Ok, let's assume Play Services replace an app on Android11 using this mechanism, and the app hasn't blacklisted its data for backup. The app icon would still disappear from your homescreen and some app settings would probably be reverted. Much more complex than pushing an update.
Conversation
It's definitely more involved but keep in mind a bunch of core OS components are also built by Google now shipped via the Play Store via APEX components (also known as mainline modules or Google Play system update):
1
1
Android with Play is closer and closer to being Google Android instead of an OEM fork where they control everything. Of course, Android exists without Play and the CDD/CTS pass without Play services.
1
1
1
Android with Play is trending towards shipping a Google-built AOSP system image and kernel. I'm sure that's coming in the next couple of years. Mainline modules shipped via Play are already here though and include code loaded into system_server etc.
1
Ok, you've convinced me that if you're worried about backdoors from US state-level attackers, you shouldn't be using Google Play services.
However, there are other reasons why this is bad, for example this one:
1
I wouldn't necessarily say that someone with that threat model shouldn't be using Play services but by using an OS including Play they're using an OS with highly trusted core components built and shipped by Google via the Play Store.
2
1
1
Is a "privileged" install/flash of Play Services using OpenGApps different from a stock ROM that ships Play Services (with respect to system permissions)?
1
As part of installing it, they need to add all the privileged permissions and whitelisting in order for it to work properly. They make an attempt to do it. It's not meant to be any less trusted. Play services is only designed to run as a privileged app with a ton of power.
1
1
1
In my opinion, the ideal solution to all of this is for governments to require that Google makes Play services available as a regular app functioning without privileged permissions. Most of all the functionality could work. Backups, etc. wouldn't and it'd have more UX friction.
1
1
3
No automatic app updates, needing to prompt users to install or remove apps, needing to ask for a battery optimization exception, needing to run a foreground service, etc. Of course, every service provider has all these restrictions unless an OEM bundles their stuff in the OS.
1
1
2
I don't think it's a good situation for operating systems to be bundling a bunch of apps and services especially in a way that privileges them above other services. It's inherently anti-competitive, even if it wasn't Apple or Google doing it with their own OS.
It's similarly anti-competitive when Facebook pays to get their apps/services bundled into the OS made by an OEM particularly if they get them to make them special integration / APIs not available to other services. Dislike it even with small apps / services.
1
1
5
For stuff like backups, it should really just be designed to be service provider agnostic by using the Storage Access Framework, etc. to support arbitrary sync services. AOSP could just provide something like the Seedvault service we ship and let you use any service with that.
1
3
Show replies