Hmm, bis jetzt keine Probleme mit Revolut auf Graphene gehabt...
this post was submitted on 10 Dec 2024
3 points (100.0% liked)
Android
1 readers
1 users here now
Android news, reviews, tips, and discussions about rooting, tutorials, and apps.
General discussion about devices is welcome. Please direct technical support, upgrade questions, buy/sell, app recommendations, and carrier-related issues to other communities.
Rules
Rules
- Stay on topic: All posts should be related to the Android operating system or ecosystem.
- No support questions/rants/bug reports: All posts should benefit the community rather than the individual. Please refrain from posting individual support questions, rants, or bug reports.
- Describe images/videos: Please provide an explanation in the self-post body when sharing images or videos. Memes are not allowed.
- No self-promotional spam: Only active members of the community can post their apps, and they must participate in comments. Please do not post your own website, YouTube, or blog.
- No reposts/rehosted content: Submit original sources whenever possible, unless the content is not available in English. Reposts about the same content are not allowed.
- No editorializing titles: Do not change article titles when submitting. You may add the author if relevant.
- No piracy: Do not share or discuss pirated content.
- No unauthorized polls/bots/giveaways: Do not create unauthorized polls, use bots, or organize giveaways without proper authorization.
- No offensive/low-effort content: Avoid posting offensive or low-effort content that does not contribute positively to the community.
- No affiliate links: Posting affiliate links is not allowed.
founded 2 years ago
MODERATORS
@[email protected] @[email protected] They only started doing it for new logins. Don't logout of the app or clear the app data, it will stop working. You can try installing it in a new Private Space, work profile or secondary user to see that logging in won't work.
@[email protected] Es wäre interessant zu weisen, wie es bei CalyxOS ist. Gibt es dazu sich infos?
@[email protected] @[email protected] microG does not implement the Play Integrity API or the overall majority of Google Play functionality so it never gets a chance to be rejected as not allowed. CalyxOS has far less app compatibility than GrapheneOS along with not being a hardened OS. It does not improve privacy or security in the same sense as GrapheneOS and it's a misconception that they're at all similar projects. It's also a misconception that it's easier or more broadly compatible, it's the opposite.
@[email protected]
I used GrapheneOS for several month on my Pixel 6 and switched now to CalyxOS to see the differences.
GrapheneOS is heavily security focused. But Google Play, even in a Sandbox, is a privacy concern for me, because I still can't really control or see what it's doing.
CalyxOS is more privacy focused. With MicroG I can see what apps are connected to the Google notification server and even block it. Maps data is from open street maps and not from Google maps.
@[email protected] CalyxOS is far less privacy focused than GrapheneOS. It doesn't have crucial privacy features such as Contact Scopes, Storage Scopes needed for parity with iOS. It has the leaky network toggles from LineageOS, leaky anti-privacy VPN toggles, still uses multiple Google services by default and gives Google services privileged access within the OS. It has a bunch of privacy issues fixed on GrapheneOS. A recent example we addressed is leaking contacts to hands-free calling Bluetooth devices.
@[email protected] You're missing that apps using Google Play are running Google Play libraries. The code running within the apps can and does directly contact Google servers. You are not avoiding running and trusting Google Play code by using microG with apps using the Google Play libraries.
GrapheneOS has support for redirecting Google Play APIs to alternate implementations which is what we do with location services by default. That is not exclusive to microG. We will do it with more APIs than location.
@[email protected] You control which apps can contact Google Play services via which ones you install in the same profile, such as putting it into a Private Space. However, each app using it includes the Google Play libraries and does not need to be able to talk to Google Play to use Google services. There is absolutely no requirement to have Google Play to use Google services. That's a misconception. Many apps use Google services directly including through Google libraries, with or without Play services.
@[email protected] microG also has a bunch of privacy and security weaknesses including data leaks between applications and many holes poked in how the security model is meant to work. It was unacceptable for inclusion in GrapheneOS, so we began making our own compatibility approach in 2021 instead. Since then, we've been extending our approach including reimplementing more of the Google Play services and other functionality ourselves. That's not going to be limited to the current location redirection.
@[email protected] GrapheneOS is in the process of implementing several features within the OS not tied in any way to Google Play compatibility including network location and geocoding. Our approach is implementing the features in the OS in a way that's not tied to Google Play and then redirecting the Google Play APIs to the OS implementation. We'll be providing our own implementation of FIDO, passkeys, maps, text-to-speech, voice typing and other features. GrapheneOS doesn't include Google Play and won't.
@[email protected] You're misunderstanding our sandboxed Google Play approach and what it means for it to be in a sandbox. It is the same app sandbox used for other apps, and they are simply regular apps constrained by the same permission model as everything else including our major improvements to it. Google Play services running on GrapheneOS has 0 additional access to anything compared to the Google Play code running as part of an app like Discord. In fact, it has less access, because it's separate.
@[email protected] It's a misconception that we've made a special sandbox for running Google Play services. That is not what we provide. There is no special sandbox or modified version of Google Play for GrapheneOS. You can simply install them as regular sandboxed apps with all our usual privacy improvements to the app sandbox and permission model. The feature is a compatibility layer which enables them to work with exactly the same restrictions as other apps that are not granted any permissions by you.
@[email protected] The whole point of this approach is that they have zero additional access compared to the Google Play code running within the apps using them. Those apps can do everything that sandboxed Google Play services can do without it installed. It gives absolutely no extra access or capabilities to the Google Play code that's running as part of them. Plenty of the Google libraries function fine without Play services and make connections to their services without it. Not everything requires it.
@[email protected] The idea that Play services is needed to use Google services or that there's something special about what it does is wrong. Everything it does as sandboxed Google Play on GrapheneOS can be done by other apps. It has no special access or capabilities. It does not give absolutely any additional access that's not already available to the Play code in apps. If you want to avoid Google Play, you have to only use apps not including Google Play code, such as using Molly FOSS instead of Signal.
@[email protected]
I'm aware of the fact, that almost all app form the Play Store or Aurora store do have one or more tracker build-in. For this reason I self-host a Adguard Home server and my phone is connected via DoT to this server. It's unbelievable how many crap is filtered every day.
@[email protected] Those DNS filter lists that you're using are designed to only block connections to domains not used for anything other than ads or tracking. They deliberately do not block connections to dual-use domains needed for real functionality. That heavily limits what can be done that way. If they did block everything used for tracking then a whole lot of mainstream apps would not work anymore so it wouldn't be usable or truly useful. Protecting privacy from apps requires permission controls.
@[email protected] Android's permission controls are not good enough. Apps force you to give media, storage and contacts permissions to use them. iOS has solutions for that and so do we. We're in the process of adding more of these features for Location (to replace global Mock Location), Microphone, Camera and Phone. This is crucial for privacy. You cannot achieve privacy blocking some connections from the client while still allowing apps to connect to their servers and from there share with any 3rd party.
@[email protected]
You are right. I knew this already. I'm still following you on Mastodon. 😉 But to be honest, people don't care so much about this important details. People using CalyxOS usually don't install Google apps or services. CalyxOS uses still Googles time and GPS server, but is stripping out some information. And eSIM aktivaion goes to Google, if I remember right.
@[email protected] Then why are you claiming it offers better privacy than GrapheneOS?
CalyxOS comes with some Google services that it always uses, more than the ones you are listing, and no it does not strip out any information whatsoever.
Aside from that, microG is a privileged implementation of Google services. It does use multiple Google services. Saying people don't install Google services is meaningless. It comes with them built into the OS with privileged access unavailable to regular apps.
@[email protected] It does not implement basic privacy features needed for parity with iOS. iOS 18 added an equivalent to the core Contact Scopes feature set, just not selecting specific subsets of data. Earlier iOS already essentially had most of Storage Scopes. We also fix some more minor privacy issues needed for parity.
CalyxOS does implement a bunch of misguided changes mainly taken from LineageOS, a lot of which either give a false sense of privacy or even reduce it compared to standard Android.
@[email protected] Mindestens genauso ärgerlich finde ich Apps, die ohne Not #googleplayservices erfordern. Die App der #Telekom Tochter #frænk zum Beispiel lief immer Problemlos auf einem googlefreien Gerät. Lief. Seit ein paar Monaten startet die auch nur noch, wenn Google Play Dienste installiert sind. Super nervig sowas. -_- Den Support bei denen hat das auch nicht interessiert. :-/
@[email protected]
Kann die Liste ergänzen:
- Postident
- Ingress Prime ( Spiel)
verweigern die Installation, bzw. gehen nicht bei GrapheneOS.
#grapheneos #android
@[email protected] @[email protected] Both of those apps very likely use the Play Integrity API to ban using GrapheneOS or any other alternate OS. However, we need to confirm that's the case.
Until recently, there were nearly zero cases of apps which weren't usable on GrapheneOS.
Some apps require the per-app exploit protection compatibility mode toggle to work around memory corruption bugs detected by GrapheneOS, but those aren't incompatible just app bugs requiring a workaround until they fix it.
@[email protected] @[email protected] We know for sure that Ingress uses the Play Integrity API but we hadn't confirmed if they'd added an exception for GrapheneOS yet. If you recently tried and it doesn't work, clearly they haven't.
Can you give us a link to the Play Store page for the Postident app? Is there an existing thread on our forum about it? It's hard for us to confirm if people are talking about the same app since we don't know about it and can't use it ourselves.
Sind nur besonders Datenschutz freundliche Roms betroffen?
Bei Linagos habe ich keine Probleme, außer natürlich die besonders Anspruchvolle Apps wie NFC Payment via Google Wallet.