this post was submitted on 22 Nov 2023
53 points (96.5% liked)

DeGoogle Yourself

8756 readers
1 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

[email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

founded 4 years ago
MODERATORS
 

Hello there! This is my problem: I'm going to buy a new smartphone, and I'd really like to degoogle myself as much as possible. The idea would be to buy a device compatible with LineageOS, but... Supported devices are usually older models, and often there are newer devices with better specs for the same price, that does not support lineageOS. Is seems a shame to buy a device with lower specs than another one just because of software compatibility. So the alternative would be to buy an unsupported device, unlock the bootloader and debloat it as much as possible, flash privileged fdroid and aurora store on it, install microg, etc... What do you suggest me to do? Is the second alternative a viable option? What other steps should I do if I decide to go that way?

Thanks in advance folks!

Edit:
Thanks to anyone for the great answers! I finally decided to buy a pixel 6 (or 6 pro if I find a good deal) and install a custom ROM on it! GrapheneOS will support it for "only" 3 more years, while other roms like lineageos or divestos will have longer support. What do you suggest? Graphene OS and when support ends switch to another one? O directly use the other one?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 11 months ago (1 children)

microG runs Google Play code just like Aurora Store. It is not fully open source. Here's more information.. It is still connecting to Googles propriety servers.

microG requires Signature Spoofing and alternative OSes usually ship with microG as a privileged system app. This increases the attack surface as it is not confined by the regular sandbox rules.

Now you're using a privileged component, which downloads and executes Google code in that privileged unprotected context, and which talks to Google servers because otherwise, how would FCM work for example?

Despite doing both of those things, MicroG doesn't have the same app compatibility as Sandboxed Google Play despite the extra access it has on your device. Even in some magical universe MicroG worked without talking to Google servers or running Google code (again, in a privileged context), the apps you're actually using it with (the apps depending on Google Play) have Google code in them.

[–] [email protected] 1 points 11 months ago

microG runs Google Play code just like Aurora Store. It is not fully open source.

Neither of them run "Google Play code".

You can download proprietary apps through the Aurora Store and those on their own might include Google play libraries but that should be painfully obvious.

µG can optionally download and run the proprietary DroidGuard for implementing the proprietary SafetyNet. If you don't want proprietary software, you should not explicitly enable SafetyNet (I don't know what app you'd use it with anyways).

Here's more information.

That's a Twitter thread with no cited sources aka. the truthiest information known to man.

It is still connecting to Googles propriety servers.

If you ask it to, yes. That's one of its explicit purposes.

It obviously must talk to Google servers in order to facilitate things like cloud messaging for example; there is no other way.

It does try to implement many APIs that would ordinarily talk to Google's servers in regular GMS using alternative methods however and if it has to talk to Google, it does so with the least amount of data possible.

microG requires Signature Spoofing

This is usually only enabled for the µG app itself and nothing else.

ship with microG as a privileged system app. This increases the attack surface as it is not confined by the regular sandbox rules.

This does increase the attack surface a little. In a world where blindly trusting gigabytes of privileged vendor blobs is the norm however, I don't think it's all that significant.

Compared to the hundreds of MiB of regular proprietary GMS code that ships on Android devices, it pales in comparison.

downloads and executes Google code in that privileged unprotected context

As opposed to ..running running the entire GMS in a privileged context?

MicroG doesn't have the same app compatibility as Sandboxed Google Play despite the extra access it has on your device.

You're comparing apples to oranges. µG replaces GMS, not the tool used to sandbox GMS. You could sandbox it in the same way.

There is no "extra access" that µG has compared to regular GMS.

[if] MicroG worked without talking to Google servers

I don't know why you keep mentioning this, it was never up to debate.

the apps you're actually using it with (the apps depending on Google Play) have Google code in them.

Apps that bundle Google Play code have Google Play code inside?!

Start the presses! Notify the President!

A wild revelation, the world must know it!