android attack

[wognath]

I finally bent to the winds of change, got an android cell phone and ported my landline number to it. One factor was that it has gotten too awkward to do 2FA without receiving text messages.

I am reasonably careful about security and privacy, and at least in Linux I have some idea what I'm doing. In android, I feel like all that is out the window. Everything is an intricate and inscrutable app that thinks for you, options are buried in menus within menus, some significant things can't be changed or it's beyond my ability to do so, and there seems to be telemetry everywhere. I laugh at how important it seemed to switch off Firefox data collection!

After days of struggle, I have managed to remove some bloat, de-google as much as I could, load a few new apps. (Termux is an island of sanity!) Part of the reason I resisted getting a smart phone was that I saw how people get sucked in. I understand why: the device is amazing. My frustration with android could be a good thing if it keeps me in a healthy relationship with the phone. After all, it is going to be primarily a house phone with answering machine and text message capability. And gps, camera, whatsapp portal, book reader. Period. That's the plan, anyway

No questions, just venting However, any advice, particulary regarding security and privacy, will be gratefully received!

[dancytron]

Download f-droid (or f-droid classic) and get the Fossify apps. They are light, simple apps for a lot of things that don't phone home.

https://www.fossify.org/apps/

https://github.com/FossifyOrg

[darksun]

best case scenario: if you (will) have a google pixel install the OS https://grapheneos.org/.

if your phone supports it install https://lineageos.org/.

Keep apps installed to a minimum, only essential ones.

If you can do no install google play services (on grapheneOS) or https://microg.org/ on lineageos (when asked to).

If possible use only open source app stores such as f-droid, accrescent, grapheneos app store, aurora store if you need google play store apps.

https://github.com/FossifyOrg provides nice open source apps for basic tools, its calendar is my go to.

There are infinite recommendations to be given and infinite sources of information online in this topic, but starting from which OS and apps you install is the starting point.

The best is for you to get informed about the topic.

[N97]

Firefox... in about config search for telemetry... FALSE almost all options( EXCEPT extensions), and set url to 127.0.0.1 a rather intuitive read
Then search for send and repeat.

my condolences re: android, google, Windows, microsoft, etc.

[dancytron]

I suggest that you don't root your 1st android phone and put a custom rom on it, unless you want to spend more time messing wtih your phone than using it.

Disable and uninstall as much crap as you can and install some less obnoxious alternate apps.

You might change the "launcher" to get rid of some of the branding and make it more configurable etc.

I use Nova launcher https://play.google.com/store/apps/deta ... r&hl=en_US

Then just use it for a while.

[darksun]

I suggest that you don't root your 1st android phone and put a custom rom on it, unless you want to spend more time messing wtih your phone than using it.

1st: installing a custom ROM does NOT require rooting the phone

2nd: nowadays installing custom ROMs are fool proof (especially grapheneOS): the process is easy, quick, very well explained, with minimum risks to brick the phone. Here an example video https://www.youtube.com/watch?v=ik0AiO0WtuU

[bigpup]

Google is tracking all you do with your cell phone.

Here is a test to prove it:

[wognath]

Thanks everyone for the information. The fossify apps are a good place for me to start. Maybe I'll work my way up to graphene OS

[geo_c]

Firefox... in about config search for telemetry... FALSE almost all options( EXCEPT extensions), and set url to 127.0.0.1 a rather intuitive read
Then search for send and repeat.

my condolences re: android, google, Windows, microsoft, etc.

A bit off topic, but I checked my about config in LibreWolf, and there are several telemetry settings enabled. Are you saying it's basically okay to disable them without causing the browser to break?

Only a couple enabled network.send parameters showing.

[williwaw]

One factor was that it has gotten too awkward to do 2FA without receiving text messages.

can anyone comment about plusses or minuses of some 2FA apps if an android is rooted or has a custom rom ?

[Clarity]

@wognath

Many of us, members, have had no problems in use of Android phones for many many years. Your new phone should give trouble-free services for years without issue.

The ONLY issue I have seen over the years is how storage is managed. For me, it is the delimiter.

There are devices that can be purchased such that your cell number can ring your home phones wired in your home.

I have used one for over a decade.

Enjoy the freedom that when someone dials your current number, you phone in your pocket will ring no matter where you are in your region.

Enjoy

[N97]

2FA is IMHO a hoax when using a smartphone to do BOTH factors. One needs a linux computer (Puppy w/firewall and fiberoptic: wifi=OFF), and a dumb(flip) phone. Two devices for 2FA.