GrapheneOS Sensors and Network permissions confuse me
from clark@midwest.social to privacy@lemmy.ml on 11 Jul 2024 22:52
https://midwest.social/post/14400595

I can’t upload the images here for some reason so I can describe what I’m seeing.

In the Sensors list, I am seeing stuff like “3 Button Navigation Bar” “Android Easter Egg” “Android Shared Library” “Android System Angle.” In Networks I am seeing url-like names like “com.android.federatedcom[…]” “com.android.sdksandbox” “DeviceLockController.”

Is this malware? Is this virus? Is this safe or how do I remove them? Is it after I installed a sandboxed version of Play Store? I have spent all evening working on GOS and I am exhausted and the physical SIM card won’t work and I’m driving myself mad and it feels like nothing is working or I did something wrong and I can’t undo it. I just need some guidance please.

#privacy

threaded - newest

levi@awful.systems on 11 Jul 2024 23:07 next collapse

You shouldn’t be messing around in the Sensors list, that functionality isn’t exposed to the user on stock Android or other Roms, it’s just there to give extra control over apps that don’t need the Sensors

Is this malware? Is this virus? Is this safe or how do I remove them?

I’m assuming you toggled “view system apps”, think of them as services that you phone needs to do various tasks, so disabling them or trying to remove them might damage or brick your system, GOS is debloated already, I don’t know what you’re trying to achieve ?

I don’t use apps that require sensor permissions and for other apps, if I find they don’t require fingerprint lock as in they don’t have that functionality at all, I remove that permission

Edit: also, GOS devs are very active on Mastodon and on their forum, consider asking them there

clark@midwest.social on 11 Jul 2024 23:15 collapse

I just feel weird about these things I don’t recognise because I fear they hoard my data or expose my phone to dangers. Should I grant Google Framework Services all location preferences then…?

GolfNovemberUniform@lemmy.ml on 11 Jul 2024 23:36 next collapse

If you’re so scared about data collection, you shouldn’t be using a ROM with any kinds of Google apps installed imo. Consider switching to a fully vanilla one instead.

clark@midwest.social on 11 Jul 2024 23:46 collapse

Unfortunately I must use these apps for financial and social reasons. Still, I want to hide my data as much as possible.

GolfNovemberUniform@lemmy.ml on 12 Jul 2024 00:03 next collapse

For that you need a separate device/VM with a system-wide VPN being enabled constantly. And what are the “social reasons”? You can’t hide the data if you message your friends about your plans on Google Messages for example.

TheHobbyist@lemmy.zip on 12 Jul 2024 02:00 collapse

I don’t know if you do this already, but in case you are not: GOS offers a convenient way to separate apps between each other, where some may depend on google services and others don’t. The methodology which works best for me is to use the main profile for all my personal apps and which do not require google services. For those few apps that do, I create a dedicated profile, in which I install the google services and the apps which need it. You can pipe notifications from that profile to the main one, in the profile settings, that way you can get the notifications of those apps even when not in the dedicated profile.

Additionally, if you do not need those notifications, you can disable the profile to run in the background when not in use.

As others have said, do not touch services and apps you do not recognize. Be very careful as things could turn south. Do not touch things unless you know what you are doing.

Upstream7564@discuss.tchncs.de on 12 Jul 2024 03:30 collapse
Max_P@lemmy.max-p.me on 12 Jul 2024 01:38 collapse

Those are Java package names. Android is written mostly in Java/Kotlin. Java being Java, the recommendation for package names is to use reverse domain name syntax to uniquely identify your stuff. So most of Android’s core is under the com.android.* namespace, and Google’s extra stuff usually under com.google.android or something like that.

Android is also extremely modular, so a lot of the system is also just regular Android apps, including settings. That’s why you can see say, “Android Easter Egg” which is the hidden system app that gets launched when you tap the version number in settings a few times.

If all you installed is GrapheneOS and Google Apps, I wouldn’t worry about malware. Google’s stuff might be spyware but that’s up to you to judge, but nothing that wouldn’t run anyway on your stock OS.