• pandacoder@lemmy.world
        link
        fedilink
        English
        arrow-up
        16
        ·
        1 year ago

        I mean this only routes a small amount to their servers, the actual data to use a website isn’t sent to 8.8.8.8.

        • Kayn@dormi.zone
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          What is Google gonna get from encrypted HTTPS requests that they don’t already get from the associated DNS requests?

          • pandacoder@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            A more granular view of your actual traffic/usage habits.

            Let’s say a page you visit embeds a Tweet, you’ll end up firing off a DNS request for twitter.com, and at least one request to load data from Twitter.

            Now let’s say you actually use Twitter. The DNS request will be the same, and you will have many requests to Twitter to load data.

            In both situations a DNS request is sent off, so the DNS provider knows you probably loaded something but they are going to have a harder time understanding if you are a Twitter user or if you are just frequenting a website with Twitter embeds. However the network provider that can see to what servers the HTTPS request for data are going will see just how often you are actually connecting to Twitter and the size of the transferred data and can build an incomplete but still far more detailed picture of your habits, and they would be able to tell the difference between an only-embed viewer and a regular Twitter user.

            Additional dystopian future possibility:

            Also, for anyone with objectively nefarious future goals, even if the data is encrypted, if one day we are indeed able to break encryption en masse the DNS provider can’t decrypt data they don’t have but the network provider definitely could.

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        That wouldn’t be a problem if more clients supported ODoH. Then even Google wouldn’t know the domains you’re looking up.

        Then again Google’s tracking libraries are everywhere so it’s not like they need a VPN or DNS to stalk you.

  • Exec@pawb.social
    link
    fedilink
    English
    arrow-up
    88
    ·
    1 year ago

    So third-party VPN apps should be able to provide a connection without a persistent notification now, right?
    Right?

    • ChaoticNeutralCzech@feddit.de
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      2
      ·
      edit-2
      1 year ago

      If they’re root, they already can. Like Google Play and other root/system apps that can install apps without the pop-up.

      It is an obvious double measure but it’s been around for a long time, and it’s not too insecure or annoying unless manufacturers install malware as system apps and/or disallow locking the boatloader (they do, sadly).

      • lemmyvore@feddit.nl
        link
        fedilink
        English
        arrow-up
        15
        ·
        1 year ago

        If they’re root, they already can. Like Google Play and other root/system apps that can install apps without the pop-up.

        Fun reminder that the Facebook system apps included on many phones can do that too. Look for system apps called “Facebook Bridge”, “Facebook stub”, “Facebook App Installer”, “Facebook App Manager” etc.

        • limerod@reddthat.comM
          link
          fedilink
          English
          arrow-up
          8
          arrow-down
          1
          ·
          1 year ago

          Don’t you mean: Meta app installer, meta app manager, meta services, etc.

      • Exec@pawb.social
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        That’s what I meant - if Google’s own stuff is allowed to run in the background then third-party stuff should be allowed too.

        • ChaoticNeutralCzech@feddit.de
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          I would not like everything to run as root. But an option to root your phone without too much hassle and make any changes to app permissions would be great.

          • BearOfaTime@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Fortunately, Pixel is easy to root these days with Magisk.

            Well, kind of easy. Takes a little technical ability, but the documentation is solid.

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        system ≠ root. System applications can’t load kernel modules, only root can. That allows Facebook to do some nasty restriction bypassing, but it’s not as bad as it would be if it had root on your phone.

  • shiiiiiiiiiiiiiiiiit@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    43
    ·
    1 year ago

    a persistent notification is no longer required. A key icon in the status bar is the only indication you get that the VPN is enabled

    You still get the key icon. Is the fuss that it now takes more screen taps to reach the on/off, rather than just using the persistent notification?

    • limerod@reddthat.comM
      link
      fedilink
      English
      arrow-up
      32
      arrow-down
      5
      ·
      1 year ago

      The fuss is that 3rd party apps need a persistent notification to stay alive. But, because Google owns pixels, it can skip that step and be less intrusive/visible, which others can not.

        • limerod@reddthat.comM
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          2
          ·
          1 year ago

          Unfortunately, that will mean your app can be killed on many smartphones from device makers like xiaomi, Oppo, and huawei, which have aggressive battery optimization. I had this issue on a redmi device where background apps would be killed unless a permanent notification was present.

          The WireGuard and tailscale apps work great for me without a persistent notification.

          I haven’t tried wireguard. But, I should give them a try and see how it goes in samsung.

            • limerod@reddthat.comM
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              1
              ·
              1 year ago

              The ranking may make it sound like samsung is the worst. But that’s not been the case since android 12. I do not have app reload or app killing issues on this one and find it much better than what I used to experience on miui.

              • russjr08@outpost.zeuslink.net
                link
                fedilink
                English
                arrow-up
                5
                ·
                1 year ago

                I published an app on the play store that purely relies on a persistent notification + wakelocks to keep the screen active (since the whole point of the app is to keep the screen awake) - Samsung was definitely the worst when it comes to this for my app, as I would receive endless support emails about people with Samsung devices where it would get killed, even when disabling battery optimization for my app. The other manufacturers listed there came up every now and then, but disabling battery optimization generally did the trick for them.

                With there being nothing that I could do for my app, I tried disabling compatibility in the play store for a ton of Samsung models, but then I got even more emails about people wondering why it wasn’t available anymore so I re-enabled it, but to this day there’s still (AFAIK) zero things I can do to prevent the app from getting killed on those devices.

                • limerod@reddthat.comM
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  What app is that? I only notice app reload issues when I max my ram usage playing heavy games or running apps that require maximum ram.

                • limerod@reddthat.comM
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  I do not feel too strongly about it, so I will refrain. But, if I find the time and energy to spend, I may open an issue later.

          • folkrav@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            I was under the impression that the “Disable battery optimisations” feature was to prevent exactly this. Maybe I misunderstood what it does, but a bunch of apps designed to run in the background tell you to disable this functionality for their app for this very reason.

          • ShortFuse@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            That is for applications that need access to a LOCAL_SERVICE while not in foreground. That’s like Geolocation or screen orientation. VPN is not one of those. You can kill the foreground application from the recent apps by sliding up.

            No real VPN app needs to have an application window and a background service (same thread) running to provide a VPN. If it does, it is doing something else not related to VPN.

            If you want to add a pause button, applications can add custom tiles.

        • limerod@reddthat.comM
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Persistent notification was added in response to android 8+ background restrictions. You didn’t need it before.

          Apps that need to be constantly alive do that to avoid being killed by the system on android devices that are not stock or pixel. Apps like tasker, accubattery, Internet speed meter, adguard all target the latest android version 12 or higher.

          We are on android 14. You can not install apps targeting android 5 from the playstore today.

      • ShortFuse@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        1 year ago

        Cite your sources because that’s not how persistent notification works. PIA doesn’t need it. It sounds like a poorly written app.

        Edit: DNS66 as well.

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        My phone (Android 13, crDroid) doesn’t have any kind of persistent notification. Just the key icon and the optional toggle in the notification toggles. I double checked my Wireguard notification settings, the app doesn’t even have any notification channels to toggle.

        Clearly, VPNs can be built without notifications, at least on modern Android. I don’t know why alternatives are showing these notifications, but I’m guessing they’re doing a lot more than just “route this packet through this tunnel”.

        • BearOfaTime@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Because (from what I’ve read) battery optimization may still kill them, depending on the phone.

        • limerod@reddthat.comM
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I checked playstore reviews of wireguard, and people are complaining that wireguard stops working after a while. Which makes me think. For wider compatibility and persistent background tasks, you do need one to stay alive.

    • Zerfallen@lemmy.world
      link
      fedilink
      English
      arrow-up
      30
      arrow-down
      2
      ·
      1 year ago

      Would be better if it were optional. The little key in the status area is more than enough indication for me. A persistent notification is not a notification, it’s a hack.

      • BearOfaTime@lemm.ee
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        The hack is the aggressive battery optimization in some phones that don’t respect the native Android battery optimization settings and still kill apps.

        • Zerfallen@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I get it, and i guess the fault is on Google for not providing an alternative for such apps. Still a hack though, because such things don’t belong in the user’s notifications.

      • Fuck spez@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It is optional unless I misunderstood. You can disable the persistent notification by disabling VPN notifications in the Google One app.

    • Skull giver@popplesburger.hilciferous.nl
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      There’s a key icon in the right side of the notification shade that’ll tell you if the VPN is connected or not. My Wireguard connection doesn’t need a permanent notification, it just shows the key.

  • ShortFuse@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    ·
    edit-2
    1 year ago

    I don’t understand the article. They either aren’t clearly explaining the issue or just heavily misinformed.

    I have Google One and PIA. Both do the same thing, which is add a key to the top right of the screen. To me, that’s like a persistent notification.

    PIA has never needed to use the actual persistent notification API. There’s no reason to. Persistent notification is for application that don’t want their UI Window to terminate when Android gets memory pressured, or when wanting to use a local service (eg: Location or Orientation) when not the main foreground application. I can kill the PIA Window (swipe up from recent apps) and the VPN is still running.

    If Google One were able to activate VPN without changing my status bar, that’s a different story, and that’s not the case.

    Edit: DNS66 as well

    • anonymous_bot@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      From what I understand, Google One had its own persistent notification (left side) when using the VPN as well as the normal key icon (right side). So now it just has the latter.

      • ShortFuse@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Nope. I have my Pixel 7 on Android 13 and my Pixel 8 on Android 14.

        The only difference is when you activate on Android 13, you get notification it’s connecting and it’s connected. Neither are permanent, and I can dismiss them.

        Android 14 has no notification and just shows you on the app it’s connected now (different UI).

        It never had a persistent notification, so I’d reason the author was misinformed or misunderstood the change when somebody told them.

  • itsJoelle@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    Weird, my Pixel 6a currently doesn’t have a persistent notification when I use Proton. Is this a GrapheneOS thing? Just curious.

    • FutileRecipe@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Have you enabled notifications for it? I use Proton with GrapheneOS. I keep the ProtonChannel notifications disabled normally as I don’t need to see it. Enabling it, I see the persistent notification as expected.

  • kvothelu@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    I am on pixel 6a and using third party vpn. there is no persistent notification. only key icon. I don’t see the issue here.

  • heavymetalsheep@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    11
    ·
    1 year ago

    Lol that’s like saying worlds biggest virus creator which makes him billions of dollars now also providing anti virus for free.

    • Onii-Chan@kbin.social
      link
      fedilink
      arrow-up
      7
      arrow-down
      1
      ·
      1 year ago

      Exactly lmao. I don’t trust Google with shit, so I’m still going to install GrapheneOS and Mullvad as soon as I get the 8.

      • png@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        As a Pixel owner, how much do you lose in terms of the pixel-exclusive software when using graphene?

        • soulfirethewolf@lemdro.id
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I mainly want to know what the included apps are like. Mainly if they use material three or not and if they actually look decent unlike the ones with lineageos

          • CCatMan@lemmy.one
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Also, some apps and sites do not work from mullvad vpn. I know that Redcard and some parts of Ally are restricted.

          • Onii-Chan@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            It depends on the apps. I’m Australian, so it may differ depending on the country, but I’m able to use the Commonwealth Bank app, alongside Square Payments (but cannot use the card reader.)

          • Polar@lemmy.ca
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            4
            ·
            1 year ago

            That’s wild to give that up. I never carry my actual cards anymore for convenience and security. Plus Google Pay gives the retailer a virtual card number, keeping your real one safe.

            Not to mention it’s safer to bank on a phone vs computer, as you’re less likely to have a virus or Keylogger since everything is containerized.

        • Onii-Chan@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          As much or as little as you like, as Graphene uses a sandbox for Google Play Services. It’s up to the user, some have more or less degoogled completely (like myself), and others use the same apps they did on stock Android, but with harsher permissions.

          I’ve not found any real difficulty getting away from the apps I used to use, as there are FOSS alternatives for almost all of them that imo, work much better and require far less personal data (two I use on a daily basis are a NewPipe fork with Sponsorblock functionality, and InnerTune, which has completely replaced Spotify for me.) I do still use Google Maps, albeit with all permissions other than network restricted (as I don’t use real time navigation, and have yet to find an alternative that matches it for business detail accuracy, street view and ease of use.) I also still use Google Camera, albeit without any network or other nonessential permissions.

          So basically, Graphene can be used the same way as stock Android. It just gives you options and control over your device and digital privacy. GrapheneOS is first and foremost about device security, and is the best custom OS out there in its field.

            • Onii-Chan@kbin.social
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Ah yeah, I gotcha. Now Playing isn’t something I’ve looked into, but I can confirm it doesn’t come packaged in. Same with translation.

          • lemmyvore@feddit.nl
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            I do still use Google Maps, albeit with all permissions other than network restricted (as I don’t use real time navigation, and have yet to find an alternative that matches it for business detail accuracy, street view and ease of use.)

            Check out GMaps WV from F-droid, it’s the web version of Maps wrapped in a webview. It can’t do realtime navigation (because Google won’t let it) but you said you don’t need that. It can plot courses and give you all the details for them, just can’t do the actual live navigation.

            It doesn’t need any Google-specific support on the phone, just a working webview.

            Please note that, just like on the Maps website, you’ll get a nag screen to accept their cookies and they’ll show it each time you open the app if you reject cookies or close the screen, until you either accept or live with it. But the cookies will be restricted to that webview so the most they can do is track how you use the Maps website.