Hi,
I am (very, very early) in the process of degoogling. I am definitely not a high risk as far as needing to be completely locked down. It’s more about trying to have a little more control over how my data is used.
I am looking at Graphene OS, but I am a little confused how certain apps (that rely on Google services) work. I have a Pixel 8 and will have it for the foreseeable future.
The apps I currently use that I would still need (or their equivalents) are:
- Clash Royale (Supercell)
- Notion (Notion Labs)
- Clickup (Mango Technologies)
- Business Calendar 2 (Appgenix)
-
If I installed these exact apps “sandboxed”, what exactly does that mean from a user standpoint? Will I have to use a separate account, reboot my phone, etc, or is it a quick process to use the app?
-
Is there a list of apps that I could browse to find equivalents to the above? Recommendations here are also ok.
-
I saw that Firefox isn’t exactly private(?) and that Vanadium is better in that aspect but I don’t understand why. Can someone ELI5, and help me see if this is a relevant concern for me?
Thank you! 😁
Stop believing the lie fed to you that Android and all other forks are different from GrapheneOS, another AOSP fork. Android fundamentally is sandboxed as far as running apps is concerned. GrapheneOS is just a feature rebranded AOSP fork with practically no security advantages.
- I saw that Firefox isn’t exactly private(?) and that Vanadium is better in that aspect but I don’t understand why. Can someone ELI5, and help me see if this is a relevant concern for me?
You could do better by firstly getting out of the GrapheneOS cult, and secondly not believing the lies about Chromium and its forks being superior to Firefox. Tor Project chooses Firefox over Chromium for privacy and security reasons. These GrapheneOS clowns are not even 0.1% as good as Tor Project experts, and this AOSP fork is only “developed” (feature rebranded) by one person, if you check its GitHub.
Thirdly, understand that no matter what you do, the smartphone is fundamentally hard to make bulletproof, considering its nature as a communicator device. You already have solid security on Android since years, no matter what you pick.
Fourthly, you will have a way easier life with my non-root smartphone guide, all of which is steps you do, and not do complicated things that do not even carry a guarantee of security or honesty from developer’s side.
They lie to the extent of going around in tech YouTuber comment sections and claim they have $1M Cellebrite Israeli toolkits to verify grapheneOS is safe against bootloader attacks like Evil Maid. https://i.imgur.com/woNxPhx.jpg
Please read the paper by Ken Thompson, co-creator of Unix and C, on why we should be able to trust the developer and NOT the code. https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
you’re wrong and look stupid.
Do you have anything constructive to say, or can this be accurately interpreted as clowning/trolling?
“Someone disagrees with what I say” = trolling
So, the point here is to degoogle, yet you need certain apps that require google services.
What I and many others do is have a clean (i.e. no google services) main profile and a dirty (has google services) secondary profile. Put your needed apps in the secondary, live in main, and it’s two swipes and a tap to get to your apps in secondary. Best of both worlds. Over time find replacements that work in your main, congratulations, you’re now degoogled on your phone.
Is there a faster way to switch profile than going into the settings? Sounds like you’ve got a much better way than what I’ve been doing
In my case I just use an app called “shelter”. Going to the dirty profile is as easy as opening the app drawer and swiping left. I can also “pause” all apps in that profile whenever i want. No tikering necessary.
Swipe into notifications, swipe down on the quick access thingies (bluetooth, aeroplane mode etc), at the bottom is three circular buttons, leftmost brings up select user (swipe, swipe, tap, tap, sorry, missed one.)
You can also swipe down with 2 fingers and bring up the full quick settings thing with just one swipe
Cool!!!
Must say I hate the lack of a manual / help these days. “It’s intuitive”, no it’s fucking not, you just don’t want to write doco. (Not aimed at GrapheneOS specifically, just the state of things in general)
I feel like AOSP, at the very minimum, should have its own “tips and tricks” list (ideally in the form of a built-in app). Ideally every OEM flavor of Android should. I should not have to look it up in order to find these out tbh
You don’t install the apps “sandboxed”. You can install the Google services like any normal app (in the “Apps” app). The Google services will then only have very limited permissions, for example they won’t be able to see your location, camera, contacts etc. by default and you can grant these permissions like to any other app.
The only thing that changes is that you have the option to install Google services and that you have the option to grant them permissions they would have limitlessly on a “normal” Android phone.
Your four mentioned apps should work on GrapheneOS without any problems, the only apps I had difficulties with were banking apps. The Google Play Store won’t be installed by default though, so you will need to install it in the “Apps” app. (I recommend using F-Droid to find alernative apps, although you won’t find something like Clash Royale on there. If you don’t want to use a Google account, you may want to look into Aurora Store (it provides anonymous access to the Play Store), which is also available of F-Droid)
I personally still use Firefox (Mull to be exact), because Vanadium doesn’t seem to have any good way of blocking ads. I found this on the internet in some R*ddit comment:
Chromium-based browsers like Vanadium and Bromite provide the strongest sandbox implementation, leagues ahead of the alternatives. It is much harder to escape from the sandbox and it provides much more than acting as a barrier to compromising the rest of the OS.
(Long version of the above quote: https://grapheneos.org/usage#web-browsing)
FWIW Cromite should be the recommendation now (Bromite has been long discontinued!), although I too don’t worry too much about the sandboxing benefits and use a FF fork for much/most of my browsing these days.
Been usin graphene for a while now i reccommend find as many of your apps on fdroid (i use the neostore frontend for fdroid) then use aurora store for apps on google play. U can install google services from the graphene apps and then u can grant that permissions as u need. I use firfox developer edition cos i need my desktop plugins on mobile. Have had no problems running any apps if ur worried abt google services make a second profile and install it on that profile to further seperate google relient apps.
Just a heads up, the regular Firefox also let’s you install extensions on mobile now
All of them or just a select list cos theyve had a select list for ages now
They had an update a little while ago that you can install any desktop extension on mobile now
Idk what those apps are but if your work requires them, then you should have a separate work phone that runs whatever your boss wants it to, and your own phone that is degoogled. You want the separate phones for other reasons too, like if there is a problem at work and they need the phone, they get theirs and not yours.
Otherwise, find substitutes for those apps if you have to.
This. It is worth a few hundred bucks to get a separate “normie” phone and run all your Googled apps on there. It may not even need a sim or a data plan… Just use it on WiFi at home or office. This doesn’t need to be a flagship device… Just something “good enough”.
Then run all your personal stuff on your other degoogled phone. This is the one with your sim and primary number. Don’t do any work or Google crap on there.