Hello, I’ve become quite privacy-conscious these days and have a few questions:
is an Android smartphone using LineageOS “private” enough? I am aware of all the security problems that having an unlocked bootloader entails, and that GrapheneOS is the golden standard for security alongside all the on-board hardware enterprise security features of a Google Pixel, however I am not on-board with giving hundreds of dollars to Google of all companies for a relatively poor product
I do not believe I have any reason to care about security - I am not currently hiding from any organisation, or any”one”, all I care about is minimization of data collection by companies and governmental institutions, I have seen that LineageOS still pings Google servers for things like eUCC or DNS, is it possible to modify this through a terminal to fully “degoogleify” the system? I would like it so the only time I have anything to do with Google is when I personally & manually use a Google service
is it possible to “containerise” a digital identity? meaning to sparingly use social media platforms from companies like Meta on a separate Gmail account separate from my own personal Proton Mail, perhaps on another browser? where I can somehow “detach” the identities, is this a reasonable thing to do?
Okay. I face palmed reading your post, but for good reason.
Since you’re brand new here and also to privacy and cybersecurity I imagine given the tag used, let me try and explain. There is much to say here and I can’t say it all but I am also hoping others will chime in and add to my comment or whatever they think.
First of all, it is not a poor product. From even a repairability and hardware POV, it is a decent smartphone worth using.
Second, I assure you Google is not winning here just because you buy its product. They make most of their money from monetizing your info to advertisers. Not hardware even if they may have a profit margin on the product.
Third, GOS is the one you should be using. If you are not on board, then I’m afraid your next best option is iPhone. And that’s a whole other can of worms. Choose wisely.
Fourth, there is much information on similar questions you’re having on this forum/platform. Please research and read up. It takes time but will be worth to better understand different POVs and learn what’s what and why.
Fifth, and do not hold definitive views on anything. In the privacy and privacy tech space, things change so one must always choose what’s objectively better and not make decisions because you may not always like the underlying company behind the tool. Holding big picture ethical stances against something for personal reasons even when said something is providing a better product for your privacy and security is a more rational way to go about it even though you may not always like it.
Everyone has reasons to maintain and keep up with good OPSEC. If you believe otherwise, you are not thinking about this holistically or even correctly to an extent. Security is what keeps your data safe. Privacy is not everything. Google does not provide privacy but they do provide fantastic security with their services and tools. So you always have to account for options that give you the best of both. And sometimes you don’t get both from a single place so you have to use multiple tools symbiotically.
I consider this a contradictory statement. Once you begin reading and learning more, you’ll see that sometimes there is little difference between the two things you’re trying to have a distinction for here.
Yes. Several ways to go about this.
On mobile if using GOS, you can use separate profiles to install and use the apps or even web apps to compartmentalize whatever you need to per your use case. If using iOS, then different browsers is likely best way to go about it. You can’t have multiple instances of the same app running here and that’s why GOS is preferred for such things.
On desktop, using different browsers, browser profiles, user accounts, etc. are all ways you can achieve the same. I suggest using different browser profiles or Mullvad browser for such social media needs.
Also, depending on if you have are using these other accounts under a different pseudonyms, the quality of detachment may vary. I don’t know too much about what your use case is here and how you are thinking about doing it so I can’t say more with specificity.
–
Hope I was helpful. But I implore you to read up more on what to use and what not to divorcing your preconceived notions of what you’d rather want to do and choose with what your needs dictate instead.
I say it is a poor product because of their well-established history of having by far the worst quality control of any major smartphone manufacturer
and the lack of SD cards
and the lack of headphone jacks
and the complete joke the Tensor SoC has been in mostly everything that doesn’t concern enterprise-grade features
profit margins on flagship smartphones are gigantic, though, up to 700$ on every unit sold for some manufacturers
I’m of the opinion that any device which runs code that cannot be audited cannot logically be considered ‘secure’ or ‘private’ regardless of what monitoring shows, I hold this opinion against any sort of proprietary device, eitherway I am not going to be considering iPhones for the same reasons I do not consider a Pixel
I’m aware, still not convinced why I ought to care about this, anyways, I use smartphones more like PDAs anyways, very little if any personal data is present at most times and I can disable any account from the comfort of my own home in the unlikely event of something like a robbery
LineageOS was not created to de-Google, but to extend the life of older phones. If you do not have a high level of threats, you use an android without the Graphene, there is no reason for Googlephobia. It is enough to change the settings on your phone to more confidential ones and use your Google account only for app updates.
I’m aware and I had never claimed otherwise, I was assuming that through the privileges LineageOS affords you in messing with your own system that its much easier to de-Google vs. vanilla ROMs
This is still far too much dependence on Google for my liking, I doubt I will ever be using the Google Play Store to begin with.
Well, you do you but I am confident enough in my response to you. I hope you do read up. I don’t think you’re thinking about it as you should and are trying to carve out a loop hole of sorts to keep sticking with what you may want to and why.
Welp, i will kinda copy paste what i previously write: Even if you aren’t being targeted by the CIA. You are risking being targeted by a 14-year-old script kiddie with ChatGPT.
Hackers is not sitting in dark rooms specifically typing your name, they use automated scripts and bots. They cast a wide net looking for any device with a weakness.
It is reasonable but i don’t know if that still possible tho.
Last year i tried to register Facebook using their android app, new gmail, no vpn then my account immediately get locked and Facebook asking for my video selfie. XD
I assume it will be harder to register on browser. Not to mention also IP tracking.
buying a product used is still backing a company in indirect non-financial ways, and this still doesn’t fix the issue of poor hardware….
If this was as effective as I’m assuming you’re claiming it to be we’d have hundreds of millions of hacked phones by now but I struggle to see how a phone that is up-to-date on CVE patches from upstream and using a modern browser with long randomised passwords stored on encrypted files + 2FA would be successfully targeted by anyone whatsoever, physical theft is another story though
This has happened to me too! several times, Meta is effectively not allowing anyone new to register on Facebook anymore as far as I can see, any account you make gets flagged as a ‘bot’ the moment you do anything remotely sensitive to their safety algorithm
Possibly the worst advice ever. OP, you want ‘googlephobia’. You want immense levels of googlephobia. Avoid it as much as you can and only use it when absolutely necessary
GrapheneOS is security focused not privacy focused. And this has been complained about many times before by many people. They have said before that they do not care about the security aspect and only care about privacy. Clearly GrapheneOS is not the ideal solution for this user based on what they have said.
They have explained what they are looking for and what they care about. You don’t know who they are or what their situation is. I as well think it’s dumb to not care about security but they specifically said they didn’t and were asking for advice disregarding the security aspects. Instead you insult their question and say they are not thinking correctly. None of your post comes off as useful or constructive criticism you instead have decided to write your post in an extremely condensing and pompous manner. You people ask why normal people don’t care about privacy and security? This is one of the reasons, they ask for advice and get responses like “wow I just lost brain cells reading your post. Here are all the reasons you are stupid”
This is not a GrapheneOS specific feature it is an android feature in general.
is difficult to answer. Many, if not most, here would say no, while some argue it depends on your threat model’s severity.
If you are drawn to GrapheneOS, but want to avoid giving money to Google, I concur that a used or refurbished Pixel may be a good way to go. Though just as a head’s up, opinions are split on used devices, as you’ll see with a search or two around the forum.
If that doesn’t seem viable, do look into why GrapheneOS is the official Privacy Guides recommendation, while the iPhone is the closest runner-up. Another user was kind enough to just recently provide an overview of many related threads discussing why other mobile OS’ aren’t typically recommended (which is not just due to security, but privacy concerns as well):
Your second question might be answered by the concept of “Compartmentalization”. Beyond the forum threads, PG has a nice video about it, if you haven’t seen it yet:
Oh, and to answer your second question more directly, yes, it makes good sense to compartmentalize for privacy purposes.
In regards to emails, a common advice for services where your email is associated with an account is to use a unique email alias per service (i.e. don’t reuse the same alias across services). For best privacy, use an alias from a shared domain rather than a custom one.
PG has advice about email aliases specifically, such as on the recommendation page:
This is also the opinion I hold, I’m quite invested in FOSS activism at this point, I’m not very keen on beginning to tolerate FAANG for some sort of convenience or comfort that I don’t particularly need in my life, I want it so that Google servers should only be pinged when I use a Google service
You’re being too harsh on JG, he was trying to help me, I understand that these are matters of great importance to many and spirited discussions will arise sooner or later, I would also like to thank you for taking the time out to reply to my thread
Hello!
I am mostly concerned with data collection & privacy through services and “pinging” by corporations and perhaps service providers, I was under the impression that the - albeit very insecure - rooted and unlocked nature of LineageOS would allow me to tinker with system settings to great ordeals that would let me “bake out” any remnants of Google & other proprietary software or dependency on my system, as I will likely be exclusively using my smartphone for calls, and then music & books, perhaps an open-source media player and a torrenting client to get the media, I have no use for the entire Google suite, and I have no plans to be using any social media, if I have to, I’ll likely use Signal
To get a clean used flagship phone where I’m from (third world) is to buy from a refurbisher, and to boost Google’s sales in a refurbisher is for them to import more of said phone, which as far as I can tell is still creating demand for Google hardware, not including the reality of being a walking advertisement for any product you choose to carry out on a daily basis, Google is a company that has repeatedly aggravated me with their gymnastics in unethical conduct which alongside their continuous insistence of not putting SD card slots, not having front facing speakers and headphone jacks in their $700+ smartphones makes their Pixels a no-go for me purely on the grounds of their phones being poor performers for my multimedia usecase
for context, I’m currently looking at the Sony Xperia and Leica Leitz Phone series of smartphones
