pull down to refresh
0 sats \ 4 replies \ @andy 30 Mar \ on: eSIM on GrapheneOS no longer requires Sandboxed Google Play security
Any idea why Graphene does not use https://gitea.angry.im/PeterCxy/OpenEUICC ?
Missing features and implementation issues. It doesn't support all carriers nor implement all the required baseline functionality including wiping of eSIMs, which the future duress password feature plans to erase.
We allow eSIM activation without any Google services, it uses the stock OS package but totally isolated and isn't dependent on any Google Play services. There is little to no privacy improvement either as you need to make connections to the provider to activate eSIM regardless. There isn't much value in working on one for GrapheneOS for that reason either.
reply
Why did eSIM previously rely on google services, but now it doesn't?
So the stock OS eSIM package is open source so there is also no reason to use anything else?
Generally I'm wondering if any eSIM tools in android can help with https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/485 .
reply
Why did eSIM previously rely on google services, but now it doesn't?
There are now additional shims to make it work without the sandboxed Google services. This is an example of a commit for it: https://github.com/GrapheneOS/platform_frameworks_base/commit/813cd8f45d0a49bb6775453ef0744441f133f6ef
Activating an eSIM would perform data sharing with Google services. The EuiccGoogle package alone doesn't send data directly to Google, so isolating it from the Google services and making it work standalone helps. We also have a toggle to completely disable that binary which is enabled by default.
So the stock OS eSIM package is open source so there is also no reason to use anything else?
It's part of a closed source package. At the time it was the only package allowing eSIM activation and today it is still the only package allowing all the relevant features. One of the Google eSIM apps handle the updates for the eSIM secure element's firmware, which is needed for security updates.
Any idea how the CalyxOS eSIM support works compared to Graphene? CalyxOS doesn't seem to indicate much about what they are doing with eSIM.
They use the same Google packages but without the toggle to deactivate or isolating it.
Generally I'm wondering if any eSIM tools in android can help with https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/485 .
If someone put their time into it, maybe? Wouldn't really know, not looked at this.
reply