I’m unable to install custom roms on my Samsung phone, and I currently can’t afford getting another phone. The model in question seems to support Android 13 after an update, at least from what I read. However for personal privacy reasons, I would not like to mention the specific model of the phone.
What can I do to improve privacy on Samsung phones with stock roms?
I would probably install rethinkdns, it has tracker filtering via dns and a firewall for apps. If you use a vpn maybe consider nextdns to have the vpn slot free.
1 Like
I’m probably missing something, but I can’t figure out how to find the hostname for rethinkdns nor nextdns. Looking at the DNS Resolver recommendations from Privacy Guides, I was able to find the hostname for Mullvad’s DNS resolver though. Would that work as well, or is it missing something that rethinkdns/nextdns can do?
Aside from DNS, is there any other settings I should change too?
rethinkdns dev here
A correction: Rethink, the DNS resolver, supports DNS over TLS (aka Private DNS; see), while Rethink, the Android app, since v055 (released on 14 Aug) supports connecting to any / multiple WireGuard VPNs and to Tor via Orbot (:
1 Like
I am not an Android expert but following the standard best practices should be enough especially since you can’t replace your OS or do anything more than ensuring good OPSEC.
The following is what I recommend:
- Follow as little information as you can to set it up. That means, don’t sign in to your online accounts and set it up as stock as possible.
- Delete all apps you can delete on your OS with whatever it comes with. You can always find other better alternatives even for your basic utility apps that comes as standard with your Android.
- Update your software - apps and the OS.
- Set up your preferred app store - I like F-Droid and Aurora Store (which can be downloaded from F-Droid).
- Download the apps privately without any PII from those app stores. I don’t know which apps you need so let me know and I can recomend some basic apps everyone should have if you are setting up your phone that is privacy and security forward.
- Change OS settings such that they are limited with how much info it can collect and transmit to Samsung and Google. Privacy Guides has some great info on Android and this forum for the best apps to download for your needs that are privacy respecting. Turn off any settings you can that isn’t needed for it to be toggled on for the OS to work. Read up and research.
- Ask follow up questions if you have any.
I’m sure there are many other things you can do but this is what I can think of at the moment. Perhaps others can answer with more advise.
1 Like
thank you so much for your answer. I really appreciate it.
If I may ask, do you have any thoughts on creating a burner google account (if Play Store is needed) without phone number? Maybe I should resort to smthn like smspool?
Also, I heard somehwere (maybe Graphene forums) that neither F-Droid but even less so Aurora should be used? I know it’s a complicated topic with strong opinions on different sides, but I’d love to hear yours.
<3
Making and keeping a Google account active with no PII are two different things. I don’t recommend this. It won’t work anyway.. trust me, I’ve tried things like this many times. Just stick with F Droid and Aurora Store. You also have Obtanium but that’s a lot of DIY work to ensuring it’s liked to the right place for the open source app you want to download and be managed through Obtanium. Again, not my first choice but is an option nonetheless.
Well, how else will you download the apps you want that are not available on F Droid? Not every dev is going to release an auto updating APK. Aurora is just a front end for Play Store as I understand it so I see no real harm in using it. It’s the best way to get anything from the Play Store without a Google account or any PII.
oh ok. so as i understand, you’re advising that I create a google account only b/c it’s necessary and just keep it active also because it’s necessary or else samsung won’t allowme to proceed?
but then actual app management you recommend these other 3rd party options?
replying to myself, I found this useful link explaining how to get rid of these safetycore BS apps. (they also recommend the ADB route which iirc PG discourages)
I’m not even recommending to create a Google account. Because if you do, you’ll have a difficult if not an impossible job maintaining it or keeping it active without any PII. The only thing you can do is buy and keep a jmp.chat number active which you can do privately if you can afford to or want to.
But again, it’s not necessary if you ask me. Keep things simple.
I hope that’s clearer.
But I thought Android doesn’t allow me to proceed withut a google account 
I think you can set up your phone without one. I’m not sure if that changed with Samsung devices. Why don’t you give it a try?
I had the opposite experience. It is shockingly easy. Maybe you have to change a few times from VPN servers. Use SMSPool or similar. ((I believe that it is easier creating from an Android device than desktop.))
I change all privacy settings in setup ASAP.
I believe that it is also important to setup a 2FA method (use passkey or TOTP)
The most important actions imo are to control and restrict app permissions, uninstall useless apps, DNS filtering (Android Private DNS or VPN), VPN anyway, and to change your smartphone’s settings.
Remove all tracking crap via shizuku and canta (i recommend removing only that apps that have flair “recommended” in canta to avoid issues).
And remove firmware update module and remove Google Play services and Google play itself. Because in next year Google will prevent you from downloading apps not verified by Google.