|
Graphene completely removes Google services in the default install. There is an option to install a sandboxed version of the Google play store, with enhanced privacy and security, but you don't need to install this or any other Google services if you don't want to, and I have opted to keep my Graphene installation Google-free. There is a disagreement between the Graphene and CalyxOS community about which is more secure/private: Graphene's sandboxed Google play store, or CalyxOS's MicroG. I've read posts advocating for both sides, but I don't have the expertise to have an opinion, and I decided that I don't want either software on my phone, since I don't want to run google code or play store apps. Although I'm not expert enough to validate the following claims, here's what I've read. Graphene people claim that MicroG needs elevated privileges to run, privileges that Graphene doesn't grant to any app. MicroG also loads and runs Google code (in a context where that Google code would presumably have access to those elevated privileges). Graphene's version of the play store emulates some APIs without using Google code (for privacy), and sandboxes the Google code that it does run, running it with reduced privileges. This is a security first posture, keeping in mind that if you don't have security then you can lose privacy via exploits of your security holes. CalyxOS's MicroG emulates a larger fraction of the google play APIs, making it less reliant on google code to operate, and this is the source of the claim that MicroG offers more privacy. |
MicroG runs with elevated permissions to avoid being killed, and so that it can continue listening to socket events. Once an event arrives, it decodes it into a notification, packages into an RPC request, and awakes/runs the target application activity. Then it, crucially, uses the elevated privileges to override the default policy to also allow the target application to run without interruptions for 20 seconds (to process the notification).