Actually there is a custom filter for uBlock Origin for that:

https://github.com/DandelionSprout/adfilt/blob/master/LegitimateURLShortener.txt

You add this as a custom filter to uBlock, and it does all the URL cleaning without needing an extra extension.

No, I can assure you of my good faith. I wish I could assume the same.

Your playing semantics. Both sandboxed google play and micro g are ways to get around Google Play services but only GOS implementation actually solves the main privacy issue.

You wrote security wrong. Your phone will be leaking more data, but reduce the attack surface and have better compatibility. Which is an OK choice.

The reason I mentioned aurora is because a lot of user install micro g so they can use the play store as it requires play services or a substitution. This was obvious in context.

It was really not obvious, mainly because it’s an entirely nonsensical thing to do, so why would I assume that? As far as I can tell this is also materially not possible in /e/OS or CalyxOS. Maybe it’s possible in Lineage, but why would anyone do that?

Plugins and extensions are not the same thing.

There about a gazillion background services in your phone right now having privileged access. Have you taken a look at those? Do you know what they do?

MicroG does not give you access to the play store. Like, not at all. If you think Aurora store is a replacement for microG or Google Play Services you have no idea what you’re talking about.

The reason why Google Play Services is such a privacy nightmare is that it’s malicious, and it’s privileged.

The recent revelation of how Yandex/Facebook were tracking us through anonymous sessions shows just how much damage can be done with unprivileged apps.

Unlike Play Services, MicroG will do only what it has to (or nothing, if you decide to forgo using all google services). While doing so, it will still minimize the data sent, and spoof what it can to reduce fingerprinting.

As far as I can tell, MicroG seems to be reasonably well trusted. All objections I could find to MicroG are either based on principle, like yours, or on FUD. I have yet to find any mention of actual issues with MicroG.

Yes, it’s privileged, and if you reduce the issue of running privileged code an issue of trust, either microG is about as trustworthy as your android ROM (which runs a lot of privileged code on your device). You ROM, minus a few patches, come 99% from Google after all, but you place a lot of trust in the GOS team to sanitize and patch that up. It’s OK, I don’t disagree.

So once we establish that MicroG is not malicious, running it privileged may be less than optimal, but it’s only an issue in terms of attack surface.

Which is not nothing.

With all this being said, I expect that the threat model that regard as an obvious advantage running know malicious code, though unprivileged, over non-malicious privileged code, are going to be few and far between.

Claiming that literally installing Google Play, though sandboxed, gives massively better privacy than MicroG is a pretty wild claim.

Damn, I went to read the linked post I Want to Love Linux, it Doesn’t Love Me Back and it is, indeed, a banger.

What? Your phone came with Facebook in the system image?

They would put their granny’s home address and SSN in the headers if it made a page load 10ms faster.

Have they ever considered that pages would load faster if they didn’t include 20MB of JavaScript?

I don’t know, Reiser is not a serial…

Banking app: “Oh no, your device does not conform to Google’s latest whim, terribly insecure, can’t let you make a SEPA.”

Baking website: “Opera on an outdated, pirated copy of Windows? Looks a-ok to me!”

Every 30 minutes? Nope. More like every 6 minutes.

Overall though, people obey them and roads are safer as a result.

Ooh boy, you clearly have never driven in Italy.

Magic Earth has traffic data.

HereWeGo has traffic data and even has public transport and restaurant reviews (from TripAdvisor). It does collect some data but (1) at least it’s not Google and (2) it’s Dutch so they have to go by the GDPR.