What Goolag can get on us via GAPPS and how is it really negative?

Today I realized that I need to better understand the benefits of using MicroG instead of GApps. Partly because I want to be able to better explain other people in some simple and obvious way the major benefits of eOS over stock firmware, which can be more or less de-bloated, but not freed of Goolag Services. Help me with this please, guys!

At first: MicroG is NOT GAPPS. GAPPS are gmail, g-Contacts and so on. MicroG is an open source replacement for google play services.

Everything you are doing on a phone leaves traces. And these informations are collected end send to google including your phone data, location and so on. Same doing a lot of trackers.

You remember the big Facebook / Analytica affair ? That’s the best example how google and Co are spying on you.

So the best is, using a phone without ANY google or facebook or app with trackers on your phone. This you can do by only using apps from F-droid.

If you will search the web for: ‘how google is spying on you’ you will find a lot of information. And all these data collections / spying / data mining is going thru g-play.services to google and other apps with google trackers (there are tons more different trackers)

3 Likes

It’s debatable. The Pico package of OpenGApps is still GAPPS.

Much of this is done thanks to the Chrome integration and other Goolag apps, alongside with trackers inside the third-party apps. But right now I’m only curious about GAPPS.

Let’s not spread this conversation on the whole data privacy topic. The question is clear: what is the real privacy benefit of using MicroG instead GAPPS. For the sake of clarity, let’s take OpenGApps Pico package, since the rest I can easily freeze and cut off the network using AFWall+ without break anything.

Once again. We are talking about play services NOT gapps !!!

I thought I was clear. But it seems not :frowning: i think you have seen on some apps, that they are missing google play setvices (gps in short). Most apps using gps for what ever and all this information ard going to google via gps and google uses your personal data with all.app data to create a profile of you.

MicroG is doing the same when.needed, but it removes your personal data. But I think it’s better explained here https://microg.org/

2 Likes

Play Services alongside with some other libraries is the main component of GApps, and I think it is appropriate to mean one thing by another, as a proprietary software from Goolag without which android cann’t provide us with a full experience of modern smartphone:
Google Apps (a.k.a. GApps) are the proprietary Google-branded applications that come pre-installed with most Android devices, such as Google Play Services, Play Store, Gmail, Maps, etc.
“microG GmsCore is a free software reimplementation of Google’s Play Services. […] Acting as a replacement for the non-free (proprietary) Google Apps (GAPPS), it is a powerful tool to reclaim your privacy and freedom while enjoying Android core features.”

Therefore, on the “clean” custom ROMs like LineageOS we should choose between manual installation of NanoDroid (which includes MicroG and its components) or OpenGApps (which includes Play Services and some other crucial stuff) to be able to properly use most of applications developed for android ecosystem. And as far as I can tell, the Google Services (as component of GApps) won’t work without some other basic components of GApps.

You said that third-party applications use Play Services and this way some of our data gets to Goolag. But I want to understand what this data exactly is and how much it really compromises our privacy (in particular). In addition, I also would like to know about the capabilities of Play Services (as the process running on my device) and other non-restrictable components of GApps to call home to Goolag with my sensitive data.

According to what I have discovered here so far, if I take any Pixel or Android One device and then simply don’t use any Play Services-sensitive apps, then it is on the same level of privacy as clean LineageOS, because the rest of the Goolag’s proprietary stuff on it doesn’t pose any privacy threat unless Play Services framework not involved. But that can’t be true!

No, inside the android sources are several google specific sources with which google us collecting your data.
That means, only removing gps is not enough. The source code has also.to be changed (ungoogled). That’s what e.foundation is doing

1 Like

Right. If pure AOSP / Lineage had been clean and with no google calls our life at /e/ would have been much simpler.

1 Like

Here’s an example of what I was looking for:

From Exabyter’s posts on XDA (July 2018)
Lately that seems to take the form of pushing more and more essential services into the Gplay frameworks, and deprecating perfectly working things like GCM in favor of intertwining it with Firebase, which may saddle us with that analytics data vacuum in order to get another essential service, push notifications.

Re: revoking permissions from Gplay frameworks, I feel like Google’s determination to get their hands on data by hook or by crook (eg their ignoring of user preferences to disable various radios and enabling them in the background anyway, to track location and such) means they will quite possibly circumvent these preferences at some point as well.

microG of course is a big help as it either neuters or removes many troublesome anti-privacy vectors. For example, at the present time it does not support Firebase Analytics at all, which means (as far as I can tell) any app that expects to get telemetry on users via Firebase Analytics will not get anything if the app user’s device is Gapps-free and using microG instead. (It remains to be seen if adding Firebase Cloud Messaging capability to microG will negate this presumed benefit. Cynics like myself are inclined to think one of Google’s key objectives in deprecating Google Cloud Messaging and rolling push notification frameworks into Firebase instead was specifically to undermine the ability of users to avoid/circumvent Firebase Analytics)

Firebase Analytics and push-notifications are quite well-known and understandable things, so now I can easily explain to another person how beneficial MicgoG is in this particular case.

good to hear that you have found a usable information.