There are prerequisites to what that commenter suggests. You have to have the phone rooted and unlocked, and Google allowed all the permissions, something which can be dealt with using the AppOps mechanism (the real AOSP permission system beneath the GUI). It is not possible for any package to do whatever it wants, if the internal app permissions have been neutered. Evidence to the contrary, or real life example capable of being replicated, simply does not exist to date.
How does it crash? I neutered its permissions long before ProtonAOSP/GrapheneOS made “sandboxed play services” concept known to privacy community. SafetyNet apps work ideally for me, and the only data that Google can siphon off of me is the IP address and the CTS attestation keys for GMS certification verification purpose. Normally, GMS takes location, sensor data, storage/installed apps scanning and dozens of other metrics every 7 minutes.
This can be done on any Android, regardless of root or bootloader unlock status, post Nougat 7.0 version. You use Shizuku from F-Droid (requires root or USB debugging via PC), and install from the same developer’s website AppOps. You can manipulate any and all permissions for both main and work profile apps. This is the AppOps core mechanism of AOSP that supersedes the permissions GUI that people normally use.
There is a weaker option via ADB with AppOpsX, but I prefer the superior Shizuku method for additional work profile control.
A little bonus. What I want you to try is with AppOps, you remove the camera permission from your camera app, and then from the normal permission GUI (yes/no buttons), turn on camera permission. Turn on camera app. It will be funny.
Of course, reverse it from AppOps again.
A little note on the GMS part in previous comment – you need to keep internet on for Play Services and Google Services Framework packages, in order for Safetynet apps to work, if you use such apps.
Nothing happened, permission resets itself and in AppOps, the camera just worked fine :)
Yes. I didn’t disable the internet for services, SafetyNet goes through without a problem. Thank you for this information, it is invaluable to me. Now I will be able to use GApps again instead of microG without losing functionality and staying private ❤️
It has never been observed that Google is creating new users automatically without any kind of sophisticated user confirmations. There is only an “Admin” user for Find My Device, for example.
Privacy is not that hard until a point unless you are a serious activist or journalist, in which case things can become inconvenient. Android is very deterministic, its just that some people and devs in privacy community want to thrive from the unnecessary confusion and drama circus they create and fuel. I have documented the past 5 years of privacy community to mostly destroy that kind of nonsense, with a decent amount of success, and am doing that here too.
There are prerequisites to what that commenter suggests. You have to have the phone rooted and unlocked, and Google allowed all the permissions, something which can be dealt with using the AppOps mechanism (the real AOSP permission system beneath the GUI). It is not possible for any package to do whatever it wants, if the internal app permissions have been neutered. Evidence to the contrary, or real life example capable of being replicated, simply does not exist to date.
The problem is that GServices can’t work without these permissions, they crash. So the phone becomes mostly pointless.
How does it crash? I neutered its permissions long before ProtonAOSP/GrapheneOS made “sandboxed play services” concept known to privacy community. SafetyNet apps work ideally for me, and the only data that Google can siphon off of me is the IP address and the CTS attestation keys for GMS certification verification purpose. Normally, GMS takes location, sensor data, storage/installed apps scanning and dozens of other metrics every 7 minutes.
sorry, what’s the way to do it? manually editing config files? or some app? App Manager from GitHub f.e. can’t do it.
This can be done on any Android, regardless of root or bootloader unlock status, post Nougat 7.0 version. You use Shizuku from F-Droid (requires root or USB debugging via PC), and install from the same developer’s website AppOps. You can manipulate any and all permissions for both main and work profile apps. This is the AppOps core mechanism of AOSP that supersedes the permissions GUI that people normally use.
There is a weaker option via ADB with AppOpsX, but I prefer the superior Shizuku method for additional work profile control.
Thank you so much. i tried it, all permissions were indeed revoked. checked on the camera app - it works. THANK YOU!!!
A little bonus. What I want you to try is with AppOps, you remove the camera permission from your camera app, and then from the normal permission GUI (yes/no buttons), turn on camera permission. Turn on camera app. It will be funny.
Of course, reverse it from AppOps again.
A little note on the GMS part in previous comment – you need to keep internet on for Play Services and Google Services Framework packages, in order for Safetynet apps to work, if you use such apps.
Nothing happened, permission resets itself and in AppOps, the camera just worked fine :)
Yes. I didn’t disable the internet for services, SafetyNet goes through without a problem. Thank you for this information, it is invaluable to me. Now I will be able to use GApps again instead of microG without losing functionality and staying private ❤️
But I’m wondering if gapps doesn’t make any changes to the system itself, maybe it creates new users to bypass broken permissions).
New users can be enlisted with the ADB command
adb shell pm list usersIt has never been observed that Google is creating new users automatically without any kind of sophisticated user confirmations. There is only an “Admin” user for Find My Device, for example.
Privacy is not that hard until a point unless you are a serious activist or journalist, in which case things can become inconvenient. Android is very deterministic, its just that some people and devs in privacy community want to thrive from the unnecessary confusion and drama circus they create and fuel. I have documented the past 5 years of privacy community to mostly destroy that kind of nonsense, with a decent amount of success, and am doing that here too.