before steering this discussion into any single specific direction, I would be curious to hear your opinions on this topic in general (i.e. without stating my specific issue yet ;)).
why should I use FP Open, if I need OpenGAPPS for the play store anyway? (And by that let the infamous play services back into my phone…)
Well, at least you’ll have the choice which OpenGAPPS version you want to install.
You do not need the play store. So don’t need Gapps.
I’m happy without GAPPS if open or not. I get apps via F-droid, via Customers site (eg Whatsapp or Threema) and via Raccoon.
hey, thanks for your replies
“which OpenGAPPS” is not really an argument, is it? As soon as you install even Pico, you will have the full google-calling-home package (Play Services) – won’t you? That’s where my original question comes from. The only reason I see to go OSOS is to get rid of google.
(+ easy way to get root – anything else?)
You do need it for Signal for example :\
And if you say you install, e.g. WhatsApp from APK – who is doing the push-service for you? (Fairphone?)
Thanks again – more input is very welcome
ps, also: will you have to do this everytime you update? @freibadschwimmer
Fairphone Open OS has also some advanced features (like root or TWRP).
I don’t know Signal, but I know Whatsapp, Kontalk and Threema. They all do not need the push-service, it is recognized by those apps, that GMS is not present (and therefor no push-service) and so they switch to “poll”. Works good.
Before one can rightfully state that “you do or don’t need the play store” one has to define “you” and “need” and differentiate between “play store” and “play services”.
- “You” can be a person who is used to having all the fancy apps that come from the play store or a person who uses apps that do the same but come from different - less fancy - sources.
- The feeling of “need”-ing a specific app can be caused by not knowing any alternatives that offer the same feature or by being restricted by the environment (peer pressure, workplace, …) to use a specific app.
- Needing the “play store” is only true for apps that you can’t download from anywhere else (nowadays I don’t believe there are any), while “needing play services” means that the app refuses (for no apparent reason) to work if it doesn’t detect play services on the phone. This can usually be circumvented by installing the free microg services. (AFAIK they do integrate some proprietary Google services but do so in a controlled environment so they can’t communicate any personal data to Google’s servers)
That could be microg. If interested check 5.5 in this guide.
hi & thanks for your replies again
good to know, thanks. I wonder how much of a difference this makes for battery life?
@paulakreuzer: yes, definitely agreed. at the moment i have the play store disabled on my phone and i am using f-droid.
yeah, well… Signal :\
if it wasn’t for Signal, which i really wanted to use as it seems to be the only messenger that keeps all of your data private, then i would already have installed FPOOS and be done with it. It is really bizarre how open whisper systems puts so much energy into developing a privacy-enforcing app and then decide to only make it available to users who use the play services
maybe, if you could build signal from source and use µG – does anybody know?
this might be a silly question: will GPS work w/o play services? i.e. specifically navigation using OsmAnd?
I don’t use ‘Signal’, prefere ‘Threema’, but if you want to download ‘Signal’, you can do it with the ‘apkpure’ store instead of ‘Play Store’!
thanks, yes, the download should not be the problem – you should also be able to build it from source, as it is open source. the question is whether it will work without GCM :\
One advantage of OpenOS with OpenGApps pico is that the phone is rooted. I for example have this setup with Xposed and Xprivacy. With Xprivacy I can control the permission requests of apps. Now I can use the Play Store (and GPlay services) to get my apps (running), but I can control which data Google sends to its servers with Xprivacy which is pretty cool
Signal doesn’t work without Google Services (they even use Google Auth to login…), but it works with microG (https://github.com/microg/android_packages_apps_GmsCore/wiki/Implementation-Status).
Also, don’t be fooled: Signal doesn’t anonymize any metadata and it’s centralized. Snowden used it because he ran it over Tor. So using Signal means at least Google (by GCM) and Open Whispers Systems (by their servers) have access to the metadata of your comms.
“It’s very good, I know the security model,” Snowden said about Signal. “They don’t protect you from metadata association, but they do strongly protect your content from precisely this type of in-transit interception,” he said.
I’m still waiting for Briar for a full encrypted IM app.
Great, thanks – I shall read about this
Wearing a tinfoil hat…
I wouldn’t be completely sure about that. Google Apps are privileged apps on your system, meaning that they can do whatever they want (without you knowing because their source is not open, obviously) because they are in reality apps with superuser rights.
…want access to your contacts?
Instead of dealing with the normal Android API for that (which is the one you can block with XPrivacy), they can directly read the contacts provider database. It’s a SQL query after all…
…unless I block their internet access?
Nope. Google Apps are interconnected. There’s a module, Google Play Services, which seems to be the central one (because the others depend on that), but I’m sure if you block Internet access to this module, Google Play will refuse to work.
Disclaimer: I might be mistaken in the practical issues. I’ve been living without Google for two years already, I’m not familiar with their actual design, although I suspect it hasn’t changed pretty much…
Good point. And interesting that they make it sound like they would by reassurung that they do not log any metadata (they say). They recently published a subpoena they got served with along with the information that they do not have any information on their users apart from registration date and time of last login.
OK, not logging is still better than logging. But still, I feel more and more inclined to going FPOOS completely w/o Google and then using WhatsApp and swallow the pill that they do log and analyze meta data.
But then the filter option to only show system apps for controlling would be useless… But I can make an experiment: I’ll download this crappy new Whatsapp-clone from Google (“Allo”) ant let it try to collect my calendar data. Since it is from Google it would directly take the data from GPlay services which are controlled by Xprivacy.
EDIT: This won’t work because Google already synced my contacts when I was on normal FPOS whithout asking me
What they show you could be completely different to what they have about you,
I’m talking here about technical possibilities, because legal and ethical don’t apply in the case of a company; companies are not tied to ethical practices (Fairphone wouldn’t exist, if that was the case) and NSA already broke USA’s fourth amendment, anyway. We cannot trust law, but we can trust technology.
no Google mobile services I set to 1
poll and no Google Mobile services: +5%
push and Google mobile services: +50%
Edit: I’m talking about the current, so +5% means: battery drains 5% faster.
Be careful with apps from a company!
If they give you something as a gift for free then this is economically wrong. A company has to gain money! So if they give somthing for free, they have to gain money in another way and that’s - with www - your data!
Google, Whisper, Wire.com, Ghostery, Mobotap Inc, WoT, and so on …
hey, thanks for the info on the battery! how to read it, though? do you mean that with push and GMS turned on the battery last 50% longer or it drains faster?
Oh shit, thanks for the question - my fault. As a technician I see the flowing current and forget to mention it:
I meant by +x% the current, so the battery drains x% faster.