Related
I would like to setup my phone to be able to browse/use apps as anonymously as possible. I realize that will require Tor/VPNs, and I am working on getting that information elsewhere. Here I am focusing on the phone itself.
It will be a new Samsung on Verizon. I would like to anonymize and secure it as much as possible. For example, I know that Verizon and Google are shipping new phones with spyware and other tagging features. I am not very tech saavy (I cant code), but I am a fast learner.
I will be trying to avoid using Google products at all costs (No Play Store, GMail, etc) - except for Android system updates (I assume this is a necessity?). I am willing to do anything, *except*: Replace the OS - it has to be regular Android (Unless someone can show me an add-on/alternative that wont require constant maintenance/detailed knowledge of how a phone OS works), or compromise the basic software so that it become unstable or wont work with basic apps.
I assume rooting is a must - but I will need some direction as to how this can be done safely, and what I will then need to do to keep the phone updated and stable.
Specifically I am looking for:
- How to remove all native spyware/malware/unnecessary apps (without accidentally deleting something critical).
- Remove any features that could ID my device over the internet
- What kind of software/app I need to set up to protect against future malicious software (some kind of anti-virus/malware scanner?).
- How to most securely encrypt the phone and any data on it (so that if someone was able to get control of it, accessing it's contents without the pass key would be as difficult as possible).
- If necessary, before I web connect it, I could download any apps/programs on another device and trasfer via MicroSD
- Any general tips that might help with this.
Thank you.
EDIT: I was originally planning on getting an S8, but I have read that it might have some issues, so I can get an LG G6 or even Galaxy S7 if it is still preferred for privacy/security.
If you didn't read it, it could be a good start in your search.
https://forum.xda-developers.com/general/security/tuto-how-to-secure-phone-t2960077
VPN!!!!
I think, regular updates with security patches is a must. But if you don't trust your original OS, how can you trust it's updates? I use mokee OS for this reason. And no gapps.
ThirdEchelonSam said:
I would like to setup my phone to be able to browse/use apps as anonymously as possible. I realize that will require Tor/VPNs, and I am working on getting that information elsewhere. Here I am focusing on the phone itself.
It will be a new Samsung on Verizon. I would like to anonymize and secure it as much as possible. For example, I know that Verizon and Google are shipping new phones with spyware and other tagging features. I am not very tech saavy (I cant code), but I am a fast learner.
I will be trying to avoid using Google products at all costs (No Play Store, GMail, etc) - except for Android system updates (I assume this is a necessity?). I am willing to do anything, *except*: Replace the OS - it has to be regular Android (Unless someone can show me an add-on/alternative that wont require constant maintenance/detailed knowledge of how a phone OS works), or compromise the basic software so that it become unstable or wont work with basic apps.
I assume rooting is a must - but I will need some direction as to how this can be done safely, and what I will then need to do to keep the phone updated and stable.
Specifically I am looking for:
- How to remove all native spyware/malware/unnecessary apps (without accidentally deleting something critical).
- Remove any features that could ID my device over the internet
- What kind of software/app I need to set up to protect against future malicious software (some kind of anti-virus/malware scanner?).
- How to most securely encrypt the phone and any data on it (so that if someone was able to get control of it, accessing it's contents without the pass key would be as difficult as possible).
- If necessary, before I web connect it, I could download any apps/programs on another device and trasfer via MicroSD
- Any general tips that might help with this.
Thank you.
EDIT: I was originally planning on getting an S8, but I have read that it might have some issues, so I can get an LG G6 or even Galaxy S7 if it is still preferred for privacy/security.
Click to expand...
Click to collapse
Assuming you are just talking about general privacy and security, then you are in with a chance to minimise data available to Google etc and be largely secure. If you are trying to prevent the likes of the NSA then you have no chance. At the very least your cell provider will know somethings about you (you have to show id in the US don't you?)
Without going to extremes as in the first link below and ending up pretty much with a dumb phone your best bet is to follow something more like this
https://privacytoolsio.github.io/privacytools.io/
As for security you can "harden" your system, there are some good threads etc on this. Or you could just buy a phone that is already hardened see Copperhead OS.
You are your phones best security, but I would say EVERYONE is fallible and could be tricked into opening a malicious email etc under the right circumstances so you should run a good antivirus, it may just save you one day. However they are not even 100% against all known malware let alone future ones or other exploits, it's just another layer of defence. Keeping your phone up dated with monthly security patches is probably your 2nd best defence after you! At some point you are trusting whoever provides your OS, network and any apps installed. Then of course this level of security must extend to all your devices that may link to your phone, no good running a router which doesn't get regular firmware updates, just this week all Linksys ones were found to be vulnerable, before that some Netgear ones, before that ....
Even using TOR does not guarantee anonymity as the NSA, GCHQ etc have been able to identify users in several ways, and no doubt still can, but it is the best way, though can be slow
Use your phones built in encryption, though this only works on a looked phone, anyone can see your data if they lack it up unlocked, or if using remote admin. Using an app to encrypt folders/files can prevent a local person viewing saved files though.
Rooting & removing bloatware would certainly help reduce data "leaks", but it has it's own risks and will void your warranty (though not up to date on S8 & tripping knox etc or on unlocking bootloaders on Verizon phones as I'm not in the US.) If it was me I'd buy an older model that has great support on xda & that you know you can unlock bootloader/root which has a good choice of roms from reputable devs that release monthly security updates quickly & then get a limited set of apps from fdroiod or similar.
whirlpool95 said:
VPN!!!!
Click to expand...
Click to collapse
But be choosy!
https://blog.csiro.au/tinker-torrentor-streamer-spy-vpn-privacy-alert/
(some vpn's are named in the full report, link at bottom of page)
Yea just don't use the internet on your phone, that's my advice .
Ok, so I'm a little new to this. I am pretty much unfamiliar with root (I've only done it once, a few years ago, on a completely different kind of device, via KingoRoot without even having to plug in to a PC), but I am very good at following directions/making sense of tutorials . But recently I have have become very aware of privacy concerns, and I realize that the form my phone is in now is very insecure.
But I'm a little confused by "rootable" vs "unlocked bootloader"
So, I though I understood these terms, but apparently I don't. I thought that *root access* was an admin level (the highest), and that it required an unlocked bootloader to achieve it. However, my device, Galaxy S7 US version, is supposedly rootable(https://forum.xda-developers.com/tm...eres-how-rooted-nougat-s7-edge-g935t-t3567502), but does not have an unlocked boot-loader, like the international/Exynos version, that would allow you to install a custom ROM. How is this possible?
Either way, I cannot use a custom ROM, since none of the even remotely trustworthy ones (Copperhead, Lineage, Replicant) work on the US version.
So, if I am stuck with Samsung version android, what else can I do (If any of these are possible, a little direction or at least a link to a good guide would be very helpful)?
- Without an unlocked boot loader, can I still remove all GAPPS and bloatware?
- Can I remove Googe Play Services and replace it with MicroG, and still use the apps with the Play dependency?
- Is Xposed/Xprivacy an option? (Are these still considered safe?).
- If not, how can I get the most specific control over device processes: being able to see and control permissions for each app, moniter all incoming/outgoing data stream (everything apps send to other parties/devices and what they receive),
- Any possibility for a firewall?
I realize that this is asking a lot, but Reddit was thoroughly unhelpful, so I throw myself at your charity.
I've come back to Android after being on iOS for the past 2 or so years. Bought an S8+. With the S8 and S8+ rooted, I'm wondering if I should go about it. I don't like the 80% battery max that comes with it, or that there is no official Xposed support. Im mainly looking for a system wide adblock (which I dont believe I can do without Xposed(?)). Is there any reason you guys would recommend rooting, other than debloat? What else am I missing/forgetting?
Nope, you don't need root if you don't want to mod your system; ad blocker is available without root, just google "adhell 2". This is the 1st phone that I don't have rooted since I don't need it - I can do 90% of the stuff without root. I.e. you can't turn data off from Tasker without root. One of the things I miss. Also, find Knox very usefull - which is lost after root. Just my opinion though.
pr0necr0 said:
I've come back to Android after being on iOS for the past 2 or so years. Bought an S8+. With the S8 and S8+ rooted, I'm wondering if I should go about it. I don't like the 80% battery max that comes with it, or that there is no official Xposed support. Im mainly looking for a system wide adblock (which I dont believe I can do without Xposed(?)). Is there any reason you guys would recommend rooting, other than debloat? What else am I missing/forgetting?
Click to expand...
Click to collapse
You can get adblocking with "AdHell" or "Disconnect for samsung browser" from plays store.
You can theme you device with Substratum or from this thread https://forum.xda-developers.com/galaxy-s8+/themes/substratum-inversion-ui-overlay-overlays-t3604341 or the inbuilt theme store.
You disable any system app you like with Package Disabler Pro.
You can get Xposed-like tweaks from this thread: https://forum.xda-developers.com/galaxy-s8+/themes/mods-small-collection-tweaks-t3657119.
Really no point in rooting these days!
My S8+ is rooted right now, and I'm on the fence about going back to non-root. If ad blocking is your main concert there are SEVERAL no-root options. I used Disconnect for Samsung (google it, you'll find an APK somewhere) that is a system wide ad block that does allow some ad's... Other ad block methods are Ad Hell, AdGuard, Block This - and I'm sure there are many others... they essentially create a VPN on the device and route all traffic through the VPN and block the things you wouldn't want.
The issue with the bootloader locked rooting methods is they are based on the ENG BOOT kernel which is designed for debugging/testing/repair etc... so you ABSOLUTELY get a performance hit... and a battery hit. The S8+ is so fast the performance hit isn't nearly as bad as it was on the S7E, the battery hit is another story... 80% and I don't think it "stops" charging at 80 - maybe just me? but my phone is warm in the morning charging wired or wirelessly. Again, could be just me. YMMV.
Not to take anything away from the guys who worked hard on getting the root method released. They are awesome and have done a great job - they deserve all the praise in the community they can get. But without TWRP and custom roms, and the ability to create those types or rom's - root isn't quite the same.... AGAIN THAT COULD BE JUST ME! YMMV!
Can rooting boost protection and security?
I have a question about rooting.
All my previous 5 - 6 android smartphones were rooted by me.
The main reason for rooting was to improve security and confidence in the phone - good firewall, de -bloating, control of privilegies
But now with S8+ I am having second thought about if rooting really protects vs exposes.
1) Lots of original protection features will be gone after rooting, like DM-verity
2) Automated system updates and therefore related security patches will be gone too. I am not a big fan of regular manual downloads and updates. So my once rooted system will become dated soon.
Am I taking it right?
Do a good firewall and control of priviligies outweigth the new risks that rooting could bring?
I do a lot of important things on my phone, so the protection is number the #1 thing for me.
Thanks for you thoughts
Hi there,
Few months ago, I was told in XDA site that nowadays changing the ROM is not anymore the best way to de-google a device. Now it is better to de-bloat and tweak the device.
Do you agree with this statement?
Did you change the ROM in your device or only de-bloated it? Tell me your experience. Easy to install, need to root, unblock the bootloader, update, what is NOT working, speed, battery, ...?
I own a Samung Tablet S5e LTE few months old, under guaranty and would like to de-google it. I was thinking to change the ROM, is tit the best way?
What is your advice? If needed, what ROM to use? What way, software to de-bloat?
Many thanks
MrNice said:
Hi there,
Few months ago, I was told in XDA site that nowadays changing the ROM is not anymore the best way to de-google a device. Now it is better to de-bloat and tweak the device.
Do you agree with this statement?
Click to expand...
Click to collapse
Fully agree with this.
Thank you for your fast answer.
Could you be more specific and tell me why, how (big picture) and if you have experience what tools did you use?
People most times use terms "De-google" and "De-bloat" not knowing what they are really speaking of.
The Vanilla Android ( read: AOSP - today often called GSI ) is totally free of apps developed by Google ( topic: GMS ) and the service ( GFS ) they need to run, this because NOBODY basically needs these to operate a phone. But the overwhelming majority of the users of mobile devices want an Android what is extended by features, so they can download & install more apps, play games, listen to music, watch porn videos. OEMs respect this wish - they want to sell their products - and therefore typically add GMS & GFS to their Android OS, so it in reality becomes a Custom ROM.
Resume: Vanilla Android - and all ROMS that are based on Vanilla Android ( like Lineage OS and many others ) must not get "De-googled".
Bloatware ( or Potentially Unwanted Programs - PUP ) is software users don’t want, that burdens and slows down a mobile device. It usually comes pre-installed by vendors, manufacturers or carriers. IMO "De-bloating" is the first thing a user should do when starting up a new device.
Bloatware typically is installed as system-app, hence phone's Android must got rooted before you can start "De-bloating".
As I am not very skilled in Android, I appreciate your post.
I installed LineageOS 17.1 on my Samsung S6, it working fine, I am happy for the usage but the only issue I have is that I can't update. This is another story in another XDA forum.
My need are usual plus
Read books, music sheets, social networks, Internet TV, news, training, conference (low bit-rate), email, messaging, GPS travel, basic pictures,
some specific app for music practice (tuner, metronome), veg gardening (I need to find one suitable for me).
but no game, no HD movie (download or stream), no large download
Backup locally (I need to learn more), no cloud usage.
As I run GNU/Linux for around 20 y, I hate to have to register for account in any app from GAFAM and I don't want as much as possible give them my data. I try to select the app without tracker, FOSS and I block the permissions as much as possible.
If I can de-google this is the best for my mindset.
I understand that de-google or de-bloat, I 'll have to root so break Knox. Right?
I don't know if I need GMS and/or GFS for my use. Could you tell me? For what app it is mandatory?
With my S5e I want to be more cautious, I need a way as secure as possible to not brick it.
With all these info, what do you advice?
MrNice said:
Hi there,
Few months ago, I was told in XDA site that nowadays changing the ROM is not anymore the best way to de-google a device. Now it is better to de-bloat and tweak the device.
Do you agree with this statement?
Did you change the ROM in your device or only de-bloated it? Tell me your experience. Easy to install, need to root, unblock the bootloader, update, what is NOT working, speed, battery, ...?
I own a Samung Tablet S5e LTE few months old, under guaranty and would like to de-google it. I was thinking to change the ROM, is tit the best way?
What is your advice? If needed, what ROM to use? What way, software to de-bloat?
Many thanks
Click to expand...
Click to collapse
For the Tab S5e de-googling it is next to impossible with stock samsung rom. LOS works great on it and not too difficult to install, CRDroid works well on it but is better with google installed, /e/ rom was being developed for it but I don't know if they are still working on it. I built an /e/ rom locally for my Tab S5e last year and it worked very well. If you want to get away from google you need to ditch the OneUI or whatever they are calling it.
tek3195 said:
For the Tab S5e de-googling it is next to impossible with stock samsung rom. LOS works great on it and not too difficult to install, CRDroid works well on it but is better with google installed, /e/ rom was being developed for it but I don't know if they are still working on it. I built an /e/ rom locally for my Tab S5e last year and it worked very well. If you want to get away from google you need to ditch the OneUI or whatever they are calling it.
Click to expand...
Click to collapse
Thanks for you advice, I'll work on it soon.
I used to do it to flash firmwares but that does not seem to be prevalent any more, so why do I need to root?
I know this is a developer/modding site but I have to agree with the OP.
I come here for the general forum information that is "usually" more technical for obvious reasons. But to risk a very expensive tool for unlocking and modding....the risks far outweigh the benefits...IMO...YMMV
App & system theming (with Substratum + Swift Black, Repainter for pure system AMOLED black & Project Themer for different notification styles, lockscreen clock etc.). System-wide equaliser (currently with JamesDSP but will await VIper4Android working on A13 hopefully), system-wide ad-blocking. Revanced Youtube for background play etc.
Plus with AOSP Mods via Magisk it adds tons on features like customisable quick toggle column/row quantities + label text size, clock position, removing carrier label from status bar, long press power button screen off for torch and so much more! Plus not to mention custom rom support which whilst sometimes buggy, come with a wealth of benefits. I like to stick to stock these days with AOSP Mods & Magisk, as that module has many features and saves having any custom rom bugs (e.g. on Pixel 6 Pro, a custom rom would lose Magic Eraser whereas having a modded stock, retained it)/
I get the risks, but we do plenty of research and tread carefully and all is generally ok!
Got my Pixel 7 Pro just today and bootloader unlocked after the first OTA came through. It's now rooted and without passing safetynet currently, all cards successfully added to my Google Wallet.
Running like a dream
I used to root every one of my previous phones, but I've not done so on my Noted 10 Plus as I find Samsung Pay too useful. And rooting destroys it forever. Not sure if Google Pay still works when rooted, that may nudge me to do it.
I have no plans to root my 7 Pro when it arrives. But that may change.
Naughty boy client for Pokemon GO and system-wide AdBlock
For me the main thing is working app backup, since the Google solution is absolutely unreasonable (I have several non-play-store apps that I have had on every smartphone I've owned, and data generally isn't saved with Google anyway) But also tons of little things like being able to set a limit on battery charge level, full (to the extent still possible) filesystem access, a floating CPU monitor I like, Greenify, Island, Tasker stuff, etc.
System wide as blocking since 2012. No other phone does it better and easier.
How about Banking? I ditched rooting since all Banking apps denied to work. Workaround didn't work anymore.
Custom kernels that save on battery
Better Internet Tiles
ACC (Advanced Charging Controller) and AccA (Advanced Charging Controller App)
@siavash79's thread [MOD][Xposed+Magisk][Pre-Release] AOSP Mods - System modifications for AOSP-based Android 12+. This is a big one for me, personally.
Classic Power Menu
Swift Backup
hey_malik said:
How about Banking? I ditched rooting since all Banking apps denied to work. Workaround didn't work anymore.
Click to expand...
Click to collapse
Just use their website? Or switch banks? I have my primary bank with a local outfit that doesn't care about rooting (although that's not why I got them, it certainly helps keep me there) if I need to deposit a check and everything else can be done on their mobile website.
My main reason would be for the custom Kernels and for Viper4Android. I didn't have a bunch of $ to fork out for 2 new phones so I went with Verizon so I won't be getting either unless I hit the lottery and then buy a Google Version of the P7P.
Anyone remember what made us able to root/ unlock the bootloader On the OG Verizon pixel?
Any chance of that happening on this device or should I just go ahead and do the system update that's waiting? For instance, I know the Samsung Galaxy Note Ultra 20 5G on Verizon(The Device I'm switching from) was locked down but apparently some guy on XDA started an Unlock service and would unlock it for ~$100.
I root since it's my XDA addiction!
Also add Titanium to the attached list!
bryan1854 said:
Any chance of that happening on this device or should I just go ahead and do the system update that's waiting? For instance, I know the Samsung Galaxy Note Ultra 20 5G on Verizon(The Device I'm switching from) was locked down but apparently some guy on XDA started an Unlock service and would unlock it for ~$100.
Click to expand...
Click to collapse
From memory on the Verizon Pixel 1, there was a bug on Android 7.10, I believe it was, that fully just allowed us to toggle OEM unlocking on. From there it was a done deal. They patched it in 7.11. Again, from memory but it was either that or 7.11 before and 7.12 after.
And no, not likely to happen again. It would be very, very rare and like hitting the lottery. Didn't happen on the Pixel 6 Pro.
roirraW edor ehT said:
From memory on the Verizon Pixel 1, there was a bug on Android 7.10, I believe it was, that fully just allowed us to toggle OEM unlocking on. From there it was a done deal. They patched it in 7.11. Again, from memory but it was either that or 7.11 before and 7.12 after.
And no, not likely to happen again. It would be very, very rare and like hitting the lottery. Didn't happen on the Pixel 6 Pro.
Click to expand...
Click to collapse
Maybe I will contact the guy doing it for the note 20 ultra and see if he thinks whatever he's doing to those phones is possible here.
Thanks for the reply.
galaxys said:
I root since it's my XDA addiction!
Also add Titanium to the attached list!
Click to expand...
Click to collapse
holy crap, when you mention "Titanium", do you mean the backup?! or even the "tweaker"? either way, aren't those EOL for years???
EtherealRemnant said:
Just use their website? Or switch banks? I have my primary bank with a local outfit that doesn't care about rooting (although that's not why I got them, it certainly helps keep me there) if I need to deposit a check and everything else can be done on their mobile website.
Click to expand...
Click to collapse
I don't see how that again helps with tan apps. But sure just don't use it is always an option.
hey_malik said:
I don't see how that again helps with tan apps. But sure just don't use it is always an option.
Click to expand...
Click to collapse
The reality is that forced hardware attestation and the Play Integrity API will soon put an end to the tricks used to get around detection so people will have to figure out what root is worth to them. I decided awhile ago that I can live without it. Adb pull /sdcard does a nice enough backup job for me and Google's cloud backup pulls partial app data and will restore it where applicable.
Of course it does seem that there isn't a way to disable 5G SA on Pixels without disabling 5G altogether so I may have a use for root in the end anyway, time will tell, as I get sick of being stuck on T-Mobile's slow as molasses SA when midband is available.
Well i have rooted every other phone and rooting, installing kernel or roms solve some problem where oem is lazy or will not solve. Previously i was using OnePlus 7 pro with unlocked bootloader initially with Android 9. During Android 10 i prefer to lock bootloader again as during that time i was damm busy and getting time for root and transfer data was not possible. During Android 11 Oneplus had really ****ed up, device was getting hot like frying pan in summer. I really had no choice but to unlock bootloader and installed a stable custom rom(CR Droid) . Everything was perfect. After 9-10 months i thought i willl go to stock again and lock bootloader. But to my surprise cts profile was not getting matched. My phone was constantly recognized as Google pixel 6 pro (no NFC payment and play store dont recognize netfix) . Only safety net fix with Magisk was able to fix it. What really surprise is when i again installed Oxygen OS 10 cts profile was showing match with locked bootloader and with Oxygen OS 11,12 will show CTS profile mismatch. I really don't know what i had done wrong and there is no solution for locked bootloader.
So my suggestion is if anybody really want to unlock bootloader and have magisk prefer with your secondary device.
Is it possible to unlock 5G in another countries with root while having functional google wallet?
I only do it for AdAway. Would be wonderful if I could avoid rooting for blocking ads since it makes a few apps unusable (specificly Norwegian with no rooting community support). But I'll probably root my P7P when I get it on monday.