+
+
+ GrapheneOS will never include either Google Play services or another
+ implementation of Google services like microG. Those are not included in the
+ Android Open Source Project and are not required for baseline Android
+ compatibility. Apps designed to run on Android rather than only Android with
+ bundled Google apps and services already work on GrapheneOS, so a huge number of
+ both open and closed source apps are already available for it.
+
+ AOSP APIs not tied to Google but that are typically provided via Play services
+ will continue to be implemented using open source providers like the Seedvault
+ backup app. Text-to-speech, speech-to-text, geocoding, accessibility services,
+ etc. are examples of other open Android APIs where we need to develop/bundle an
+ implementation based on existing open source projects. GrapheneOS is not going to
+ be implementing these via a Google service compatibility layer because these APIs
+ are in no way inherently tied to Google services.
+
+ We're developing a minimal Play services compatibility layer as a regular app
+ without any special privileges. The app will provide a stub implementation of the
+ entire Play services API pretending the servers are down and the functionality is
+ unavailable. It will always be disabled by default since apps will detect Play
+ services is available and will try to use it rather than alternatives. As an
+ example, Signal would try to use a non-functional FCM implementation rather than
+ their own server push implementation. The intention is that users will only enable
+ this in profiles dedicated to running apps with an unnecessary hard dependency on
+ Play services. We'll likely prevent enabling it in the owner profile to help users
+ avoid those kinds of pitfalls.
+
+ Our Play services app won't have any special privileges or whitelisting in the
+ OS like Play services or microG. There will be no support for bypassing arbitrary
+ signature checks like the microG signature spoofing patch since it substantially
+ compromises the OS security model and breaks other security features like verified
+ boot. Instead, our app will be signed with a GrapheneOS Play services key and the
+ only OS support for the app will be presenting the GrapheneOS Play services key as
+ the Google Play services key.
+
+ Ideally, Google themselves would support installing the official Play services
+ as a regular Android app, rather than taking the monopolistic approach of forcing
+ it to be bundled into the OS in a deeply integrated way with special privileged
+ permissions and capabilities unavailable to other service providers competing with
+ them. Even though we would never include it in GrapheneOS, it would be great if
+ users did have the option to install Play services as a regular app in specific
+ profiles. It's unfortunate that the approach taken to it is so deeply integrated
+ and anti-competitive. GrapheneOS users can still choose to use Google services if
+ they choose, but largely only via a browser. A few of their apps like Google Maps
+ do work with reduced functionality without Play services but most won't.
+
+
diff --git a/static/index.html b/static/index.html
index 84a37924..78be424e 100644
--- a/static/index.html
+++ b/static/index.html
@@ -86,49 +86,9 @@
GrapheneOS will never include either Google Play services or another
- implementation of Google services like microG. Those are not included in the
- Android Open Source Project and are not required for baseline Android
- compatibility. Apps designed to run on Android rather than only Android with
- bundled Google apps and services already work on GrapheneOS, so a huge number of
- both open and closed source apps are already available for it.
-
- AOSP APIs not tied to Google but that are typically provided via Play services
- will continue to be implemented using open source providers like the Seedvault
- backup app. Text-to-speech, speech-to-text, geocoding, accessibility services,
- etc. are examples of other open Android APIs where we need to develop/bundle an
- implementation based on existing open source projects. GrapheneOS is not going to
- be implementing these via a Google service compatibility layer because these APIs
- are in no way inherently tied to Google services.
-
- We're developing a minimal Play services compatibility layer as a regular app
- without any special privileges. The app will provide a stub implementation of the
- entire Play services API pretending the servers are down and the functionality is
- unavailable. It will always be disabled by default since apps will detect Play
- services is available and will try to use it rather than alternatives. As an
- example, Signal would try to use a non-functional FCM implementation rather than
- their own server push implementation. The intention is that users will only enable
- this in profiles dedicated to running apps with an unnecessary hard dependency on
- Play services. We'll likely prevent enabling it in the owner profile to help users
- avoid those kinds of pitfalls.
-
- Our Play services app won't have any special privileges or whitelisting in the
- OS like Play services or microG. There will be no support for bypassing arbitrary
- signature checks like the microG signature spoofing patch since it substantially
- compromises the OS security model and breaks other security features like verified
- boot. Instead, our app will be signed with a GrapheneOS Play services key and the
- only OS support for the app will be presenting the GrapheneOS Play services key as
- the Google Play services key.
-
- Ideally, Google themselves would support installing the official Play services
- as a regular Android app, rather than taking the monopolistic approach of forcing
- it to be bundled into the OS in a deeply integrated way with special privileged
- permissions and capabilities unavailable to other service providers competing with
- them. Even though we would never include it in GrapheneOS, it would be great if
- users did have the option to install Play services as a regular app in specific
- profiles. It's unfortunate that the approach taken to it is so deeply integrated
- and anti-competitive. GrapheneOS users can still choose to use Google services if
- they choose, but largely only via a browser. A few of their apps like Google Maps
- do work with reduced functionality without Play services but most won't.
+ implementation of Google services like microG. See
+ the FAQ section for more details on our plans
+ for filling in the gaps from not shipping Play services and Google apps.