How to make decisions for which Apps to use?

Privacy Questions
, , ,
1

Good morning,

This has really been mentally crushing for me for a long time.

My problem:
I need to choose which Apps I can 100% trust with my personal user data.

My general fear is that an App will send telemetry back to a malicious hacker/user on the Internet.

I think this fear was created in me when I came across a story of how an Android App that was available for download as an .APK on a pirated website contained an especially awful piece of malware. Basically, this pirated App was able to upload 24/7 private user data including the phone’s video camera footage, SMS messages, call logs, browsing habits and extremely private user data like passwords etc. With upload speeds being so fast on most phones these days the user didn’t even notice how much data was being uploaded to the Internet.

Obviously, this is an extreme example and I’d NEVER install a pirated Android App .APK and I’m sure nobody in this community would do this, but it really gave me a hightened sense of how easy it would be for an App I’ve installed on my Windows 10 PC to send back text of what I’m doing with the .PDF files that I’ve got opened in my PDF Reader. For example, a PDF Reader App sending back lines of text about what PDF file a user is reading and what notes and highlights they’re making seems so much easier and less detectable than uploading video from a camera on a smartphone.

My problem is that I keep looking for an app that’s 100% safe and will not transmit my personal user data. Since I’m unable to find an App that’s 100% safe I end up making no progress and I don’t make a decision.

Sorry for the long post… it’s just that this issue has really been crippling me… :sob: :sob: :sob: :sob: :sob:

Thank you for reading my question.

2

The simple truth is: there are no “100% safe” apps.
You can maybe get pretty close but any complex app, even when open source, can be found unsafe years later when someone discovers a nasty exploit or even a very well hidden backdoor.

Best to be realistic and to determine a threat model who/what you really want to defend against and to not give in to paranoia.

The PG guide (and others) will help you with that. :wink:

3 Likes
3

I appreciate your reply!

I suppose one strategy I could employ would be to just buy a hardware device that’s completely 100% offline and doesn’t connect to the Internet at all?

Does anyone know how I’d go about setting this kind of PC up?

4

With this kind of setup even MS would be ok to use. Just a bit heads up, the .docx has metadata embedded in them

I think you can also see the account names and machine it was also saved on. So do be aware that even with a 100% offline setup, some things like metadata can leak, apart from things obfuscated by its proprietary nature.

Unfortunately app usage needs vigilance and is more of a marathon than a race. What is 100% secure today may not be secure after a few updates. Keep an eye out in the news feeds. One of the fastest is, unfortunately Twitter but there is also Mastodon.

There is bliss in ignorance but I doubt any if us will go back. And in case one goes back to the smothering arms of MS/Google/Adobe/Facebook, it wont be the same and you’d still be wary.

1 Like