How to use ProtonMail in my Android phone without letting Google know about my Proton account?
I have been slowly degoogling my life by reducing my use of Google apps and switching to FOSS alternatives. I recently created a Proton account and tried to keep it completely isolated from my default Google account so as to not let it know what my Proton mail identity is. I have finished my transition in my desktop to the best of my ability and am planning to start the same with my mobile. The only thing I have done in my Android phone related to Proton is having downloaded ProtonVPN and signed into my account within the app. However I fear by downloading ProtonMail and signing into it, my Android phone would identify the email account, which could make this entire transition useless. Is there a way to avoid this situation or has the damage already been done. What does Google know about my Proton account, if at all?
If you're that worried you should really switch to a degoogled Android like GrapheneOS. But fwiw I doubt google would know your Protonmail address just from logging in through the protonmail app
Doesn't change anything. On GrapheneOS, you still need to install play services to get push services working on ProtonMail. Another privacy friendly email provider, Tutanota, they wrote their own push notification stuff to get it to work on degoogled phones specifically.
Wow I never ever even consider tutonota over proton, but this is the kind of stupid and simple thing that make so much difference in my book. I don't want to install Proton in my Google Profile.
Do they wanna prevent spam? Use SimpleLogin/addy and never give out their actual email. Google knowing it is probably not mean more spam, but you could still filter out emails to the base email address.
Wanna prevent hacking attempts? Enable 2FA, and again, Google knowing probably doesn’t increase the attack surface area too much.
There are a bunch of reasons why you’d want to hide an email account, but the remediations are all very different depending on that reason. At the end of the scale you’d probably never wanna use the app at all, and just login via browser (not chrome), but even then is Google key logging Android? Who knows.
So you’re right, it’s not important why they want to do it, it’s crucial if they actually want to be helped properly.
I dont think you can. As long as you use Android with GMS, Google will always know. Best is to get yourself a Pixel, immediately flash GrapheneOS, and use it.
Basically pointless to hide from Google on OEM android, but tutanota, Molly, and im sure other apps, will at least not send message contents as a notification.
What Android, LineageOS? Where are you logged in, a Browser or Apps?
Apps are shit, Androids sandboxing security model is hillarious as all preinstalled bloat has all permissions.
Even on LineageOS Google knows
your IP from Connectivity check
your IP from captive portal check
your location and device data from SUPL / A-GPS
but if you are logges into any accounts in apps, no chance.
Simply use your google accounts through a seperate browser and never in "Apps". Best would be to use 'shelter' from F-Droid, create a work profile, install a VPN in either the work profile or your regular one, set it to always on -block other connections in your network settings.
IIRC this is worse on Qualcomm devices, where I believe the GPS almanac data is requested over plain HTTP, by the SoC itself outside of the OS's control
Your third point is more difficult. Unless things have changed recently, there isn't really any way to mitigate your third point. This area is not well understood
Manufacturer's version of Android. I've logged in the apps with multiple Google accounts.
While I could consider using my browser instead of apps for all google related services, I don't think outright removing the accounts from my phone since Google has mandated use of mobile verification (the one where they ask to choose the correct option from the three given number) and I don't want to provide them a phone number for SMS verification. I fear I would be locked out of my Google accounts if I don't have them signed in in my phone directly.
I tried checking Shelter, however it says it is best optimized for Pixel phones and grapheneOS (which I have neither of) and you already said sandboxing in Android sucks, thus it may not be beneficial to go through all that effort to setting up the separate profiles if it isn't even going to work well.
No shelter is not optimized anywhere. It runs on Android thats it. GrapheneOS is secure but they dont care about it at all, they think "oh I can use a USB stick to transfer files between profiles" is the definition of usable.
Get any LineageOS phone and you are way better off. No you wont use your Google account, maybe they force you to use a Chromium based browser, but logging into that crap is the beginning of the end.
Of course Google now knows all your device IDs so anonymous you will never get anymore.
Aurorastore with an own Google account works currently. Its always a fight of course. But I use GrapheneOS without these services and its fine.
Then it's literally impossible because you can't compleatly degoogle your phone without custom rom. Else they know which apps you have installed and for how long you use them and even have access to notifications.