In a previous post I’ve been looking at the network behavior of voice calls over WebRTC on Android. In that graph, one can see that the bandwidth, independent of Wi-Fi (over DSL) or cellular is around 80 kbit/s in each direction. During the Conversations XMPP app call, we then switched from voice-only to voice+video. Needless to say that bandwidth requirements then change significantly.
Continue reading WebRTC Video Bandwidth RequirementsI think I’ve been using the ‘original’ Firefox web browser since 2004 on my notebook and also on Android from the day it was released. Over the years, there has been criticism around anti-privacy features that came and went, most of them probably well founded. Nevertheless, I stuck to Firefox on my smartphone until recently but decided to switch after seeing just how often Firefox ‘calls home’.
Continue reading From Firefox to Fennec to Vanadium?
Earlier this year, I had (another) look at Wireguard. Beginning with Ubuntu 24.04, the client is now fully integrated in the network GUI and a Docker based server installation has become available as well. One thing I didn’t have time for at the time was to look at Wireguard on Android. So let’s have a go now.
Continue reading Wireguard on Android – A Bit of a Mixed Bag
I use the Conversations XMPP messenger a lot on my Android phone, not only for text, image and video chat messages, but also for voice and video calling. It’s a joy to use! While in the early days, voice calls dropped when moving between the cellular network and Wi-Fi, the process has become pretty much seamless in the meantime. When I recently jumped between Wi-Fi and cellular a number of times on purpose, I was surprised that I couldn’t hear the switch between the networks in the audio channel at all. So perhaps the call didn’t switch and staid on cellular? I decided to have a closer look.
Continue reading WebRTC Handover between Wi-Fi and Cellular
A quick note today about something that probably everyone but me knows already: When I last installed the F-Droid and Aurora App Store front-ends, the one thing both of them could not do were auto-updating installed apps. Not a big problem for me because I don’t mind being in control when a device updates apps. But for those in the family that would rather like things to be automated, this was not so nice. Looks like since Android 12, alternative app stores can now also automatically update apps. When I installed F-Droid and Aurora, the option did not exist, but an update down the road introduced the feature, disabled by default. Good default, I commend them for it. But actually, I have to admit that auto-update is something I would like as well, so I’ve switched it on for my device as well now. Many thanks, cool stuff!
In part 3 of this series, I’ve taken a look at how the Google Play Services (app) and closed source commercial apps from the Google Play store can be separated into Android’s private space to deny them access to any data on the device. I really like this separation, and having used it for some weeks now, I have noticed a number of additional nifty features: App termination and network separation.
Continue reading GrapheneOS – Part 5 – App Separation and Termination in the Private Space
Today, I’d like to share a few notes about GrapheneOS and Wi-Fi privacy. When connecting to a new Wi-Fi network for the first time, ‘normal’ Android devices I use generate a per-Wi-Fi network randomized MAC layer 2 address and then keep using this MAC address for this network. While this prevents tracking a device between different networks, an individual network can still track a device forever. Not ideal.
GrapheneOS fortunately goes a different way! Instead of using a per-network MAC address, the default is to use per-connection randomized MAC address. This removes traceability over time even in a single network.
Continue reading GrapheneOS – Part 4 – Wi-Fi Privacy
My main reason for turning to an alternative Android flavor is privacy. GrapheneOS takes this to the next level and by default doesn’t talk to any Google servers at all. Even things like the connectivity check web request when connecting to a new network or requesting ephemeris information for fast GPS startup go to GrapheneOS servers rather than to Google. Like on LineageOS, which I have used so far, the downside of not having any Google software on the device is that particularly banking apps do not run. A small price to pay for privacy, but GrapheneOS offers a way out of this without compromising privacy: Running Google Services, particularly Google Play in a sandbox.
Continue reading GrapheneOS – Part 3 – Separation Options for Google Play Stuff
Good, so there’s GrapheneOS on my Pixel 8 now. Like on my previous Pixel 6 with LineageOS, I don’t need the privacy challenging Google Play Services for my core apps, as they are all open source and from the F-Droid store. That being said, there is one type of proprietary apps, however, which I would really like to have on my main phone and which require these services: Banking apps.
There are various ways to get Google Play Services on custom Android Open Source ROMs, and GrapheneOS uses a particularly nifty version: The original Google Play Services and the original Google Play app store can be put into sandboxes, and GrapheneOS then puts an insulation layer around the play services to shield the operating system from it. Sounds nice!
I have to admit that I only had a very vague idea so far what the Google Play Services actually are and how they are embedded in Android. At this point, I felt that I needed to understand this a bit better before allowing it on my main phone. So after reading the GrapheneOS details on the topic and the Wikipedia entry on Google Play Services, I think I understand this much better now. So here’s my take on it:
Continue reading GrapheneOS – Part 2 – Google Play Services
12 years ago I moved from Symbian (does anyone remember?) to Android with a sad heart and great unhappiness about the amount of private data that would be siphoned out of the device. Fortunately there was CyanogenMod, an Android Open Source Platform (AOSP) fork that removed pretty much all privacy invading extras from Android. Happiness restored! Over the years, Cyanogen morphed into LineageOS, and I’ve been using this flavor of privacy friendly Android until today. While the future for free Android forks has looked a bit dire in some years, things are much healthier these days and there are several interesting options now apart from LineageOS which do not require living on the bleeding edge. So when it came to changing smartphones once again, I decided to try out something different: GrapheneOS.
Continue reading GrapheneOS – Part 1 – Making the Jump