Is a "privileged" install/flash of Play Services using OpenGApps different from a stock ROM that ships Play Services (with respect to system permissions)?
Conversation
As part of installing it, they need to add all the privileged permissions and whitelisting in order for it to work properly. They make an attempt to do it. It's not meant to be any less trusted. Play services is only designed to run as a privileged app with a ton of power.
1
1
1
In my opinion, the ideal solution to all of this is for governments to require that Google makes Play services available as a regular app functioning without privileged permissions. Most of all the functionality could work. Backups, etc. wouldn't and it'd have more UX friction.
1
1
3
No automatic app updates, needing to prompt users to install or remove apps, needing to ask for a battery optimization exception, needing to run a foreground service, etc. Of course, every service provider has all these restrictions unless an OEM bundles their stuff in the OS.
1
1
2
This Tweet was deleted by the Tweet author. Learn more
Neither of those things requires / involves root access when done properly. Backup services need to be built into the OS for important security reasons. However, it's entirely possible to have a generic encrypted backup service supporting any sync service via SAF, etc.
1
This Tweet was deleted by the Tweet author. Learn more
GrapheneOS still maintains the OS security model including the application security model. It has nothing to do with what you claim.
Don't need to be have it explained why you think things are designed the way they are as someone deeply involved in implementing these things.
1
If you don't want that security model, nothing stops you from turning on debug mode for an app, signing it with your key and installing it. You don't need to do that to backup and restore data unless the app excludes it from backups. A debug build of either OS or app bypasses it.
1
Google Android isn't iOS. It doesn't stop you from easily installing whatever software you want including modified proprietary apps. It's trivial to change the debugging flag and sign the app with your own key. OS doesn't help them obfuscate their code, etc. in any way either.
1
Their own devices allow you to install another OS with all the functionality working so I'm not really sure what you're getting at. I don't understand the relevance to the thread either. And about F-Droid it's pretty clear why an app isn't allow to install apps without asking.
F-Droid is definitely not an example I would use of something that's safe to give the ability to install / update apps automatically in the background without user consent. It can't even manage to do that without actively breaking and causing disruption like chain killing an app.