• nutbutter@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        28 days ago

        If you have Google Play Services installed, other apps can still talk to it and send you info to Google even when you have blocked the internet access for those apps.

        • merde alors@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          9
          ·
          28 days ago

          that has nothing to do with netGuard though.

          you can either uninstall gms 👍 or filter it’s connections with netGuard by enabling “manage system apps” from “advanced options”

        • Chemical Wonka@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          2
          ·
          28 days ago

          Exactly, it has some leak points. Only GrapheneOS approach is effective to truly block internet connection. Even iptables block connection is flawed

          “GrapheneOS adds a Network permission toggle for disallowing both direct and indirect access to any of the available networks. The device-local network (localhost) is also guarded by this permission, which is important for preventing apps from using it to communicate between profiles. Unlike a firewall-based implementation, the Network permission toggle prevents apps from using the network via APIs provided by the OS or other apps in the same profile as long as they’re marked appropriately”