> The security provided by GrapheneOS is in order to be able to protect privacy.

But there is still no way to reset/spoof android device ids, and the apps can reliably identify the user after reinstalls.

▲

strcat a day ago | parent [-]

Hardware identifiers aren't accessible to user installed apps. ANDROID_ID is a per-app-per-profile random ID. Apps don't need ANDROID_ID to identify that it's the same install due to immense fingerprint surface. If you installed the app in another profile, it would have a different ANDROID_ID, but it would still potentially be able to fingerprint it as the same device based on many things like settings. GrapheneOS does have planned features to improve these things but it's not nearly as simple as making ANDROID_ID per-app-install or making the MediaDRM ID more randomized than the current per-app random value (it was meant to be like ANDROID_ID but they make a mistake that's hard to fix without breaking compatibility so we need a toggle).

	▲	pshirshov 12 hours ago \| parent [-]
		I understand, but think it won't be correct to make claims about strong privacy while fingerprinting remains possible and as easy as on stock devices. I agree that GoS did a lot in order to improve privacy (scoping) and it provides unmatched security, but you shouldn't create false expectations.