I have been considering replacing my nearly 7 year old iPhone (although very reluctant) and I was checking for options. Really the only phone that caught my eye was the Sony xperia 1 V, but I found no information about how to degoogle and lock down the device. I really like the features and the built in camera apps, etc. Is there a way to degoogle the phone without loosing the funcionality/ease of use?
The only functionality I’ve lost after migrating to a Pixel with GrapheneOS is the Android Device Policy (aka Work Profiles, the spyware your employer requires to use certain work apps)
Good riddance if you ask me lol
Quite a lot of apps cease to provide real-time notifications/messages, if they work at all, when Google Play components are not installed under GOS. At the very least, Google Services Framework is required for many mainstream apps.
That’s what the Google Play Sandbox is for.
Other ROMs don’t have Sandbox.
You do not need the “sandbox” since you can control Google packages permissions using AppOps mechanism. It is the gist of kdrag0n’s Sandboxed Play Services. You can manipulate any Android package in any way you want using a privileged AppOps permission controller and firewall with HOSTS or custom domain blocking.
What is Sandboxed Play Services? I’ve searched for it but I seem to find contradictory information. Looks like a feature that needs to be added explicitly to a ROM by its devs? It seems to have originated with GrapheneOS but there’s no mainstream support, in LineageOS for example.
All I know is that its a feature of GrapheneOS, and is the main reason why I switched over to it.
It originated in kdrag0n’s Proton AOSP custom ROM. GrapheneOS just took it and rebranded it as their own invention, like Apple does.
Sandboxed Play Services merely restricts app permissions of Google Play related packages using AppOps mechanism, and probably restricts their networking a little bit. All this can be achieved on any Android phone without rooting or unlocking via ADB/Shizuku and a firewall.
Oh that’s interesting. So basically it’s just Google apps running in userspace as opposed to system apps, and subject to any restriction you can throw at user apps? I imagine that Xprivacy would work too in that case.
Does GrapheneOS result in a loss of work profile? That is a massive disadvantage to compartmentalisation of apps. Thanks for letting me know.
It just doesn’t allow you to use the Android Device Policy work profile which makes it so you can’t log into Slack for work (for example) if it depends on the work policy spyware being active on your phone.
I get that for some people that’s a non-starter but for me who vehemently supports and exercises my Right To Disconnect, not having spyware on my phone for work is a good riddance.
For work you should anyway demand a separate phone from company, or company budget for separate phone. Never run company spyware on your own phone. Tell them you will buy the absolute dirt cheap phone for work purposes, and will not be usable outside of work hours.