Privacy

31262 readers

612 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

GrapheneOS Sensors and Network permissions confuse me (midwest.social)

submitted 2 months ago by [email protected] to c/[email protected]

8 comments fedilink hide all child comments

I can’t upload the images here for some reason so I can describe what I’m seeing.

In the Sensors list, I am seeing stuff like “3 Button Navigation Bar” “Android Easter Egg” “Android Shared Library” “Android System Angle.” In Networks I am seeing url-like names like “com.android.federatedcom[…]” “com.android.sdksandbox” “DeviceLockController.”

Is this malware? Is this virus? Is this safe or how do I remove them? Is it after I installed a sandboxed version of Play Store? I have spent all evening working on GOS and I am exhausted and the physical SIM card won’t work and I’m driving myself mad and it feels like nothing is working or I did something wrong and I can’t undo it. I just need some guidance please.

top 8 comments

sorted by: hot top controversial new old

[–] [email protected] 11 points 2 months ago* (last edited 2 months ago) (1 children)

You shouldn't be messing around in the Sensors list, that functionality isn't exposed to the user on stock Android or other Roms, it's just there to give extra control over apps that don't need the Sensors

Is this malware? Is this virus? Is this safe or how do I remove them?

I'm assuming you toggled "view system apps", think of them as services that you phone needs to do various tasks, so disabling them or trying to remove them might damage or brick your system, GOS is debloated already, I don't know what you're trying to achieve ?

I don't use apps that require sensor permissions and for other apps, if I find they don't require fingerprint lock as in they don't have that functionality at all, I remove that permission

Edit: also, GOS devs are very active on Mastodon and on their forum, consider asking them there

[–] [email protected] 3 points 2 months ago (2 children)

I just feel weird about these things I don't recognise because I fear they hoard my data or expose my phone to dangers. Should I grant Google Framework Services all location preferences then...?

[–] [email protected] 6 points 2 months ago (1 children)

If you're so scared about data collection, you shouldn't be using a ROM with any kinds of Google apps installed imo. Consider switching to a fully vanilla one instead.

[–] [email protected] 4 points 2 months ago (2 children)

Unfortunately I must use these apps for financial and social reasons. Still, I want to hide my data as much as possible.

[–] [email protected] 5 points 2 months ago* (last edited 2 months ago)

For that you need a separate device/VM with a system-wide VPN being enabled constantly. And what are the "social reasons"? You can't hide the data if you message your friends about your plans on Google Messages for example.

[–] [email protected] 4 points 2 months ago

I don't know if you do this already, but in case you are not: GOS offers a convenient way to separate apps between each other, where some may depend on google services and others don't. The methodology which works best for me is to use the main profile for all my personal apps and which do not require google services. For those few apps that do, I create a dedicated profile, in which I install the google services and the apps which need it. You can pipe notifications from that profile to the main one, in the profile settings, that way you can get the notifications of those apps even when not in the dedicated profile.

Additionally, if you do not need those notifications, you can disable the profile to run in the background when not in use.

As others have said, do not touch services and apps you do not recognize. Be very careful as things could turn south. Do not touch things unless you know what you are doing.

[–] [email protected] 3 points 2 months ago

I think what you need is a threat model:

https://opsec101.org/ https://www.privacyguides.org/en/basics/threat-modeling/ https://ente.io/blog/threat-modeling-101/ https://proton.me/blog/what-is-a-threat-model

[–] [email protected] 6 points 2 months ago

Those are Java package names. Android is written mostly in Java/Kotlin. Java being Java, the recommendation for package names is to use reverse domain name syntax to uniquely identify your stuff. So most of Android's core is under the com.android.* namespace, and Google's extra stuff usually under com.google.android or something like that.

Android is also extremely modular, so a lot of the system is also just regular Android apps, including settings. That's why you can see say, "Android Easter Egg" which is the hidden system app that gets launched when you tap the version number in settings a few times.

If all you installed is GrapheneOS and Google Apps, I wouldn't worry about malware. Google's stuff might be spyware but that's up to you to judge, but nothing that wouldn't run anyway on your stock OS.