That’s why everyone should use GrapheneOS. Sandboxed GooglePlay services can be used, if needed.
I personally use 3 proprietary apps, one of them is WhatsApp Business (self-employed and for stupid dipshits that won’t use anything else…), which is more privacy-friendly than the personal client itself.
Join the resistance! Use GrapheneOS :)
What we need is more open hardware. Current phones are privacy issues because they are black boxes. Even if a libre device has bad security it always can be improved.
More open source hardware would be epic, but imo this trend will take years to grow if it even will succeed. Most people just don’t care about their privacy at all and with hw and sw being open, there’s less money to be earned because of easier plagiarism.
Thats weird, it almost feels like a misalignment between our general needs for computing resource development, and the incentive structures produced by using capitalist economic markets to distribute even basic goods for survival…
How do you sandbox Google apps? Is it possible to do that with Google docs? I’ve been replacing everything else, but Google docs is difficult to replace.
Indeed - it seems that this tracking is done completely outside of the phone, asking the network where, physically, the push notification was delivered (Tower, time, and date) to locate the phone and ostensibly the owner of the phone.
Sandboxed GooglePlay services can be used, if needed.
I don’t see how that would prevent this at all.
What is being discussed here is governments compromising the push notification service on Apple’s servers (and presumably Google’s as well)
Sandboxing Google services on your phone does nothing to change the fact that virtually all apps that receive messages/notifications are going to be using the push notification APIs that are compromised.
Whether or not private data is sent in those pushes and whether or not they are encrypted is up to the app developers.
It’s common for push messages to simply be used as a triggering mechanism to tell the device to download the message securely so much of what is compromised in those cases will simply be done metadata or even just “a new message is available”
But even so, that information could be used to link your device to data they acquired using other methods based on the timing of the push and subsequent download or “pull”
The problem is that if you go ahead and disable push notifications/only use apps that allow you to, you are going to have abysmal battery life and an increase in data use because your phone will have to constantly ping cloud servers asking if new messages/notifications are available.
Yeah you’re right. Sandboxed gplay services can still be used to surveil clients, good thing you can use another profile with gplay services and install apps (which needs those) on there, meaning no potential leaks for apps that use their own push notification service and closed APIs (Google or Firebase).
Good thread about it: https://discuss.grapheneos.org/d/9407-this-is-why-i-use-grapheneos
That’s cool, but also doesn’t sound all that useful.
A fairly significant number of apps depends on Firebase and the like and don’t even have the option to pull notifications otherwise. And virtually every app at least use them.
When’s the last time you’ve seen a chat app that didn’t require push notifications to function? Even Signal uses them. (Though they do so in a way that doesn’t expose any private data)
You just can’t disable push without severely crippling the experience.
Further I’m not even sure disabling them on-device will change anything at all about governments being able to surveil them server-side. Afaik you are only stopping your phone from receiving them, they would still be sent to the Firebase server from the app’s cloud servers.
I don’t think this issue is avoidable other than app developers not using (or using in a secure manner) Firebase or GCM (or ACM) etc
I wasn’t saying Signal required them necessarily, just that even it uses them. But now reading back through my comment I can see how that could be easily misinterpreted. My bad
I get it. Indeed, it’s obvious now that even these apps would need to use Google’s API I stand corrected. Nope, apps from F-droid usually do not use GCM.
I hadn’t heard of netfy before this, I’ll have to take a look. I’m assuming that’s an alternative FOSS framework for notifications? Can it be used as a drop-in replacement for most applications?
You’re right, for some reason I thought Firebase was allowed.
Yeah netfy is a FOSS notification service.
As to drop-in replacements, I don’t think such a thing really exists on the user side, this is fully up to the app developer in how they want to implement notifications.
To use netfy instead of FCM your app would need to be designed to do so or support it as an alternative option.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
That’s why everyone should use GrapheneOS. Sandboxed GooglePlay services can be used, if needed. I personally use 3 proprietary apps, one of them is WhatsApp Business (self-employed and for stupid dipshits that won’t use anything else…), which is more privacy-friendly than the personal client itself. Join the resistance! Use GrapheneOS :)
Good read about push notifications on GOS: https://discuss.grapheneos.org/d/9407-this-is-why-i-use-grapheneos
What we need is more open hardware. Current phones are privacy issues because they are black boxes. Even if a libre device has bad security it always can be improved.
I use Lineage os on my phone with only free apps.
Put pressure to release the FP5 in the US. I don’t know why they decided not to
More open source hardware would be epic, but imo this trend will take years to grow if it even will succeed. Most people just don’t care about their privacy at all and with hw and sw being open, there’s less money to be earned because of easier plagiarism.
Thats weird, it almost feels like a misalignment between our general needs for computing resource development, and the incentive structures produced by using capitalist economic markets to distribute even basic goods for survival…
How do you sandbox Google apps? Is it possible to do that with Google docs? I’ve been replacing everything else, but Google docs is difficult to replace.
Every app is sandboxed by default and has no permissions, which you can give them. Like StorageScope for accessing only certain files.
How does it handle push notifications? If they come from googles push service then they’d be exploitable as well.
Indeed - it seems that this tracking is done completely outside of the phone, asking the network where, physically, the push notification was delivered (Tower, time, and date) to locate the phone and ostensibly the owner of the phone.
https://grapheneos.org/faq#notifications
I don’t see how that would prevent this at all.
What is being discussed here is governments compromising the push notification service on Apple’s servers (and presumably Google’s as well)
Sandboxing Google services on your phone does nothing to change the fact that virtually all apps that receive messages/notifications are going to be using the push notification APIs that are compromised.
Whether or not private data is sent in those pushes and whether or not they are encrypted is up to the app developers.
It’s common for push messages to simply be used as a triggering mechanism to tell the device to download the message securely so much of what is compromised in those cases will simply be done metadata or even just “a new message is available”
But even so, that information could be used to link your device to data they acquired using other methods based on the timing of the push and subsequent download or “pull”
The problem is that if you go ahead and disable push notifications/only use apps that allow you to, you are going to have abysmal battery life and an increase in data use because your phone will have to constantly ping cloud servers asking if new messages/notifications are available.
Yeah you’re right. Sandboxed gplay services can still be used to surveil clients, good thing you can use another profile with gplay services and install apps (which needs those) on there, meaning no potential leaks for apps that use their own push notification service and closed APIs (Google or Firebase). Good thread about it: https://discuss.grapheneos.org/d/9407-this-is-why-i-use-grapheneos
deleted by creator
That’s cool, but also doesn’t sound all that useful.
A fairly significant number of apps depends on Firebase and the like and don’t even have the option to pull notifications otherwise. And virtually every app at least use them.
When’s the last time you’ve seen a chat app that didn’t require push notifications to function? Even Signal uses them. (Though they do so in a way that doesn’t expose any private data)
You just can’t disable push without severely crippling the experience.
Further I’m not even sure disabling them on-device will change anything at all about governments being able to surveil them server-side. Afaik you are only stopping your phone from receiving them, they would still be sent to the Firebase server from the app’s cloud servers.
I don’t think this issue is avoidable other than app developers not using (or using in a secure manner) Firebase or GCM (or ACM) etc
Signal notifications work fine without GCM, and even Whatsapp does to an extent
That’s true, signal is pretty good about that.
I wasn’t saying Signal required them necessarily, just that even it uses them. But now reading back through my comment I can see how that could be easily misinterpreted. My bad
Would applications that don’t use GMS be compromised too? Example: everything from F-droid
I think unless they use netfy or a similar alternative then yes.
The vast majority of apps will be using GCM or FCM for notifications.
Now whether or not those push messages are encrypted/don’t contain private data is up to the app developer so how much is exposed can certainly vary.
I get it.
Indeed, it’s obvious now that even these apps would need to use Google’s APII stand corrected. Nope, apps from F-droid usually do not use GCM.I hadn’t heard of netfy before this, I’ll have to take a look. I’m assuming that’s an alternative FOSS framework for notifications? Can it be used as a drop-in replacement for most applications?
You’re right, for some reason I thought Firebase was allowed.
Yeah netfy is a FOSS notification service.
As to drop-in replacements, I don’t think such a thing really exists on the user side, this is fully up to the app developer in how they want to implement notifications.
To use netfy instead of FCM your app would need to be designed to do so or support it as an alternative option.