I’m on a rooted Samsung smartphone, running One UI 7.0 and Android 15. Not quite ready to switch to Graphene OS yet. Also, my threat model doesn’t require it. Yet. 🤣
In addition to having debloated with UAD-NG and using HaGeZi’s Ultimate DNS Blocklist in AdAway, I have also blocked:
android.clients.google.com
deviceintegritytokens-pa.googleapis.com
es11.samsungsm-ds.com
mtalk.google.com
pinning-02.secb2b.com
play-lh.googleusercontent.com
playstoregatewayadapter-pa.googleapis.com
prod-lt-playstoregatewayadapter-pa.googleapis.com
shop.line-scdn.net
I haven’t noticed any unexpected behaviors yet. I also tried blocking:
i.ytimg.com
play.googleapis.com
digitalassetlinks.googleapis.com
android.googleapis.com
But the first one is needed to load thumbnails on NewPipe and the latter three are needed to login to the Play Store whenever you want to update whatever you have installed through the Play Store - two apps in my case. I have logged out of my Google account and blocked the Play Store with a firewall and only unblock it once a month or so to update Play services and such.
Just wanted to share what can be blocked with a hosts file on a Samsung smartphone. 😊
remove play store and all google related stuff except the essentials with UAD-NG, and use aurora store instead.
install afwall and only enable network access for necessary apps.
Already tried that but as it says on UAD-NG removing Google Play services may cause bootloops, which happened to me. Also, when I tried Aurora Store a few years back, I wasn’t able to authenticate a paid app that I use.
i see.
btw, there’s an app called Blocker on f-droid you can use to disable/enable apps (using root or shizuku). maybe use it to have google play disabled and only enable it when you need to update your app :)
Great idea! I’m basically already doing that, but with App Manager. It is able uninstall, disable or freeze apps. It can deny dangerous app operations and disable dangerous permissions. Also, it can block internal trackers. :)