These sure look like Google servers? You think microG just defines them and then magics them away?
import java.util.Random;
import java.util.TimeZone;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
public class CheckinClient {
private static final String TAG = "GmsCheckinClient";
private static final Object TODO = null; // TODO
private static final List<String> TODO_LIST_STRING = new ArrayList<>(); // TODO
private static final List<CheckinRequest.Checkin.Statistic> TODO_LIST_CHECKIN = new ArrayList<>(); // TODO
private static final String SERVICE_URL = "https://android.clients.google.com/checkin";
public static CheckinResponse request(CheckinRequest request) throws IOException {
HttpURLConnection connection = (HttpURLConnection) new URL(SERVICE_URL).openConnection();
connection.setRequestMethod("POST");
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setRequestProperty("Content-type", "application/x-protobuffer");
connection.setRequestProperty("Content-Encoding", "gzip");
connection.setRequestProperty("Accept-Encoding", "gzip");
connection.setRequestProperty("User-Agent", "Android-Checkin/2.0 (vbox86p JLS36G); gzip");
public String attest(String apiKey) throws IOException {
if (payload == null) {
throw new IllegalStateException("missing payload");
}
return attest(new AttestRequest.Builder().safetyNetData(ByteString.of(payload)).droidGuardResult(droidGuardResult).build(), apiKey).result;
}
private AttestResponse attest(AttestRequest request, String apiKey) throws IOException {
ProfileManager.ensureInitialized(context);
String requestUrl = "https://www.googleapis.com/androidcheck/v1/attestations/attest?alt=PROTO&key=" + apiKey;
HttpURLConnection connection = (HttpURLConnection) new URL(requestUrl).openConnection();
connection.setRequestMethod("POST");
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setRequestProperty("content-type", "application/x-protobuf");
connection.setRequestProperty("Accept-Encoding", "gzip");
connection.setRequestProperty("X-Android-Package", packageName);
connection.setRequestProperty("X-Android-Cert", PackageUtils.firstSignatureDigest(context, packageName));
connection.setRequestProperty("User-Agent", "SafetyNet/" + Constants.GMS_VERSION_CODE + " (" + Build.DEVICE + " " + Build.ID + "); gzip");
import org.microg.gms.common.Utils;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.URL;
import java.net.URLConnection;
public class PeopleManager {
private static final String TAG = "GmsPeopleManager";
public static final String USERINFO_SCOPE = "oauth2:https://www.googleapis.com/auth/userinfo.profile";
public static final String USERINFO_URL = "https://www.googleapis.com/oauth2/v1/userinfo";
public static final String REGEX_SEARCH_USER_PHOTO = "https?\\:\\/\\/lh([0-9]*)\\.googleusercontent\\.com/";
public static File getOwnerAvatarFile(Context context, String accountName, boolean network) {
DatabaseHelper databaseHelper = new DatabaseHelper(context);
Cursor cursor = databaseHelper.getOwner(accountName);
String url = null;
if (cursor.moveToNext()) {
int idx = cursor.getColumnIndex("avatar");
if (idx >= 0 && !cursor.isNull(idx)) url = cursor.getString(idx);
import java.nio.charset.Charset
import kotlin.coroutines.resume
import kotlin.coroutines.resumeWithException
import kotlin.coroutines.suspendCoroutine
private const val TAG = "GmsFirebaseAuthClient"
class IdentityToolkitClient(context: Context, private val apiKey: String) {
private val queue = Volley.newRequestQueue(context)
private fun buildRelyingPartyUrl(method: String) = "https://www.googleapis.com/identitytoolkit/v3/relyingparty/$method?key=$apiKey"
private fun buildStsUrl(method: String) = "https://securetoken.googleapis.com/v1/$method?key=$apiKey"
private suspend fun request(method: String, data: JSONObject): JSONObject = suspendCoroutine { continuation ->
queue.add(JsonObjectRequest(POST, buildRelyingPartyUrl(method), data, {
continuation.resume(it)
}, {
Log.d(TAG, String(it.networkResponse.data))
continuation.resumeWithException(RuntimeException(it))
}))
}
}
val loader = DexClassLoader(getTheApkFile(vmKey).absolutePath, getOptDir(vmKey).absolutePath, null, context.classLoader)
val clazz = loader.loadClass(CLASS_NAME)
classMap[vmKey] = clazz
return clazz
}
}
companion object {
const val CLASS_NAME = "com.google.ccc.abuse.droidguard.DroidGuard"
const val SERVER_URL = "https://www.googleapis.com/androidantiabuse/v1/x/create?alt=PROTO&key=AIzaSyBofcZsgLSS7BOnBjZPEkk4rYwzOIz-lTI"
const val CACHE_FOLDER_NAME = "cache_dg"
val PROD_CERT_HASH = byteArrayOf(61, 122, 18, 35, 1, -102, -93, -99, -98, -96, -29, 67, 106, -73, -64, -119, 107, -5, 79, -74, 121, -12, -34, 95, -25, -62, 63, 50, 108, -113, -103, 74)
}
}
.getString(GcmConstants.EXTRA_REGISTRATION_ID)
val request = DeviceKeyRequest(
droidGuardResult = droidGuardResult,
androidId = lastCheckinInfo.androidId,
sessionId = sessionId,
versionInfo = DeviceKeyRequest.VersionInfo(Build.VERSION.SDK_INT, BuildConfig.VERSION_CODE),
token = token
)
Log.d(TAG, "Request: ${request.toString().chunked(128).joinToString("\n")}")
val deferredResponse = CompletableDeferred<ByteArray?>()
queue.add(object : Request<ByteArray?>(Method.POST, "https://android.googleapis.com/auth/devicekey", null) {
override fun getBody(): ByteArray = request.encode()
override fun getBodyContentType(): String = "application/octet-stream"
override fun parseNetworkResponse(response: NetworkResponse): Response<ByteArray?> {
return if (response.statusCode == 200) {
Response.success(response.data, null)
} else {
Response.success(null, null)
}
maybe that official microG source code isn’t enough? here is the /e/OS fork:
Dave1
March 22, 2023, 11:39pm
22
Whatever apps I allow to ping Google servers for notifications and such have to go through Microg, they can’t go through my gmail address, I don’t have one. If I were to delete Microg and setup a work profile with Google Play Services, I’d have to sign up for gmail, give them my phone number to verify, and get into the Google system. And I can’t prove this, but since Google created both Play Services and Android Profiles, they probably know exactly how to slither into the home profile from the work profile and gather the info and send it all out through the work profile. Unless they’re just an honest corporation.
If I wanted a profile without Microg, I’d just create a work profile, where Microg has to be manually installed by default, otherwise it’s not available. Or vice versa, delete it from home and install it on work. No Google sign up, no phone numbers, no gmail.
I worry about Google spying on me through Microg as much as I worry about them spying on me through Invidious YouTube. I don’t.
4 Likes
Please man, the topic isn’t on DivestOS. If you try to have more user, i think, you need to change your communication.
I kind of see both sides here in the sense that while I don’t worry that much about microg but I can see how some people see it’s problematic having it set up by default cause at the end of the day it is making google connections. However I would also argue if you have a problem with it then I don’t think it would be that bad just to deal with it early on by disabling it or a adb uninstall command or even a root install if you were to have that
Yes, I think that de-activating all microG functions would do the trick for the concerned users. /e/ os configured like this would be much better than a simple lineage os without microg because lineage did not care for things like removing google default dns (! maybe the worst thing for being spied !)
1 Like
tcecyk
March 23, 2023, 3:53pm
26
would put an end to the drama, I looked up where to insert this, up for any takers - microG Google calls: ask for consent during setup? - #2 by tcecyk
2 Likes
Logically, that would mean @anon88181694 wouldn’t seem to be here to please the crowd, wouldn’t it? Would get me thinking.
Everybody is entitled to their own choice on how detailed they want to know what’s really going on on their device.