this post was submitted on 03 Oct 2024
195 points (97.6% liked)

DeGoogle Yourself

8856 readers
82 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 4 years ago
MODERATORS
 

Google's latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the Cybernews research team has discovered that it potentially has remote management capabilities without user awareness or approval.

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews...

... “The amount of data transmitted and the potential for remote management casts doubt on who truly owns the device. Users may have paid for it, but the deep integration of surveillance systems in the ecosystem may leave users vulnerable to privacy violations,” Nazarovas said...

top 50 comments
sorted by: hot top controversial new old
[–] shortwavesurfer@lemmy.zip 90 points 1 month ago (2 children)
[–] AtHeartEngineer@lemmy.world 4 points 1 month ago* (last edited 1 month ago) (4 children)

Do they have passkeys yet

Edit: passkeys support. Last year when I checked they didn't support pass keys yet.

[–] ikidd@lemmy.world 9 points 1 month ago (1 children)

What does that even mean? It's not the function of an OS to have passkeys.

[–] AtHeartEngineer@lemmy.world 5 points 1 month ago

Grapheneos didn't support pass keys last year when I checked, so you couldn't use them at all. There was some APIs broken/missing between the OS to browser comms so you couldn't use 3rd party apps for pass keys, like proton or bit warden. I have been actively experimenting and adopting passkeys and didn't want to revert. It sounds like there is support now though, so I will give it a try soon.

load more comments (2 replies)
load more comments (1 replies)
[–] Tazerface@sh.itjust.works 70 points 1 month ago (1 children)

Installing GrapheneOS removes all the Google crap.

[–] multi_regime_enjoyer@lemmy.ml 10 points 1 month ago (8 children)

What is the advantage over Calyx/Lineage/iode OS on compatible devices? I just don't want Google to have any of my money at all. Buying a privacy solution from them recoups their loss.

[–] yonder@sh.itjust.works 18 points 1 month ago

It's my understanding that Graphene has security as its main goal, not privacy, though it's also quite private.

[–] Tazerface@sh.itjust.works 15 points 1 month ago (3 children)

I don't know about Calyx or Iode but Lineage doesn't allow for a locked bootloader. This is a massive security hole and without security, sooner or later, your privacy will be violated.

Currently, GrapheneOS on a newer Pixel are the only phones that Celebrite can't breach. Celebrite machines are cheap enough that the border guards and your local cops probably have one. In my country, it's the law that a cop is allowed to examine a phone during a traffic stop.

load more comments (3 replies)
[–] VARXBLE@lemmy.dbzer0.com 11 points 1 month ago (2 children)

Mainly the locked bootloader that GrapheneOS offers. It's more secure, and GrapheneOS emphasizes security over all else, but privacy features are part of that security.

load more comments (2 replies)
[–] RubberElectrons@lemmy.world 8 points 1 month ago (9 children)

I like calyx, might try graphene some day. But I absolutely won't run Google's play services ala graphene. It's sandboxed, supposedly, but why run it at all?

Calyx uses microG, a much smaller, fully open source emulator of Google's services.

load more comments (9 replies)
load more comments (4 replies)
[–] skuzz@discuss.tchncs.de 54 points 1 month ago

I know this isn't the topic here, but I really wish these researchers would unroll what all Apple harvests from Apple devices. It's quite a lot as well. Could help pop that "we're so private" myth.

[–] Andromxda@lemmy.dbzer0.com 52 points 1 month ago (19 children)

You can’t say no to Google’s surveillance

Yes you can: https://grapheneos.org/

load more comments (19 replies)
[–] ExtremeDullard@lemmy.sdf.org 40 points 1 month ago* (last edited 1 month ago) (5 children)

Who truly owns the device is a question that has been answered ever since Android came into being.

Ask yourself: do you have root access to YOUR phone? No you don't: Google does.

It's the so-called "Android security model", which posits that the users are too dumb to take care of themselves, so Google unilaterally decides to administer their phone on their behalf without asking permission.

Which of course has nothing to do with saving the users from their own supposed stupidity and everything to do with controlling other people's private property to exfiltrate and monetize their data.

How this is even legal has been beyond me for 15 years.

[–] ProgrammingSocks@pawb.social 28 points 1 month ago

Weirdly, Pixels are actually the best Android phones for installing custom ROMs, at least out of the major manufacturers. So for me, there isn't another choice, because I can finance a Pixel, and I can't finance a Fairphone or something.

GrapheneOS is really the furthest away from Google you can get on an Android phone and it's mainly developed for Pixel.

[–] circuscritic@lemmy.ca 28 points 1 month ago* (last edited 1 month ago) (5 children)

Please read the many write-ups by developers of well regarded privacy and security ROMs, such as grapheneOS and divestOS.

Who detail in great length why root access is a bad idea, and why many apps that require root access, are just poorly developed security nightmares.

That said, I agree that it should be an option, or at least a standardized means of enabling it. As well as all bootloaders should be unlockable. But phones are more personal devices than the PC ever was, and there are good reasons NOT to push for the proliferation of standardized root access.

[–] daddy32@lemmy.world 6 points 1 month ago

These writeups never managed to to convince me me that I should not be able to modify any file on my device. If the system is not able to grant this access to me, and me only, while doing it securely, than it's bad operating system, designed without my interests first on mind. I am absolutely sure that granting so-called "root access" can be done securely, as decades of almost-every-other-OS have shown.

[–] selokichtli@lemmy.ml 5 points 1 month ago

Yes. It is the principle, everyone should be informed of the security risks, but not stripped of the root privileges they keep for themselves.

load more comments (3 replies)
[–] cm0002@lemmy.world 18 points 1 month ago (1 children)

do you have root access to YOUR phone?

Yes. On a Pixel 9 Pro Fold.

Ironically, Google Pixels are among the few (US available) brands that still let you fully unlock the BL

[–] ExtremeDullard@lemmy.sdf.org 7 points 1 month ago* (last edited 1 month ago) (1 children)

Yes. On a Pixel 9 Pro Fold.

Not if you run the stock OS you don't.

My comment was generic. The vast majority of Android users don't unlock their bootloader and install a custom ROM. The people who do that are fringe users.

My point was that when the normal state of affairs is Google controlling YOUR property that YOU paid with YOUR hard-earned, and you have to be technically competent and willing to risk bricking your device to regain control, that's full-blown dystopia right there.

[–] vikingtons@lemmy.world 6 points 1 month ago (10 children)

out of interest, what use cases do you have in mind that require root access?

I used to use a root based solution to block ads system wide via hosts but now I just use ublock origin in Firefox.

load more comments (10 replies)
[–] jjlinux@lemmy.ml 12 points 1 month ago (1 children)

And this is different from Apple. Right? Right?

[–] Peruvian_Skies@sh.itjust.works 10 points 1 month ago (1 children)

The only real difference is that Google pretends to be open and Apple pretends to be privacy-focused. It's the illusion of choice. They're both selling their users' data to the same people.

load more comments (1 replies)
[–] Ephera@lemmy.ml 5 points 1 month ago

Yep, what radicalized me against Google was all the way back when they had bought Android and rolled out the Play Store for the first time.

I was on my first-ever phone, and yes, it did have rather limited internal storage, but then the Play Store got installed, taking up all the remaining space. I had literally around 500KB of free storage left afterwards, making it impossible to install new apps.

Couldn't uninstall the Play Store, couldn't move it to the SD-card and it didn't even fucking do anything that the Android Market app didn't do. It just took up 40MB more space for no good reason.

[–] AmbiguousProps@lemmy.today 29 points 1 month ago (2 children)

What's surprising about their stock ROM having tracking and phoning home? Use Grapheneos.

load more comments (2 replies)
[–] crimsoncobalt@lemmy.world 17 points 1 month ago

This doesn't seem surprising at all. Isn't that what Google Play Services is for? If you don't want it, custom ROMs are easily installed.

[–] DoubleChad@lemmy.ml 11 points 1 month ago (13 children)

So what phones do you all have?

[–] Andromxda@lemmy.dbzer0.com 11 points 1 month ago

Pixel 7 Pro with GrapheneOS

[–] red@lemmy.zip 10 points 1 month ago

pixel 6a with graphene os

[–] jetsetdorito@lemm.ee 8 points 1 month ago (1 children)

not a phone just a literal block of graphene

load more comments (1 replies)
[–] pineapplelover@lemm.ee 8 points 1 month ago

Pixel 8a with graphene

[–] Lennny@lemmy.world 7 points 1 month ago (1 children)

stone and chisel

Oooga booga

[–] Rai@lemmy.dbzer0.com 5 points 1 month ago

iPhone 16 Pro Max, but Graphene does look dope.

load more comments (7 replies)
[–] DavidGarcia@feddit.nl 11 points 1 month ago (3 children)

It's so ironic that Pixels are the go to devices for privacy roms these days.

All this shit is probably happening at the hardware level too, with 100 different backdoors you can't remove with your megamind plan of installing a custom rom.

The silicon probably has the ability to live stream all sensor data directly to the NSA using the fanciest ML compression technology lmao.

[–] smeg@feddit.uk 11 points 1 month ago (4 children)

Citation needed. I get that it's healthy not to trust anyone, but with the amount of security research that goes into these devices if something like that was happening then we would know about it.

load more comments (4 replies)
[–] ExtremeDullard@lemmy.sdf.org 11 points 1 month ago (6 children)

It’s so ironic that Pixels are the go to devices for privacy roms these days.

It's so ironic it's a show-stopper for me. I'm not paying fucking Google to escape the Google dystopia. Nosiree! That's just too rich for me.

This is why I own a Fairphone running CalyxOS. Yes, I know GrapheneOS is supposedly more secure - I say supposedly because I think 95% of users don't have a threat model that justifies the extra security really. But I don't care: my number one priority is not giving Google a single cent. If it means running a less secure OS, I'm fine with that.

There's no way on God's green Earth I'm buying a Pixel phone to run a deGoogled OS. That's such an insane proposition I don't even know how anybody can twist their brain into believing this is a rational thing to do.

[–] mearce@programming.dev 4 points 1 month ago

I think some people buy used/refurbished.

load more comments (5 replies)
load more comments (1 replies)
[–] sub_ubi@lemmy.ml 10 points 1 month ago

GrapheneOS + buy your phone from a store in-case you're allergic to PETN

[–] GolfNovemberUniform@lemmy.ml 10 points 1 month ago (1 children)

I'd say newer Pixels have even more privacy issues than the older ones because of cloud based AI features (ugh when will the bubble finally pop?) and stuff. However the stock OS is bad for privacy in both cases so a custom ROM is a must and afaik installing it on a Pixel is not too hard. Also new Pixels seem to get custom ROMs very quickly so you don't have to wait for months or even years for someone to make one.

[–] jjlinux@lemmy.ml 10 points 1 month ago

The Pixel 9 line had GrapheneOS avaliable a couple of days after launch. That's how fast. You order the phone, and by the time you got it, GrapheneOS was ready to replace Stock Android.

load more comments
view more: next ›