I have been considering replacing my nearly 7 year old iPhone (although very reluctant) and I was checking for options. Really the only phone that caught my eye was the Sony xperia 1 V, but I found no information about how to degoogle and lock down the device. I really like the features and the built in camera apps, etc. Is there a way to degoogle the phone without loosing the funcionality/ease of use?
De-googling inherently causes functionality loss on Android because Google provides a lot of basic services via things like the Google Services Framework. It might be best for you to buy something cheap (secondhand Pixel?), install LineageOS, and then see how you like that before committing to something costly like an Xperia, especially since you’re coming from iOS.
Isn’t there maybe a way to keep the factory os and selectively disable google services. Sort of no-script style? Not too familiar with the android ecosystem tbh, other than google is on top of the food chain, haha.
You can use Universal Android Debloater (updated fork here) to remove some applications, but it’s nothing on the level of a custom ROM. If you are really set on the hardware of the Xperia 1 V then I would recommend taking a look at this guide, written by @TheAnonymouseJoker@lemmy.ml. It has some advice for how you can achieve greater privacy on a non-Pixel Android device.
In principle, one could probably do this to a rooted phone by removing all the Google apps, and all the Google services, and giving up the other apps and services that depend on them. It would be a nontrivial task, and the steps would likely be different for each phone model (and possibly each OS version). I don’t know of a project that does this successfully. You might try searching xdaforums.com for someone who has done it.
However, I wouldn’t depend on Google services staying disabled when Google still controls the OS.
IMHO, it’s safer and easier to replace the entire OS.
The only functionality I’ve lost after migrating to a Pixel with GrapheneOS is the Android Device Policy (aka Work Profiles, the spyware your employer requires to use certain work apps)
Good riddance if you ask me lol
Does GrapheneOS result in a loss of work profile? That is a massive disadvantage to compartmentalisation of apps. Thanks for letting me know.
It just doesn’t allow you to use the Android Device Policy work profile which makes it so you can’t log into Slack for work (for example) if it depends on the work policy spyware being active on your phone.
I get that for some people that’s a non-starter but for me who vehemently supports and exercises my Right To Disconnect, not having spyware on my phone for work is a good riddance.
For work you should anyway demand a separate phone from company, or company budget for separate phone. Never run company spyware on your own phone. Tell them you will buy the absolute dirt cheap phone for work purposes, and will not be usable outside of work hours.
Quite a lot of apps cease to provide real-time notifications/messages, if they work at all, when Google Play components are not installed under GOS. At the very least, Google Services Framework is required for many mainstream apps.
That’s what the Google Play Sandbox is for.
Other ROMs don’t have Sandbox.
You do not need the “sandbox” since you can control Google packages permissions using AppOps mechanism. It is the gist of kdrag0n’s Sandboxed Play Services. You can manipulate any Android package in any way you want using a privileged AppOps permission controller and firewall with HOSTS or custom domain blocking.
What is Sandboxed Play Services? I’ve searched for it but I seem to find contradictory information. Looks like a feature that needs to be added explicitly to a ROM by its devs? It seems to have originated with GrapheneOS but there’s no mainstream support, in LineageOS for example.
All I know is that its a feature of GrapheneOS, and is the main reason why I switched over to it.
It originated in kdrag0n’s Proton AOSP custom ROM. GrapheneOS just took it and rebranded it as their own invention, like Apple does.
Sandboxed Play Services merely restricts app permissions of Google Play related packages using AppOps mechanism, and probably restricts their networking a little bit. All this can be achieved on any Android phone without rooting or unlocking via ADB/Shizuku and a firewall.
Oh that’s interesting. So basically it’s just Google apps running in userspace as opposed to system apps, and subject to any restriction you can throw at user apps? I imagine that Xprivacy would work too in that case.