XPost: comp.mobile.android, uk.telecom.mobile   
   From: theom+news@chiark.greenend.org.uk   
      
   In uk.telecom.mobile Jeff Layman  wrote:   
   > Hardly surprising given Google's history! It would be interesting to   
   > know if Graphene, Lineage, Calyx, or any of the other android-based OSs   
   > suffer from these cookies too.   
      
   There's a thread on the GrapheneOS forum about this:   
   https://discuss.grapheneos.org/d/20495-googles-dsid-cookie   
      
   If I understand it correctly:   
      
   On a stock install without Sandboxed Google Play installed: no   
   SGP installed but not logged into a Google account: no   
   Apps that don't use SGP: no   
   Apps that use GOS' hardened Webview without logging into Google's website:   
   no (I think)   
      
   so it's only when the profile is logged into a Google account that it's   
   relevant.  Since GOS allows you to have multiple profiles (similar to how   
   multiple user accounts work on desktops) you can always create a separate   
   profile where you're logged into a Google account and install awkward apps   
   in there.  When you're finished with them for today, power button and 'end   
   session' (which switches back to another profile) and the apps are   
   completely stopped until you switch to that profile again.   
      
   The SafetyCore app is not installed as part of installing Sandboxed Google   
   Play, but you can install it yourself if you want to.   
      
   The point of SGP is that it runs Google Play Services as a regular app,   
   without any privileged access.  So GPS can't do sneaky things to the system   
   behind your back as it can on a regular Android OS.   
      
   Theo   
      
   --- SoupGate-DOS v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)