What I mean by that is that if your goal is to use Android Pay, Chrome, Gmail, Google Maps, Google Drive, Google Fi etc. and somehow retain some level of privacy, MicroG isn't going to help. It doesn't fully implement _all_ of Play Services' APIs.
The point of MicroG is to make Android usable without having Play Services installed. With neither MicroG nor Play Services, many third-party apps fail to function. For example Lyft and Uber depend on the Play Services API for maps and many other apps depend on Google's network location service. If you try to use these apps without some replacement, the apps complain and shut down. MicroG gives you a way around that.
I'm quite happy with my MicroG-based phone but I use:
- OSMAnd or the open-source equivalent of Maps.me for maps
- My country's public transport app for public transit directions
- FairEmail for email
- Element for messaging
- Slide for Reddit
- Firefox for web browsing
And actively avoid all of Google's apps and services (except the occasional search and YouTube).
You DO NOT need the Google Play spyware, or the Uber or Lyft spyware apps, in order to use Uber/Lyft.
Most of these services, including Google Maps, have progressive webapps to be used right in a browser.
For additional security/privacy, open these apps in a separate/sand boxing browser.
For the truly careful, create a separate Android "profile" on the device for apps you don't trust even with permissions locked up (the accounts feature is an excellent sandbox for security/privacy).
For sandboxing webapps in Android I recommend this app: https://f-droid.org/packages/com.tobykurien.webapps
I use the app every day - if memory serves they've usually had a new version out within 24hours of breaking changes on youtube.
I agree, but I thought they were just scrapping YT and using YT-DL.
Edit: Vanced relies on MicroG for logging in, and requires it to be installed along Vanced even on phones that have the "real" Google Play services.
Edit 2: I took "Chinese Android roms" as an example for Google-less roms. Of course, Vanced can't help in bypassing the Chinese firewall to contact Google servers.
How well does microG handle push notifications in general, and particularly Slack if you have experience with that case?
PS: for others in that boat I recommend APKMirror for downloading non-OSS apps. It's run by people from AndroidPolice which is a reputable site, and simply mirrors (free only) apps from the Play Store, so it's all above-board and legit. The only problem is, as described above, some apps have Google Services dependencies baked-in.
MicroG push notification module will talk to Google servers (that's one of the parts where you can't get rid of Google). That's because the Google infrastructure actually delivers push notifications and arbitrates between app's backend and the app.
IIRC the module is optional to enable for obvious reasons.
I guess that really seals it, for those of us who care about push notifications.
Have you tried using Magisk hide & MagiskHide Props Config to enabled SafetyNet? If SafetyNet is enabled then Google Pay, other Payments & Bank apps might work just fine with MicroG (I haven't tested it, just a theory).
MagiskHide covers up the fact that your system is modified. When they talk about "somehow retain[ing]... privacy" it's more about telemetry built into the apps themselves.
It's a statement on Chrome, Maps, etc. tracking you when you use them, which is distinct from whether or not specific ones have SafetyNet-induced breakage.
Google Pay won't work even if SafetyNet passes because it depends on Google Play Services APIs that aren't implemented as part opf MicroG.
I haven't had any issues with any of my banking apps despite SafetyNet failing. They don't like root but they don't seem to care about SafetyNet.
Are there any tricks or supplemental apps you would suggest?
Searching for the nearest grocery store in OSMAnd is trivial: go to Search and then tap on the shopping basket icon: a list of nearby shops will appear, sorted based on how close they are to your current position. Of course, the grocery store needs to already been added to OpenStreetMap. If it isn't there yet, you can always sign for some an OSM editor account and add it yourself (but be aware that with great power comes great responsibility).
It will obviously know what you search for and click on, but it'll only know your location if you explicitly give it out, and without the Services Google won't be able to reach its fingers into the rest of your system. So it can be a reasonable compromise.
That said: Apple Maps was probably the thing I appreciated the most when I finally relented and just got an iPhone :P
My main complaints:
1) The notifications UX is not as good. It gets the job done, but it just feels overall clunkier and worse. There's also a bizarre separation between your lock-screen and the "Notification Center" pull-down. I almost never use the latter, but whenever I open it there's always a random notification from like a week earlier that had been dismissed from my lock screen but was still hanging around there. This doesn't really matter in practice but it's very weird.
2) It sounds like a tiny thing, but the Clock app is not as good. It lacks a couple of really nice little features like early-dismissal of alarms and a confirmation whenever you turn one on ("Alarm set for 8h 23m from now").
But really that's about it. Apple Maps works great (at least in the urban area where I live), despite the memes. Customer support is great. The granular app permissions are extra great. And mainly, it's just nice to know that you can be a full participant in modern society, and you can expect your device to simply work, without also having your every step tracked. Knowing you won't buy a pair of headphones only to find out you can't use them because they require an app, which requires Google Services, which you don't have (this actually happened to me).
Edit: I should point out that I wasn't using microG, so I don't know how much that changes the experience. YMMV.
I certainly don't intend to wax lyrical about Android devices but it does do phone stuff and does it pretty well. Android versions usually make sweeping changes to the UI so mine is a bit dated but it does what I paid for.
I do agree that tracking by private corporations is big no and collectively we should push back hard but whether it be google or apple or samsung or microsoft, all of them give nigh 2cents worth a damn about our privacy. We are their products as the now popular maxim goes.
The only phone with some privacy is a Nokia 3310.
It does, if you have Google Services. If you don't want Google Services, you're going to have a crippled device. Apple is the only company that has any financial incentive not to spy on you, so while I don't take them 100% at their word, I accept that they're the best I'm going to get in that regard.
Basically, pick two:
- A fully-functioning smartphone
- Reasonable privacy
But this isn’t true for Apple. They sell their services and don’t depend on ad revenue.
FWIW you can configure your iPhone to flash the camera LED when you get a notification. Not quite the same thing because it isn't passive, but it's something.
For the first time since Samsung SII I don't have to wait for the camera (or anything) to open.
Unlike on Android suggestions makes sense:
- Logged in with my 15 year old gmail account Android would suggest, at 4 in the morning: "send Telegram message to <random friend>" or "call CTO at customer".
- My 1 year old iPhone mostly suggest harmless things like "take the usual route home", "it is time to leave", "send Telegram message to <my beautiful wife>". On Saturday however it surprised me by being slightly more advanced: I had plotted an appointment to pick up something I had agreed to buy somewhere 40 minutes from home. Afterwards my iPhone suggested I should send my wife a message that I was on my way home. The message was even almost correct: it used "my" abbreviations but was a little bit to posh otherwise.
Because, when I tried running without Google Services, this was one of the few apps, which I really needed and which did not work. Annoyingly only because they used it for loading the map, which I didn't need anyway.
I find that iOS itself and its first-party apps are fantastic from a privacy perspective, especially compared to Google. Most of the apps I mentioned using on Android have an Apple-provided alternative that's vastly superior to Google in regards to privacy. For example Apple asks you when you set up your device whether you want to allow analytics and easily allows you to opt-out. Apple also allows you to use basically every service other than Siri and the App Store without storing any data on their servers.
It's not all sunshine and rainbows though. Unlike Android, there isn't a strong open-source/privacy culture among iOS developers, so there are few privacy-respecting or open-source third-party apps (while on Android, F-Droid is full of them). And there's no app sideloading and the OS itself is locked-down and closed-source.
Still, I'd say that as far as stock mobile OS go, iOS is the clear winner in terms of privacy.
When it comes to non-stock though, Android is much better, with the right device. There are devices (mainly Nexus/Pixel) that allow you to re-lock the bootloader after flashing a custom ROM by adding your own system verification key. With these, you can build AOSP, LineageOS, GrapheneOS or whatever takes your fancy, sign it with your own key, flash it to your device and then bootloader lock it. GrapheneOS also has verifiable builds.
With that, you get all the advantages of a locked device but you don't have to accept the backdoor that is Google Play services.
There are enough privacy scandal every months in the news to remind ourselves that Apple privacy is mainly marketing.
If I have to choose betweens stock Android and stock IOS, I would go IOS too, but none of those solution should be considered decent for privacy
I.e. glad to see the funding but it was a one off standard research grant not a special political chess move.
it looks like a coordinated campaign to me. The list includes a privacy-conscious OS, some VPNs, some Tor services, and a Cloud-free translation system for LibreOffice. microG very much fits into that list of tools to avoid Google's spying eye.
Though I'm also unsure why that page links a github repo that hasn't been updated since 2017, and is a fork of one that is active as of last month.
These days people are less keen on upgrading on every iteration than they used to be and are happier using older kit for longer. If they upped the maintenance window, in fact, that would force google to compete even more fiercely coz users would have to really really want the new features.
I, for one, would vastly prefer using this over the latest android even if it lagged a couple versions and cost a bit more.
They already did years ago. The PlayStore license prohibits manufacturers from providing Android based systems that do not come with Googles "services" preinstalled. Unsurprisingly this has been found illegal in many countries.
It was not about banning AOSP-based Google-less systems (like Amazon Fire, which hugely disproves your claim).
>In particular, the EC has decided that Google:
has required manufacturers to pre-install the Google Search app and browser app (Chrome), as a condition for licensing Google’s app store (the Play Store);
made payments to certain large manufacturers and mobile network operators on condition that they exclusively pre-installed the Google Search app on their devices; and
has prevented manufacturers wishing to pre-install Google apps from selling even a single smart mobile device running on alternative versions of Android that were not approved by Google (so-called “Android forks”).
The FireOS wiki page calls out how members of the Open Handset alliance (which includes almost all relevant manufacturers) are explicitly prohibited from using Android forks like it. It exists in spite of Googles efforts to insert anti competitive language into any bit of legalese it gets its hands on. All its existence proofs is that Google sucks at being a knock of 90s Microsoft.
I much prefer the Japanese way: you get a massive fine AND you have to close shop for a certain amount of time. It's much more painful for a company not to work than to pay a fine.
I don't know anything about it other than their site, but it states that it was supported "in 2019" by PrototypeFund ("a project of the Open Knowledge Foundation Germany, funded by the Federal Ministry of Education and Research") and/but "since 2020" supported by E Foundation.
Marvin, the creator, has made many contributions to FOSS Android apps and is IMO a pillar of the FOSS Android community.
I use LineageOS+MicroG¹ as the daily driver of one of my spare test devices (Oneplus One bacon) and it is the best ROM for that phone IMO. I use FDroid, AdAway, NewPipe, Youtube Vanced and Aurora app store. The performance is really good and together with UnifiedNLP backends it's a perfect Android phone.
Lineage OS for MicroG: Absolutely recommended.
MicroG even supports the bluetooth contact tracing protocol used by the Corona-Warn-App, by the way.
Or am I setting myself up for a world of hurt?
They're not expensive either! I figured I'd be paying an arm and a leg.
I guess it uses a bit more battery, but I haven't noticed it in my case (n == 1...).
(Unless you desire security, of course - Lineage breaks AOSP's security model, knowingly)
- posted from my oneplus 5 with microg :)
It's like a slogan "Move Fast and Don't Break Anything".
> This is alpha-grade software and not yet ready for production use. Do not use if you don't know what you're doing.
Personally I'd also be concerned that Google's bot detection code might mark accounts that use microg as suspicious (as they're going to behave differently than phones using the official software) which could increase the risk of Google banning the account.
As a Chinese the only way for me to connect to Google is through a proxy, and I'm a Firefox user with some privacy settings enabled.
Few months ago I started to notice that Google is keep logging me out of their services, and I had to go through the entire authentication process to log back into my accounts in order to check my emails and do some searches without having be spammed by that capthshitTM of theirs etc, then after few days I'm been logged out again.
Eventually, I got tired of this, and decided "Hey, at least duckduckgo.com won't try to give troubles as long as you use their service normally", so I quickly developed this new habit of not to use google.com. Now I only use YouTube, Gmail, Play Store and sometime the backup service (Google Drive or maybe Photo, I don't care) on my Android phone.
If Google wants to ban all microG users, I'd say that's Great! It was fun Google, thank you for the service.
Plus, can Google actually block a microG user ethically? Using microG isn't hacking or abusing Google service, and "suspicious" is not enough for an account to be blocked, at least permanently.
What'd be ethical? Google can permanently ban accounts for any reason and they do.
"If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck"
Let's not pretend that this is a new problem caused by AI (whatever that is).
But as I understand it, it is really risky if you host all your online assets in one company. So if you go back around on the topic, yeah, that 30% fee is probably really too much for company might not want to serve you.
This makes it possible to use LinageOS without installing Google Blobs with root access, while having almost 90% of apps work as normal.
No, sorry, this is not true at all - MicroG push notification module will talk to Google servers and use their infrastructure to deliver the notifications.
It can't really work any other way - the app backends will request notification delivery from Google servers and you can't really MITM that.
Firebase has analytics built in, on by default. Therefore Google gets to know how users use all other apps, so they can release their own version or just to improve their AI.
I think it is free, but only till a certain number of notifications. (Not sure, I am not an android dev)
Most apps work kinda without push - you just have to open the app to get notifications.
If many different apps use their own push server, a connection has to be kept open to each and every server, and each open TCP connection costs quite a lot of battery (since the system has to wake up to receive keep alives)
It might need to do naughty things to get around https issues, but that shouldn't be much of a barrier since the project would control both the client OS and the server endpoint.
To fork this service, you need your own push notification infrastructure and then persuade app developers to implement it as another option (next to Apple, Google, Firefox, Huawei and other existing ones).
There are push arbitrator services which make this easier, so perhaps having those on board might be a good path forward.
It's built like that due to efficiency - the devices need to minimize number of radio and CPU wakeups to keep running on battery. In early days of Android each app handled this by itself. This resulted in apps polling their servers on fixed interval (e.g. every 5 minutes, etc.) which caused a disastrous tragedy of the commons and horrible standby battery life.
This is why the approach was changed to mandatory push services - the long-lived TCP connection, push aggregation and radio management have significantly prolonged battery life.
which IS LineageOS without Google Blobs :)
I bought my current phone (Asus) because it was supported, after I had successfully used it on my MotoG for years (2-3 ? Not sure).
Very happy to have no Google spying in my phone anymore. Some apps requires some Google services that are not supported so they will not work but not a problem for me.
The most problematic thing is the lack of push notification but it is perfect if you don't want to be distracted.
> developing support for installing microG as a regular app without any special privileges. This will allow users to choose to use a partial reimplementation of Play services in a specific profile. We won't be supporting arbitrary signature spoofing by microG or any other app since it seriously compromises the OS security model.
From what I can see, the "government support" is actually a fairly general (and limited) one-time grant. The badge may give the impression that it's more.
It seems to have only two contributors: https://github.com/orgs/microg/people
They may be pretty awesome programmers, but they are working on something to compete with another project that is currently supported by...a larger number...of full-time, salaried developers.
These two developers have a rather scary number of issues to address: https://github.com/microg/GmsCore/issues
Their status page seems to have some room to grow: https://github.com/microg/GmsCore/wiki/Implementation-Status
I sincerely wish them luck, but they have their work cut out for them.
In fact, I'm fairly impressed, and I sincerely wish you guys well.
As someone who has also pursued ambitious open-source efforts (some, successful; most, not so successful), I can sympathize, but I am also pretty practical (comes from many years as a manager).
Android is also making major departures from unix-like OS semantics, mostly in the name of security. I'm particularly concerned about the directions they're headed with storage.
As someone with minimal Android development experience, I spent a good chunk of time the last couple weeks getting a golang program to run on Android. The experience was a bizarre mix of things that ended up way easier than expected and things that were incredibly frustrating.
Favorite thing that worked:
Static linux ARM binaries from the standard go compiler work just fine. The biggest caveat so far is that if your app does any networking, you need to manage DNS yourself because Android doesn't provide /etc/resolv.conf.
Weirdest thing that didn't work:
The only way to run a native executable in an Android app is to pretend it's a dynamic library and smuggle it into your APK via the jniLibs directory. You even have to name it lib*.so or the system won't run it.
The website doesn't mention it (in my opinion it's pretty bad generally), but you can easily set up a recurring donation on liberapay: https://liberapay.com/microG/
Consider what it's worth to you. It's the only project of the kind we have.
I guess from a legal perspective this hinges on the idea that you can't copyright/patent an API. The graphical design and UX, however, can be copyrighted I suppose.
I also wonder if it would be legally possible to do the same for iOS.
Also, on iOS, it would be an (¿almost? Does the iOS UI have any open source parts?) complete reimplementation of the user space.
I have a run a Google-free phone for years now (currently crDroid on Moto G7) and I have experimented with moving apks from a second phone (with Play Store installed) to the de-Googled phone and it is quite an effort. So I keep my old phone shut down, at home, with only WiFi access as needed (no sim card) when I need to deposit a check by image for my bank for example. But I have no good solution for proprietary apps I want to use on the road, like Waze, without a great deal of effort. Yes there are acceptable open alternatives to many proprietary apps but these are in some cases not my "favourite".
I do not have any issues with Apps from Fdroid (I think they are compiled without any google play dependencies).
When I get packages from Auroua (Google Play), it varies from the app working as expected (sans notifications), to I get a notification that it needs Google Play (but then works), to the same notification then the app quits.
It takes an existing ROM, patches it for signature spoofing, and bakes in a bunch of FOSS apps. (But the installer is fully customizable so this is optional.) It also can (try to) patch non-LineageOS roms, so if you're stuck with an unsupported Android build, it can still gut out some of the bloat. I actually used it with my vanilla LineageOS install because the maintainer also packages a patched version of the Play Store that still supports in-app purchases so you can still use your paid apps with MicroG. Overall it's been a great experience for me, my battery life is way better than before and I feel much better about what's running on my phone.
I am using it as a daily driver for some weeks and it has been flawless.
(Combined with what I documented in:
As an alternative, there is https://grapheneos.org/ but it does not have MicroG and it takes a performance hit.
If I did the same with a Sony Xperia XA2 (which I did) the eFuse means I can never get OTA updates again.
What's the current status of the project?
Is is a full functional replacement?
Is it transparent to apps?
The way it works is that it pretends to be Google Play Services, so it isn't transparent to the apps. Not sure if the apps could figure it out it isn't running on the real deal.
Once you have this fork it's great though, the spoofing is what makes it transparent to apps. It does use Google's push service as this is the only way (this is what the apps' backend servers talk to), but it doesn't require a google account, just a random ID.
The other things like geolocation don't require google services at all. In my experience it works great.
They even implemented the covid notifications api now!
This project will probably never be "done" and will have to play catch up with Google all the time but it's really amazing that people are putting the work in to achieve this! Thanks a lot! I think this project is vital to the future of AOSP based community distributions.
Show that there's something there to donate to and I'll get some money to you.
Its hard to take off the open source project this way.