microG - What you need to know, A conversation with its developer : Marvin Wißfeld

Terrific interview. Clear, concise and informative. After reading the piece I couldn’t have asked for a more clear understanding of how MicroG works. Danka Marvin und merci to the /e/ team.


The reason behind the article was to help users understand how microG works and also give users a chance to meet the man behind its development Marvin Wißfeld.
As you may have noticed there is not much on the topic of microG and even less on Marvin on the net.
At /e/ we are indeed honored to officially support the development activities on microG and have Marvin assist us as a consultant in our microG implementation.
Now to the all important question of when is this implementation rolling out.
As you may be aware we are testing the builds and OTA’s on our servers. We expect to resume normal build cycles and this implementation to roll out by mid of November or next week.


Zerobase.io is a privacy based contact tracing app.

Thank you.
There is one more question for people like me who were forced to leave /e/ due to the missing Exposure Notification: is there a way to transfer stored keys from our current installation (LOS, stock or whatever) to a device with /e/ if we were willing to switch back to /e/? I guess the developer of microG would be the person who could answer this question best. :wink:

I like to know more about this, Since personal not anonymous push data is going through Google servers and your phone has to be adressed, so could be easy to link your “anonymous” id to you. Im also interested what kind of data exactly is send to and from Google servers.


Let me check on this and get back


Thanks a lot, very appreciated!

It is important to note that as long as you are not signed into a Google account with microG, these server connections remain anonymous.

Double up-vote for andrelam’s post. This is the heart of the issue and without more detail I have to say that on this particular topic i have not been presented with evidence that server connections remain anonymous.

Specifically what information is being sent to Google’s servers? GPS info? Phone ID info? AFAIK the only way to prevent Google from IDing you is if the request goes through an anonymous proxy or VPN and what information is sent cannot be joined by other information to statisitically unmask you . Obviously, therwise, they have your IP address and it’s game over given that same IP address is associated with your paid Netflix account / Hulu accout / non-anonymous-activity-of-your-choice.

This is not to knock microG in any way ! It’s a hard problem !!! But to confirm that microG is not de-anonymizing anyone’s phone in this one use case- connecting to Google’s actual servers- the dev would have to show that:

  1. no information which can be used by any known statisitical method to ID you is being sent to Google and

  2. any information which is sent is sent via an anonymizing VPN shared by everyone or else or assigned randomly.

That’s a tall order, I agree. I would love to see these specific issues taken up and addressed directly.

1 Like

I think you are in the wrong topic :thinking:

1 Like

Expect a response from Marvin on the way to transfer stored keys by Thursday


Apologies:( Misinterpreted @davidgrand’s post. I have withdrawn my post

I missed it :frowning: Was I involved in a brouhaha of some sort ? Nothing ever happens to me, and the one time it does, I miss it and then… it turns out to be just a misunderstanding !


:joy: It was about the COVID implementation, @petefoth misinterpeted nothing spectacular. Some day you won’t miss the good stuff :grinning:

The Canadian COVID Alert app uses the Exposure Notifications API and claims not to know your location. But for some reason it requires location to be enabled in order to work. Does anyone know why?

Bluetooth scanning is only allowed if location access is granted up to Android 10 (your location could be determined by using BT beacons).

Longer, official answer: https://support.google.com/android/answer/9930236?hl=en


In Android BT and location are stupidly somehow coupled, but that doesn’t necessarily mean that the app has access to location. At least for the German App you can check permissions and see that the app itself doesn’t even ask for access to location. I guess that you can find something similar for the Canadian one, too.

@Ingo_FP_Angel gave a more precise answer even faster :wink:

Perfect, thanks @Ingo_FP_Angel and @dalas.revo!

Hi @Manoj, is there any news on this topic?

I have asked that somewhere before. How unique is the device identification? Is it really attached to the device or is an ID generated that changes when a newly installed MicroG is started for the first time? I have never found anything in the documentation about this either.

@Manoj Does Marvin have an account here in the forum?