I installed SwiftKey X and it is a amazing, it's ability to predict text is mind blowing. but around 30mins later. I removed it due to privacy concerns. Should I of been concerned about privacy?
Edit: Can a developer have a look at the codes and see what it's been sent back from the advice to the server
Probably not... I also have Swiftkey X. The Swiftkey company is trustworthy but hey, better safe than sorry.
AndriodLover said:
I installed SwiftKey X and it is a amazing, it's ability to predict text is mind blowing. but around 30mins later. I removed it due to privacy concerns. Should I of been concerned about privacy?
Click to expand...
Click to collapse
could you tell us some more about it? what kind of privacy you're talking about? is swift key sending out your details? texts? accounts?
cez10 said:
could you tell us some more about it? what kind of privacy you're talking about? is swift key sending out your details? texts? accounts?
Click to expand...
Click to collapse
First for best performances it needs access to your facebook, Twitter, gmail accounts. Second, why does a keyboard needs a services running in background at all times ? that can be sending data back to the server.
Third, Have a look at the privacy details http://www.swiftkey.net/privacy.
AndriodLover said:
First for best performances it needs access to your facebook, Twitter, gmail accounts. Second, why does a keyboard needs a server running in background at all times ? that can be sending data back to the server.
Third, Have a look at the privacy details http://www.swiftkey.net/privacy.
Click to expand...
Click to collapse
Oef... where's the limit. It's like typing in Bentham's Panopticon.
appelflap said:
Oef... where's the limit. It's like typing in Bentham's Panopticon.
Click to expand...
Click to collapse
??
AndriodLover said:
First for best performances it needs access to your facebook, Twitter, gmail accounts. Second, why does a keyboard needs a services running in background at all times ? that can be sending data back to the server.
Third, Have a look at the privacy details http://www.swiftkey.net/privacy.
Click to expand...
Click to collapse
"In relation to our Apps such as SwiftKey, learned language data generated and stored on your computing devices, such as mobile phones and tablets, is never accessed by, or transmitted to us unless you wish to use additional features or services which would require the use of such data. Where we offer any additional services or facilities that do require use of data which might include personal information, such as server-based personalized services, then we will always seek your consent to the use of such data before providing such services or facilities."
Hey - just to weigh in quickly here. I'm the CMO of TouchType, the company that makes SwiftKey. We take user privacy very serious and don't ever process any of the data stored on your phone, as explained in our privacy policy.
When you choose to use our personalization services, this data is handled securely and without access to any of your password data. We only use your data to provide you with better predictions, though a language module that is generated and pushed to your phone.
There is really nothing to worry about here.
Thanks guys,
Joe
Thanks for posting, that's good to know. Might I say that I've been using the keyboard for a few days and it's definitely getting better.
Sent from my Nexus One using XDA Premium App
haha privacy concerns? whaaaat
Privacy ?? Mistrust...
hmm it does ask for a lot info
JoeBeats said:
Hey - just to weigh in quickly here. I'm the CMO of TouchType, the company that makes SwiftKey. We take user privacy very serious and don't ever process any of the data stored on your phone, as explained in our privacy policy.
When you choose to use our personalization services, this data is handled securely and without access to any of your password data. We only use your data to provide you with better predictions, though a language module that is generated and pushed to your phone.
Click to expand...
Click to collapse
Thanks for answering here.
Just to clarify, when the "Learn from SMS" option is used, does SwiftKey upload or submit SMS text data stored on the phone to your servers or is everything processed on locally the phone?
anti-pop said:
Thanks for answering here.
Just to clarify, when the "Learn from SMS" option is used, does SwiftKey upload or submit SMS text data stored on the phone to your servers or is everything processed on locally the phone?
Click to expand...
Click to collapse
I wonder the same thing. Does anybody know the answer?
Personally, I would use a firewall such as avast to block out any apps I don't want reaching out to the Internet. Especially for all my keyboard apps.
And yes, you could use a packet sniffer to monitor swift or any other app you are unsure about.
a4ol said:
Personally, I would use a firewall such as avast to block out any apps I don't want reaching out to the Internet. Especially for all my keyboard apps.
Click to expand...
Click to collapse
Totally agree on this point. Use DroidWall, PDroid or LBE and feel safe? :> Using PDroid and LBE you could even configure SwiftKeyX to not be able to read any parts of private informations from your phone that you don't acknowledge.
Hope this helps The Keyboard as it rocks, i tested the trial-version myself. Too bad they don't have a free lite edition or something like that. As long as you need to pay for it i'm not jumping on that train, sorry ;/
I don't agree at all with the "CMO" of SwiftKey. The app is a huge privacy concern.
I just did a logcat and was more than shocked: The app completely misuses users trust by tracking him permanently. The logcat not even comes to equilibirum, permanently are requests made to http://api.geo.kontagent.net. To get feel how "serious" the company is about privacy, take a look here: http://www.kontagent.com/privacy-policy. Just as an example: "Kontagent employees, may, on occasion look at customer data for test purposes". Collected data includes social application data, custom data, cookies, location (!). Personally I "just" saw that serial number, phone type, ID etc. is transmitted. Plain text - no SSL - of course. I block my data anyways using XPrivacy and Droidwall and needless to say, I disabled all the clous services but this app immideately leaves my device. A keyboard is the most sensitive and important app on the device. It records everything, every single keystroke and sending out anything here is an absolute no-go. Breach of trust. I paid for the app, felt good about it and now I feel shocked how this company spies it customers.
My recommendation for everyone who takes security or privacy a little bit serious: Get rid of the software. Uninstall it immideately!
It's sad because the software is good but spying without opt-out on paying customers is unacceptable!
Related
found an app called Location Cache Map in market and it seems from what it says that it prevents maps and other apps from setting location data on phone and clears map cache while still allowing full use of GPS functions. i tried it and it worked, though it takes an extra couple seconds to lock on.
seems to work. you can see your stored location data with it even if you dont want to block location cache. interested in hearing from others on if this seems to really be working.
Any aftermarket Rom do this.
Sent from my LG-P999 using XDA Premium App
sure if ya delete maps or something. mine always still saved location data on my phone. this lets you use the functions without phone saving cache data. ive never seen this function on any rom ive used. but if so id like to know how and save some time.
Has anyone else tried this?
Google has always kept this type of information---even before android. It's in their terms and conditions. Honestly, anyone who doesn't want to give Google access to this information, shouldn't use their phone.
aczarney said:
Google has always kept this type of information---even before android. It's in their terms and conditions. Honestly, anyone who doesn't want to give Google access to this information, shouldn't use their phone.
Click to expand...
Click to collapse
You should, at minimum, have the choice to turn it off and delete the data that is stored on your phone readily.
Let's get real, corporations have too much freedom when it comes to using us as pawns. It should be an option to opt out period. I use google stuff cause I like the way it works, they don't need my location for that.
Sent from my HTC Vision using XDA App
Google's been collecting information rather openly for years. I just don't get why people are surprised they are collecting it with their phones too. It was never really a secret. There's no option to turn it off simply because that's the terms and conditions for use of the phone--that Google is entitled to access to your location as well as other information regarding how you use your phone. It honestly is like they're watching your every move. If you don't want access given to Google for this information, don't use the phone. That's literally your only option, and legally, Google is completely backed up on that. Now apple, that's a different story. But Google has been doing these things ever since Google as a company was created, its actually part of what has allowed them to grow. To know how their services are used and how their users function more or less.
I could really care less. Ask yourself. What is Google going to do with your information besides direct ads based on you interest. As long as Google execs aren't going to come track me down, I could really care less what data they collect. If your worried about people collecting your data then don't ever buy anything off the internet or for that matter, don't ever use a credit card to make purchases.
read this. its a rant but its how it REALLY is.
Grammer and spelling errors warning!!!
its doesnt matter what they are going to do with it. i have a right to privacy. the more you look into your specfic settings for your google and gmail account, the more you'll see that a lot of what they ask for they don't tell you. they allow you to turn it off.... if you even know how to where to find it, or if you even know they are collecting it.
they keep much more than just location and basic data for ads. im not going to get into all of it because theres too much. go look for yourself.
basically these days to have a phone thats fun (smartphone) you are forced to choose iOS or Android. Both are bull**** when it comes to privacy. THATS WHY THEY ARE DEFENDING THERE ASSES IN COURT!!! Just the fact that it has gotten to the point of major national news shows that it isn't just nothing. $500 million lawsuits aren't to be taken lightly.
And it's not just my privacy. Many MANY apps and services including googles require access to many things that the app has absolutely no reason to have. theres a dev in the market called FREE WING go download his persmissions apps named after specific permissions example: READ_PHONE_STATE, it shows you some of what that permission pulls from your phone such as your name, device ID, phone number, contacts, and more. SMS permission had not just the ability to "tell if i get a text" but has, and records, everything that was said, who sent it, and their numbers. or go get an app called "Denied permissions" it will show you how many each app has and break them down and explain a little of how they work. then use it to look at Google Docs app permissions. it shouldn't have the ability to change,delete, modify my account passwords, and that's just one of its BS permissions.
any facebook app that uses facebook to as an alternative log in gives that app by DEFAULT the ability to read my contacts, status, my FRIENDS status and apps they are using, where they also go, their photos, mine, and more (go to the apps privacy settings on facebook to find this stuff). my friends apps one THEIR phone have access to MY personal information, just because we are associated in facebook. NOT COOL! Facebook just told its game devs a couple days ago that they had like a week or something to change their games to prevent 3rd party apps that are associated with their games from accessing or keeping their patrons information while they play their games.
basically it comes down to my information can be accessed by places i didn't give the OK to or even have heard of. google shares information with apps. try reading the privacy polices for apps sometime (go read AppPack's - Highlight app and T-mobile Mall's app privacy policies). its like the fine print that no one ever reads in contracts or car advertisements. its there but no one takes the time.
google used to be a damn search engine. now they own android, google, Google Chrome OS (just came out), admob, and more. im ok with ads. and them having info i know i asked them to hold on to. I can't imagine what dirt someone could find on someone running for president in 10 years. dirty pics from when someone texted them when they were 25, 18, 16. or their online diary they kept for some reason. things they said on a forum, damn i couldn't imagine my old myspace stuff. some of that could get me in to trouble. i was a party animal at the time. ya see where i'm going? wouldn't have posted that stuff 10 years ago if i had known what i know now.
theres enough info of ours unintentionally online and accessible. go google yourself. they don't need my location to boot
don't believe any of this then take some time to read what you are saying ok to. some privacy policies are like when in those cartoons (devil and daniel mouse) the devil asks you to sign a contract in your own blood, but you forgot their was stuff written on the back page.
But you don't have a right to privacy.....you agreed to the terms and conditions of Google's use when you began using your phone. You signed those rights to privacy away when you signed that Google account into your phone (which, in fact is where the agreement to the terms and conditions lie). You installed Google docs and said "yeah, its okay if this app has access to these things." You update your Google apps every release of a new version. Apple is having issues with this yes, but that's because it was never previously a part of their terms, and they were doing it without customers knowledge. Google is not having issues, will not have issues, and presented all that information to you upfront when you signed up for your Google account, well within your buyer's remorse. Likewise, they do have an option to opt out of "Location services" during most device's initial setup procedures. I bet if anyone sued Google, they wouldn't even prepare a case. They'd refer the judge to the terms of your Google account or those permissions you were okay with.
Bottom line, Yes you have your right to privacy. But you can't give away those rights away to Google or Facebook or whoever then complain about it. Those terms and conditions aren't just there for show, they create them for these specific reasons. It'd be like If I gave you my social security number, checking account number, and address and then was shocked when my identity was stolen and went to file a police report. Working for T-Mobile, I hear these types of arguments on a daily basis, but let me just say it hasn't once changed a thing. Once you agree to them, you can't change your mind until the terms are changed and presented to you again.
I've said it before and I'll say it again. If you like privacy, DO NOT USE A SMARTPHONE. You see, I use a smartphone because I could give two ****s less what Google has access to in my phone. There are only 9 numbers I don't want anyone having access to and lets be honest. I highly doubt Google is stealing our SS #'s.
A link to google and it's work it does for the NSA and CIA. They are more than a company pushing Internet mobile ads. Do not do anything with your phone that you do not want recorded and handed over to the government.
http://www.pcworld.com/article/188581/the_googlensa_alliance_questions_and_answers.html
Remember what google and others did to to people yearning for freedom in China.
http://www.nytimes.com/2006/02/15/technology/15cnd-internet.html
So i am just wondering, there are so much different apps for android on the market, and most of them has a lot of access to phone's functions. Now for example i am always logged in to Gmail, and theoretically can a random app scan and copy my gmail's data and send it trough internet? Really curious..
Kblavkalash said:
Now for example i am always logged in to Gmail, and theoretically can a random app scan and copy my gmail's data and send it trough internet? Really curious..
Click to expand...
Click to collapse
This question is not really an issue of Android security this is a question about general security. Can an app look at your gmail app directly and copy data and send it out...not exactly no, an app can't forcibly connect itself to another app to scan data.
However...
That question is actually not relevant because such a task is unnecessary for malicious apps. Lets say you install a malicious app that wants to copy your gmail data. What it will do is not watch the app itself but it will watch the network packets being sent to and from the app, logging and tracking those.
This is not the only way to get the data though because any data saved on your sdcard is accessible from an app if you give it permission to do so.
The MOST important thing to look at when installing an app is the permissions the app is requesting when it installs. This can be confusing as well because some apps will request full internet access because they need it but this can also be used by a malicious app to steal your data.
The important thing to do is research. The more you learn about the app the better off you are.
-------
Just to clarify, this applies to all apps of any kind on any platform including but not limited to Android, iPhones, Blackberry, Windows Phone, WebOS, Windows PC, Mac OSX, Linux or etc. - ALWAYS learn as much as you can and are comfortable with before installing anything...if you are not comfortable with a particular app or learning more about it then don't install it. That is not to say it may be malicous, it is just to say it could be a bad idea for other reasons. (for example, if it is a developer tool or a configuration tool that you don't understand or haven't researched enough to understand...then you could potentially damage your device with something that is a legitimate tool)
Kblavkalash said:
So i am just wondering, there are so much different apps for android on the market, and most of them has a lot of access to phone's functions. Now for example i am always logged in to Gmail, and theoretically can a random app scan and copy my gmail's data and send it trough internet? Really curious..
Click to expand...
Click to collapse
edit
MichaelTunnell said:
This question is not really an issue of Android security this is a question about general security. Can an app look at your gmail app directly and copy data and send it out...not exactly no, an app can't forcibly connect itself to another app to scan data.
However...
That question is actually not relevant because such a task is unnecessary for malicious apps. Lets say you install a malicious app that wants to copy your gmail data. What it will do is not watch the app itself but it will watch the network packets being sent to and from the app, logging and tracking those.
This is not the only way to get the data though because any data saved on your sdcard is accessible from an app if you give it permission to do so.
The MOST important thing to look at when installing an app is the permissions the app is requesting when it installs. This can be confusing as well because some apps will request full internet access because they need it but this can also be used by a malicious app to steal your data.
The important thing to do is research. The more you learn about the app the better off you are.
-------
Just to clarify, this applies to all apps of any kind on any platform including but not limited to Android, iPhones, Blackberry, Windows Phone, WebOS, Windows PC, Mac OSX, Linux or etc. - ALWAYS learn as much as you can and are comfortable with before installing anything...if you are not comfortable with a particular app or learning more about it then don't install it. That is not to say it may be malicous, it is just to say it could be a bad idea for other reasons. (for example, if it is a developer tool or a configuration tool that you don't understand or haven't researched enough to understand...then you could potentially damage your device with something that is a legitimate tool)
Click to expand...
Click to collapse
Good answer, you are right!, but you say do a research before installing, but it's not really possible unless you are a programmer and checking whole code The best rated apps still have many different permission requirement and i have no idea what they are doing.
For example app can request a new password change for example on paypal and steal packets which come to my gmail about new password.^^
Security Apps
Hi,
in my eyes the best way is to use programs like PDroid. You cann adjist the rights of every App regarding send SMS for example.
LBE Privacy Guard may be also an Option. (runs not on my Device - SGS+)
(i use Pdroid 2.0)
you should also read the comments in the store, and the needed rights from the app before install. The best Apps to trust are open source apps.
Kblavkalash said:
Good answer, you are right!, but you say do a research before installing, but it's not really possible unless you are a programmer and checking whole code The best rated apps still have many different permission requirement and i have no idea what they are doing.
For example app can request a new password change for example on paypal and steal packets which come to my gmail about new password.^^
Click to expand...
Click to collapse
Research generally involves a Google search...
Editor's Choice in the market are safe bets, you know, the blue icon.
But then there are the millions of other apps, and frankly, I tend to toe the app name plus xda for instance, Google will show you xda threads about the app, if the posts are normal, you can be sure it's not malicious.
Stuff like that...
Also, fake market comments are really easy to spot and are a dead giveaway
Sent from my GT-I9000 using xda premium
Hello, I am about to order a Google Pixel phone, but can someone tell me whether it is possible to get it without Google Assistant in the stock ROM or there are some custom ROM's without Google Assistant?
I don't like such products due to privacy violating issues but this phone is awesome.
polartux said:
Hello, I am about to order a Google Pixel phone, but can someone tell me whether it is possible to get it without Google Assistant in the stock ROM or there are some custom ROM's without Google Assistant?
I don't like such products due to privacy violating issues but this phone is awesome.
Click to expand...
Click to collapse
Don't order it. All your questions have answer of no. Maybe roms in future will exist without assistant. Not yet.
Sent from my sailfish using XDA Labs
It's like a corvette is awesome but can I get it with a 4 cylinder... Don't buy the corvette buy the Honda
Thanks guys!
Turn it off and don't use it. Most services Google provides on Android has an "off" switch.
Yea I don't use any of that stuff either. Not for privacy reasons just think there's no useful features
Some features I use, some I don't. As far as privacy goes just using a smartphone, email, surfing the web, etc. gets enough "user data" out there it doesn't matter all that much anyway. Unless one is doing something "questionable" it doesn't really mean much. Big business and big brother collect more about us than we realize. Phish away.......
A Google Pixel w/o the Assistant would be false advertising. Anyways, you can disable the assistant through editing the build.prop file.
FernBch said:
Some features I use, some I don't. As far as privacy goes just using a smartphone, email, surfing the web, etc. gets enough "user data" out there it doesn't matter all that much anyway. Unless one is doing something "questionable" it doesn't really mean much. Big business and big brother collect more about us than we realize. Phish away.......
Click to expand...
Click to collapse
It's not that really hard to prevent stealing of our data, it's not inevitable, I think we just need to choose carefully what we use.
Privacy not just goes when you use a smartphone that simply isn't designed to leak your data (we don't really need to use GAPPS), or by using an email service hosted on your own secured server with GPG encryption.
Surfing the web without being signed in to google account and using Tor is also a way to surf the web anonymously.
Big brother can't watch you if you don't use his services. It's similar to a deal with the devil
Just saying, nothing is impossible.
In general I just openly declare my mistrust of government, corporatocracy and their avarice on every media channel.
And I turn off my phone sometimes.
If anyone listens in I'm more likely to be censored than snooped! Hah.
I however DO have a secure point to point encrypted private messenger.
Use of phone is definitely complex to say least.
Sent from my sailfish using XDA Labs
I think in today's age of information, there is entirely too much of it. The government would need a reason to watch you or search your information before any of it is of any use to them. Now, if you become a murder suspect, they might question why you Googled body disposal and why you purchased supplies for such. If they're looking for someone to bust doing something illegal they only need to browse social media to find pictures of people doing illegal drugs, wearing gang colors, and God knows what else. Unless you have something to hide, you should be ok... Again, in my opinion.
Sent from my Pixel using Tapatalk
Don't recall if I deliberately turned off the assistant. What I've done is:
Long-press Home screen > Select Settings > Disable Show Google App
Navigate to Settings > Select Apps > Disable Google app
Pretty sure I didn't take any further steps. I no longer have Google Assistant accessible and Google App on home screen is no longer visible.
Hey !!
Do Andriod phones need antivirus or internet security as a must? If so provide me some links..
Thankxxxx in advance
The Answer Has been moved to a thread dedicated to security question and other advices to modify safely our Android Devices
Here is the post
Raiz said:
It absolutely doesn't, please don't download them, those are mostly commercial sh*t apps full of ads that plays with the fears of users.
Android Security advice :
• Just don't install apps that you don't trust (apk files and weird looking Google play apps)
• Never share your passwords with somebody not trusted, use a different one for each of you accounts.
Find more here :
https://forum.xda-developers.com/general/security
General security and privacy:
• a VPN isn't a magic app that allows you to go completely invisible, even I can find who you are simply by using your latest Instagram post, the government doesn't have money to spend spying on you anyway
• Public WiFi internet browsing is like taking a bath naked around other people, everybody can see what you're doing and can interact with your browsing by sending you pop up messages on your browser. In that case the VPN is useful. But please don't use anything other than your WiFi network to pay online.
• Change password at least once a year
• For God sake be careful on what you share on social medias !
• If someone blackmails you, just ignore him even if he show you he has your real password/footage of you doing nasty things, most of the time they haven't and tries to scare you. But take action on your account, just don't answer them.
• Not having any of your IRL infos online is a good idea, but it tends to be more and more difficult because of Google assistant, and other Google services that are super intrusive (I mean even with your YouTube Google know your tastes better than your buds). But don't panic, if you're not a terrorist or a criminal you're not risking your life.
Keep in mind that your security is fine most of the time if you have solid password, and you don't give them away, but your privacy is not if you have a social media account of any type. If you post something on the internet, remember it'll stay forever out there, whatever you do !
App that I use to keep my Android phone in good health (install them sometimes to clean up/check on my phone's state then I uninstall them):
Google File Go (cleans files)
AccuBattery (check the battery health)
CPU-Z(has everything you want to know about your device)
When I need to backup an app's data or the entire app:
Titanium Backup
Here you go, I gave you very few the security advises, there are plenty more, don't hesitate to check the internet out for more !
Have a nice day
Click to expand...
Click to collapse
I have 2 edits to your suggestions
1. Change your passwords monthly, preferably using a password manager that suggests really hard random passwords
2. Swift backup is much newer and more efficient than titanium backup ever was.
Sent from my OnePlus7Pro using XDA Labs
spart0n said:
I have 2 edits to your suggestions
1. Change your passwords monthly, preferably using a password manager that suggests really hard random passwords
2. Swift backup is much newer and more efficient than titanium backup ever was.
Click to expand...
Click to collapse
I'll update my first post continuously with every recommendation that'll follow on this thread to create the sort of "Index of Android Security". I created a new thread for security questions
Didn't knew about swift backup, what a great app!
patricia123 said:
Hey !!
Do Andriod phones need antivirus or internet security as a must? If so provide me some links..
Thankxxxx in advance
Click to expand...
Click to collapse
Viruses don't really exist in android. You can be targeted with malicious code but that is only if you open, tap on or accept something without knowing what it is.
For instance, someone could send you a link or a photo that has malicious code embedded in it, when you open it or accept it, then the malicious code has access to your device and your data.
As long as you know that you are dealing with a trusted source, you should be fine. But, if you are the kind of user that goes all over the internet opening things without knowing what it is, you will quickly find yourself targeted by malicious code.
Become a responsible, informed user that is aware of the dangers and what kinds of things can be a problem and you should be fine.
Sent from my SM-S767VL using Tapatalk
Situation:
I have somewhat of a "love-REALLY HATE" relationship with Google apps and ecosystem.
On one hand, they are great at what they do.
On the other, it's like having a spy satellite overhead, given how much telemetry it does.
Question:
I'd like to cut all of the Google apps' internet, location, sensor and background activity access for good when not in use. Or at least spoof whatever personal data is being sent (Device info, location, activities, etc). Any way to do that?
What I've done so far:
My current way-to-go method involves installing RethinkDNS+firewall, then blocking every single one of google apps including Gboard. It sort-of works, but very inconvenient, as I have to manually enable internet access for a particular app and/or service when needed. I also tried edXposed's XluaPrivacy module to cut off access to certain permissions. Again, cumbersome.
After going through F-Droid, I found an app called "Insular", that claims being able to put all of the "big brother" apps (such as Gapps) behind an isolated sandbox, a digital gulag of sorts.
Thanks for the pointer to Insular whose advertising on F-Droid says:
Insular is a FLOSS fork of Island.
With Insular, you can:
Isolate your Big Brother apps
Clone and run multiple accounts simutaniuosly
Freeze or archive apps and prevent any background behaviors
Unfreeze apps on-demand with home screen shortcuts
Re-freeze marked apps with one tap
Hide apps
Selectively enable (or disable) VPN for different group of apps
Prohibit USB access to mitigate attacks with physical access
Click to expand...
Click to collapse
Based on that, I suspect this XDA thread about "Island" may be useful.
[APP][5.0+][BETA] Island - app freezing, privacy protection, parallel accounts
"Island" is a sandbox environment to clone selected apps and isolate them from accessing your personal data outside the sandbox (including call logs, contacts, photos and etc) even if related permissions are granted. Device-bound data is still accessible (SMS, IMEI and etc).
Isolated app can be frozen on demand, with launcher icon vanish and its background behaviors completely blocked.
Click to expand...
Click to collapse
Totesnochill said:
Question:
I'd like to cut all of the Google apps' internet, location, sensor and background activity access for good when not in use. Or at least spoof whatever personal data is being sent (Device info, location, activities, etc). Any way to do that?
Click to expand...
Click to collapse
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
I don't have a contacts.db sqlite database for that reason too, so my favorite communication apps are all designed to store their own contacts db internally to the app itself.
I replace Google apps with FOSS equivalents such as NewPipe (or, more recently, Vanced YouTube) for example.
And I spoof my GPS location by default (using Lexa Fake GPS, for example).
Of course, given I don't have a Google Account on my phone, I use the Aurora Store instead of the Google Play Store. Of course, I strive for apps that don't require Google Framework Services (GSF) which Aurora neatly filters out for us.
Since I'm not rooted, I can't delete Google Play Store, but I can disable it, which is almost as good.
And, I use privacy-aware apps for my messenger, calendar, contacts, and dialer apps (many of which come from Simple Mobile Tools' suite which are available on F-Droid).
To keep my WiFi SSID/BSSID/GPS/Strength/etc. out of the hands of Google (& Mozilla and Kismet and Wigle, etc.), I add "_nomap" to the SSID and I turn off the SOHO router SSID broadcast (which "hinders" most cellphones from uploading my BSSID information to Google public servers); but then I have to also turn off "AutoReconnect" on Android 12 and also I have the Developer Options set in Android 12 to randomize the MAC address on EACH connection; however that means I need to set any "static" connections on my LAN from the phone and not with address reservation on the router (which typically utilizes the MAC address).
And it's not just Google we need to keep our data out of their hands, as I even use WhatsApp privacy aware tools such as the WhatsApp dialer and WhatsApp Click to Chat mechanisms (to keep my contacts out of Facebook's hands too).
For offline maps, I use a quick web browser lookup on a privacy browser (such as Tor or Epic or Opera), since the Google address lookup is still the best in the world... (which is the love/hate relationship, right?)... and then I paste the GPS coordinates that the privacy browser found on the maps.google.com web site into a local routing application (such as a shortcut to a browser to google maps on the phone or better yet, to a dedicated offline map program such as OSM And~), and even traffic can be gotten without Google (e.g., Sigalert & 511 apps).
I used to reset the Advertising ID with a homescreen shortcut that could be activated from Windows via a batch file over Wi-Fi, but now with Android 12 we can wipe out the Advertising ID altogether (i.e., reset it to all zeroes). However, I still periodically change my GSF ID and other supposedly unique identifiers.
I'm still trying to figure out the implication of "trackers", so if anyone has more information about them, please advise.
Off hand there must be scores more things I do for privacy, where we probably should have a main thread on this site of all the myriad things people can do to increase their privacy on Android (some of which I've screenshotted for you below).
GalaxyA325G said:
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
Click to expand...
Click to collapse
Thanks heaps for the very in-depth response. Really opens up on a lot of things I wasnt aware of, and I realized that unlike desktop, when it comes to mobile privacy I'm still a bit behind.
Are there any guides where I can do some reading on the concepts and techniques you've described? Especially regarding contacts.db sqlite database, GPS spoofing and privacy-aware options for accessing WhatsApp.
Also, what are your thoughts on MIcroG?
Totesnochill said:
Thanks heaps for the very in-depth response.
Click to expand...
Click to collapse
I try to put effort into the response so that others can benefit (but nobody ever presses the like button so maybe it's not worth the effort).
For example, when I mentioned I spoof my GPS, I looked up the app I used and linked to it so that you wouldn't have to test a score of apps like I did to find the best one.
Totesnochill said:
Really opens up on a lot of things I wasn't aware of, and I realized that unlike desktop, when it comes to mobile privacy I'm still a bit behind.
Click to expand...
Click to collapse
That was just off the top of my head where there has to be at least a hundred different privacy things I do on Android to distance me from Google that most people don't bother to do.
I admit, sometimes it feels like we're putting a dozen locks on the front door, but in the end, we LEARN a lot about Android in the process.
A lot of the protection is to protect ourselves from others who don't know how to configure their phone, so they are uploading our private information (like our contacts and home locations) to Google databases.
For example, the typical Android phone when it drives by your front door uploads to google your exact location, your signal strength, your unique BSSID and your SSID... where you'll note in my response above I had to do a half dozen things on my phone and router to prevent that from happening (i.e., just adding "_nomap" doesn't work but most people don't realize that because they don't think about it).
Totesnochill said:
Are there any guides where I can do some reading on the concepts and techniques you've described?
Click to expand...
Click to collapse
I'm sure there are plenty.
But I have been in MANY situations where there are none.
Take, for example, changing the GSFID... almost nowhere on the net is that described how to do it. Almost nobody does it, but it can be done if you know how.
I really should write a set of privacy tutorials so that everyone can do it but I have to find the time, and this web site doesn't like text tutorials I found out recently. So they make it a PITA in the end to help people. Sigh.
Totesnochill said:
Especially regarding contacts.db sqlite database, GPS spoofing and privacy-aware options for accessing WhatsApp.
Click to expand...
Click to collapse
If you look at the links I gave you in my response for contacts, gps spoofing and privacy-aware WhatsApp, you'll get a good start.
A quickie is to not have a contacts.sqlite database, which means you need your own contacts.csv or more likely contacts.vcf file, which you can maintain on the PC if you like (works with Excel for example).
Now that you don't have a contacts.db sqlite database, you need to find the contacts and dialer and mms/sms apps that can suck in their own contacts.vcf file, which I pointed you to in the Simple Mobile Tools suite.
For GPS spoofing, I didn't mention you need to turn "Mock Location" on in the Android Developer Options, but that's what most people already do so I assumed you knew that. Once you turn that on, you can just select the mock location app of your choice (where I suggested one above which isn't perfect but none of them are).
That particular app moves your location every few feet and it gets the altitude and it can easily be stopped and started, etc., but I'd like it if it didn't move just "west by 10 feet every minute" but instead if it would follow a pre-determined route that I could give it. So they need a lot more work to be as good as we'd like them to be.
For What'sApp privacy, look at the two apps I linked to in the prior post as they don't need the contacts.sqlite database to work.
Your WhatsApp should only have an icon in your folders for the people you contact and nothing else, IMHO. That's the best privacy you can get, although WhatsApp does decent hashing on the contacts file when it uploads it to their servers - but still - why give them your entire contacts when you only contact 10 people (or whatever) on WhatsApp. Right?
Totesnochill said:
Also, what are your thoughts on MIcroG?
Click to expand...
Click to collapse
Funny you mentioned microG since I installed it for the first time yesterday when I was setting up Vanced Youtube based on this thread.
I generally choose apps that don't use GSF but sometimes you have to use a GSF app (e.g., Zoom meetings), and then it's nice to use MicroG instead of Google Services Framework.
I only installed it yesterday so I really don't know how well it will work for me as I didn't even need to install it to install VancedYoutube. You just need it to log into YouTube but I never do that anyway.
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Especially if almost nobody reads these threads.
GalaxyA325G said:
I try to put effort into the response so that others can benefit (but nobody ever presses the like button so maybe it's not worth the effort).
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Click to expand...
Click to collapse
Thank you for doing God's work out there. Ethics like these are what creates the content that keeps the internet from becoming a dumpster fire otherwise. Tutorials and explanations that come from the fellow users are THE best and usually directly on-point.
When I was just starting setting up Linux environment, I wrote "how-to notes" on every successful step. At first it was more like the "sticky notes" to help me remember, but eventually (as the list grew) I started writing these tips in a way as if they were to be read by someone with little background in the subject. What used to be the "Linux notes" file became 10563 lines monstrosity now... So every time I need to answer someone's question I just copypaste from this file.
GalaxyA325G said:
That was just off the top of my head where there has to be at least a hundred different privacy things I do on Android to distance me from Google that most people don't bother to do.
I admit, sometimes it feels like we're putting a dozen locks on the front door, but in the end, we LEARN a lot about Android in the process.
Click to expand...
Click to collapse
Absolutely. I've spent about 2 weeks tweaking my new phone (Nokia X6), trying out different roms/recoveries and app setups. Pissed off a bunch of people in the process - most wouldn't understand that I'm setting up a system to last another 7 years, just like my previous phone (Galaxy Gprime). Not to mention that with the amount of sensitive info on the phone, security and privacy are a legit concern, and worth learning about just how one learns to install and use the lock on the front doors.
Phones became disposable both in software and hardware, and so have the general attitude towards the devices.
My final setup became AOSP PixelPlusUI Rom (comes with about openGapps nano worth of Google stuff) with most other stock apps (contacts , dialer, keyboards, msg etc) removed via ADB and replaced with F-Droid alternatives.
I've also used Rethink DNS with whitelist set up/AppInspector to put Google in the Goolag - no internet access for anything google-related at all times. So far my phone has 253 apps blocked (including almost all of the system apps). Surprisingly, all of the necessary apps off google play store (Whatsapp, FB messenger) still function well. Whenever I need a particular Gservice (like a translator), I just enable access for that (and only that) until I dont need it anymore.
GalaxyA325G said:
If you look at the links I gave you in my response for contacts, gps spoofing and privacy-aware WhatsApp, you'll get a good start.
A quickie is to not have a contacts.sqlite database, which means you need your own contacts.csv or more likely contacts.vcf file, which you can maintain on the PC if you like (works with Excel for example).
Click to expand...
Click to collapse
Thanks! I'm not sure why the links didnt show up at first. I'll give this a look. I've been using "simple mobile tools" for quite a while, and I must say I like how they are completely autonomous and transparent about what prems they need and why.
GalaxyA325G said:
For GPS spoofing, I didn't mention you need to turn "Mock Location" on in the Android Developer Options, but that's what most people already do so I assumed you knew that.
Click to expand...
Click to collapse
I definitely saw the option in the dev settings, but didnt experiment with it. Well, now I know, thanks!
Funny you mentioned microG since I installed it for the first time yesterday when I was setting up Vanced Youtube based on this thread.
I generally choose apps that don't use GSF but sometimes you have to use a GSF app (e.g., Zoom meetings), and then it's nice to use MicroG instead of Google Services Framework.
I only installed it yesterday so I really don't know how well it will work for me as I didn't even need to install it to install VancedYoutube. You just need it to log into YouTube but I never do that anyway.
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Click to expand...
Click to collapse
I will give microG a try (in a form of LineageOS for MicroG). In fact I did install this rom before but I was a bit confused about what it did and assumed that it is a regular LinOS repack with Gplay store and apps built-in. Time to test again.
Especially if almost nobody reads these threads.
Click to expand...
Click to collapse
Threads like these is how I passed my uni exams. Not even exaggerating XD. Thanks again for a very detailed insightful read!
Hello my friends, very happy to meet good hearted people who think alike about Gugle.
as my name suggests I'm noob still and didn't understand much of discussion but very happy to meet you friends. My love & warm regards to all here. Here is what I did uptill now before I saw this thread :
1> Load GSI/ROM.
2> Load TWRP
3> Load Magisk
4> Load microG
5> Install Service Disabler
5.1> Disable bunch of internal services like telemetry, analytics, location (FusedLocation not possible to disable) for every app (3-rd party & system app), contacts sync etc.
6> Install SD-Maid Pro
6.1> Freeze apps like Gugle Calendar Sync Adapter & Gugle Contacts Sync Adapter
7> Install CIAFirewall Fake VPN & configure it.
8> I use Opera browser for Banking, Youtube, Cab booking, Surfing, Gmail, Food Order etc.
9> Install Aurora Store for general app management & installation
10> For contacts I save all contacts in notepad app, and let all calls purposely bounce then I call back aftter checking whose call it was & state false apologies.
#FYI :- Gugle, Mycrowsowft , eFbee are not really to be blamed, rhey are having to comply with FBI, Phentagon, Central Intelligence Agencies, Interpol, etc. or they have to shut bizness.
GalaxyA325G said:
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
Click to expand...
Click to collapse
Hi, I’m glad to have found this thread as I’m not happy with how my normal Android phone is spied upon by google. But I’m not technically knowledgeable and I don’t want to risk bricking my phone by trying amateur attempts at rooting, or installing Insular, etc…
So far I have not signed in, I allow only minimum permissions, use Netguard, Aurora and FDroid, and have disabled bloatware. I also force-stop apps as much as possible when not in use, and enable Location and Bluetooth only when needed.
I know this is just an amateur, token attempt to reduce spying - so I may have to eventually buy a degoogled phone.
I’ve also done some of the privacy suggestions in the attachments you posted.
Could you help me with a couple of newbie questions…
1): I might have minimised some personal data harvested by most of the apps I use, but I guess my privacy precautions will have no significant effect on the amount of telemetry collected by google?
2): If my precautions really have no significant effect, I’m wondering if would it make any real difference if I was signed in as I don’t use any of the google backup services anyway?
Thanks.