
Let’s not kid ourselves, if you have Google Services installed, you have a rootkit installed with a bunch of proprietary code.
Here’s the entire file for reference and you can look up each permission individually to see what access will be given.lemmy doesn’t handle XML in triple backticks well (at all).How well do you think Graphene’s sandboxed play services alleviates these concerns?
Entirely. On GrapheneOS, Google Play services run in the normal Android app sandbox, just like any other app you install. That way, they only have the permissions you granted them using the permission manager. GrapheneOS doesn’t grant any extra privileges, and you can remove the Play services app at any time. Read more at https://grapheneos.org/features#sandboxed-google-play
Thanks for the detailed response. Creating/interacting between new users is a serious opportunity for permission bypass. Content of the file won’t load for some reason, but still :)