I might have misunderstood this but is Android really trying to push this as tracking as a privacy upgrade, simply because it let’s us choose which of our interests we want advertisers to have access to?

  • Pantherina@feddit.de
    link
    fedilink
    arrow-up
    14
    arrow-down
    1
    ·
    10 months ago

    AOSP is not a usable product and it is full of Google stuff. GrapheneOS and LineageOS (and derivates) make it usable.

    GrapheneOS was the first at complete degoogling, others followed, but still have no secure solution for apps needing Google Play. MicroG is proprietary Google code, ran unsandboxed and still unreliable and less secure.

    So GrapheneOS really is the only usable OS right now, it is FOSS (even in the BSD way that companies could make their proprietary fork) and other projects should base on it and weaken its security to make it run on existing other phones. This is still better than alternatives, but it is a hell of maintenance as all that security causes infinitely more bugs than just using AOSP (which is rock solid) and adding some apps lol.

    Please donate to GrapheneOS, the project is not yet fully sustainable and they are doing incredible work.

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      3
      ·
      10 months ago

      Obviously by “google” were talking about proprietary blobs.

      For example TOTP is great. There’s no issue with the fact that it was developed by Google. Same with AOSP.

      Any ROM doesn’t have Google Play Services by default and therefore its google free in all the ways that matter

      • Pantherina@feddit.de
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        10 months ago

        No some OS preinstall microG. Because only if the core is finished you can hash and sign it, if the user flashes some apps afterwards that doesnt work.

        Btw ROM is read only memory, a tiny part of the firmware

        • Fisch@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          10 months ago

          MicroG is open source tho and only talks to Google if you explicitely activate it

          • Pantherina@feddit.de
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            10 months ago

            No its not. They download Google Binaries which run as system apps and have privileged access.

            They practice badness enumeration in some form, while their permission model (only activating what is needed) is a better approach but incomplete.

            Any app that relies on Play has those libraries implemented, so they could show ads etc. on their own. But with microG they have a component with privileged system access, in contrast to sandboxed play where no component is privileged.

      • Pantherina@feddit.de
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        10 months ago

        Which is even less degoogles as it preinstalls microG which is official Google binaries, running as a system app with permission to critical system infos and basically all your stuff.

        See my other comments.