I wouldn't necessarily say that someone with that threat model shouldn't be using Play services but by using an OS including Play they're using an OS with highly trusted core components built and shipped by Google via the Play Store.
Conversation
Is a "privileged" install/flash of Play Services using OpenGApps different from a stock ROM that ships Play Services (with respect to system permissions)?
1
As part of installing it, they need to add all the privileged permissions and whitelisting in order for it to work properly. They make an attempt to do it. It's not meant to be any less trusted. Play services is only designed to run as a privileged app with a ton of power.
1
1
1
In my opinion, the ideal solution to all of this is for governments to require that Google makes Play services available as a regular app functioning without privileged permissions. Most of all the functionality could work. Backups, etc. wouldn't and it'd have more UX friction.
1
1
3
No automatic app updates, needing to prompt users to install or remove apps, needing to ask for a battery optimization exception, needing to run a foreground service, etc. Of course, every service provider has all these restrictions unless an OEM bundles their stuff in the OS.
1
1
2
This Tweet was deleted by the Tweet author. Learn more
Neither of those things requires / involves root access when done properly. Backup services need to be built into the OS for important security reasons. However, it's entirely possible to have a generic encrypted backup service supporting any sync service via SAF, etc.
1
This Tweet was deleted by the Tweet author. Learn more
GrapheneOS still maintains the OS security model including the application security model. It has nothing to do with what you claim.
Don't need to be have it explained why you think things are designed the way they are as someone deeply involved in implementing these things.
1
This Tweet was deleted by the Tweet author. Learn more
If you strongly disagree with it then it's hard to see how you can respect my work when nearly all of it is built around that OS and application security model. There's not much point in it if that's not there as the baseline holding it all together.
There's no real point of deploying any of the kind of research / engineering work that I do for something like a traditional desktop Linux distribution. It's nowhere close to the lowest hanging fruit and wouldn't be until that kind of security model was put in place for it.
This Tweet was deleted by the Tweet author. Learn more
I'm not making any personal attacks. You're here making ignorant claims, disparaging my work and misrepresenting things. GrapheneOS doesn't have misguided incentives behind enforcing the extremely valuable application security model and sandbox in the production (user) builds.
1
Show replies