this post was submitted on 09 Oct 2023
28 points (91.2% liked)

Privacy

32159 readers
202 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

So I've got Android as I want. LineageOS, no Google, Magisk, MicroG but with AndroidAuto with OsmAnd+.

But the outside world of WhatsApp, Bank apps, etc is putting pressure to join. Plus not everything works properly with MicroG instead of the Google service provider. Makes me cross techno-politically, but I can't always hard life tech choices when it effects others.

So, what do others do? At the moment, I've thinking I need a non-free phone and a free-phone! Then what, I keep swapping SIM?? I can't see a workable VM solution to run a non-free Android in a freer Android.

The state of the phone market is pitiful.

top 44 comments
sorted by: hot top controversial new old
[–] [email protected] 8 points 1 year ago (1 children)

Install shelter and have a isolated work profile for my intrusive apps

But im still stubborn with not using whatsapp and my banking apps have passed safetybet luckily.

You could also look at setting up a matrix server whatsapp bridge... but maybe thats a selfhosting server thing and not android per se

[–] [email protected] 1 points 10 months ago

Update to this: I did try that on my LineageOS and it still wouldn't run. I'm getting a Pixel for GraphineOS. See how that goes.

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago) (1 children)

I think there is a common misconception that LineageOS is a good rom for privacy when in fact its really meant for keeping an old phone useful and does not provide much in the way of added privacy or security.

OP if you want privacy on your phone there are better roms, the trade off with privacy is convenience. Banking apps especially have issue with privacy oriented roms.

[–] [email protected] 3 points 1 year ago (1 children)

Oh my phone is old, but 6GB RAM is still ok. LineageOS gives me the latest Android on old hardware, while giving me an easy out of Google data mining.

[–] [email protected] 1 points 1 year ago (1 children)

It doesn't do a whole lot to prevent Googles' data gathering. Still connects to a quite a few services in the background

[–] [email protected] 2 points 1 year ago (1 children)

Even without any of the Google services installed? I don't think that's true. It doesn't have my Google login.

[–] [email protected] 2 points 1 year ago (2 children)

Like the other commenter said, its usefulness doesn't really exceed keeping an older device up-to-date.

This article is only available in german, so I guess that's the time to shine for the new translation feature in Firefox:

https://www.kuketz-blog.de/lineageos-weder-sicher-noch-datenschutzfreundlich-custom-roms-teil4/

[–] [email protected] 3 points 1 year ago (1 children)

And Lineage OS can be de-googled fairly easily to remove such telemetry.

[–] [email protected] 2 points 1 year ago

To someone who installed Lineage in the first place, further degoogling shouldn't be too hard, I agree.

[–] [email protected] 3 points 1 year ago (1 children)

GrapheneOS does look interesting. Though the Android Auto, that I use as the car satnav (with OSMAnd+), looks like it might be even more a pain to setup...

I can't get over what a techo-political dystopia is, without a lot of faff. We need some law here, forcing standardized open interfaces! (And copyright trolling DRM pushing dark forces will fight that, because of media playing)

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Shouldn't be a problem, GOS has sandboxes play services

Also, at the same time, there's an alternative app for google auto on fdroid

[–] [email protected] 1 points 1 year ago (1 children)

Wait what? What's that? I've not seen it!

[–] [email protected] 1 points 1 year ago (1 children)

I can't find the one from fdroid, they probably don't have keywords i'm looking for

But there's https://github.com/lamemakes/pilot-drive

[–] [email protected] 1 points 1 year ago

Oh I found the open source Android Auto stuff for GNU/Linux. Though not use any of the GNU/Linux phones make use of it. It looks better to setup, and develop on, but I very much doubt it would make life easier. Not unless you can seamless run Android apps in a box and them not know.

[–] [email protected] 6 points 1 year ago (1 children)

GraphineOS sandboxes google services. You can take it a step further and only install sandboxed google services on a work profile or user profile so you can have toggle-able google services, allowing bank access and whatnot.

[–] [email protected] 1 points 10 months ago

Update: Old phone on way out, Pixel coming for me to try this.

[–] [email protected] 4 points 1 year ago (1 children)

If I cant find the app I need on fdroid, i usually just use the web version.

[–] [email protected] 1 points 1 year ago (1 children)

Banks don't always have a mobile friendly web interface. When you turn on desktop mode (Firefox on Android of course) the site may load but not be very useable. (Though sometimes that is more useable than a bad mobile site)

[–] [email protected] 3 points 1 year ago (1 children)

Its usually good enough. Mobile check deppsit doesnt work. Other things are fine.

[–] [email protected] 1 points 10 months ago

Good enough with some. Unfortantly with this bank, they use the app to auth access at all. And the app doesn't like custom roms and I've not managed to fool it. Finally trying GraphineOS this week, when the Pixel arrives.

[–] [email protected] 3 points 1 year ago (2 children)

I got lucky that my MicroG phone works with my bank. But I had to call them to tell them about it, then they flipped some flag on their end and it has worked ever since. So idk, call your bank.

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago) (1 children)

Update: I'm going to try a Pixel and GraphineOS first. I'm expecting very little flexibility and understanding from a bank.

[–] [email protected] 1 points 10 months ago (1 children)
[–] [email protected] 1 points 10 months ago

I needed to upgrade phone anyway. This one is over five years old and the camera and CPU seam rubbish now. The RAM is still enough, but screen is cracked too now and screen replace videos just look not worth the effort.

[–] [email protected] -5 points 1 year ago (1 children)

I honestly will not put ANY banking app on my phone. There is a risk of getting mugged or murdered for it. I keep a crypto wallet there with abut $50.

[–] [email protected] 14 points 1 year ago (1 children)

I don't understand; how would a potential mugger or murderer know ahead of time that you don't have a banking app installed on your phone?

[–] [email protected] 1 points 1 year ago

They don't, but if they force me to unlock the phone, it won't do them any good either. Doesn't help if they point a gun at me at an Atm.

[–] [email protected] 3 points 1 year ago (1 children)

GrapheneOS is what you're looking for if you have a pixel device.

[–] [email protected] 1 points 10 months ago

Update: This is the path I set for now. Have to replace old phone now anyway.

[–] Sivilian 2 points 1 year ago (1 children)

I use beeper to have all my non free messaging apps on my phone then I don't have to worry about the spying as much. But that might not work for you.

[–] [email protected] 3 points 1 year ago (1 children)

OK, now that is very cool. It's like Pidgin for 2023 and phones. I may well give that a try! May solve the messaging bit.

[–] Sivilian 1 points 1 year ago (2 children)

If you need a code to get in let me know I still have some, I can't remember if they did away with their cue and just let people join now.

[–] [email protected] 1 points 1 year ago

They still have a queue, I just joined the waiting list.

Thanks for the discovery!

[–] [email protected] 1 points 1 year ago (1 children)

It looks like another closed app "build on open source". Not sure it's much more trust worthy than WhatsApp anyway. Need to read up. I wonder if I'm better of exploring open alteratives also set up my own Matrix bridges that Beeper is built on anyway. Though I've not heard good things about maintaining Matrix bridges.

I hope the EU get through the forced interoperability of chat apps......

[–] Sivilian 1 points 1 year ago

I only use beeper as a convenience tool for getting matrix bridges for All the chats I don't care about. I have signal and normal Matrix separate from Beeper.

[–] [email protected] 2 points 1 year ago (2 children)

Use different profiles. They seperate apps, data, settings, etc. I use these profiles:

  • personal (for photos, communication, etc.)
  • internet (lemmy, mastodon, vpn, torrent, new pipe, etc.)
  • google (play store, drive, maps, translate, etc.)
  • finance (bank, paypal, localmonero, crypto wallets, etc.)
  • school (teams, canva, web shortcuts, etc.)

I think in vanilla android you can have 3 user profiles and 1 guest. I use grapheneos which supports 15 users and 1 guest.

[–] [email protected] 3 points 1 year ago (1 children)

But you can't have a profile with MicroG, and another with google play services, because they are installed systemwide, and afaik can't be confined to a profile.

[–] [email protected] 1 points 1 year ago (1 children)

Oh right... In that case I would install just google play services and disable/uninstall it on profiles I dont need.

[–] [email protected] 1 points 1 year ago

But you can't disable google play services on certain profiles. It's there, system wide, has access to everything, and is accessible by all apps. Actually it does so heavy modifications to the system that once installed you can't really remove it, or at least the advice for removal is always a clean install of the system, there's no official way for removal or a way that is recommended by any popular ROM

[–] [email protected] 2 points 10 months ago

I'm on GrapheneOS now. I like the Sandboxing of Google. A compromise without feeling too compromised. The bank app runs too. Thanks for heads on GrapheneOS.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Here's what I do. I have GrapheneOS with 3 user profiles for compartmentalization. Mullvad VPN on and set to different locations in all profiles except owner profile. I straight up don't use the owner profile. I let it sit empty. I only use the two other profiles as they don't have as much access to the phone. One's my FOSS profile, which is my main profile. The other one's my big brother profile, which has Sandboxed Play Services. I think that's good enough for me, and I try to keep on top of permissions to limit what apps can access. You can always go further though, with more compartmentalization, no Play Services whatsoever, using no SIM/toggling airplane mode,FOSS dedication,.... but it all depends on your threat model. For me, I think what I'm doing is good enough.

[–] [email protected] 1 points 10 months ago

I'm on GrapheneOS now. I like the Sandboxing of Google. A compromise without feeling too compromised. The bank app runs too. Thanks for heads on GrapheneOS.

[–] possiblylinux127 1 points 1 year ago (1 children)

I use lineage os with Foss apps and no microG. I use ntfy for push notifications but the apps need to support it.

[–] [email protected] 1 points 1 year ago

I did for many years too. But I needed Android Auto for a new car. It kind of forced the issue and it wasn't easy and I'm not happy how custom my install is now.