You're confused. The Android Open Source Project doesn't have Google apps and services. Google Play Services isn't part of baseline Android. It isn't part of AOSP and isn't part of what's officially required for an OS to be considered Android. It's not the purpose of GrapheneOS.
Conversation
AOSP doesn't have any analytics/telemetry. Chromium analytics/telemetry is gated behind a toggle for submitting usage stats. The same goes for all the other Google services where data is submitted to them. Network connectivity checks and static asset downloads don't have toggles.
2
1
Not sure if I understood your sentence about network connectivity and e.g. DNS, but to add: They are preconfigured to google in AOSP (hardcoded). It can be changed via settings and overlays, however leaves a bad taste.
1
AOSP uses network-provided DNS by default, not Google DNS. It only has Google DNS as a fallback for nearly non-existent networks not providing DNS servers via DHCP. Not sure why that would leave a bad taste since it has to use something and the privacy policy isn't bad.
2
It leaves a bad taste, as AOSP as an open source system shouldn't have one supplier hardcoded, even as a fallback. It means patching the original code to get rid of it. Hence this is stuck in most devices. For me it should be open/configurable.
1
Not sure what this has to do with AOSP being open source, and you misrepresent this as hard-coded. AOSP uses the network-provided or configured DNS servers, not Google DNS. It only uses Google DNS if nothing else is provided. Don't misrepresent it as hard-coded to Google DNS.
1
No code needs to be changed to alter the fallback either. It is a configuration option, not something hard-wired into the code:
github.com/GrapheneOS/pla
Trying to make drama and controversy out of nothing does nothing more than making you look desperate to find an issue with it.
2
Both AOSP and GrapheneOS use the network-provided DNS. If a VPN is used, the VPN provides DNS. The user can choose the DNS-over-TLS server of their choice instead of using the network-provided DNS. The fallback exists for when there is no other DNS server available / configured.
1
1
In practice, the fallback DNS server is never used, because networks provide DNS servers. It exists to handle the edge case of using a dynamic IP where the network does not provide DNS servers. This is permitted by the standards, but is not something that ever normally occurs.
1
1
If there was no fallback, networking would be broken in an edge case where there are no network-provided or user-provided DNS servers. There has to be a default value to use when nothing else is provided, or that edge case will have a terrible user experience. Easy to understand.
1
1
1
Only totally neutral fallback is a recursive resolver which wouldn't be good for performance or privacy. 3 serious fallback options: Quad9, Cloudflare, Google.
dnsprivacy.org/wiki/display/D
In terms of privacy policy, Cloudflare > Google > Quad9. Cloudflare/Quad9 didn't exist though.
This is extensively documented at grapheneos.org/faq#default-dns already. GrapheneOS does this exactly the same way as AOSP. It uses a different fallback, but that makes no difference in practice. It is the same thing in practice, and it's hard to see how it could be made any better.
1
2
1
It could transparently support DNS-over-HTTPS in addition to DNS-over-TLS, but DNS-over-TLS is a leaner protocol. The only real advantage of DNS-over-HTTPS is using port 443 to work around naive filtering. Could also just do DNS-over-TLS on port 443... why does DoH exist again?
1
This Tweet was deleted by the Tweet author. Learn more
I was talking about the privacy policy. Define better.