Recently looking into the multiple android alternative offerings like CalyxOS, e/OS/, etc and came across these few issues which point towards privacy/security concerns.
-
microG Push notifications still go through Google’s servers just like with Play Services
-
microG uses proprietary Google Binaries for some of its components such as DroidGuard
-
Choosing a network location like Mozilla to use with microG provides little to no privacy benefit over Google because you are still submitting the same data and trusting them to not profile you.
Are they true and how can I circumvent them?
I can’t comment on 1 and 2. But concerning 3: The benefit is your data doesn’t end up on Google’s servers but on Mozilla’s. They have a different privacy policy and might or might not store that information. I haven’t checked. Use “Local GSM Location” and the “Local NLP Backend” to download cell tower locations to do it entirely on device and not send data anywhere.
Turns out Mozilla no longer offer a Location service.