Did no one mention the multiple users feature on grapheneos? Especially apps you need seldom you can just run under a different user.
this post was submitted on 14 Dec 2024
42 points (100.0% liked)
Android
17806 readers
146 users here now
The new home of /r/Android on Lemmy and the Fediverse!
Android news, reviews, tips, and discussions about rooting, tutorials, and apps.
πUniversal Link: !android@lemdro.id
π‘Content Philosophy:
Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.
Support, technical, or app related questions belong in: !askandroid@lemdro.id
For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id
π¬Matrix Chat
π°Our communities below
Rules
-
Stay on topic: All posts should be related to the Android OS or ecosystem.
-
No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.
-
Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.
-
No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.
-
No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.
-
No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.
-
No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.
-
No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.
-
No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!
-
No affiliate links: Posting affiliate links is not allowed.
Quick Links
Our Communities
- !askandroid@lemdro.id
- !androidmemes@lemdro.id
- !techkit@lemdro.id
- !google@lemdro.id
- !nothing@lemdro.id
- !googlepixel@lemdro.id
- !xiaomi@lemdro.id
- !sony@lemdro.id
- !samsung@lemdro.id
- !galaxywatch@lemdro.id
- !oneplus@lemdro.id
- !motorola@lemdro.id
- !meta@lemdro.id
- !apple@lemdro.id
- !microsoft@lemdro.id
- !chatgpt@lemdro.id
- !bing@lemdro.id
- !reddit@lemdro.id
Lemmy App List
Chat and More
founded 1 year ago
MODERATORS
Which is what apps like shelter and island use - they just make it more convenient.
No that is not correct. I actually use both. Island etc enables the work profile. Likely, the work profile uses internally a different, additional user account. But for the device owner there are some differences. Work profile apps you can configure, launch and access directly from the main account. Also there is some limited sharing possible. The notifications are also shared. If you use (multiple) additional user accounts very little is shared. I think the cell phone functionality maybe. Apps are also shared internally but that is not transparent to the user.
Shelter and island use the work profile, which is different from user profiles
Up through Android 14 everything boils down to different programs to manage a work profile. I've always used Shelter or just straight up used the built in work profile support in LineageOS.
I don't know if it's possible to create more than one separate space.
Edit: the only way I've found to make two separate app containers on android <= 14 is a combination of a work profile and Samsung's secure folder. I don't know of any other sandbox technique.
Hmmh, I was looking for info on Android 15 and the future. But you're right. I've enabled the private space now and it seems it's just one. I might have to use a combination of techniques anyways, or something like Shelter... I had hoped there is a single and clear answer to my question π
I saw this thread which has some discussion
https://discuss.privacyguides.net/t/android-private-space-vs-work-profile/21101/4
Which to me sounds like 'private spaces' is made for this purpose, while shelter + work profile was a workaround for some time. Since it is new, it might take some time for FOSS apps to implement related features, like being able to launch those apps from your homescreen.
Hopefully someone else comes with better advice :)
Edit: these ones suggests that private spaces is better
https://discuss.grapheneos.org/d/16569-android-15-private-space-please-explain
Thx for all the links. I've enabled the feature now. I'm not sure if it's meant for both use-cases but I think I'll put the dicount apps from the supermarket there.
As I understand it, the banking apps should benefit most from the default sandboxing in GrapheneOS. I'm not sure there's much benefit in further separation of them is there?
Good question. I mean that's why I wrote exactly what I'm trying to do... And on second thought... I don't want to bury them completely, since I need the bank and PayPal to send me notifications and pop up once I need to confirm some transaction...
Maybe I should just install them as is, and use that private space feature for random stuff that collects my data and sells it to third parties.
Can't you just run them when you expect a notification? How many times a week do you do online shopping that this is a chore
Yeah, I could do that, too. I'm usually aware of when I click some "order" button... And I'm not sure if I'd miss the push notifications when I finished the supermarket check-out and swiped my bank card... I guess I could do both. After yesterday's advice, I just installed them into my main profile. Maybe I should check the permissions of PayPal and the other app and see if I like my current approach.
Yeah that sounds like the best solution.
Just FYI some banking apps don't work on GrapheneOS (ones that check for strict SafetyNet support I think).
Yeah, F them. I got some hardware TAN generator because I had that issue before. If they force me to use some stock version of Android, I'll just delete their app... So no issues there. π I can live the old-school life without Google Pay... Seems PayPal and my current bank do work without issues.
Thanks!
I was going to use the new Private Space on A15 for my banking app, until I discovered the apps inside the private space are stopped when you lock it.
This makes it completely useless for me since I need to get notifications from my bank.