Clean Slate

Kbyrnsie · July 26, 2023, 3:10pm

You get a brand new android out of the box. What’s your prep/ ideal set up before you start using for a fresh start privacy wise?

anon62252234 · July 26, 2023, 3:51pm

Install GrapheneOS
Install the apps I use, namely, for privacy:
- Aegis for 2FA
- Aurora Store
- Matrix
- F-Droid
- Fennec
- K-9 Mail
- KPassNotes
- Organic Maps
- The Proton suite
- Signal-FOSS

jsaku · September 30, 2023, 2:28am

GrapheneOS without sandboxed Google services:

-Aurora store for Brave, Signal
-Obtainium for all other apps (known FOSS apps only)
-PWAs whenever possible

-RethinkDNS for more granular firewall/local content filtering (only using uBlock’s default filter lists to mitigate that fingerprinting vector)

-Brave for general browsing
-Mulch for a specific use case with a set of accounts
-Vanadium for personal accounts (isolated in Rethink so that only explicitly approved domains can connect)

I don’t think I need a VPN here because I compartmentalize across my devices and the benefit would be marginal.

anon62252234 · September 30, 2023, 9:13am

Why do you install Brave and Signal from Aurora, but all other FOSS apps from Obtanium? You could also install both Brave and Signal from Obtanium (by using Brave’s GitHub releases and Signal’s APK.

AlphaElwedritsch · September 30, 2023, 10:55am

Any of the well known security/privacy oriented custom ROMs.
Not only gos…
All are better then stock

sha123 · September 30, 2023, 12:14pm

That’s debatable

jsaku · September 30, 2023, 2:26pm

I was looking into getting both as apks, but there’s a few other apps like Musicolet that I can only get from the play store and I thought I might as well get them there too.

As long as you’re verifying signatures, using apks should be as secure as Google Play I guess, but there might be other considerations I haven’t thought of. Should I be getting everything with Obtainium?

KDEBacon · October 3, 2023, 4:57am

not on the privacy aspect

AlphaElwedritsch · October 3, 2023, 8:02am

What should speak against Aurora?
Aurora gets directly from Google Playstore, so security is (usually) guaranteed that no malware is injected with the apk.
And if Aurora is used with an anonymous login, Google doesn’t know anything about you. You are one of the flock.
I also always had the problem of getting the right versions with Obtainium, especially with Brave.
But not only with Brave, other apps have also repeatedly caused problems with Obtainium.
The effort was too high for me compared to the benefit.
I then discarded Obtainium again.

My 2 cents.
Many others will certainly see it differently and pillory me for it.
For me, a balance between benefit and effort is important. I take the pragmatic approach

dumpster · October 3, 2023, 6:21pm

Aurora has these problems:

No unattended updates. Obtainium recently added the feature. There’s no plan for Aurora to support it, and it’s unlikely they ever will.
Service disruptions. While Aurora’s anonymous login system has worked reliably recently, back in June there was major downtime after Google had made changes.
Questionable future: Aurora Store relies on Google’s infrastructure and violates Google’s TOS. If Google wanted to, they could completely kill Aurora.

I say this as someone who appreciates Aurora, but wishes I didn’t need it. I prefer F-Droid, then Obtainium, and only use Aurora as a last resort.

AlphaElwedritsch · October 3, 2023, 8:34pm

As long as it works, and it is, theres no need to think about alternatives.
Most can live without unattented updates
Service disruptions are temporarrily
And the future has not come yet.
For me still the best, secure, and easiest way to get play apps

jsaku · October 5, 2023, 6:03pm

Aurora won’t anonymize you if you’re not using a vpn. Even if everyone is on the same account, Google can track logins from different IPs since it connects to their servers directly.

Your app list is probably unique, I’m pretty sure a list of all the packages installed goes to Google for update checks.

Blacklisting all system apps/apps from other sources would help with that I guess. I’m not sure how many people do that so you might not blend in either with that approach.

Voilable · October 5, 2023, 6:24pm

As secure as google play store? Absolutely not, play store could be changing the downloaded app to let’s say a virus.

jsaku · October 5, 2023, 6:38pm

I think that’s as good as it gets. Any other site including Github(Microsoft) could be compromised too. Who would you trust then?

Voilable · October 5, 2023, 6:38pm

I would trust their pgp key.

jsaku · October 5, 2023, 6:42pm

Yeah that’s if it’s an option. Play store apps should be signed with the developer’s apk signature which would mitigate that too. Maybe you could install from an apk initially and then update with Aurora. The signature pinning should take care of that issue.

Reset0609 · November 2, 2023, 5:38pm

Not only that, anonymous login doesnt work for apps that are locked to specific countries

KDEBacon · November 3, 2023, 8:07am

It does, use the Anonymous (insecure) login

Reset0609 · November 3, 2023, 1:50pm

Does that option still exist in the latest version of the app? Seems that it has been renoved…

KDEBacon · November 3, 2023, 2:03pm

If you can’t find it, go to Settings>Networking and enable insecure anonymous session

Topic		Replies	Views
Is this Privacy Setup Sufficient? Questions	27	1518	November 7, 2023
What is Your Private Phone setup? Privacy website	112	20895	April 12, 2024
Stock Android Guide Questions software	6	1875	October 24, 2022
What are the threats of using stock Android OS? Questions	5	746	November 2, 2023
Help with some privacy concerns in regards to phone, apps, software, currency and email Questions	6	1020	April 25, 2023

Clean Slate

Related Topics