To update system processes on Android (such as Android Web View), is it preferable to use Aurora Store or Google Play Store (without a Google account) ?
Thanks,
How can you use the Google Play Store without a Google account?
You need a Google account for the play store.
Besides the point, Aurora Store is a lot better. You don’t even need to have a Google account or Google Play Services installed on your phone.
1 Like
I strongly disagree, you are much better off using the Play Store for security reasons and there is no significant privacy concern when you aren’t logged in. My understanding is that the Play Store will update pre-installed apps without being signed in. Relevant article about Google planning to implement such a feature in 2019:
1 Like
What security vulnerabilities does the Aurora Store have?
You still need GPS to use the Google Play store anyway. That in itself is a privacy concern considering all the permissions it has on stock Android.
They mean GPS as in Google Play Services.
2 Likes
I also ask myself the same question,
When I update Web View with Aurora, I’m prompted to install another application : the trichrome library. Have you ever heard of it?
Yes it is a library for Webview.
Is it installed via Aurora as much as via the Google play store?
What do you mean?
Will the system process that Aurora installs - such as trichrome library - be strictly the same as the one that would be installed via Play Store ?
Yes exactly the same. Aurora Store downloads everything from Google’s servers. So if you were say installing Uber, you’d get the same app on the Aurora Store as if you installed it on the Google Play store.
So, is it always better to leave Google Play Servives activated on a phone that isn’t linked to any Google account (and a fortiori no longer receives system security updates) ?
(I’m asking this question from the point of view of safety, not the compatibility of this or that application.)
Is Google updating apps (on devices not signed into Play Store) today?
Google has continued to modularise the OS framework (also the platform & HAL?), runtime, and their dependencies so it could be updated as singular components (updates of some components under their/user control, some under the control of the OEMs) than as a one big binary (exclusively controlled by the OEMs), but I was not aware of Google allowing app updates (which seems like a good thing from security PoV), too.
I highly suspect they do but I couldn’t find any more recent article confirming it.
edit: I can now confirm pre-installed apps are updated by the Play Store without logging in.
1 Like
Yes, you should leave Google Play Services activated. There can be various security improvements delivered through Google Play Services which receives updates on many EOL devices. Obviously you will still be using a fundamentally insecure device if it doesn’t receive regular updates but something is better than nothing.
While I do think there is a security benefit to this. It ultimately depends what @PaulF prioritizes. Privacy or security? It has been known that GPS will send a ton of information back to Google even without a Google account.
1 Like
I’ve thinked with a security viewpoint.
Maybe, there are still some system processes (that can’t be disabled on unrooted devices) that send a bunch of personal data to Google, even with the G Play Services disabled…