You're confused. The Android Open Source Project doesn't have Google apps and services. Google Play Services isn't part of baseline Android. It isn't part of AOSP and isn't part of what's officially required for an OS to be considered Android. It's not the purpose of GrapheneOS.
Conversation
AOSP doesn't have any analytics/telemetry. Chromium analytics/telemetry is gated behind a toggle for submitting usage stats. The same goes for all the other Google services where data is submitted to them. Network connectivity checks and static asset downloads don't have toggles.
2
1
Not sure if I understood your sentence about network connectivity and e.g. DNS, but to add: They are preconfigured to google in AOSP (hardcoded). It can be changed via settings and overlays, however leaves a bad taste.
1
AOSP uses network-provided DNS by default, not Google DNS. It only has Google DNS as a fallback for nearly non-existent networks not providing DNS servers via DHCP. Not sure why that would leave a bad taste since it has to use something and the privacy policy isn't bad.
2
It leaves a bad taste, as AOSP as an open source system shouldn't have one supplier hardcoded, even as a fallback. It means patching the original code to get rid of it. Hence this is stuck in most devices. For me it should be open/configurable.
1
Not sure what this has to do with AOSP being open source, and you misrepresent this as hard-coded. AOSP uses the network-provided or configured DNS servers, not Google DNS. It only uses Google DNS if nothing else is provided. Don't misrepresent it as hard-coded to Google DNS.
1
No code needs to be changed to alter the fallback either. It is a configuration option, not something hard-wired into the code:
github.com/GrapheneOS/pla
Trying to make drama and controversy out of nothing does nothing more than making you look desperate to find an issue with it.
2
First of all please know, that I am not attacking grapheneOS, not you, nor am I trying to make drama and controversy.
My point: If I compile AOSP and put it on my phone, Google DNS and captive portal are the fallback/default. I personally wouldn't like to have that,
2
as it means I need to actively work to get rid of it, by overlay or source code patch. This is why I say it leaves a taste, as this is an opt-out and leaves the work with me if I do not want this. It is not a drama nor a controversy, just opt-out strategy, which I dislike.
1
No source code patch is needed. It is a fallback that's not used in practice so it's unclear why you consider it relevant enough to even have a discussion about it. Incredibly hard to understand why it leaves a bad taste. What do you think the AOSP fallback should be instead?
1
What should the default captive portal URLs be instead? GrapheneOS leaves those with the same values. This is explained in grapheneos.org/faq#default-co. Data is not sent there. It makes an empty HTTP(S) GET request to check if internet access works and trigger captive portals.
Neither of these is a proprietary service. DNS is an open standard. The connectivity check URLs are an open standard: empty HTTP and HTTPS GET requests with an empty 204 response from the server. Go ahead and use connectivitycheck.grapheneos.org/generate_204 instead. It won't give you more privacy.
1
Would you feel better if AOSP used an android.com URL for the default? What difference does it make? What do you think AOSP should use as the default? You say it leaves a bad taste, but you don't provide an alternative, and you are free to change it without building.
1
Show replies