Is it possible to replace official embedded microg with my custom build of microg?

this issue is related to https://github.com/microg/GmsCore/issues/1939
microg embed as privileged app the google/Apple “exposure notification” API, which is a privacy and security flaw.
such tracker don’t require privilege level and enforcing it at system level is as problematic as Analytics due to the fact it collect user data (even in encrypted form, as long as you know the format of data and you have sufficient data collected, cryptography is weak against such attack)

microg chosen to follow google terrorism and enforce it upon user that install it, when for exemple they were more pro-active upon freedom with NLP design allowing the user to select the NLP provider they want (and even use fully local NLP)

the “exposure notification” is a feature that was in the paper “region based” but enforced even on region that don’t support this, this enforcement is first suspicious key

second suspicious key is the fact the enforced it at system level, when other, as effective, solutions were done at user level

system level enforcement is problematic, because in android, system has even more rights that the human user, unless you rooted the phone, the system is the full master of the phone. This create a security flaw, and even if the source can be carefully reviewed there is still security exploit that can arise.

google and apple promised they will sunset the technology when THEY decided it’s no more needed, it’s more than a year that this technology is no more required, neither widely used, and most “contact exposure trackers system” are now closed, but THEY decide it will be still there, same for microg team

exposure notification has some obvious flaw like “reverse tracking” as noted by the electronic fundation, which is the most obvious attack, but, at a time where even whatsapp metadata is sold billions dollars, when it only contain the “who you contacted” information, imagine what it could be done with “who you were nearby info”, anomysation is a lie, european RGPD only constrain personal information aggreement, access and deletion if the personal information if not anomimazed, the issue is that there is no need to actually know your real name, an ID is sufficient, you’re “HUMAN#118265902” and if any software piece know you as such, your real name is no importance, and the bluetooth mac “randomization” and “daily keys creation” isn’t sufficient to warrant no tracking possibility, a day of data collection (when 15 min of wifi data collection is sufficient to break the key) is far enough to make the use of crypto “candy sugar” and even can have the reverse effect because of the change of bluetooth mac, which can be correlated with RSSI information to identify with good probality what device changed it’s mac, then create a “before MAC, after MAC, crypted message” database and then use a device that have google localisation services activated to gather the remaining “GPS precise localisation” information that is missing to have as good as a 10 year old GPS localisation precision…

as I said, if google/apple/huawei didn’t enforced it at system level, and that the user have the right to install it and remove it when they feel they don’t need it, it is user choice. because they enforced it and are sole master of what they do with it is even more suspicious. AND because they remain the “only one check point” they have all the information to go back to the original information… even if microg team don’t provide to google/apple/huawei all the information, the fact they comply with the beacon sending allow other google/apple/huawei to report information about us.

as long as data is collected, even if in “theory” they says it remain on user device (and in theory they said whatsapp won’t sell metadata, they said microsoft don’t harvest personnal information, and google said they don’t read your mails) you can’t be sure, and all phone embedding the technology might act as a spy without knowing it, which is problematic.

microg is a bit more secure than google apps which are closed source, but for me, this api is no more needed, has too much privileges and I don’t want to “maybe” become a “gogol spy bot”… so I just don’t want it installed, even if I can desactivate it, as long as the code is there, it can be activated.
neither I want to promote the technology, as I said, enforcing upon people is by nature problematic

microg team don’t want to make it optional and then want to enforce it upon us (and more, want to keep it active “just in case” it might be usefull in future) which is same as google/apple policy. Such behavior is cracking my trust, hopefully the code is opensource and I can fork it and remove this part.

so my question : if I fork the project, remove all the related code (or build my version of microg without support of this, as it might be possible to do so) and build my own version, will I be able to overwrite the version installed by default?

thanks and regards

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services

The Exposure Notifications API isn’t installed by default, /e/OS comes with a microG version without it (and OS updates will restore this version).

Users who want the Exposure Notifications API in /e/OS have to install the corresponding microG version including it themselves … https://doc.e.foundation/support-topics/micro-g#steps-to-install-exposure-notifications-api-on-eos

Replacing the preinstalled microG comes up from time to time here, but I didn’t follow this thoroughly enough to give an answer, perhaps there’s something here … Is possible to upgrade microg? … or in the forum search.

OOHHHH! SO NICE!!! will save me LOOOOOT of time!!! ok, I will definitly give a try at /e/os!!!

Much of that post seem to be based on a misunderstanding of what the EN framework does and how it does what it does. I won’t try and answer every point and error but the following points should be made clear

• EN framework does not “collect” any “user data”
• for the EN framework to do anything at all the user must choose
  1. to install a Covid tracking app which uses the EN framework AND
  2. to agree to enabling Exposure Notifications when asked on first use of such an app
• Apps using the EN Framework work by
  1. collecting anonymous tokens from devices which are also running such an app and which your device has been close to for a period of time. The tokens on a device have a limited lifespan, and are changed at regular intervals;
  2. optionally (i.e. if user chooses to do so) connecting to a server (not owned or operated by Apple or Google) to report a positive Covid test or diagnosis, and giving the server the token from the device. This (i.e. the token associated with the device) is the only data recorded by the server
  3. optionally (i.e the user chooses to do so) connecting to a server , and asking if any of the collected tokens have reported a positive Covid test

As mentioned above, /e/OS spent (wasted) a significant amount of developer effort to make a version on MicroG without the EN Framework (and fixing the bugs that they introduced or created, particularly in the code which installed the EN Framework when requested).

/e/ did this largely in response to ill-informed, paranoid responses (in the forums and elsewhere) to the introduction of the EN Framework, and erroneous claims about how it functioned. Most of those reactions were based on a similar level of misunderstanding or ignorance of how the framework works as is displayed in the original post in this thread. Most of these posts were wrong: they were refuted at the time, and they need to be refuted whenever they recur.

Read this one already?

Vanced MicroG
This fork optimizes MicroG so that it can be used by applications that require Google authentication and, - MicroG no longer necessarily has to be a system application.

Removed all permissions which are not required for Google authentication.

Vanced MicroG works exclusively with Vanced Apps. However, I want to show with these lines what is possible if the will and the know-how is available.

ok user “f699dec2a6d780fc8da43509250ccabe3f6245991ae6d46084e652a002ab890d” (I created a special anomized ID to send encrypted with a special daily PGP key just created for you, and TRUST ME I deleted the private key, so I can’t go back to your personal identification! you’re PERFECTLY anonimized! Trust me, it’s writen in the CLUFF, I won’t collect it, won’t sell it and won’t use it to track you! I assure I’m perfectly honest and trustful!

• EN Framework does not “collect” any “user data” : in 3rd point paragraph 1 : you says collecting anonymous tokens (such as one I created before, anonymous token is only possible if provided by you and created in a way the software that use it don’t know how it was created, in case of EN, google create it for you with algorithm known by google only, the anonymous token is no secret to it’s creator). Any programmer would have notice the token I created is a SHA256 hash, ok in theory they can’t go back to the content used for the hash, UNLESS you know what the content is built, since the code is proprietary, only ME (replace me by google) knows I used your name and forename of your profile to create it. So now it’s easy when I see f699dec2a6d780fc8da43509250ccabe3f6245991ae6d46084e652a002ab890d, I just have to look into my database “user-hash” to go back to the original name, and since google knows everything of a google apps running phone, they have the information, this means they collected the data by other ways. For outsiders that don’t have the google information, breaking the anonymity is difficult (but not impossible) but for google, it’s easy

point 2.1 and 2.2 : are you sure? beside the fact you trust google, do you have any proof the 2.2 isn’t just a decoy? without source code, you can’t, the function can be activated without notice because the app is a system app, which means it can run without having to the system notify or log a bluetooth access… this is how google built his huge database of celltowers and wifi to create the “google localisation” : for many years, the gps was activated in background, without the user notified about GPS activation, same for wifi, and google recorded in the back of all android user the wifi and celltower information. So yes, you BELIEVE it’s not activated, but you have no proof of it. MORE, since it’s a system app, it has superpowers like “hide me” “don’t log me” “disable this or that” and “communicate in secret with other system app”

this comes to 3.2 and 3.3 points : ARE YOU SURE? beside what google said to you? as a closed source system app, I can communicate with another system app, of course closed source such as… google sync… I don’t need a “share with” popup or the like, because I’M SUPER PRIVILEGED system app, you, user is just my slave, you must obey me and don’t have to know what i’m doing… again, you’re speaking only knowing the marketing information google said, not the code

“ok then, since we are using microg we’re safe!” you’ll says. of course not, because you’ve tens of spies around you, that can transmit the information to google, since google don’t find it’s information, it has to look who implemented the protocol : Apple, huawei, microg. he surely made an agreement with apple, since it’s fair as co-creator to share some tips… finding how huawei create it’s id is just a matter of time and some good hackers. and microg? just have to look at the code… so you’re not safe…

“yes but the data is encrypted with my secret key” the same data or data with a known structure, encrypted several times and recorded several time is just useless. because you know what you’re looking for you reduce the possibilities

As mentioned above, /e/OS spent (wasted) a significant amount of developer effort to make a version on MicroG without the EN Framework (and fixing the bugs that they introduced or created, particularly in the code which installed the EN Framework when requested).

OMG! this was worst that I was thinking this means that the code of EN was used in other parts of microG… this is one of the things I was fearing, that some code could be activated by other microg components thus having the EN framework run or partialy run when accessing other API…

" /e/OS spent (wasted) a significant amount of developer effort"

no, contrary to you, /e/os developper are clever, and have pro-privacy thinking : “if I were google, and want to take advantage of the situation what will I do?”, you? you’re just a kind people that trust what someone tell to him (by the way, send me a private message, I’ll give you a bank account were you can send half of your bank account money, trust me, it’s for saving poor childs that don’t have access to drinkable water) google said it won’t collect data, and you trust them??? you’re just abused because you believe this could be usefull, that’s why it’s said that hell is paved of good will… people like you believe google and apple done this to save lives, when they done it mostly because this was a good opportunity to increase data collection with people like you saying “it’s for our own good, it’s for saving lives”… they could have been less suspicious if the app was opensource, user space and not system space… doing so will have shown they are really doing it to help people. they instead closed the sources, made it super privileged system app, and forced everyone to install it…

you’re just credulous
the only argument you opposed is not technical, it’s just “they said they won’t do it”

the fact that the app is a system app put the probality of some data harvesting to 80%, because system app can bypass all permission casted upon user space app, they can communicate in ways that isn’t detectable because they have no restriction accessing others system app, it’s then easy to hide the information in another encrypted stream and send it unnoticeable, and in that case, un-decryptable because merged with other random data…

so, sorry, you’re just credulous… and worst, you have no programming and security knowledge, and you’re oppening your mouth to refute things you don’t even know about…

just basic knowledge about security :

• a stronghold is safe from outsider attack but weak to insider foes, you can encrypt all the communication data with the best encryption, if the one that receive the data is a spy, your secret is no more. in other terms : yes the EN protocol is safe, can you says the same about the EN clients? when you don’t have source code and only “trust me I won’t collect your data”?
• the more you collect data, the weaker is the protection : encryption works well as long as the encrypted data isn’t predictible, if you encrypt VCF cards for exemple, the structure is known, the cryptography will be easy break because you know what you’re looking for
• cryptography is specialy weak when used on small data such an ID, that’s why most serious crypto app does pad with random data the message, to make it big enough to resist to deciphering… so basically the encryption of EN is just sugar candy, you can with enough cpu power (and guess what? google have lot of wasted cpu power…) break it, and retrieve the ID…
• if you’re in a stronghold with tousand of spies, you’ve no secret to the enemy.

Thank you for pointing this out and for your well thought-out and evidenced posts. Clearly you know everything, and I know nothing

Goodbye. Enjoy your life

nice! this is a good news also! nice to see that there are clever people that managed to remove it to be a system app!

Does it have to come to this?

For someone who has just joined this forum, I don’t think this is the best solution for dialogue.

Have a nice day

Just the usual demeanor of the main target audience of the no-EN microG version, as observed before .

Pl keep the language on this forum civil and be respectful of others. Read the forum FAQ in case of doubt.

the title of which is
is it possible to deactivate completly some feature like “Exposure Notifications” #1939

I am not sure why are you raising this here. This is just what /e/ delivers.

Screenshot_20230602-105731_microG_Services_Core709×288 11 KB

Where (no-en) is No Exposure Notifications.

because my privacy and my real life is threaten by people like this that spread inaccurate information to fool other user and make them think it’s perfectly secure solution and have it installed.

because “As mentioned above, /e/OS spent (wasted) a significant amount of developer effort to make a version” is just disrespectful toward the /e/OS developers that spent their time (if nobody was concerned and false assumptions, nobody will), I’m, instead, really grateful toward theses dev

I could be disrespectful toward microg dev saying they wasted a significant amount of developer effort implementing the EN framework when other essential component are missing. I won’t, they believe it was worth the effort, it’s their rights. I just regret that they didn’t made it optional and let the user choose, and also regret they chosen to enforce it at system level. And I’m glad to them they implemented microg project, that open the opportunity of a phone without google spying apps.

because " Most of these posts were wrong: they were refuted at the time, and they need to be refuted whenever they recur." : there is nothing wrong in the use case described, it is perfectly possible, there is nothing in the way the EN framework is implemented that prevent it…

because “ll-informed, paranoid responses” when it’s not paranoid, it’s just look at the past and how Apple/Google/Facebook/… claimed to be trustful and abused user, I’m not paranoid, I just look at the reality. Cheater once, Cheater always! and not ill-informed, I know how the framework works, I also passed years documented about cryptography to know how to properly use it for my privacy… that’s disrespectful

because it’s how millions of people got discrimated because they have concerns about their private life and the right to choose what is best for them… repeating again and again that the issue don’t exist don’t prevent it to exist. and using the argument it is “perfectly safe” to justify discrimination.

because it’s promote a privacy threat technology, as I said, even if the user use microg EN solution, which I assume to be privacy friendly, the data leak is perfectly possible using all regular android/iphone spy bots due to the beacon design of the framework.

people like this spread false feeling of “it’s safe” and are disrespectful toward people that don’t want it after careful documentation read and thinking about how it could be exploited. his post was just “what he believe” and enforced to be the truth
I perfectly understand what EN framework does and how it should do the things, and his reply was full of assumption and belief presented as the truth. especially enforcing “if the user choose to” when the fact there was “significant amount of developer effort” shows that the code was not so separated as it should be and can be run without user consent and same can be with google/apple code unless it can be reviewed.

the answer was disrespectful and out of topic, I just forced a little bit (I admit) the traits, pointing out that it was just assumptions and beliefs without any proof and presented as reality. so, if he wants to play fact checkers, not in my threads.

I’m thankful to @AnotherElk and @anon29344687 that provided accurate and useful answers, that convinced me to install /e/os because I feel that the /e/os developers are really concerned about privacy.

have a nice day too,

For devices I don’t use /e/OS, but which support signature spoofing, even AOSP 13 (Android 13) custom ROMs, I don’t use the original MicroG but rather

in different versions. All versions of have the advantage - they can be uninstalled even while running.

This topic was automatically closed after 10 days. New replies are no longer allowed.