How to stay private when using Android (protonmail blog)

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: Harlot on December 23, 2019, 04:39:16 PM

unlike Google's Playstore where you can see reviews from other users

Google reviews are easily and frequently manipulated. There are people who sell this as a service using bots and multiple accounts, either hacked or created solely for this purpose. For not much money, certainly far less than a successful scam app might make, you can purchase multiple fake positive reviews, just like you can buy Facebook likes or comments, Twitter likes or comments, forum posts, bumping services, and so on. You shouldn't be trusting Google reviews to tell you what's safe to download.

Don't trust. Verify.

Harlot

hero member

Activity: 1806

Merit: 671

Quote from: o_e_l_e_o on December 23, 2019, 11:35:20 AM

Quote from: Harlot on December 23, 2019, 11:23:36 AM

Another thing to add is the carelessness of people when it comes to adding/allowing the installation of 3rd party apps from unknown sources.

Just because an app is from outside the play store doesn't automatically mean it is untrustworthy, and similarly, just because an app is from inside the play store doesn't make it safe.

Google are pretty bad at screening apps before they are published on the play store, and we frequently see apps with either malware hidden in them or apps designed to mimic another (such as a fake wallet app) showing up and being downloaded. There was a user on here a while ago who had their seed stolen because they installed a custom keyboard app from the play store, which recorded everything they typed and sent it back to the scammer who developed it. Similarly, if I'm installing Electrum (for example), and choose to download and install the APK myself from electrum.org, that doesn't automatically mean it's more likely to be malicious.

The better advice is to not install any app unless you absolutely must. Apps which give you sparkly keyboards, or fancy wall papers, or silly mobile games, are completely unncessary. One of the top apps on the Google play store right now is an app that takes a photo of your face and makes you look like an elf. Completely pointless, and every additional app you download and give permission to is an additional security risk.

I'm fully aware of that and even Google's own playstore is bad at screening apps being made available to their own app store. The recent news I know related to the app store is about the xHelper app a malicious program that pops up ads in your device which was previously available in the app store where if the user installs it would find it hard to be uninstalled fully. My point is downloading apk files in the internet where you also don't know the origin is also dangerous on being downloaded in your device, unlike Google's Playstore where you can see reviews from other users who have downloaded it you wouldn't have that convenience on downloading apk files from the internet which in anyone's case would be more riskier since you wouldn't see any kind of feedback for that file.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: Harlot on December 23, 2019, 11:23:36 AM

Another thing to add is the carelessness of people when it comes to adding/allowing the installation of 3rd party apps from unknown sources.

Just because an app is from outside the play store doesn't automatically mean it is untrustworthy, and similarly, just because an app is from inside the play store doesn't make it safe.

Google are pretty bad at screening apps before they are published on the play store, and we frequently see apps with either malware hidden in them or apps designed to mimic another (such as a fake wallet app) showing up and being downloaded. There was a user on here a while ago who had their seed stolen because they installed a custom keyboard app from the play store, which recorded everything they typed and sent it back to the scammer who developed it. Similarly, if I'm installing Electrum (for example), and choose to download and install the APK myself from electrum.org, that doesn't automatically mean it's more likely to be malicious.

The better advice is to not install any app unless you absolutely must. Apps which give you sparkly keyboards, or fancy wall papers, or silly mobile games, are completely unncessary. One of the top apps on the Google play store right now is an app that takes a photo of your face and makes you look like an elf. Completely pointless, and every additional app you download and give permission to is an additional security risk.

Harlot

hero member

Activity: 1806

Merit: 671

Another thing to add is the carelessness of people when it comes to adding/allowing the installation of 3rd party apps from unknown sources. This is one of the most easiest way how you introduce your phone to malware since you are the one allowing your device to install unsafe and unsecure apps found in the internet. Most people do this because they want to instally a paid app for free or install an app that is cracked or with a cheat they don't see the danger when it comes to doing this on their system.

libert19

hero member

Activity: 2464

Merit: 934

Quote from: bitmover on December 23, 2019, 07:58:25 AM

Quote from: o_e_l_e_o on December 23, 2019, 07:53:27 AM

Quote from: boyptc on December 23, 2019, 07:27:22 AM

To the tech experts, is it possible to uninstall the google version on our android phones and install it with the LineageOS as mentioned in the article?

Yes. You will find instructions for how to do so on their respective websites: https://wiki.lineageos.org/devices/ and https://grapheneos.org/install.

Be aware that doing so is not without risk. It is possible to brick your phone if you make mistakes while installing a custom OS.

Unfortunately my new phone is not supported (a30) in this list.
Maybe I will install in my old one just for testing purposes.

But let me ask. You said there was a risk and it may brick the phone. But can't you just factory reset the phone to fix it?

When your phone is hard bricked, it can't boot, doing factory reset is next thing.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: bitmover on December 23, 2019, 07:58:25 AM

But can't you just factory reset the phone to fix it?

Sure, in most cases it would be a "soft brick", which would be recoverable provided you are able to flash the stock OS back on to the phone. However, I wouldn't claim that there is no conceivable way that it could be hard bricked and unrecoverable. I'm sure there's someone out there who could mess up badly enough. Tongue

bitmover

legendary

Activity: 2212

Merit: 5622

Non-custodial BTC Wallet

Quote from: o_e_l_e_o on December 23, 2019, 07:53:27 AM

Quote from: boyptc on December 23, 2019, 07:27:22 AM

To the tech experts, is it possible to uninstall the google version on our android phones and install it with the LineageOS as mentioned in the article?

Yes. You will find instructions for how to do so on their respective websites: https://wiki.lineageos.org/devices/ and https://grapheneos.org/install.

Be aware that doing so is not without risk. It is possible to brick your phone if you make mistakes while installing a custom OS.

Unfortunately my new phone is not supported (a30) in this list.
Maybe I will install in my old one just for testing purposes.

But let me ask. You said there was a risk and it may brick the phone. But can't you just factory reset the phone to fix it?

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: boyptc on December 23, 2019, 07:27:22 AM

I've always thought that android was developed by Google.

It is, partly. It is developed by a consortium of developers know as the Open Handset Alliance, of which Google is the largest member. Once development of a new version is completed, it is published to the Android Open Source Project, which as the name suggests, is open source.

There are multiple projects which build upon the open source code, and end up with a more privacy or security focused product. Examples include GrapheneOS and LineageOS, which you mentioned.

Quote from: boyptc on December 23, 2019, 07:27:22 AM

To the tech experts, is it possible to uninstall the google version on our android phones and install it with the LineageOS as mentioned in the article?

Yes. You will find instructions for how to do so on their respective websites: https://wiki.lineageos.org/devices/ and https://grapheneos.org/install.

Be aware that doing so is not without risk. It is possible to brick your phone if you make mistakes while installing a custom OS.

boyptc

hero member

Activity: 2982

Merit: 678

★Bitvest.io★ Play Plinko or Invest!

Quote from: bitmover on December 20, 2019, 06:13:48 AM

Use a non Google version of android

I've always thought that android was developed by Google. To the tech experts, is it possible to uninstall the google version on our android phones and install it with the LineageOS as mentioned in the article?

Is anyone here have done this before?

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: ABCbits on December 23, 2019, 04:56:04 AM

Searx and Qwant also good alternative since DDF result is terrible for non-english keyword

Yeah, SearX is the way to go if you find other search engines' results to be inadequate, or are "addicted" to Google. You can edit your preferences and configure it so it will simply search Google on your behalf and return the results to you, but stripped of all tracking cookies and without sharing your IP, browser fingerprint, or other identifiable information.

ABCbits

legendary

Activity: 2856

Merit: 7410

Crypto Swap Exchange

Quote from: joniboini on December 23, 2019, 01:49:25 AM

Quote from: libert19 on December 23, 2019, 01:06:29 AM

'Don't use Google search' — I just can't find the fluidity that Google search has to other search engines.

Try Duckduckgo. I'm not sure what kind of fluidity you're seeking here but it's clear that thing is built from collecting hundreds of petabytes of users data.

Searx and Qwant also good alternative since DDF result is terrible for non-english keyword

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: ice18 on December 23, 2019, 01:37:00 AM

it has a built-in vpn

Opera's VPN, like most free or built in VPNs, is a terrible choice. Using it makes your privacy worse, not better. Using it redirects all your internet traffic via Opera's servers, and they monitor all your traffic and collect and sell your data to third parties.

If you aren't paying for a service, then you are not the customer, you are the product. Free VPNs are spying tools. A good VPN costs only a few dollars a month.

joniboini

legendary

Activity: 2170

Merit: 1789

Quote from: libert19 on December 23, 2019, 01:06:29 AM

'Don't use Google search' — I just can't find the fluidity that Google search has to other search engines.

Try Duckduckgo. I'm not sure what kind of fluidity you're seeking here but it's clear that thing is built from collecting hundreds of petabytes of users data.

Quote from: ice18 on December 23, 2019, 01:37:00 AM

Im not sure if Opera GX browser is already working on android but it has a built-in vpn for users privacy just enabled it and you're good to go.

IIRC Opera Mini already supports VPN (or at least a built-in proxy). Good enough as long as you don't use it for risky activities such as logging on your web wallet.

ice18

hero member

Activity: 2492

Merit: 542

Quote from: hd49728 on December 20, 2019, 12:19:01 PM

Can you give me more information on the way to use VPN for android devices, smartphones for example. I have not yet known how to stay private when browsing on mobile. There is no private browsers on mobile as far as I know (I might miscatch something).

Im not sure if Opera GX browser is already working on android but it has a built-in vpn for users privacy just enabled it and you're good to go.

libert19

hero member

Activity: 2464

Merit: 934

'Don't use Google search' — I just can't find the fluidity that Google search has, to other search engines.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: hd49728 on December 20, 2019, 12:19:01 PM

Can you give me more information on the way to use VPN for android devices, smartphones for example.

Most good VPN providers will have their own native app which you can install on Android. If not, then there are apps such as OpenVPN or WireGuard which will let you connect to any VPN service, and again, most good VPN providers will provide pre-made configuration files to use with these.

Firefox for mobile is just as powerful as their desktop version. You can still access the necessary privacy and security add-ons such as HTTPS Everywhere, uBlock Origin, and Privacy Badger, and you can also still access the about:config to apply necessary security/privacy tweaks.

Tor browser is obviously a good choice, but you can also use an app called Orbot, which will route all your internet traffic (from any browser or app) through the Tor network.

bitmover

legendary

Activity: 2212

Merit: 5622

Non-custodial BTC Wallet

Quote from: hd49728 on December 20, 2019, 12:19:01 PM

There is no private browsers on mobile as far as I know (I might miscatch something).

There are so many good privacy browsers for mobiles.
firefox for example has a mobile only privacy version called firefox focus.

You also have tor as mentioned above.

poochpocket

sr. member

Activity: 458

Merit: 265

Quote from: Lucius on December 20, 2019, 10:58:10 AM

For those who would like to avoid Android completely, there are some alternatives in the form of Linux smartphones.

Linux Smartphones are worth to be mentioned in the space of morden world privacy phones, the are a smart alternative too. But one cannot use android as suggested in the OP mostly, as most of the people use it as a daily driver and google provides one of the best data storing techniques and best user experiences in there daily driving apps.

Btw, even if you use custom roms, using Google apps is still important.

hd49728

legendary

Activity: 2044

Merit: 1018

Can you give me more information on the way to use VPN for android devices, smartphones for example. I have not yet known how to stay private when browsing on mobile. There is no private browsers on mobile as far as I know (I might miscatch something).

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: bitmover on December 20, 2019, 06:13:48 AM

~snip~

I would like to start by looking at the last point, Android without Google services. In this case, there are positive and negative sides to which we should pay attention. By using clean Android you give up all Google services, and that includes Gmail, YouTube, Earth&Maps, Google Play and many other things. The question then is what apps to use on your smartphone, where to get them from and how to be sure of their credibility? Google Play Store is not perfect, but still provides a somewhat solid level of security. Should I mention that you need custom ROM for free Android, and the knowledge to install it...

Using PIN, keep device up to date, and turn off all unnecessary spy features are smart tips. For those who would like to avoid Android completely, there are some alternatives in the form of Linux smartphones.

Topic: How to stay private when using Android (protonmail blog) (Read 268 times)