Discover microG, and what it is used for

The Android Open Source Project

As of 2022, approximately 70% of consumer phones are running the Android operating system. One of the main reasons for this scale in adoption is because of Android’s open license and a history of well-built mobile OS. Phone manufactures like this combination as it allows them to easily adopt Android to suit their needs. It also saves phone manufactures the effort involved in building a complete OS from scratch.

It’s not enough, though. Using Vanilla Android may not be the most pleasant experience unless it comes with services that can get things done. In most cases, an ecosystem of services that includes email, cloud storage, app store is built by Google on top of Android. Google provides many such free (as in price) services to users. Similarly, Google provides free (as in price) services and APIs to developers. They make videos, guides for developers to help them build better apps.

This relationship of Google with Android brings good and bad with it. Google allows people to use its services for free in exchange for data that is used to run its advertising business. This contradicts with the people’s right to privacy, but the same business model makes phone manufacturers happy, as they only need to focus on better hardware. For online services, they can pay a license fee to Google for each phone they sell with Google’s services preinstalled.

What is Google Play Services?

Google is the main contributor to the Android Open Source Project and primarily looks after its development. Decisions are often made in the direction that Google wishes Android to go. Over the years, many of the basic open source apps, such as Dialer, Messages, Camera, etc. have been replaced by proprietary software from Google. These apps often connect to Google’s services.

The Google Play Services package runs on user device and communicates with the Google Services Framework, a cloud based proprietary service. Google Play Services provides APIs (Application Programming Interfaces) that can be used by other Android apps. These APIs are free (as in price) and optional for developers to use, but they bring features like Push Notifications Service, Safety Net, Authentication, reCaptcha, which makes app development easy. This combination of Google Play Services and Google Services Framework is free to use for any developer, but for the users it comes at the cost of their privacy.

The Game of Convenience vs Privacy

Google Play Services is bad for someone looking for privacy in the digital space, and all of this has to do something with the way Google Services Framework operates. The Google Play Services is installed on millions of devices and collects massive amounts of data like device identifiers, apps installed, advertising ID etc. It’s because of this data collection that Google can provide free access to Google Play Services for developers.

Take, for example, the Push Notifications service API. It is used by many apps to show notifications reliably, like message alerts or a notification from your food delivery service. Now, most apps use this service to just show notifications, but it leads to leaking of metadata from your notifications to Google. Google can record when a notification is pushed to which phone at what time, etc. Some apps are so poorly designed in terms of privacy that their notifications even leak personal information to Google.

If you don’t like all the compromises with privacy and decide to get rid of the Google Services Framework, your device becomes your responsibility. Many apps use the Google’s service and some apps may start misbehaving. Most apps display a warning like please enable Google Play Services, but continue to work fine. Other apps like banking apps refuse to work completely if they don’t detect Google Play Services on your device.

There is no point in targeting the app developers, as they are using the resources available at their disposal to make a good app that works reliably. It saves app developers and companies a lot of work, but it gives Google a huge say over how the market will move. That’s where the problem lies. That being said, some applications like Signal focus on privacy and give fallback options to people that don’t have Google Play Services. It’s up to you what you’re ready to give up without Google services framework.

Privacy Meets Convenience — microG

Well, there is fortunately a way not to give Google all your data and still make apps and other features work. Meet microG, a free-as-in-freedom and open source implementation of the proprietary Google Play Services. Created by Marvin Wißfeld and developed since 2015, microG is a software framework that mimics Google services and solves a lot of problems of Android users that are either forced to use proprietary Google Play Services or are left in the dark.

For instance, microG generates an obfuscated identifier for your device that can be used to register with the Push Notifications service. So, you can enjoy notifications without Google knowing about your identity. You can see for yourself which data is shared with Google when you use Push Notifications with microG on /e/.

Many apps also use the Safety Net API under the assumption that it provides better security, which is not always the case. As of now, microG supports the majority of the Safety Net API features, and more are in the works.

microG Helps You Use some Google services — Not Vice Versa

MicroG makes every effort to minimize connections to Google servers, but this may not always be possible. Again, as an example, the Notifications service can’t work if your device does not connect to android.clients.google.com and mtalk.google.com. This means Google can record your IP address, when Notifications service is ON in microG, which has very limited or no impact on the user’s privacy. However, staying informed about the microG’s implementation will allow you to use it more effectively.

As of now, microG provides an experience that is very close to the pristine Google Play Services, although a few features remain in active development. Take a look at this table that outlines which services Google provides and if microG is compatible with it.

microG with /e/ OS

As microG is a free and open source project, you can check its codebase yourself or ask someone from the community to do it. This openness builds more trust in users compared to Google Play Services’ proprietary implementation, but microG does not make any money by itself. The /e/ Foundation, since 2020, is supporting microG by contributing resources and code. /e/ Foundation also supports the microG founder Marvin financially.

The /e/ OS allows signature spoofing of microG. It allows other apps use microG as they would use Google Play Services and let you enjoy microG’s privacy benefits. The /e/ OS cares about your security, and by default the OS does not allow all apps to spoof their signature.

Overall, microG gives you a great balance between privacy, app compatibility while also allowing apps to use Google Services Framework. In any case, the user has complete control over what microG is allowed to do and ultimately their data. If you are not interested in using some/all services from Google, you can turn off that service in microG. microG puts you back in control of your device and your data.

Read also: microG - What you need to know, A conversation with its developer : Marvin Wißfeld

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone

20 Likes

Hi,
I really like what microG is trying to achieve and I really hope its goals will be reached in time.
For now, two key function I would like to use but it seems that they are nőt fully functional át the moment:

The first is paid app functionality: now in the latest version it is now possible to download paid apps, but because most of the tries to verify their license and check purchase and fail to do so they will not function.
I have reád somewhere that this functionality is being developed.

The second is Google safetynet emulation(?) só we can use mire secure apps like banking apps.

If this two goals are reached, microG will be invaluable for many users.

I wish all the best of to the microG team!
(and naturally all /e/ project members!

Tamas

1 Like

Good on linking the microG implementation status table even in a high-level overview! It can’t be linked often enough. I look forward to the day when App developers will test against microG and give it a “compatible” label :slight_smile:

A user asked once for a non-text introduction to microG in this forum, youtube offers a microG explanation as video that goes into many details of microG

3 Likes

I’m a big fan of Microg and what it does. I do wish there was an option to get Microg free of all Exposure Notification code. I know it can only be activated with a compatible app, but for me it would be better if there was nothing there to activate in the first place.

I expect /e/ to do this by default. If I check Settings > System > microg > scroll to foot the installed version is noen – unless you install exposure notifications.

2 Likes

As a matter of interest why would it be better in your opinion?

Without the possibility of activating it, users (including me) would not have been able to use our official contact tracing app. I would have needed to install a different custom ROM. I did for a while until the EN Framework got included in /e/'s fork (before they took it out again).

Mostly I think it’s a privacy nightmare. I would like the option to choose a Microg without Exposure Notifications. I live in Florida, USA where contact tracing is very frowned upon. I understand Europe is required to have it and I would just like it if there were two options of Microg to choose from, depending on your individual needs.

An interesting opinion. I’ve seen no evidence to that effect and, from what I understand about how it works, I think it’s wrong. but it takes all sorts…

But /e/ are already doing that for you - there already two options. The version you get by default (i.e. what ships in the EOS ROMs) does not have the EN Framework. If a user wants it, they can install it (via App Lounge) in the MicroG settings page. If they don’t do that then they don’t have the EN Framework, so no “privacy nightmares”.

For EN to work, you have to

  1. Choose to install it
  2. Choose to install an app that uses it
  3. Run that app
  4. When that app asks to allow/enable EN, choose ‘OK’

You seem to be asking for a third option which is a version of eOS / Microg which does not allow users to choose to install EN.

3 Likes

Do you maybe now where you rad that they are developing in-app payments?

No, not in app payments, rather developing the functionality in microG that makes the purchased apps to be able to check their license, verify purchase. (So the non-free app can start up normally) Now I am able to download my purchase apps but I am unable to use rhem.

1 Like

As I don’t need Google Services in any shape or form I have microG disabled by default. I’m more than happy to be off-grid. I’ve recently learned that here in the UK, copper is being turned off for FTTP. This is when I will be ending my Internet. Fibre is £10 pm dearer on lowest package and £1 more per month for digital phone. As energy prices are expected to exceed £4000 per year next year, ending internet connection, 2 streaming services, PSN subscription and closing my Vimeo account will equate to saving almost £800 per year. Then I will wear one of my offspring’s T-shirts that reads “I don’t need the internet, the internet needs me”.

5 Likes

Well just looked at microG backend and some settings are not able to be turned off. At this rate considering becoming a Luddite and saving even more money!

Which microG backend are you referring to? All location backends can be turned off if you don’t need them. The Google Services options can also all be toggled off. What else is left other than permissions?

I’m talking about Self-check which shows Play Services activated plus others. If I remove microG completely will it screw up the phone?

Oh I see.
The self check shows if all the bits and pieces that microG needs to function properly are present and accounted for. It does not show or say that Play Services are activated, that section is as it says, “Installed packages”.

Play Services (GmsCore) = the main microG app.
Play Store (Phonesky) = FakeStore (in our case) or the real Play Store if present.

As far as removing, I can’t say. It can be disabled though. You could try that and see how things are. Hmm, yeah I don’t think it will hurt anything as it is not a necessary ROM component.
In a number of cases I will setup a ROM without microG and all is good. Don’t really run any apps that require it.
I will, however, have the standalone UnifiedNlp so I can use location backends (UNlp is also a part of microG).

Oh @swarfendor437 I was just reminded of this old thread (via Matrix group/channel)…

If you have TWRP on your device, removal is fairly straightforward.

Hi folks! I’m late to this blog post but since I started using /e/OS a few months ago, I noticed that Google Maps doesn’t really fully work. I get a notification saying “you need to update Google Play Services” and then places details or navigation doesn’t open. Should I open an issue about this?

I’d really like to break free from Google but GMaps is pretty much irreplaceable at the moment (trying a combination of CityMapper for public transport + Organic Maps for places + Waze for car navigation, but I still get only 75 % of the functionality).

2 Likes

You might want to have a look at GMaps WV … GMaps WV | F-Droid - Free and Open Source Android App Repository … which wraps the Google Maps website in an App, and since it wasn’t mentioned: OsmAnd~ (same as OsmAnd+, but cost-free) … OsmAnd~ | F-Droid - Free and Open Source Android App Repository

This can always happen on degoogled OSes without the genuine Google Apps and services. Sometimes there will be a quick fix, sometimes not.

3 Likes