Lineage is not about providing a google free version of Android. It does not contain google apps, for licensing reasons, probably also to let the user choose. But it does not go further, all the other stuff like captive portal check, agps, dns etc still uses google servers. It’s not “degoogled” in any way. Love lineage btw but we need to be aware of what it is and isn’t.
I wonder where this misconception is coming from, it’s the second time in the last few days I’ve seen it. I can’t remember custom roms ever coming with the Google apps preinstalled, you’d always need to flash them separately before the first boot (thanks XDA). That’s why we have MindTheGApps.
It used to be that Cyanogenmod (the precursor project to LineageOS) shipped with Google apps pre installed until they got a cease and desist from Google.
LineageOS4MicroG is a reasonable starting point. It includes MicroG out of the box, while disabling further app spoofing in the OS (whereas normally if you install MicroG yourself it’s much more difficult to disable app spoofing after you’ve got it set up).
But as /u/baatliwala@lemmy.world said, this is more likely adding Google (or a mock version of it) to your phone, and LineageOS still doesn’t have a few things that other custom ROMs might - eg captive portal check, A-GPS and DNS settings that /u/afunkysongaday@lemmy.world mentioned. To get rid of those you’ll have to try a proper custom ROM and just read the feature specs. I use DivestOS, and that seems to cover most things.
In my experience, not all that many apps require Google anymore. I get a few apps complain that they won’t work without Google services, but find that it’s just the map and payment functions that don’t work (meanwhile dedicated map apps like Waze work just fine). Going without Google services altogether is really just about sacrificing a relatively small bit of convenience.
My thing is, I like having root. Lineage tells me, “that’s okay.” Divest, Graphene, etc. tell me (correctly) that that’s insecure and I shouln’t do it. But I still want root, and don’t like the idea of opposing my ROM in what I’m doing.
Degoogle is the wrong word for lineage because it hasn’t been “engoogled” in the first place, it doesn’t ship with Google services at all. If you simply install the base ROM you don’t have Google.
The question is if you want to replace Google with mock Google services so certain apps relying on GMS still work, or if you want to replace it completely with FOSS alternatives.
I think GrapheneOS isn’t made for that purpose. It’s made to be safe and do privacy well. I think signature spoofing, rooting to circumvent things etc are opposing requirements. I don’t think everything works. There are websites and other comments with more info. My Banking TAN App works, though. Google Pay doesn’t.
Not to start an argument but why would one want to be using Google Pay after going through the process of de-googling their phone? Seems counterproductive.
There are a few different ones. I highly recommend doing your own research to find one you’re comfortable with; reading multiple different reviews of each and whatnot. But here’s a site specialising in finding alternatives to services
Sadly, there’s not too much I can do about that. From what I’ve understood, there’s a whole lot of red tape around tap-to-pay transaction technology. Personally, I don’t use any of it. Only cash or card where I have to.
Google Pay gives you worse consumer rights than using your card with contactless. A contactless card purchase is processed as “cardholder not present”, the same as phone catalogue purchases always used to be done, and the same as online purchases. The seller assumes default responsibility in any dispute. When you make a purchase with your card pin, or when you make a purchase with Google Pay, both are considered secure and authorised by you, so that becomes the default position in a dispute.
If someone steals your card and uses it to make a bunch of contactless purchases, you’d have a much easier time getting them refunded than if the purchases were made with your phone.
How would they use my phone? It’s locked and requires fingerprint to unlock? Card requires nothing. Can lock down phone. Can lock card but need to contact bank.
Fingerprint is fairly easy to bypass, face unlock sometimes moreso. A PIN or password can be captured by just watching someone, and you’ll have far more opportunity to capture their phone PIN than you would their card PIN. If anything, you’re perhaps less likely to lose your card as it spends more time safe in your pocket.
The point is it can be done, and you’re in a worse position if/when it happens.
Sorry. Where are fingerprint readers easy to crack ? Maybe government agencies and high level crime syndicates. Not petty thief’s. I don’t use phone pin. I use fingerprint as discussed.
I don’t use card pin so that’s not an issue. The problem would be a contactless card. Which is the debate we are currently engaged in.
So no. I’ll stick with my phone using Google pay. I had my card skimmed with a card reader and my bank emptied. Funnily enough has never happened with my phone.
Fingerprint readers aren’t easier to crack, but they’re easy enough to spoof. That’s certainly getting harder - just like spoofing facial recognition is - but ultimately biometrics are heavily flawed as a security method. Primarily, it’s almost impossible for a person to change their biomentrics, meaning once they are compromised there is little if anything that can be done.
I would say that you shouldn’t use Google Pay. You should revert to using your card directly, particularly contactless card purchases. Not only will this give you better consumer rights in the event of any dispute, but also you won’t be giving even more detail to Google.
Even so, cash is king. You can always haggle a lower price if you’re paying in cash, particularly when you highlight the 1.5% that card providers (MasterCard and VISA) levy for all card transactions, on top of their statutory fee.
No. They are two different projects.
Lineage is about providing a Google free version of android AOSP and supporting as many phones as possible.
Graphene is about making a privacy centric version of android that can run Google apps sandboxed. Graphene only supports pixel phones.
Lineage is not about providing a google free version of Android. It does not contain google apps, for licensing reasons, probably also to let the user choose. But it does not go further, all the other stuff like captive portal check, agps, dns etc still uses google servers. It’s not “degoogled” in any way. Love lineage btw but we need to be aware of what it is and isn’t.
I wonder where this misconception is coming from, it’s the second time in the last few days I’ve seen it. I can’t remember custom roms ever coming with the Google apps preinstalled, you’d always need to flash them separately before the first boot (thanks XDA). That’s why we have MindTheGApps.
It used to be that Cyanogenmod (the precursor project to LineageOS) shipped with Google apps pre installed until they got a cease and desist from Google.
Many of them do these days. Which is a bit annoying when you want a no-gapps variant and can’t find it.
That’s interesting! They aren’t supposed to do that though, right? It goes against Google’s policy.
Probably because the lack of google apps is the most noticeable difference to stock android?
Sure, but installing them is a step in the LineageOS installation guide.
Is there still a good guide on how to fully degoogle lineage?
LineageOS4MicroG is a reasonable starting point. It includes MicroG out of the box, while disabling further app spoofing in the OS (whereas normally if you install MicroG yourself it’s much more difficult to disable app spoofing after you’ve got it set up).
But as /u/baatliwala@lemmy.world said, this is more likely adding Google (or a mock version of it) to your phone, and LineageOS still doesn’t have a few things that other custom ROMs might - eg captive portal check, A-GPS and DNS settings that /u/afunkysongaday@lemmy.world mentioned. To get rid of those you’ll have to try a proper custom ROM and just read the feature specs. I use DivestOS, and that seems to cover most things.
In my experience, not all that many apps require Google anymore. I get a few apps complain that they won’t work without Google services, but find that it’s just the map and payment functions that don’t work (meanwhile dedicated map apps like Waze work just fine). Going without Google services altogether is really just about sacrificing a relatively small bit of convenience.
My thing is, I like having root. Lineage tells me, “that’s okay.” Divest, Graphene, etc. tell me (correctly) that that’s insecure and I shouln’t do it. But I still want root, and don’t like the idea of opposing my ROM in what I’m doing.
Ditto, at least Divest doesn’t moan too much once you’re set up.
Degoogle is the wrong word for lineage because it hasn’t been “engoogled” in the first place, it doesn’t ship with Google services at all. If you simply install the base ROM you don’t have Google.
The question is if you want to replace Google with mock Google services so certain apps relying on GMS still work, or if you want to replace it completely with FOSS alternatives.
Does graphene allow banking apps ? Does it trip safety net ?
https://grapheneos.org/usage#banking-apps
I think GrapheneOS isn’t made for that purpose. It’s made to be safe and do privacy well. I think signature spoofing, rooting to circumvent things etc are opposing requirements. I don’t think everything works. There are websites and other comments with more info. My Banking TAN App works, though. Google Pay doesn’t.
So google pay doesn’t work. That’s a bastard
Not to start an argument but why would one want to be using Google Pay after going through the process of de-googling their phone? Seems counterproductive.
Fair point. Is there an alternative to Google pay. I don’t use a card and pretty much refuse to use anywhere that requires care or cash
There are a few different ones. I highly recommend doing your own research to find one you’re comfortable with; reading multiple different reviews of each and whatnot. But here’s a site specialising in finding alternatives to services
Every alternative except Apple and Samsung pay, which are device specific and proprietary, seem to just be crypto. No NFC FOSS purchases.
Sadly, there’s not too much I can do about that. From what I’ve understood, there’s a whole lot of red tape around tap-to-pay transaction technology. Personally, I don’t use any of it. Only cash or card where I have to.
So many cards have an nfc chip in them now. Just tap the physical card.
I don’t want to tap the card. Point of preference. I don’t have a wallet. I have a phone.
Google Pay gives you worse consumer rights than using your card with contactless. A contactless card purchase is processed as “cardholder not present”, the same as phone catalogue purchases always used to be done, and the same as online purchases. The seller assumes default responsibility in any dispute. When you make a purchase with your card pin, or when you make a purchase with Google Pay, both are considered secure and authorised by you, so that becomes the default position in a dispute.
If someone steals your card and uses it to make a bunch of contactless purchases, you’d have a much easier time getting them refunded than if the purchases were made with your phone.
How would they use my phone? It’s locked and requires fingerprint to unlock? Card requires nothing. Can lock down phone. Can lock card but need to contact bank.
Fingerprint is fairly easy to bypass, face unlock sometimes moreso. A PIN or password can be captured by just watching someone, and you’ll have far more opportunity to capture their phone PIN than you would their card PIN. If anything, you’re perhaps less likely to lose your card as it spends more time safe in your pocket.
The point is it can be done, and you’re in a worse position if/when it happens.
Sorry. Where are fingerprint readers easy to crack ? Maybe government agencies and high level crime syndicates. Not petty thief’s. I don’t use phone pin. I use fingerprint as discussed.
I don’t use card pin so that’s not an issue. The problem would be a contactless card. Which is the debate we are currently engaged in.
So no. I’ll stick with my phone using Google pay. I had my card skimmed with a card reader and my bank emptied. Funnily enough has never happened with my phone.
Fingerprint readers aren’t easier to crack, but they’re easy enough to spoof. That’s certainly getting harder - just like spoofing facial recognition is - but ultimately biometrics are heavily flawed as a security method. Primarily, it’s almost impossible for a person to change their biomentrics, meaning once they are compromised there is little if anything that can be done.
I would say that you shouldn’t use Google Pay. You should revert to using your card directly, particularly contactless card purchases. Not only will this give you better consumer rights in the event of any dispute, but also you won’t be giving even more detail to Google.
Even so, cash is king. You can always haggle a lower price if you’re paying in cash, particularly when you highlight the 1.5% that card providers (MasterCard and VISA) levy for all card transactions, on top of their statutory fee.
deleted by creator