For context: I recently switched to a Pixel 9, installed GrapheneOS and created a profile just for some apps I need Play Store for, which is sandboxed btw. I created a new empty google account for it too.
So I was just downloading an app and saw the option to download it on my old device too, which made me wonder how GP knows about it, since I don’t think I have anything on my new phone that could link to it (except my SIM I guess)
Any ideas?
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 124 users / day
- 1.05K users / week
- 1.3K users / month
- 4.58K users / 6 months
- 1 subscriber
- 3.61K Posts
- 91K Comments
- Modlog
Just for reference, this is what the Google Play services app transmits roughly every 20 minutes to Google if it has network access:
And that is when you have disabled ALL telemetry in ALL of the options, even the most hidden ones. So this is the minimum amount this app is always gathering from every Android user using the Google Play services app, no matter what you selected. Other Google apps (like the Play store app) could then contain additional telemetry on top, this is just the common base of all Google proprietary apps. Or the minimum amount of privacy violations you get when using proprietary Google apps on your phone, no matter what.
If you use GrapheneOS, I’d recommend not installing/using ANY Google apps at all (not even Play store or Play services). To get apps, you should use (roughly in this order of priority): 1.) GrapheneOS’s app store for the built-in apps 2.) Accrescent app store (has several good open source apps, is intended to be more secure than F-Droid) 3.) Obtainium (for getting open source apps directly from their source repos) or if you really can’t get into Obtainium, use F-Droid instead 4.) Aurora Store (for getting apps from the Google Play store without sending too much data to Google. Only do this if there is no open source app available for doing the same thing).
To fully mitigate the removal of the Play services app, you also should probably install/configure something like ntfy to get battery efficient push notifications and ideally use apps which also use that, e.g. the Molly fork instead of Signal. It’s quite easy to do, just something to be aware of. Otherwise your battery drain might be a bit higher. Then you’re also independent from Google’s push notification infrastructure. But you need a ntfy server to go along with it, either self-hosted or use a public one. There are some privacy friendly ones public ones out there.
can you post your sources for this information? i would like to read some more on this ☞
it may help me convince some more people to degoogle their machines
Sure.
Great to know about what it sends. I was using fdroid on my more private profile, but did not know about Aurora Store, this one I will check out. I was using GP mainly to download my banking apps, which I sadly need by the time being.
Thanks for the info!
ήσουν καταπιεσμενος και τώρα είσαι ελεύθερος;
I’m not greek but a friend taught me the word and I thought it made a nice analogy of what I’m trying to achieve :)
that’s awesome! i thought you were greek ahahaha
wish you the best!
possibly:
etc.
I’m guessing same wifi SSID would be the most plausible? Since it is the only thing my sandboxed GP really has access to. Didn’t think of it, thanks!
Since you’ve already gotten some solid answers, I just want to point out that you can use Aurora to download and update apps from the PlayStore without the need for a Google account or PlayServices on your device.
https://f-droid.org/en/packages/com.aurora.store/
On my pixel 9 the aurora store was absolute garbage, constantly saying apps are not compatible with my device. Had to change it to fake an S24 and even then I had this issue constantly.
I’m now just using Aptoide, its the only store I’ve found that has basically all apps and isn’t the play store.
Aurora works parfectly fine. If not try disabling play store first then set it up
That’s odd, I’ve got a Pixel myself and Aurora just worked right out of the box on GrapheneOS. First time I’m hearing about Aptoide though, I’ll check it out.
Did you ever login to your Google account on the other phone? If so, I would guess that is how.