Should we turn on Google Play Protect (what the heck does it do)?
<https://i.postimg.cc/FRjyyX7V/aurora19.jpg> Turn on Play Protect?

I don't have any account on my phone, which is why I use Aurora Store for my
google play store client and NewPipe for my YouTube client, because they
have the concept of an anonymous login into Google servers to gain access.

I used to disable the "real" Google Play Store app, until recently, when I
tested that it allows Google to update some things which aren't intuitive:
a. It can update about a dozen "google apps" even without a login account
b. The Google Play Store app also updates the "Google Play Services" version
<https://groups.google.com/g/comp.mobile.android/c/fIAd_j1gC0w>

Before running a Google Play Store "Settings > Updates" command:
1. Android version 11
2. Security patch update version February 1, 2022
3. Google Play System update June 1 2021
4. *Google Play Services version* 22.02.21 (150400-428111784)
5. Google Play Store version 29.4.13-21 [0] [PR] 429618493

After running a Google Play Store "Settings > Updates" command:
1. Android version 11
2. Security patch update version February 1, 2022
3. Google Play System version June 1 2021
4. *Google Play Services version* 22.06.15 (150400-428792003)
5. Google Play Store version 29.4.13-21 [0] [PR] 429618493

In addition, when I installed Aurora today, this popped up:
<https://i.postimg.cc/FRjyyX7V/aurora19.jpg> Turn on Play Protect?

What are the implications of turning on (or off) Google Play Protect,
particularly when I never download anything _directly_ off of GP
(but, of course, I do, only I use Aurora to do it for me)?
--
Usenet is a team sport where each of us pitches in to help all the others.

I was ignorant of what Google Play Protect does a few minutes ago,
but now I'm less ignorant, as shown by these screenshots I made for you.

Here are some related screenshots for my Google Play Protect questions:
<https://i.postimg.cc/1tPHPWpK/gpprotect01.jpg> No Google Play account
<https://i.postimg.cc/vBzvmWhw/gpprotect02.jpg> Turn on Play Protect scan
<https://i.postimg.cc/fyRfSJqt/gpprotect03.jpg> Google Play App Updates
<https://i.postimg.cc/3xvCGM1B/gpprotect04.jpg> Turn on Play Protect?
<https://i.postimg.cc/1tQ9tPHG/gpprotect05.jpg> Manual GPProtect scan
<https://i.postimg.cc/ZKM4N6HK/gpprotect06.jpg> Change your defaults!

I always thought of Google Play Protect as an antivirus for Android.
Dunno if that's accurate though, but it's something I don't need if it is.

I did notice just now, that even without logging into anything, and without
having Google Play Protect scanning turned on, you can still manually scan.

Digging up cites... this is probably the starting point:
<https://developers.google.com/android/play-protect/>
"Every day, Google Play Protect automatically scans all of the apps
on Android phones"

This says it scans your phone once a day if it's turned on:
<https://developers.google.com/android/play-protect/client-protections>
"Google Play Protect's Verify Apps service scans devices once everyday."
"Google Play Protect scans Android devices for evidence of PHAs."
"If a PHA is found, a notification asks the user to remove it."

It also says the scans happen offline and online.
"Google Play Protect has offline scanning, which helps prevent
well-known PHAs from being installed offline.
When the device regains network connectivity, it undergoes a full scan."

This says there are two sub options once you turn it on:
<https://support.google.com/android/answer/2812853>
"Turn Google Play Protect on or off"
"Send unknown apps to Google"

It also sys the checks happen at install time if it's turned on.
"Google Play Protect checks apps when you install them."
"It also periodically scans your device."

Then there is "Google Play Protect Certification" device status.
<https://support.google.com/googleplay/answer/7165974>
"Only Play Protect certified devices are eligible to include
Google apps, like the Google Play Store app."

Check your Play Protect certification status
a. Open the Google Play Store app Google Play.
b. At the top right, tap the profile icon.
c. Tap Play Protect.
d. That is supposed to tell you if your device is Play Protect certified.
(Mine didn't say anything at all that used the word 'certified'.)

This says Google Play Protect has three components to it:
<https://www.howtogeek.com/355504/what-is-google-play-protect-and-how-does-it-keep-android-secure/>
"it's part malware scanner
part Find My Phone,
and part Safe Browsing."

Huh? None of the Google articles mentioned those last two things at all!
"Open the Play Store menu, and then select the 'My Apps & Games' setting.
The top option on the My Apps & Games page is the Play Protect status
summary. Tap it to find out more."

Of course, I don't have any of that since I don't have a login.
But I'm not sure it's any different from what I have without a login.
Just in a different menu.

Apparently here's the "find my phone" part of Google Play Protect:
"you can use Play Protect's Find My Phone to track your device.
Regardless of whether it's lost or stolen, you can track down
the phone's current (or last known) location.
And if it seems like you're not getting your phone back,
you can use Find My Phone to remotely lock and wipe your device."

And I guess this is the Google Play Protect 'safe browsing' feature:
"Play Protect also integrates seamlessly with Chrome to keep you
safe from malware on the web. If it detects malicious code on
a website, you'll be warned and directed back to safety.

I don't use Chrome (I use ungoogled chromium instead); so I suspect
I don't get this in my Google Play Protect package. :)

In summary, I have "most" of what Google Play Protect does since
most of it works without a login, but most of you probably have
a login so maybe you can tell me more about the latter two features.
--
Each of us uses a different phone and different setup so we can each help
the others understand better how the phone works under various condistions.

Andy Burnelli wrote:

> This says Google Play Protect has three components to it:
> <https://www.howtogeek.com/355504/what-is-google-play-protect-and-how-does-it-keep-android-secure/>
> "it's part malware scanner
> part Find My Phone,
> and part Safe Browsing."

Notice almost no article says what that article said, which is GPP is:
a. Anti-virus scan
b. Find my phone
c. Chrome safe browsing

As to the question of whether you _need_ an avscan on a phone, this article
says it's the only one to use.
*Google Play Protect: Why It's the Only Antivirus App Androids Need*
<https://www.rd.com/article/google-play-protect/>
"Before you download an app that's not on the Google Play store,
Google Play Protect runs a thorough safety check...
From there, Google Play Protect scans the apps on your phone
on a daily basis and can also be used on-demand"

Notice there's nothing about the other two reputed Google Play Protect
features, which makes me suspicious that they're actually part of GPP.
--
Working together with intelligent people, we can solve most problem sets.

On 3/6/2022 12:21 AM, Andy Burnelli wrote:

> Check your Play Protect certification status a. Open the Google Play
> Store app Google Play. b. At the top right, tap the profile icon. c.
> Tap Play Protect. d. That is supposed to tell you if your device is
> Play Protect certified. (Mine didn't say anything at all that used
> the word 'certified'.)

I have the Play Store sideloaded on my Amazon Fire Tablets. When I do
the above it takes me to a screen that says "No harmful apps found". The
screen also has a button that says "Scan". When pushed there's a
whirling icon and it says "Scanning in progress". After about 10 seconds
it stops and says "No harmful apps found".

Since I have Play Store apps, Amazon Appstore apps, and random
sideloaded apps installed on the tablet I wonder if all the apps or just
the Play Store installed apps get checked...

On 3/6/2022 9:53 AM, AJL wrote:
> On 3/6/2022 12:21 AM, Andy Burnelli wrote:
>
>> Check your Play Protect certification status a. Open the Google
>> Play Store app Google Play. b. At the top right, tap the profile
>> icon. c. Tap Play Protect. d. That is supposed to tell you if your
>> device is Play Protect certified. (Mine didn't say anything at all
>> that used the word 'certified'.)
>
> I have the Play Store sideloaded on my Amazon Fire Tablets. When I
> do the above it takes me to a screen that says "No harmful apps
> found". The screen also has a button that says "Scan". When pushed
> there's a whirling icon and it says "Scanning in progress". After
> about 10 seconds it stops and says "No harmful apps found".
>
> Since I have Play Store apps, Amazon Appstore apps, and random
> sideloaded apps installed on the tablet I wonder if all the apps or
> just the Play Store installed apps get checked...

When rereading this I see I misread your post. I was doing your steps
using the Play Store app, not the Google Play app. So I went to the Play
Store and tried to find the Google Play app. None of my devices could
find it, neither my Fire OS or my real Android tablets.

Then I thought maybe you actually meant the Play Store but I found
Google had the same steps:

Open the Google Play Store app Google Play.
At the top right, tap the profile icon.
Tap Play Protect.
Under "Play Protect certification," find out if your device is Play
Protect certified.

<https://support.google.com/android/answer/10248227?hl=en#zippy=%2Cdevice-is-certified>

So Google may be hiding the app from me? But usually it says something
like not available for this device. Bottom line now: I don't have a clue...

AJL wrote:

> I have the Play Store sideloaded on my Amazon Fire Tablets. When I do
> the above it takes me to a screen that says "No harmful apps found". The
> screen also has a button that says "Scan". When pushed there's a
> whirling icon and it says "Scanning in progress". After about 10 seconds
> it stops and says "No harmful apps found".

Thank you for being purposefully helpful, and kind hearted enough to test
and post your results, as most people on Usenet are here only for amusement.

Your setup is different than most (as is mine), so we will be able to see
things others won't see, where you load outside of Google Play, and where I
also load outside of the Google Play Store client, but also differently so.
1. You load via Amazon, sideload, and the Google Play Store client, right?
2. I never load apps via the Google Play Store client (no login account).
<https://i.postimg.cc/1tPHPWpK/gpprotect01.jpg>
3. But I load via the Internet what isn't on the GP repo (e.g., NewPipe),
<https://i.postimg.cc/sx1X6hXh/apk09.jpg>
4. And I load via AuroraDroid/F-Droid APKs that are also not on the GP repo,
<https://i.postimg.cc/8PkR63DL/aurora18.jpg>
5. Plus, I load via a FOSS Google Play Store client which uses the GP repo,
<https://i.postimg.cc/RF06HBB3/aurora05.jpg>
6. Also I load via over a thousand APKs from archival on an old sdcard.
<https://i.postimg.cc/8zBjX5kJ/aurora09.jpg>
7. In fact, all the APKs are automatically saved when they're installed!
<https://i.postimg.cc/02jbkHFr/apk04.jpg>
8. Actually, the APKs are just "not deleted" _after_ they're installed.
<https://i.postimg.cc/Z5kdD2rg/aurora04.jpg>

If there are any other methods to load APKs, let me know! :)
So your question below is a good one of _what_ GPP actually scans & updates.

> Since I have Play Store apps, Amazon Appstore apps, and random
> sideloaded apps installed on the tablet I wonder if all the apps or just
> the Play Store installed apps get checked...

Like all things Google on Android, GPP appears complicated to say the least.

For example, while I proved the Google Play Store updates without a login
<https://i.postimg.cc/j2g26zws/apk03.jpg>

I also proved Google Play Store client only updates _some_ of your apps.
<https://i.postimg.cc/28WG0Pqb/aurora11.jpg>

Whereas, it appears the FOSS Google Play Store client updates them all
(and it has a switch to even update apps that are currently disabled!)
<https://i.postimg.cc/PrvDyT8Y/aurora03.jpg>

So we _know_ (for sure!) that Google Play Store is selective, and, from my
analysis, partial to the original apps on the phone from the carrier.

The question you ask is whether Google Play Protect scans _all_ your
installed apps, no matter _where_ those apps came from, right?
<https://i.postimg.cc/bN875p8b/apk01.jpg>

With the perfectly honest disclaimer that I was almost completely ignorant
only mere hours ago about what Google Play Protect actually does, based on
the half dozen or so articles that I skimmed, I currently think the Google
Play Protect scan does scan _all_ installed apps on the device.
<https://i.postimg.cc/1tQ9tPHG/gpprotect05.jpg>
a. If you have the automatic Google Play Protect scan turned on
<https://i.postimg.cc/vBzvmWhw/gpprotect02.jpg> Turn on Play Protect scan
b. I think Google Play Protect scans when you first install _any_ app
<https://i.postimg.cc/3xvCGM1B/gpprotect04.jpg>
c. And, the articles say it scans each day, once a day, _all_ your apps.
d. Even if you're offline (they claim that scan isn't as comprehensive).

But I will openly and honestly admit that I'm confused what exactly are
_all_ the things that the Google Play Protect does, e.g., it is purported to
have something to do with "find my phone" (which requires location access).
<https://i.postimg.cc/xd97fJ9j/gpprotect07.jpg>

Given I can't test sans login as well as most of you who have a login can, I
recently opened up a new thread on some of those _other_ things the Google
Play Store client is reputed to do, in addition to Google Play Protect.
*Is your phone GPP certified & do you use the default GPP safe browsing*
*& GPP find my phone features?*
<https://groups.google.com/g/comp.mobile.android/c/sTbRoUd3KaQ>
--
Every Usenet post should strive to add value in the body (not the headers).

AJL wrote:

> When rereading this I see I misread your post. I was doing your steps
> using the Play Store app, not the Google Play app.

I apologize for the confusion.

Google confuses the hell out of me with their naming conventions, but I
think we're both talking about the Google Play Store app, which,
confusingly, does a _lot_ more than just download apps.

AFAIK, the Google Play Protect _feature_ of the Google Play Store app is
just _one_ of the things that the Google added to the Google Play Store app.

Other things Google added to the Google Play Store app is "location" finding
of your phone, for example, according to the articles that I read.

Another feature of the Google Play Store app is "certification", according
to the articles I skimmed yesterday.

Still another feature of the Google Play Store app is "updating" (only
some!) apps that are on your phone.

Yet another feature of the Google Play Store app is adding 'security
versions' as we found out recently in a different thread where almost all
Android phones are being updated over the Google Play Store app features.

Yet another feature of the Google Play Store app, based on what I read, is
it somehow ties to Chrome to prevent malware in your web downloads.

It seems that Google shoves anything they want into any app they can, where
in this case Google has shoved a bunch of unrelated features into what we
would see on our phones as "Google Play" (which is the Google Play Store
app, which has the unique name of <com.android.vending>) on the phone.
<https://i.postimg.cc/1tPHPWpK/gpprotect01.jpg> No Google Play account
<https://i.postimg.cc/vBzvmWhw/gpprotect02.jpg> Turn on Play Protect scan
<https://i.postimg.cc/fyRfSJqt/gpprotect03.jpg> Google Play App Updates
<https://i.postimg.cc/3xvCGM1B/gpprotect04.jpg> Turn on Play Protect?
<https://i.postimg.cc/1tQ9tPHG/gpprotect05.jpg> Manual GPProtect scan
<https://i.postimg.cc/ZKM4N6HK/gpprotect06.jpg> Change your defaults!
<https://i.postimg.cc/xd97fJ9j/gpprotect07.jpg> Find my phone location?

I apologize for the confusion.
--
Usenet is a team sport where each person adds unique value in their own way.

On 3/6/2022 11:52 AM, Andy Burnelli wrote:

> Still another feature of the Google Play Store app is "updating"
> (only some!) apps that are on your phone.

The stores on my Amazon Fire OS tablets had fights (perhaps a bit
exaggerated) over updating my apps. The Play Store would try to update
some Appstore installed apps and the Appstore would try to update some
Play Store installed apps. And both attacked (perhaps another
exaggeration) some sideloaded apps. So I turned auto-update off in both
stores and make an update decision on a case by case basis. Since the
Fire OS resembles an older version of Android I usually wait for an app
demanding, complaining, or having a problem before trying an update.

> Yet another feature of the Google Play Store app, based on what I
> read, is it somehow ties to Chrome to prevent malware in your web
> downloads.

I do keep my Google apps (Gmail, Chrome, etc) on the Fire
tablets up to date. But any real security on this system? Well so far
Google's not been complaining. Translation: Who knows...

AJL wrote:

>> Still another feature of the Google Play Store app is "updating"
>> (only some!) apps that are on your phone.
>
> The stores on my Amazon Fire OS tablets had fights (perhaps a bit
> exaggerated) over updating my apps. The Play Store would try to update
> some Appstore installed apps and the Appstore would try to update some
> Play Store installed apps. And both attacked (perhaps another
> exaggeration) some sideloaded apps. So I turned auto-update off in both
> stores and make an update decision on a case by case basis. Since the
> Fire OS resembles an older version of Android I usually wait for an app
> demanding, complaining, or having a problem before trying an update.

Like you, I update, manually, on a case-by-case basis, which is rare.

Hence I don't disagree with your approach where I can suggest another.
a. For one, I wouldn't update any app unless I needed that update
b. For another, I save all the APKs (by default) so I can backup if needed
c. But for a third, you can run 3rd-party update apps which work better

Notice what I said.
I tested _every_ free update mechanism for a thread a while ago.

1. The google play update _misses_ hundreds of installed apps!
<https://i.postimg.cc/j2g26zws/apk03.jpg>

2. The third-party update apps work far _better_ than does Google Play.
<https://i.postimg.cc/28WG0Pqb/aurora11.jpg>

Hence, I can say with confidence the Google Play Update process sucks!
Note that the Google Play Update also updates "google play services" though.
Note I don't know how the Amazon store app does its update though.

>> Yet another feature of the Google Play Store app, based on what I
>> read, is it somehow ties to Chrome to prevent malware in your web
>> downloads.
>
> I do keep my Google apps (Gmail, Chrome, etc) on the Fire
> tablets up to date.

I don't use GMail because it does two things last I tested it:
a. It _creates_ an account on your Android phone, and,
b. It _uploads_ your contacts (and you can't stop it from doing so!)

I don't use Chrome because, well, because it's Chrome.
What I use is ungoogled chromium, and a host of privacy-aware browsers.

IMHO, the _first_ step toward privacy is to not use Google apps.
But I am aware most people don't believe in that, and that's OK.

> But any real security on this system? Well so far
> Google's not been complaining. Translation: Who knows...

Well, let's not be like the iKooks who believe everything fed them.
There is no security on any consumer phone or computing device.
There just isn't.

It's kind of like locking your car doors and shutting the windows hoping
that will deter a thief; but it won't and it can't and it never could.

But you can put alarms on the car, and fancy ignition locks, and tracking
devices, and other measures which give you the privacy/security you can get.
--
Posted as always to add value to the discussion so that all may benefit.

On 3/6/2022 3:38 PM, Andy Burnelli wrote:

> I save all the APKs (by default) so I can backup if needed

Me too. I have my apks back to 2013. Haven't needed one in a very long
time though.

> The google play update _misses_ hundreds of installed apps!

As long as the installed app is non-sensitive and doing what I want I
really don't care all that much about updates.

> Note that the Google Play Update also updates "google play services"

Yup. I had to sideload 4 apks in the correct order on my Fire Tablets to
install the Play Store. The apks I used are years old that I found on
some long gone website but surprisingly still work. After I sign in
Google then automatically updates them to bring them current including
Google Play Services and I'm good to go. IMO quite impressive software.

> IMHO, the _first_ step toward privacy is to not use Google apps.

Too late for me. I was assimilated by Google many many years ago...

I was researching how to more easily change the GSF ID today for this:
*Have you tried to CHANGE your unique GSF ID on your device?*
<https://groups.google.com/g/comp.mobile.android/c/Ixl2uMSLADc>

When I ran into this "g.co/androiddeviceregistration" tool:
*Github: Automatically register GSF ID with google*
<https://github.com/Ahren-Li/GoogleDeviceRegistration>
"This APP will automatically register to Google with the GSF ID."
I noticed it appears to _require_ a Google Account login process.

I'm pretty sure there is no Google Account on my phone, so I'm not sure why
all these programs "assume" you're _creating_ the GSF ID using an account.

Certainly you can have a GSF ID without a Google Account as that's what I
clearly have; but that means most articles on this topic must be wrong.