How private is using the sandboxed Google Play Services?

Found GrapheneOS’s Sandboxed Play Services feature, and I’m wondering how its privacy compares to microG. Surely running something like microG which is fully open-source (to my knowledge) compared to some proprietary code is better, right?

Why do you think microG being open-source does anything in regards to privacy? At the end of the day, all the data that needs Play Services will still be sent to Play Services servers regardless. The stuff that can remain local on the device will remain local on the device in both cases.

microG is simply a client to connect to Play Services, and an open-source client does nothing to mitigate the data transferred to a closed-source server.

Not to mention, since the Play Services is sandboxed as a user application, you can heavily restrict the permissions of the Play Services. Sandboxed Play Services are confined in the untrusted_app SELinux domain. You can deny them access to permissions that you never could when they were system apps. MicroG installs as system apps in 99% of cases, so you don’t get this benefit either.

There is also the security benefit of using the real Play Services APKs instead of signature spoofed microG as system apps, but as you asked about privacy, I will leave the security point here. Just take away that sandboxed Play Services is much more secure than microG.

Sandboxed Play Services is better in nearly every way. Check out Daniel Micay’s comment for further details:


Being open source helps to confirm that all that code is doing is what it proports to do. You can look at the microG code to confirm that it’s only doing what it says. I didn’t know that Graphene’s implementation was closed source until today. They both probably are doing what they say they do, but open source is better for the reason of being able to validate. That’s not unique to custom ROMs; that’s the case for all software.

Graphenes Implementation is Open Source. They just use the original Google Play Services and Apps. They use “shims” to sandbox and limit the access the Apps from Google have to the Phone System.

So Their Sandboxing is Open Source while Googles Apps are closed Source

1 Like

Ok, I see what you’re saying now. The closed source part is the Google Play Services that are being sandboxed because Google Play Services just are closed source.