MicroG has two huge advantages: you can inspect the code it's running, and you're not tied to Google services. For example you can replace the location service with a privacy respecting one. With the sandboxed play you can't do that, you're stuck with the Google version. The only thing you still need Google for is the push notifications, because the backend of the apps only speaks to them.
It would be amazing if grapheneos would support microG as an option. But they are too much "not invented here" for that to happen.
That's only true for microG itself, not the Google blobs it needs to download and execute in order to function.
GmsCompat on GrapheneOS is also fully open source.[1]
> For example you can replace the location service with a privacy respecting one.
GrapheneOS literally does that.[2] It's currently not perfect in regard to privacy because they are using Apple's Wi-Fi positioning service, but proxying it through their own servers, so Apple never gets the user's IP address or any unique identifiers, and link the location information to any other data. One thing Apple currently does better than most network location providers is the fact that they don't just return position data for one BSSID, they actually give you the data for hundreds of nearby BSSIDs as well[3], which is more private, and means that much fewer requests need to be made to the service.
Because of this aforementioned aspect, Apple's Wi-Fi positioning system is also incredibly easy to scrape. GrapheneOS plans to build their own database, and let users download it, so Wi-Fi positioning could be performed fully locally.
> It would be amazing if grapheneos would support microG as an option. But they are too much "not invented here" for that to happen.
GrapheneOS doesn't support microG, because it has worse app compatibility than Sandboxed Google Play, and requires elevated privileges, unlike SGP.
> they are using Apple's Wi-Fi positioning service, but proxying it through their own servers
My concern with this system is that their proxy is (afaik) compatible with Google's format, which by default is less privacy respecting as it does the location calculation server side and doesn't allow the client to cache.
I'd much prefer if they called out to Apple's servers directly (or through a direct proxy) & cached the AP data locally so over time it will work offline.
It would be amazing if grapheneos would support microG as an option. But they are too much "not invented here" for that to happen.