Android offering privacy by profiling and sharing app ussage info?
Android offering privacy by profiling and sharing app ussage info?
I might have misunderstood this but is Android really trying to push this as tracking as a privacy upgrade, simply because it let's us choose which of our interests we want advertisers to have access to?
You're viewing a single thread.
Dont use Google Android
I mean, yeah. Use Android AOSP without Google.
AOSP is not a usable product and it is full of Google stuff. GrapheneOS and LineageOS (and derivates) make it usable.
GrapheneOS was the first at complete degoogling, others followed, but still have no secure solution for apps needing Google Play. MicroG is proprietary Google code, ran unsandboxed and still unreliable and less secure.
So GrapheneOS really is the only usable OS right now, it is FOSS (even in the BSD way that companies could make their proprietary fork) and other projects should base on it and weaken its security to make it run on existing other phones. This is still better than alternatives, but it is a hell of maintenance as all that security causes infinitely more bugs than just using AOSP (which is rock solid) and adding some apps lol.
Please donate to GrapheneOS, the project is not yet fully sustainable and they are doing incredible work.
Obviously by "google" were talking about proprietary blobs.
For example TOTP is great. There's no issue with the fact that it was developed by Google. Same with AOSP.
Any ROM doesn't have Google Play Services by default and therefore its google free in all the ways that matter
No some OS preinstall microG. Because only if the core is finished you can hash and sign it, if the user flashes some apps afterwards that doesnt work.
Btw ROM is read only memory, a tiny part of the firmware
MicroG is open source tho and only talks to Google if you explicitely activate it
No its not. They download Google Binaries which run as system apps and have privileged access.
They practice badness enumeration in some form, while their permission model (only activating what is needed) is a better approach but incomplete.
Any app that relies on Play has those libraries implemented, so they could show ads etc. on their own. But with microG they have a component with privileged system access, in contrast to sandboxed play where no component is privileged.
That's completely false, where did you get that info from?
GrapheneOS discuss. Their Github repo looks like they actually have the sources for everything.
lineage is not google free by any means, even without gapps. better use calyxos
Which is even less degoogles as it preinstalls microG which is official Google binaries, running as a system app with permission to critical system infos and basically all your stuff.
See my other comments.
Fuck banking institutions & their apps. We are seeing them eliminate online banking now & cash is slowly not being accepted by vendors & in-person experiences are worse—instead everything is siloed to only Android or iOS & disallow any sort of modifications to your device with all these attestation assertions. If a user wanted to ditch their phone, go Linux, use an unGoogled phone, or get a dumbphone, etc. they will be disconnected from the banking network—to which most users would view as an immediate nonstarter. Apple is just a different data-collecting advertising business.
The browser login of my bank needs a separate application that's windows only or an app. The Java(!) application Jameica saved my ass for the 6 years I'm on Linux now. It can manage multiple accounts. It offers statistics, saves all the transfers, deposits and balances ad infinitum on your disk, is searchable and has templates and schedules for transfers.
The protocol my bank uses is FinTS, I think. I'm logging in via a certificate file and a password.
I don't want to use an app, cause I trust my cutting edge Linux (Kernel 6.7.6) a lot more than my possibly malicious app riddled outdated android.
In many places its illegal to not accept cash. Report any businesses and if its legal in your area, donate to your local privacy lobbiest NGO and contact your representative.
In many places its illegal to not accept cash.
Where? I can't think of many places where that'd be true.
San Francisco. Law was passed like 10 years ago because not everyone can get a bank account and its discrimination
In what country does that exist? No onlinebanking and no cash sounds illegal.
¯\_(ツ)_/¯ I wish but switching to Apple would be just as bad and I would want to die being forced to use their fisher price software for the tech illiterate.
Soon though, in the next 5 years I think Linux phones (I know Android is Linux, you know what I mean) will be in a good state. So hopefully I can switch soonish
Google and SOC vendors are trying their best to stop developing of Linux phones. That's why available Linux phones use 10 year old chipsets.
Lets be frank, the main reason is that only like 1% of the market has an articulated preference towards free software and privacy. No money to be made equals no product in our cruel world. And of course FOSS, even if it is free to a user (as in you do not have to pay to use it. You do need to spend your time and resources to learn it though, and that is not free already), is by no means free to develop. The time spent on it by devs has to be compensated somehow, enthusiasm is unfortunately not the only fuel our bodies need. And then, for phones, the hardware required is not free as well. And then we need a manufacturer, who would be much more interested in making a billion Android phones than a million of a niche product.
Does Google actively try to stop development of the alternatives? Unlikely, because they don't have to. They do not make it easier of course, why would they. And they do buy out everything they can, because they can use it to improve their products.
I do not see a good way out of this loop for now. Do you?
https://postmarketos.org/faq/#why-postmarketos-over-ungoogled-android-or-halium Hardware vendors just use proprietary drivers so it's almost impossible to port linux to their devices. It is so crazy that you can't even update linux kernel in Android without vendor's help.
I am waiting for the same thing. The amount of shit you have to disable, block, or unistall on android is getting ridiculous. It's getting really old.
Most of the new "features" that either apple or google add anymore are absolute trash. I am constantly having to go through the settings and disable shit.
The stock android is so full of non-romovable crap that a launcher is required anymore.
It's the same for windows, win11 is only usable with a launcher like startallback.
Dont wait, just get a Pixel 6a-8 and install GrapheneOS.
(8 is expensive but will last 7+ years with extended GrapheneOS updates)
What do you use in place of GApps? F-droid?
Also, what's the flashing process like these days? Does it still wipe everything or is there a way to save all the personal stuff?
Just check grapheneos.org
They have only a minimal appstore preinstalled, which they use for their own apps. It is the best there is with full background updates etc. Every store could do this if they used modern libraries.
You have Vanadium preinstalled, from which you can install "F-Droid Basic" (the modern client), or Aurorastore, or accrescent, obtainium etc.
Their own solution is sandboxed google play, installed as regular user apps with way more restricted permissions and an opt-in method (only dedicated calls are allowed) in contrast to the extremely privileged microG or even "GAPPS" which can do everything (and in the place of microG having selected things removed, badness enumeration while still using proprietary Google code).
GrapheneOS is basically Android done right, play services etc. work, you can install all Google apps from the playstore, not as system apps, if you wanted to. (wallet and others are exceptions as they require a Google certified OS).
I dont think they're saying to use Apple. I read that as "Use Android without Google" ... Which is actually easier than using Android with Google if you install the OS yourself.
There's Always graphene or calyx...
Calyx is way worse than Graphene. Only use it if your device is not supported by GrapheneOS > DivestOS.
And afaik Calyx doesnt even support many phones lol. On GrapheneOS this is actually due to missing security, which Calyx doesnt even use.
agreed
Apple is terrible right to repair, and lineage has a bunch of weird bugs, so I'm kinda stuck with it
Which bugs have you found in LineageOS? There's quite a big community behind it, so maybe you can find some help. There are also other LineageOS-based ROMs worth checking: CalyxOS, DivestOS, iodéOS, /e/OS.
I've been using iodeOS for about a year soon! Very happy with it :)
GrapheneOS is the only good Option. Calyx and /e/ are both just LineageOS forks with incomplete or even insecure additions
Return to Nokia 3310 then I guess
DeGoogle your Android ROM/use a custom ROM. What exactly was so hard to understand in that comment that made you want to switch to a feature-phone?
I just want to buy a phone and use it without having to figure out all that
Not in this century, unfortunately. Even using a SIM card is going to let companies track you.
Just dont use a SIM card.
Two cans and a string should be a good solution then. It respects your privacy and the battery life is unbeatable.
Vulnerable to the tin can in the middle attack.
Honestly theres a half dozen e2ee apps these days with voice calling support, and WiFi is everywhere. Most people have no reason for a SIM card
Exactly, so "degoogling" your phone isn't a solution.
Neither is the Nokia a solution
no it was sarcasm
Thats how you do it with GrapheneOS. Buy a pixel, take like 30min to install the OS, install F-Droid Basic and sandboxed Play and get your apps.
Degoogling Android is not possible, and LineageOS and other more difficult to install Androids are less secure.
GrapheneOS has a graphical installer, you just need a Laptop (Windows, Linux, Mac), a Chromebook or another Android phone and a USB cable, thats it. You can literally install it from one phone (using some variant of Chromium like Chrome, Cromite, Brave etc.) By opening a website and clicking 4 buttons.
yeh maybe in a few years when I need a new phone
Probably wouldent work on modern cell networks.
is ios the only alternative?
Or other Android ROMS that help distance you from Google, like GrapheneOS or LineageOS.
GrapheneOS dev is a corporate Big Tech shill and a witch hunting crybully asshole who abuses "autism" label to deflect all criticism, and lies about being attacked by people. Last year he fabricated a story about being swatted, went around banning everyone asking for evidence, and accused a bunch of groups, YouTubers and redditors for being complicit in his murder, with no local Canadian media coverage for it.
You mean the one who stepped down like half a year ago? Also GOS is not the work of a single person, you know...
You mean the one who is the only person to have any commits on GrapheneOS GitHub project? You know that, right? Or are you one of the thousands of sheeps that blindly trust without verifying security or evidence?
You're right he's still committing, however it's easily verifiable he's not the only one. Still I'll give you that, since it seems Micay is quite active. I guess I am a "sheep that blindly trusts", since I don't have the skills to audit the code in this case. I will assume you are not such a sheep (otherwise why would you accuse someone else of being so?), so would you please enlighten me on the verifications you've done or the evidence you've found that makes you not trust the GOS project? On top of that. What do you trust for a mobile OS?
I do not want to insult you when I say "sheep", however this amount of blindness among almost everyone is staggering. It pisses me off when FOSS enthusiasts say they are vigilant, but fall for the same marketing crap that non-FOSS corporate software users do. Why are people eating up all this gospel Micay and his mods invented?
I do not need expert skills to see one person is making commits to this AOSP fork on GitHub. The commit graph/tool shows that openly. I am probably not even half as good as many people, I consider myself dumb.
What do I trust? Calyx if you want one of these pre-configured custom ROMs for Pixels only, and Lineage or /e/ if you want more device support. They atleast do not lie about features and weasel around and ban critics by labelling them as "concern trolls", "charlatans", "neonazis" and so on.
I would recommend you first read this. Please read the paper by Ken Thompson, co-creator of Unix and C, on why we should be able to trust the developer and NOT the code. https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
Know that they lie to the extent of going around in tech YouTuber comment sections and claim they have $1M Cellebrite Israeli toolkits to verify grapheneOS is safe against bootloader attacks like Evil Maid. https://i.imgur.com/woNxPhx.jpg
ios is not really privacy friendly. It's more the result of an amazing PR campaign. That plus the fact that Apple wasn't really in the ad game but now it is slowly changing. In reality you are giving your data to Apple. You will say, yeah but Apple is ok, of course they are because they have great marketing. Google doesn't and Google = privacy nightmare, which is also true.
IOS being private is such a horrible lie. Techlore is really annoying with those subtle ads, even though they also often cover GrapheneOS.
If Apple wants your shit, with any of their OS you are theirs. You are not private if you need to rely on the mercy of Big Brother to not steal your stuff
Its funny that I was forced to buy a google pixel just to avoid google. Wish more companies here allow people to unlock bootloader on the mobile they own.
Its not about an unlockable bootloader only, but full support for all hardware features
Oh I am aware but I was replying to him asking other alternatives to google android, not op. I wanted any mobile that let's me degoogle it on day 1 without voiding warranty and it ended up being a google mobile.
Yup Google is a very strange Company. Chromebooks are sometimes the easiest Coreboot Linux Laptops to buy.
No, just use Android without Google. Actually if you install Android yourself, it doesn't include Google by default.
No
