• nutbutter@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      28 days ago

      If you have Google Play Services installed, other apps can still talk to it and send you info to Google even when you have blocked the internet access for those apps.

      • merde alors@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        9
        ·
        28 days ago

        that has nothing to do with netGuard though.

        you can either uninstall gms 👍 or filter it’s connections with netGuard by enabling “manage system apps” from “advanced options”

      • Chemical Wonka@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        2
        ·
        28 days ago

        Exactly, it has some leak points. Only GrapheneOS approach is effective to truly block internet connection. Even iptables block connection is flawed

        “GrapheneOS adds a Network permission toggle for disallowing both direct and indirect access to any of the available networks. The device-local network (localhost) is also guarded by this permission, which is important for preventing apps from using it to communicate between profiles. Unlike a firewall-based implementation, the Network permission toggle prevents apps from using the network via APIs provided by the OS or other apps in the same profile as long as they’re marked appropriately”