Say I have Google Camera installed with network permissions revoked. Say I also install Play Services which does have network access. Would Google Camera be able to share data about my pictures to Play Services which would then phone home to Google?

  • cogitoprinciple@lemmy.world
    link
    fedilink
    arrow-up
    22
    ·
    11 months ago

    I don’t know if Google Camera would share the information with Sandboxed Google Play. However, something to be careful of, is if you have two apps by the same developer (Google in this case), and you have network permissions for only one of them. The developer could share those permissions with their other app. TheHatedOne did a podcast episode on this. He checked with a GrapheneOS developer beforehand, and found, that this is possible.

    • MagneticFusion@lemm.eeOP
      link
      fedilink
      arrow-up
      5
      ·
      11 months ago

      Yea I have heard of that too. Unfortunately I don’t know what other Camera app I would use. Open Camera has a good amount of features but I can’t stand the UI, and the GrapheneOS camera is very bare bones. I have tried some other proprietary camera apps but none of them seem to be as good as Gcam and for obvious reasons.

      • thegreekgeek@midwest.social
        link
        fedilink
        English
        arrow-up
        2
        ·
        11 months ago

        Oh god the ui is so bad. Like what’s so hard about multiple lenses that they can’t have a single zoom slider?

      • cogitoprinciple@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        11 months ago

        Ultimately, it depends on if it is an issue in terms of your threat model. I have noproblems with people using some proprietary tools. Sometimes you do need things to just work, unfortunately.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    11 months ago

    Yes. Apps can consensually trade information. So if play services is connected to the network, it can share information it receives from other apps.

    The only way to isolate an app from communicating is to put it in its own profile either a work profile or a secondary user.

    Simply disabling network access does not prevent the app from talking to other apps that do have network access. You need to be careful based on your threat model

    • TheAnonymouseJoker@lemmy.ml
      link
      fedilink
      arrow-up
      3
      arrow-down
      4
      ·
      11 months ago

      You can also remove permissions other than camera/mic and storage using AppOps mechanism, and cut off internet access with a capable firewall like NetGuard or Invizible Pro if installed on main profile.

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    12
    ·
    11 months ago

    This is why I don’t like Graphene os. Its encourages using proprietary apps that over Foss. With a Foss camera app from F-droid you don’t need play services and the app with do exactly what its meant to do, nothing more.

    • MagneticFusion@lemm.eeOP
      link
      fedilink
      arrow-up
      7
      arrow-down
      1
      ·
      11 months ago

      Tf are you on about? I AM looking for a foss camera option. But it is practically non existent. Besides 2, Open Camera and Libre Camera, both of which have a UI from 2012 and Libre Camera lacks a ton of features.

      And despite that, GrapheneOS comes with its own open source camera, but there is a reason nobody uses it, it has no features just like the other very limited open source camera apps (Open Camera excluded)

        • MagneticFusion@lemm.eeOP
          link
          fedilink
          arrow-up
          2
          ·
          11 months ago

          I checked it out. Has a nice UI but suffers the same fate as the stock GrapheneOS camera. Lacks basic features such as panoramic photos

    • MagneticFusion@lemm.eeOP
      link
      fedilink
      arrow-up
      5
      ·
      11 months ago

      Also to correct you, Google Camera does not need any Play Services installed. The reason I brought up Play Services is because I would need it to be able to get RSC working on Google Messages which I eventually plan on doing once RSC support is added to iOS.

    • Gooey0210@sh.itjust.works
      link
      fedilink
      arrow-up
      8
      arrow-down
      3
      ·
      edit-2
      11 months ago

      There’s gos’ camera already preinstalled, no need to download anything 🫣

      They discourage fdroid because it’s not very secure, until it ever gets better

      There’s the secure Accrescent, but it has almost no apps in it

      (Yeah, but actually you can just use obtainium, this is probably the future)

      • VolunTerry@monero.town
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        1
        ·
        edit-2
        11 months ago

        I’d like to see some evidence that F-Droid is less secure (or privacy respecting) than using the big Gs playstore or services, which many, if not most, playstore apps depend on to function.

        I mean this sincerely and respectfully. I’d love to look onto it.

        Because in my current opinion and approach, if you vet your apps and practice good digital hygiene, then FOSS>GOOGL/Alphabet for nearly everything from a privacy and security perspective.

        Edit: if I misunderstood and you were saying don’t use G playstore or Aurora AND don’t use F-Droid, then may I ask where are you getting your apps, other than directly from the devs page or github and so on?