I understand the analogy about houses, but when you create a user profiles there is information: any user can update apps for all other users? How its possible ?
Nope, that user profile can't do anything to another user profile. The separate user profile is like a new device. There are some options on the profile creation where you could block the other user from installing apps, and you can also turn off access to the phone.
Hi @sideofburritos ... thanks a lot for your really helpful GOS tutorials! One question though: One essential (banking) app I would really like to use on my work/shelter profile displays a warning/notification that it won't work properly unless I allow my Google Play Services' request to access the following: a) Phone permission b) SMS permission. Would this actually allow Google access to my call and SMS data? Or would granting these rights be uncritical since the Google Play Services are sandboxed and only living on my work profile? Actually the banking app seems to work without phone and sms permission (as far as I can tell) and maybe it would not even be necessary to grant these persmissions. If that's the case: Is there a way to deactivate this specific warning permanently? Thanks!
Excellent tutorial. This is something that is missing with respect to GrapheneOS - there's very little education out there on how to get the most out of this OS. Speaking for myself, I'd benefit from a more thorough understanding on how the 'sandboxed' Google apps can best be utilised - I'm sure others would appreciate a more in-depth look at this. Still, today's video was very helpful to me. As you point out, relying on a third-party app to act as a firewall is risky.
Thanks, Paul! From what I understand at this point, all apps are sandboxed by default with no user action needed. I'll definitely do a vide on this topic, as I'm curious about the intricacies of it myself. Glad you enjoyed the video, and thanks for the idea.
Awesome video. I've been using Graphene for about a month with a separate profile with work. Somehow i do get notifications between profiles, but it's just an alert that a message came in, I cannot read it. I've been debating doing a work profile instead of a user profile, thinking shelter had more app isolation but I believe in separation of bed and pizza.
So do I, you don't need the crumbs in your bed 🍕. The cross profile notifications are a feature GrpaheneOS added. It's very helpful because in the past you had to manually look if you had a notification. I would personally stick with the setup you have and avoid shelter.
Hey, I found your channel tonight and I absolutely love that you don't have the BS other channels do and you have a calm/relaxing voice! Totally subbed and have been checking out your videos, I will eventually get caught up :) After reading the comments and your answers, I do have one question: is there any downside to using a different user profile as a daily while slowly migrating away/finding alternatives that I like and that don't require play services? I know, I will have to unlock the owner user and then load the other user but that will be a small price to pay as I don't see me migrating away any other way. I do have to wait for the android 13 upgrade of grapheneos (I know it's going to be relatively soon) since I upgraded my 6 Pro but I'm trying to put a plan together. So far my plan is Owner - Will be all the apps that don't require play services 2nd - Will have play services for the apps there's no alternatives. 3rd - Will have the personal and work profiles so I can experiment with alternatives and migrate away where possible. Will be my "daily" for awhile to experiment/find alternatives that I like and then setting up the other two profiles as necessary. I'm pretty sure I will be able to get to using the owner profile 99.9% and loading another user temporarily won't be that bad for the remaining .1% Just the 3rd user would make the initial migration a 1000x easier and when I'm done I should be able to delete it without totally wiping the device. P.S. I did try to initially migrate when graphene first released builds (after the copperhead drama) but it was missing a lot of features and I was probably a dumb..not saying I'm still not a bit dumb but I'm totally motivated :)
Thanks! I appreciate the compliment! After reading the comments and your answers, I do have one question: is there any downside to using a different user profile as a daily while slowly migrating away/finding alternatives that I like and that don't require play services? I know, I will have to unlock the owner user and then load the other user, but that will be a small price to pay as I don't see me migrating away any other way. - Not at all. I'm actually going to move to that setup when the Pixel 7 comes out (I'm lazy and don't feel like doing it now). I modified your list a bit, I'm planning out on testing something similar. The perk to leaving the owner profile blank is that you can "end session" on all other profiles which essentially turns off all other apps. With all the other profiles "off" it'll be like having a stock GrapheneOS install with no apps running. ---- Owner - blank 2nd - Will be all the apps that don't require play services 3rd - Will have play services for the apps there's no alternatives. 4th - Will have the personal and work profiles so I can experiment with alternatives and migrate away where possible. Will be my "daily" for awhile to experiment/find alternatives that I like and then setting up the other two profiles as necessary. ---- But to answer your original question, I think you'll be all good with what you proposed :) Haha, I think it's comes a long way since those days so you should have no issues!
I think they now added cross profile notifications, thanks for the concise info. I have some 3rd party apps (no Ggle) from auroa using the sandboxed Ggle services. Figuring out how to separate these.
This is exactly the info I was looking for having just installed graphene on a new phone. I've been using it on another phone for a couple of years and I like it, but I want to get more out of it. Thank you SOB!
Hello, I have a few questions : 1. Do I get notified of incoming calls and text messages across user profiles? 2. If I have google play services in a user profile and I switch users without ending the session would I still be tracked? 3. Can I install sandboxed google play services within a work profile? Thank you.
I also had the same thought for question 2. I don't know if I just didn't hear right but do you need to end the user profile to go back to owner profile or is there a way to just filter back and forth ?
@@RhythmicSoundwaves you can switch back and forth without ending the session. If you do not end it AFAIK apps keep on running, but I don't know what that means tracking wise.
Great video man. I've been using mostly Insular when isolating all big brother apps that can't entirely get rid off yet, and I gotta say it works wonderfully as Shelter. No need to worry for some weird permissions on an app, cause even if it has explicit permission, if Insular doesn't have it, it is negated. Great video as well man, hopefully people will start to get more educated about how much data is potencially leaked out of our everyday devices.
Good tip and thanks! Absolutely, I think mobile devices leak the most data, but a majority of people don't think about it. For years, I knew about it in the back of my mind, but just continued using my iPhone. My goal has been to raise awareness and from past comments I've seen it seems like some people are making changes which is great.
You can turn off all work apps at once by using the "turn off work apps" button in the launcher. This button is handled by the OS, so no need to trust a third-party app to keep the apps closed.
I should have pointed out that feature, thanks for mentioning it. You'd still need to use the third-party app to create the work profile, but that would be an alternate option to close the apps in that profile.
Awesome video Josh! It's exactly what I needed... Now just need to figure out how to make it work for me. So just to clarify, if I ran Hangouts, Nine (outlook) and Teams in one user profile.. Gates and Zuck wouldn't be able to access any data from my other users activities? I guess they would both access the same phone number as it's a shared radio/sim. Great stuff 👍. Need more of the same GrapheneOS to the Max 😁
Thanks! That's correct, it will be completely separate. As an example, even if you allowed "contacts" permission it would only be the contact on that second user profile. No apps are able to access/request permission to access non-resettable hardware identifiers, so they wouldn't get any of that data - grapheneos.org/faq#hardware-identifiers=. As far as phone number goes, I don't know where the phone number access is granted. I would guess it's the "phone" permission, but I'm not positive on that one.
3:28 I would not trust that this is true. I was super psyched about the user profiles because of this. For ex. the MS Teams management BS for corporate environments.. I would use a second user profile for this.. In fact, I bought a Pixel 6 to play with GrapheneOS .. I have an iPhone as my daily driver.. This will be absolutely one thing I will be using on the Pixel 6 is separate user profile for this purposes here.. because currently I'd have to give the MS management BS complete control over my iPhone .. they CLAIM that they only manage corporate stuff but I don't trust them.
Work profiles sounded really bad. You need to put all your trust in a third party app to manage them. Urgh what for exactly? You never mentioned what's so good about a work profile?? They are for a group of apps, blabla but why does an individual need them for??
It's is great for privacy and security but there are two issues - you can't install aurora store on both profiles - termux can't install secondary profiles - for file share I use syncthing on both profiles. - work profile is too complex for me :(
- you can't install aurora store on both profiles You can, likely the issue is that you're trying to install an older version of Aurora store on one of the profiles. If you have v2 installed on your owner profile and are trying to install v1 on your secondary profile, Android won't allow it for security reasons. - termux can't install secondary profiles Likely the same issue as with Aurora store - for file share I use syncthing on both profiles. That should work as expected.
@@sideofburritos solved aurora issue, termux didn't work well, so I installed in owner profile. Real issue is location and it is poison pill for me. Idk when we will solve this issue. I mean from microG to grapheneOS all are same, location are pain. I think grapheneOS should use both A/B partition and one should have google like experience other should be private with all security. (That's my take)
Just how inconvenient would it be to switch between user profiles? Is it as simple as choosing a profile enter a pincode, pw or (does gos support biometrics?) a fingerprint (or am I now cursing in the church and should I forget about biometrics completely when degoogling?)? I am srsly mulling degoogling on a Pixel 7 when it is supported, but as I also do freelance work, I do need some apps that require google services, but I really want them sandboxed.
I think the switching experience is pretty seamless. It's as simple as selecting the other user profile and then authenticating however you like. Pin, biometrics, password, all options are supported. I'm in the same situation where I have some apps that require Google services. Those are on a separate profile, so whenever I need them I switch over there and can use them. Keeps things completely separate and it's minimal friction to switch between.
I would love a video explaining in depth how private sandboxed play services are on Graphene using examples. Especially compared to MicroG. Logged into an account and not logged in.
I realized I could put an FTP server on my owner profile and have all of my users have a shared common folder. With Material Files app, it's been working great. So I guess if you absolutely needed to communicate across profiles, you could set up some TCP/IP client/server setup, where the owner profile is the server.
@@DanielTubul I'm not very clear on how everything works with Android/Graphene, but an FTP server on the owner IS accessible to user accounts after you switch to the user. I tried setting an FTP server up on a user account, but that isn't accessible after switching accounts. I imagine the owner is special and keeps certain things running even when switched to another user. I have Material Files battery usage set to "Unrestricted" on the owner profile. That might be important. Below are rough steps to get it to work if anyone is interested: 1) On your owner profile: Install Material Files, and within that app, setup the FTP server and start it. 2) On a separate user account: Install Material files, and within that app, add the FTP server in "Add storage". Put 127.0.0.1 as the hostname, and fill out the rest. Note: If you restart your phone, you'll need to manually turn on the FTP server in the owner each time. VLC supports FTP servers as media folder which is nice... Ideally, it would be nice to have some sort of mounted FTP folders so all apps have access to it.
Very interesting setup, thanks for sharing. I'm actually surprised it works using 127.0.0.1. I guess it's because the network stack is shared between profiles? I'll have to do some testing on that. @Daniel Toubul, when you switch to another user profile, owner is still running. While you're able to "end" other user profiles, owner is never terminated (unless you reboot/shutoff your device)
Is there a way to prevent one user profile to see the contacts of the main profile ? I want to use mobile data i.s.o only internet on my "sandbox" profile. For example for my banking app. Thanks and I appreciate your videos about grapheneos.
I was using root on main profile to access the work profile's data under "pass through" so only root can access that, and never had the permissions granted for the sharing in shelter app.. Question is, would you still regard this method similarly safe if I continued this way? (Considering the best security)
Just installed CalyxOS and I was wondering what my new work profile thingy was. Never heard of it before. Didn't know what it was until I watched your video. Thanks.
Is it possible to install root certificate on the second user profile without compromising main user profile? Installing root certificate on your device is a very bad practice for privacy and I want to isolate that profile. Thanks!
I ended up put google framework in the work profile to have the G camera there, keeping G map on another profile. well the work profile allows you to keep your family contacts away from other contacts
That's not a bad option for it, especially since camera is a pretty common app to use. While I do see some good use cases for work profiles, I've still never trusted them enough to let any company I've worked for use that functionality on my personal device.
@@sideofburritos it was hard in the beginning too, the annoying thing with G camera is that you need G photo to visualize the pictures, if you'd know another app that allows to see all the pictures taken from any camera app?
Is it a bad idea to be logged in to apps like Audible, Duolingo, Cashapp, kindle, etc on your main profile or should these be on a completely different profile? Thanks
I don't think it's a bad idea, just depends on what you're looking to accomplish. What you gain by installing the apps in another user profile is 1. Separation of user data from your owner profile 2. You can "end session" on the other user profile so that the apps can't run in the background.
Hi, Is it possible to get trough GraphenOS. How secure is the phone. If GraphenOS is so secure is it better to use Work Profiles or get a second phone? GraphenOS, Is it still possible for the GOV, to Triangelate you using Celltower? Is it possbile to spoof it?. Keep up the good work, Thanks.
>Is it possible to get trough GraphenOS. How secure is the phone. This page has a great summary of the features implemented in GrapheneOS - grapheneos.org/features If GraphenOS is so secure is it better to use Work Profiles or get a second phone? > It depends on your threat model. For me, using separate user profiles for google services accomplishes what I need. GraphenOS, Is it still possible for the GOV, to Triangelate you using Celltower? Is it possbile to spoof it?. > You can't spoof that, it's the nature of the technology and how it works. If part of your threat model is avoiding carriers I would have a separate device with a USB-C -> Ethernet adapter. Leave it always in airplane mode and only use it with a wired connection.
Sir, I have a problem with Shelter, sometimes all of the apps in Shelter are unable to use Internet (WiFi) , then I turn on data internet and it works! How can I fix that? thank you
I don't use shelter, so I can't offer much help. It is more convenient than User Profiles, but I still recommend User Profiles over shelter (work profiles).
I did this on my samsung by using secure folder All the proprietary data collection apps are installed in secure folder Like RU-vid Google maps Classroom Whatsapp
Hmm, I've never used a secure folder app like that. I wonder if they use the native sandboxing? I'm guessing the biggest advantage is how easy it is to switch between apps?
Hello everybody i would like to be advice if in graphene os is better to use 2 different profiles for different app or choose via invisibile pro wich app go under tor wich not. Thanks
Thank you! Another great video. From a privacy perspective, is shelter a good option? For example, If I install WhatsApp on my work profile, does the play service will be running on my user profile as well?
Shelter is an option, but I can't say if it's a good option or not. I don't use it and haven't done much testing with it or others. The play services will only run on the profile that you installed them on. So let's say you installed them on the work profile along with whatsapp, play services will only be running on your work profile. Your personal profile is separate and will not have access to them. On GrapheneOS the play services are installed as "apps" so they have no special permission. They will behave the same as any app you installed on your work profile. Hope that helps!
@@sideofburritos thank you. So on GrapheneOS I’m able to install WhatsApp on my main profile without worrying about the security and privacy? I don’t have to create other profiles ?
The shelter thing is the one that i want and now i can finally switch to custom roms Samsung one ui has same feature that move to secure folder or move out of secure folder but finally now this feature is available in Graphene os Is that available in Lineage os or Divest os
You shoudl be good to go with Shelter. As for the "secure folder" that sounds liek something Samsung specific, but from what you desscribe a work profile or user profile should work perfect. My response would be the same as Gerald, any that supports work profiles will work for you.
Bad AI robot. Monotone speaking, no change of pace, "work profile" is said always with the same pitch..Disgusting to listen to. I switched it off after 90 seconds.