Isudar PX6 - Switch google account based on Connected bluetooth Smartphone - MTCD Android Head Units Q&A

I am the proud owner of a brand new Isudar PX6 (tailored for my VW Golf 6), with Android 10.
I am concerned about security: I want to use things like Google maps, but also other Google Play apps (Tomtom, etc).
But if I configure my personal Google account, anyone driving the car can have access to my personal data (including mails, can purchase from Google Play, etc).
So, if my car get stolen, not only the car is stolen, but my Google account as well.
Thinking about a solution, I am wondering if there is a way to unlock the unit automatically based on a smartphone being connected using Bluetooth?
Ideally, one could configure a specific Google Account for a specific connected Bluetooth smartphone, so that my wife gets her Google account and data when driving, I would get mine when driving, etc.
Anyone having a clue on how this could be done, or suggest alternatives?
I could use a specific Google account for the car, but this has drawbacks: I'd have to purchase the same application twice (once for my personal account, once for the car account) for example.
Thanks in advance,
Laurent

Is it an MTCD device?

marchnz said:
Is it an MTCD device?
Click to expand...
Click to collapse
From what I can see (I am a beginner), it is be a MTCE.

ldebacker said:
From what I can see (I am a beginner), it is be a MTCE.
Click to expand...
Click to collapse
Post MCU version

marchnz said:
Post MCU version
Click to expand...
Click to collapse
MTCE_GS_V3.67_3

You could create a secondary Google account for free. Exclusively for use with your car head unit and not provide too much information about yourself on the acct. Especially don't setup any associated payment methods tied to the acct. If you wanted to purchase apps for the head unit, I suggest buying a Google Play gift card and load that into your head unit exclusive Google acct.
If you have purchased apps with another Google acct, you can login with the acct that you paid for the apps with. Install whatever you want and then remove the acct that you don't want to use on the head unit the rest of the time. The apps won't get removed by removing the acct. However some apps check their licenses via Google Play services so it's possible some might not work without the paying Google acct present (see Goggle Play gift card suggestion).

jlbooth said:
You could create a secondary Google account for free. Exclusively for use with your car head unit and not provide too much information about yourself on the acct. Especially don't setup any associated payment methods tied to the acct. If you wanted to purchase apps for the head unit, I suggest buying a Google Play gift card and load that into your head unit exclusive Google acct.
If you have purchased apps with another Google acct, you can login with the acct that you paid for the apps with. Install whatever you want and then remove the acct that you don't want to use on the head unit the rest of the time. The apps won't get removed by removing the acct. However some apps check their licenses via Google Play services so it's possible some might not work without the paying Google acct present (see Goggle Play gift card suggestion).
Click to expand...
Click to collapse
Yes, this is the workaround I came up with as well.
This is only a work around, though, because applications check the user account for licenses, but also for other reasons (such as having to replicate data between Google accounts, no access to e-mails, etc).
It would be much more elegant upon connection of bluetooth device to automatically switch to the corresponding Google user account and unlock it.

I use the Automate app from the Google play store to script/automate tasks like this. The tool is as easy as creating a flowchart and connecting the flow. The app is free for flowcharts having a small number of flowchart blocks. I have the paid version of the app and it does have a "Pick account" flowchart block. This probably could be called into action when a certain bluetooth device is connected. Just search Google Play for "Automate LlamaLab."
Also worth mentioning the developer of the app was very responsive and helpful when I have had questions.
Just an idea.
-----------------------
Another thought, if you were to take this suggested approach, you would still have to have both your "regular" Google account and the secondary account on the head unit. In my mind this kind of defeats the reasons for switching back and forth between accounts. I suppose it warrants the questions why the apprehension for having the "regular" account on the head unit full time and is it not safe for some known reason?

Bloody hell, is there really no way to remove a posted comment in this forum, or am I stupid enough to not see how to do it?

jlbooth said:
I use the Automate app from the Google play store to script/automate tasks like this. The tool is as easy as creating a flowchart and connecting the flow. The app is free for flowcharts having a small number of flowchart blocks. I have the paid version of the app and it does have a "Pick account" flowchart block. This probably could be called into action when a certain bluetooth device is connected. Just search Google Play for "Automate LlamaLab."
Also worth mentioning the developer of the app was very responsive and helpful when I have had questions.
Just an idea.
-----------------------
Another thought, if you were to take this suggested approach, you would still have to have both your "regular" Google account and the secondary account on the head unit. In my mind this kind of defeats the reasons for switching back and forth between accounts. I suppose it warrants the questions why the apprehension for having the "regular" account on the head unit full time and is it not safe for some known reason?
Click to expand...
Click to collapse
Many thanks for the idea. I had a look at the Automate app, and even if I am unsure I can solve my issue this way, it gives me a lot of other ideas.
One would be to install the Automate app on my Smartphone, so that as soon as I connect to my Head unit using Bluetooth (which is done automatically), my mobile phone would turn cellular data on (I am an old fart, I only connect to 4G when I need it ;-) and the Wifi hotspot. This way, my PX6 head unit will automatically be connected to the internet when driving (and reverse operations when I get out of my car).
Coming back to the idea of having different Google accounts, I need to think how I can do this. Switching would be no problem, but this would still mean pre-configuring the accounts on the head unit.
May be I could have the Google accounts configured, but password protected (I don't know if this is feasible), and emulate the password entry using Automate, which would get the password from a source file hold on my mobile phone for example(if that is feasible, I don't know if file sharing is allowed in the Bluetooth profiles of the android head unit).
I am very concerned about security indeed. I think as it is configured now is completely absurd and represents a huge threat: pre-encoded Google accounts, completely unprotected for whomever has the unit in his hands.
Using Bluetooth smartphones as a key to unlock the access to the device seems like a nice way, but I haven't seen much efforts in this direction.

My pleasure. I was thinking Automate could run on both the head unit and the phone. That's the nice thing about paying for an app once. You can run it on as many devices as desired.
I created an Automate script on my phone that kicks in the mobile hotspot automatically when the bluetooth connects, etc.
Incidentally you can do UI operations like data entry and stuff from Automate. I actually have some logic in one of my Automate scripts that will key in my phone unlock code if needed. I didn't want to have to be fidgeting with the phone and entering a PIN while trying to drive.

ldebacker said:
Bloody hell, is there really no way to remove a posted comment in this forum, or am I stupid enough to not see how to do it?
Click to expand...
Click to collapse
You can use the report button and ask the forum moderator to delete for you and/or you can edit the post to say whatever you want.

jlbooth said:
My pleasure. I was thinking Automate could run on both the head unit and the phone. That's the nice thing about paying for an app once. You can run it on as many devices as desired.
I created an Automate script on my phone that kicks in the mobile hotspot automatically when the bluetooth connects, etc.
Incidentally you can do UI operations like data entry and stuff from Automate. I actually have some logic in one of my Automate scripts that will key in my phone unlock code if needed. I didn't want to have to be fidgeting with the phone and entering a PIN while trying to drive.
Click to expand...
Click to collapse
The Automate script you developed to kick the mobile hotpot on Bluetooth connection is what I was thinking about. I gave it a try, but this (activating data) requires rooting the smartphone, which I'd like to avoid. Anyway, thanks!

jlbooth said:
You can use the report button and ask the forum moderator to delete for you and/or you can edit the post to say whatever you want.
Click to expand...
Click to collapse
That's what I did with this one (edit the post to say what I wanted) ;-)

ldebacker said:
The Automate script you developed to kick the mobile hotpot on Bluetooth connection is what I was thinking about. I gave it a try, but this (activating data) requires rooting the smartphone, which I'd like to avoid. Anyway, thanks!
Click to expand...
Click to collapse
I was able to get it to work without having to root my phone, but I suppose it is very subjective to a lot of variables (e.g. model phone, carrier, Android version, etc). There are ways to get the phone to do various things that might require root to do directly, but one action might cause the phone to do another. For example, to turn off the mobile hotspot, I found that I could just enable WiFi which causes the phone to turn off the hotspot (which doesn't require root).
Anyway best of luck to you on getting your phone, Google accts, and head unit working to your satisfaction.

Related

[Q] Android without Google, completely

Hey,
jsut thought about this thought the whole day. I´ve got a Moto XT720 (Stock ROM) and it works pretty good. Now the thing is, I have the Google Account and so on. But I do not want that Google is tracking me, has access to my phone, and that my phone can connect to google servers (Mail, Calendar, Market, SYSTEM).
Is it possible that I can delete some apk´s so that I have a real standalone mobile phone?
Sorry for my bad english,
greetings
you gotta be kidding
Google's stuff is the spirit of their OS... Android needs google's account for the market moreover.
sounds a little impossible. just make an account for the market and don't use it for anything else. Only thing i can think of.
Exactly, but he wants remove google's apps too...
He wants a total googleapplicationless Android phone. What a problem !
Thanks guys,
I do not need the market also (for what?, I have the apps I want to use)
Greets
push..no one knows it?
If you do any web browsing on any device even on a pc or iphone google and bing etc will track data about you. You can't use any device online without someone tracking you unless you use a proxy and even then the proxy could still track you.
You can delete or freeze googles apps but browsing will be tracked on any online device so only sure way is switch off wifi and mobile data.
But that defeats the point of a smartphone then.
Dave
Sent from my LG P920 using Tapatalk
Maybe you should forget mobiles cause anytime you're tracked as soon as you power it on
Sent from my GT-I9000 using Tapatalk
a guess, flash a custom rom and dont flash the google apps pack?
ICS, at least stock ICS, has the ability to disable system apps.
Settings -> Apps (under 'Device) -> 'All' tab, click an app, click "Disable". It won't be uninstalled, but it will never run, meaning it cannot connect to the internet or do anything else.
e.coli said:
ICS, at least stock ICS, has the ability to disable system apps.
Settings -> Apps (under 'Device) -> 'All' tab, click an app, click "Disable". It won't be uninstalled, but it will never run, meaning it cannot connect to the internet or do anything else.
Click to expand...
Click to collapse
The problem is if he ever uses internet he will still be tracked. If he uses gps his location can also be tracked.
Dave
Sent from my LG P920 using Tapatalk
mistermentality said:
The problem is if he ever uses internet he will still be tracked. If he uses gps his location can also be tracked.
Dave
Sent from my LG P920 using Tapatalk
Click to expand...
Click to collapse
Yeah, it's a very strange request, but he could disable all internet-capable apps, and just use his phone for voice and offline apps?
He could still use GPS though, but not A-GPS. GPS just receives the signal from the satellites, this is why you can still log your position while off the cell network. It's one-way communication, so there's no way to be tracked just by listening to the GPS signal. He could download maps to the phone and use it for navigation that way.
Don't get an Android phone is my advice if you want no connection to Google.
-Sent from my Droid 2-
I agree, why would you use an google operating system, if you don't want to have any connection with google?
Android without the Android market is pretty dull, and even if you would use the amazon appstore (which is officially only working in the US/and maybe CAN) you would be stuck with only a fractal of not up to date apps, since in the amazon app store are alot of old versions flying around.
And please dont believe in the old google creep, who is sitting in front of the "internet" waiting is whole life only to set cookies in your browser. He does not exists!
I don't understand why you would want Android on your mobile device and not want google on it? Thats how smartphones work, if you don't want google on your phone I suggest you get a non smart phone.
Why so much hostility? Isn't the point of Android, and these forums, that it is so customizable? Maybe he doesn't like the new privacy policy.
Anyways, he could disable all Gapps and install Firefox or whatever, which would disconnect most of your connection to Google, but it's hard to avoid it if you want to use the internet at all.
e.coli said:
Why so much hostility? Isn't the point of Android, and these forums, that it is so customizable? Maybe he doesn't like the new privacy policy.
Anyways, he could disable all Gapps and install Firefox or whatever, which would disconnect most of your connection to Google, but it's hard to avoid it if you want to use the internet at all.
Click to expand...
Click to collapse
I don't think anyone's been hostile, just surprised maybe as seems op wants no tracking yet to be able to use internet which can't be done except at best through a proxy.
To the op, you can root and uninstall or freeze google apps and browse via a public proxy server if you want to avoid tracking but your carrier and possibly google (the main operating systems all record your gps data inc ios android and wp7, think only wp7 was found collecting that though which is why I say possibly not probably) can still see where you have physically been via cell, gps and wifi logs.
If its just google you wish to avoid another option could be use a firewall or dns blacklist app to stop your device being able to connect to known google internet addresses.
Dave
Sent from my LG P920 using Tapatalk
miro101 said:
And please dont believe in the old google creep, who is sitting in front of the "internet" waiting is whole life only to set cookies in your browser. He does not exists!
Click to expand...
Click to collapse
Actually, he does:
http://www.stateofsearch.com/top-15-of-eric-schmidts-remarkable-quotes/
If you don't know by now that all of the "free" apps aren't really free, you're kidding yourself. How do you think Google makes money? It's primary purpose is collecting information. Private informtaion (even the carriers...search on the term "carrier IQ"). That is the age we live in. The best that can be done is to either throw your phone away or learn how to secure your phone and info in as much as is possible. There are apps that can identify what apps are sending what data and block them from doing so (on rooted phones). Even then, data still gets out. It's a trade-off. For now, it's used for marketting purposes. However, that much data is bound to fall into the hands of some government who will use it to control the masses. It's just too tempting, and it's the nature of humanity. So, I'll limit whatever data exodus I can and accept the trade-off for the rest (until the government {read Anti-Christ} wrests control). The old saying applies: "It's not paranoia if they really are out to get you".
I honestly don't get the point in using a smartphone with fears of being 'monitored' or tracked. If you don't want to be tracked, don't use the internet, don't use a cell phone, and live under a rock for the rest of your life. That's the best advice I can offer.

[Q] Using Google Maps without Google Account. (Android) Possible?

Hello,
I really like this forum, i read it a lot. I wanted to register a long time ago, but now i "have" to, because i have a question.
For several reasons i do not want a Google Account on my (Future) Samsung Galaxy Note 2. (Like the big screen)
1. I don't really use apps and the apps i use can be downloaded from their websites.
2. Privacy, Google has the worst privacy (policy) i've ever encountered. (-A company who illegally collect user data from Wi-Fi networks using Google streetview cars can't be trusted ihmo. They also collect anonymous user data, but it still has a unique indentifier... etc etc.)
The question:
I read that some people couln't use Google Maps (With gps) when having no Google Account on their phone. (Jelly Bean and up. 4.1+)
So the question is, is this true? And if it is true, Could i use the mobile website version of Google Maps to navigate? (With GPS?)
I couldn't really find a clear answer, and i searched quite a lot.
Thanks,
Best regards,
John
If you're going to get the phone no matter what, might as well just try it and see.
Personally, I see Google as a business, not a charity - so I don't mind letting them collect data when I use their services - it's basically how I am paying them and lowing them to generate revenue to continue to operate and provide the services they do.
If you wish to avoid their services, why not look for a map/navigation app/service/device that has nothing to do with Google?
Sent from my SGH-T999 using xda app-developers app
Pennycake said:
If you're going to get the phone no matter what, might as well just try it and see.
Personally, I see Google as a business, not a charity - so I don't mind letting them collect data when I use their services - it's basically how I am paying them and lowing them to generate revenue to continue to operate and provide the services they do.
If you wish to avoid their services, why not look for a map/navigation app/service/device that has nothing to do with Google?
Sent from my SGH-T999 using xda app-developers app
Click to expand...
Click to collapse
Yes i thought about that, but i read from a individual that he couln't use gps on Google-Maps and a 3rd-party-map-app while having an Android without a google account. This was on Android 4.1.2. He was using CM. I heard others with succes, but these were older versions of Android.
But maybe it works in the Android browser> Google Maps Mobile. Thats also my question.

Specific settings lockout on Asus Zenpad c 7.0 - possible?

I have a set of Zenpads that will have random users. I have hooked them all into a single Google account so I can use Find My Phone to track them and to make it a little easier to update apps. I initially locked out some apps and the settings but then realized my random users would not be able to connect to any wifi networks.
When the tablet gets checked back in, I can factory reset it and start over. I have rooted one so I know I can do that if it's necessary. None of the information I've found on multiple users in Lollipop (these run 5.0.2) applies to this tablet, it seems.
I have 25 of these critters to keep track of. They are pretty much open for the user to do whatever. That's fine. What I most need is to be able to keep them hooked up to my Google account and to keep that account from being nuked or accessed. If I can hide most of the settings but still allow access to the wifi networks option, that would be great!
Thanks for your help!
After a lot of rooting and booting, I've determined that what I really want to make happen with these tablets is geolocation more than anything else. Essentially, I want to use Google''s Find Device and keep it running, attached to my admin Google account, regardless of whatever other user logs in. I tried the multi-user account apps after root but they do not keep both users logged in so the Google account gets shut down as soon as the other user logs in.
The paid services/apps are really expensive and have way more than I need to do. I trialed a few of them and found they have a ton of useless features. Even pushing out apps is ridiculous. For example, if I want to push an app to one of my checked out devices, the user still has to log into the play store to download or update the app through their own account. Im basically suggesting to them that they get an app? That seems really goofy to me.
I have started working with Android Studio so I am happy to try coding something. I'm just not sure where to begin. Of course, if something already exists, I'd rather use that!

Looking for way to protect against theft.

Hi all, I work at a group home and one of the clients recently purchased an Amazon Fire tablet to facebook chat with his dad.
My issue is that thanks to the crapiness of humanity I know that there's a strong potential for the tablet to grow legs.
Without getting into details, the client cannot have the tablet always in their posession, and we can't conveniently lock it down anywhere, and ideally whoever is supporting him needs to have access to the tablet whenever possible.
I'm wondering if there is an app, or even better, a device, which can cause the tablet to alert my manager the moment the device leaves the property? Ideally something not easily accessed or removed.
I know getting a tablet just for facebook chat is overkill, I wasn't the one who purchased it for the client, I'm just trying to make do with what is available.
theseventensplit said:
Hi all, I work at a group home and one of the clients recently purchased an Amazon Fire tablet to facebook chat with his dad.
My issue is that thanks to the crapiness of humanity I know that there's a strong potential for the tablet to grow legs.
Without getting into details, the client cannot have the tablet always in their posession, and we can't conveniently lock it down anywhere, and ideally whoever is supporting him needs to have access to the tablet whenever possible.
I'm wondering if there is an app, or even better, a device, which can cause the tablet to alert my manager the moment the device leaves the property? Ideally something not easily accessed or removed.
I know getting a tablet just for facebook chat is overkill, I wasn't the one who purchased it for the client, I'm just trying to make do with what is available.
Click to expand...
Click to collapse
It's an Android right?
I had a look at the Amazon store for anti-theft apps but there were none that I recognised from sources I trust (nit that I have researched them, but maybe you can find a reliable review) You have to be certain it's from a trusted source as these type of apps require special permissions eg admin in order to do their job, and could be abused by a malicious app.
I would recommend Cerberus Anti Theft, I used them for years & they have a good reputation, even though Google removed the app form play store. This is because they had to link the Google app to additional downloads in order to maintain the functionality of the app that made it the best, after Google changed what permissions apps could be granted for apps downloaded from Google store.
You can download for Android devices from their website
https://www.cerberusapp.com/
However there is a potential problem with all antitheft apps, ie. Turning off wifi/data means you can't communicate with it(but Cerberus could be activated via SMS), also a factory reset will remove them, so if a knowledgeable person steals a phone/tablet they can remove the antitheft app, so possibly you would have limited time to activate it. Which is why I used to root & install as a system app, which meant only reinstalling the full factory Android operating system to remove it.
There should be the basic "fined my device" on Android built in (I'm not familiar with Amazon variants) but its not very powerful.
I'll look into it, thanks. It does have tracking but unfortunately that wouldn't alert in time to be able to accurately determine who took it.
If Cerberus can do sms then my manager might be able to get immediate notification if it walks away, once it disconnects from wifi
What I don't get is why isn't there a hardware based solution, something that you have connected to your wifi that alerts you if devices in connected to that wifi signal get disconnected. Or even simpler, bluetooth based.
The problem is that tablets don't all have data, and if turned off they lose the anti theft features. So there needs to be something outside of the device itself that can alert the owner. Maybe it's just to specific a problem unfortunately.
theseventensplit said:
What I don't get is why isn't there a hardware based solution, something that you have connected to your wifi that alerts you if devices in connected to that wifi signal get disconnected. Or even simpler, bluetooth based.
The problem is that tablets don't all have data, and if turned off they lose the anti theft features. So there needs to be something outside of the device itself that can alert the owner. Maybe it's just to specific a problem unfortunately.
Click to expand...
Click to collapse
PS. You could use Tasker app (or other automation app) on your phone to set up an alert when the tablet losses connection, if you use your phone as a hotspot, I think.

[Privacy] Puttin' Google in the Goolag

Situation:
I have somewhat of a "love-REALLY HATE" relationship with Google apps and ecosystem.
On one hand, they are great at what they do.
On the other, it's like having a spy satellite overhead, given how much telemetry it does.
Question:
I'd like to cut all of the Google apps' internet, location, sensor and background activity access for good when not in use. Or at least spoof whatever personal data is being sent (Device info, location, activities, etc). Any way to do that?
What I've done so far:
My current way-to-go method involves installing RethinkDNS+firewall, then blocking every single one of google apps including Gboard. It sort-of works, but very inconvenient, as I have to manually enable internet access for a particular app and/or service when needed. I also tried edXposed's XluaPrivacy module to cut off access to certain permissions. Again, cumbersome.
After going through F-Droid, I found an app called "Insular", that claims being able to put all of the "big brother" apps (such as Gapps) behind an isolated sandbox, a digital gulag of sorts.
Thanks for the pointer to Insular whose advertising on F-Droid says:
Insular is a FLOSS fork of Island.
With Insular, you can:
Isolate your Big Brother apps
Clone and run multiple accounts simutaniuosly
Freeze or archive apps and prevent any background behaviors
Unfreeze apps on-demand with home screen shortcuts
Re-freeze marked apps with one tap
Hide apps
Selectively enable (or disable) VPN for different group of apps
Prohibit USB access to mitigate attacks with physical access
Click to expand...
Click to collapse
Based on that, I suspect this XDA thread about "Island" may be useful.
[APP][5.0+][BETA] Island - app freezing, privacy protection, parallel accounts​
"Island" is a sandbox environment to clone selected apps and isolate them from accessing your personal data outside the sandbox (including call logs, contacts, photos and etc) even if related permissions are granted. Device-bound data is still accessible (SMS, IMEI and etc).
Isolated app can be frozen on demand, with launcher icon vanish and its background behaviors completely blocked.
Click to expand...
Click to collapse
Totesnochill said:
Question:
I'd like to cut all of the Google apps' internet, location, sensor and background activity access for good when not in use. Or at least spoof whatever personal data is being sent (Device info, location, activities, etc). Any way to do that?
Click to expand...
Click to collapse
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
I don't have a contacts.db sqlite database for that reason too, so my favorite communication apps are all designed to store their own contacts db internally to the app itself.
I replace Google apps with FOSS equivalents such as NewPipe (or, more recently, Vanced YouTube) for example.
And I spoof my GPS location by default (using Lexa Fake GPS, for example).
Of course, given I don't have a Google Account on my phone, I use the Aurora Store instead of the Google Play Store. Of course, I strive for apps that don't require Google Framework Services (GSF) which Aurora neatly filters out for us.
Since I'm not rooted, I can't delete Google Play Store, but I can disable it, which is almost as good.
And, I use privacy-aware apps for my messenger, calendar, contacts, and dialer apps (many of which come from Simple Mobile Tools' suite which are available on F-Droid).
To keep my WiFi SSID/BSSID/GPS/Strength/etc. out of the hands of Google (& Mozilla and Kismet and Wigle, etc.), I add "_nomap" to the SSID and I turn off the SOHO router SSID broadcast (which "hinders" most cellphones from uploading my BSSID information to Google public servers); but then I have to also turn off "AutoReconnect" on Android 12 and also I have the Developer Options set in Android 12 to randomize the MAC address on EACH connection; however that means I need to set any "static" connections on my LAN from the phone and not with address reservation on the router (which typically utilizes the MAC address).
And it's not just Google we need to keep our data out of their hands, as I even use WhatsApp privacy aware tools such as the WhatsApp dialer and WhatsApp Click to Chat mechanisms (to keep my contacts out of Facebook's hands too).
For offline maps, I use a quick web browser lookup on a privacy browser (such as Tor or Epic or Opera), since the Google address lookup is still the best in the world... (which is the love/hate relationship, right?)... and then I paste the GPS coordinates that the privacy browser found on the maps.google.com web site into a local routing application (such as a shortcut to a browser to google maps on the phone or better yet, to a dedicated offline map program such as OSM And~), and even traffic can be gotten without Google (e.g., Sigalert & 511 apps).
I used to reset the Advertising ID with a homescreen shortcut that could be activated from Windows via a batch file over Wi-Fi, but now with Android 12 we can wipe out the Advertising ID altogether (i.e., reset it to all zeroes). However, I still periodically change my GSF ID and other supposedly unique identifiers.
I'm still trying to figure out the implication of "trackers", so if anyone has more information about them, please advise.
Off hand there must be scores more things I do for privacy, where we probably should have a main thread on this site of all the myriad things people can do to increase their privacy on Android (some of which I've screenshotted for you below).
GalaxyA325G said:
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
Click to expand...
Click to collapse
Thanks heaps for the very in-depth response. Really opens up on a lot of things I wasnt aware of, and I realized that unlike desktop, when it comes to mobile privacy I'm still a bit behind.
Are there any guides where I can do some reading on the concepts and techniques you've described? Especially regarding contacts.db sqlite database, GPS spoofing and privacy-aware options for accessing WhatsApp.
Also, what are your thoughts on MIcroG?
Totesnochill said:
Thanks heaps for the very in-depth response.
Click to expand...
Click to collapse
I try to put effort into the response so that others can benefit (but nobody ever presses the like button so maybe it's not worth the effort).
For example, when I mentioned I spoof my GPS, I looked up the app I used and linked to it so that you wouldn't have to test a score of apps like I did to find the best one.
Totesnochill said:
Really opens up on a lot of things I wasn't aware of, and I realized that unlike desktop, when it comes to mobile privacy I'm still a bit behind.
Click to expand...
Click to collapse
That was just off the top of my head where there has to be at least a hundred different privacy things I do on Android to distance me from Google that most people don't bother to do.
I admit, sometimes it feels like we're putting a dozen locks on the front door, but in the end, we LEARN a lot about Android in the process.
A lot of the protection is to protect ourselves from others who don't know how to configure their phone, so they are uploading our private information (like our contacts and home locations) to Google databases.
For example, the typical Android phone when it drives by your front door uploads to google your exact location, your signal strength, your unique BSSID and your SSID... where you'll note in my response above I had to do a half dozen things on my phone and router to prevent that from happening (i.e., just adding "_nomap" doesn't work but most people don't realize that because they don't think about it).
Totesnochill said:
Are there any guides where I can do some reading on the concepts and techniques you've described?
Click to expand...
Click to collapse
I'm sure there are plenty.
But I have been in MANY situations where there are none.
Take, for example, changing the GSFID... almost nowhere on the net is that described how to do it. Almost nobody does it, but it can be done if you know how.
I really should write a set of privacy tutorials so that everyone can do it but I have to find the time, and this web site doesn't like text tutorials I found out recently. So they make it a PITA in the end to help people. Sigh.
Totesnochill said:
Especially regarding contacts.db sqlite database, GPS spoofing and privacy-aware options for accessing WhatsApp.
Click to expand...
Click to collapse
If you look at the links I gave you in my response for contacts, gps spoofing and privacy-aware WhatsApp, you'll get a good start.
A quickie is to not have a contacts.sqlite database, which means you need your own contacts.csv or more likely contacts.vcf file, which you can maintain on the PC if you like (works with Excel for example).
Now that you don't have a contacts.db sqlite database, you need to find the contacts and dialer and mms/sms apps that can suck in their own contacts.vcf file, which I pointed you to in the Simple Mobile Tools suite.
For GPS spoofing, I didn't mention you need to turn "Mock Location" on in the Android Developer Options, but that's what most people already do so I assumed you knew that. Once you turn that on, you can just select the mock location app of your choice (where I suggested one above which isn't perfect but none of them are).
That particular app moves your location every few feet and it gets the altitude and it can easily be stopped and started, etc., but I'd like it if it didn't move just "west by 10 feet every minute" but instead if it would follow a pre-determined route that I could give it. So they need a lot more work to be as good as we'd like them to be.
For What'sApp privacy, look at the two apps I linked to in the prior post as they don't need the contacts.sqlite database to work.
Your WhatsApp should only have an icon in your folders for the people you contact and nothing else, IMHO. That's the best privacy you can get, although WhatsApp does decent hashing on the contacts file when it uploads it to their servers - but still - why give them your entire contacts when you only contact 10 people (or whatever) on WhatsApp. Right?
Totesnochill said:
Also, what are your thoughts on MIcroG?
Click to expand...
Click to collapse
Funny you mentioned microG since I installed it for the first time yesterday when I was setting up Vanced Youtube based on this thread.
I generally choose apps that don't use GSF but sometimes you have to use a GSF app (e.g., Zoom meetings), and then it's nice to use MicroG instead of Google Services Framework.
I only installed it yesterday so I really don't know how well it will work for me as I didn't even need to install it to install VancedYoutube. You just need it to log into YouTube but I never do that anyway.
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Especially if almost nobody reads these threads.
GalaxyA325G said:
I try to put effort into the response so that others can benefit (but nobody ever presses the like button so maybe it's not worth the effort).
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Click to expand...
Click to collapse
Thank you for doing God's work out there. Ethics like these are what creates the content that keeps the internet from becoming a dumpster fire otherwise. Tutorials and explanations that come from the fellow users are THE best and usually directly on-point.
When I was just starting setting up Linux environment, I wrote "how-to notes" on every successful step. At first it was more like the "sticky notes" to help me remember, but eventually (as the list grew) I started writing these tips in a way as if they were to be read by someone with little background in the subject. What used to be the "Linux notes" file became 10563 lines monstrosity now... So every time I need to answer someone's question I just copypaste from this file.
GalaxyA325G said:
That was just off the top of my head where there has to be at least a hundred different privacy things I do on Android to distance me from Google that most people don't bother to do.
I admit, sometimes it feels like we're putting a dozen locks on the front door, but in the end, we LEARN a lot about Android in the process.
Click to expand...
Click to collapse
Absolutely. I've spent about 2 weeks tweaking my new phone (Nokia X6), trying out different roms/recoveries and app setups. Pissed off a bunch of people in the process - most wouldn't understand that I'm setting up a system to last another 7 years, just like my previous phone (Galaxy Gprime). Not to mention that with the amount of sensitive info on the phone, security and privacy are a legit concern, and worth learning about just how one learns to install and use the lock on the front doors.
Phones became disposable both in software and hardware, and so have the general attitude towards the devices.
My final setup became AOSP PixelPlusUI Rom (comes with about openGapps nano worth of Google stuff) with most other stock apps (contacts , dialer, keyboards, msg etc) removed via ADB and replaced with F-Droid alternatives.
I've also used Rethink DNS with whitelist set up/AppInspector to put Google in the Goolag - no internet access for anything google-related at all times. So far my phone has 253 apps blocked (including almost all of the system apps). Surprisingly, all of the necessary apps off google play store (Whatsapp, FB messenger) still function well. Whenever I need a particular Gservice (like a translator), I just enable access for that (and only that) until I dont need it anymore.
GalaxyA325G said:
If you look at the links I gave you in my response for contacts, gps spoofing and privacy-aware WhatsApp, you'll get a good start.
A quickie is to not have a contacts.sqlite database, which means you need your own contacts.csv or more likely contacts.vcf file, which you can maintain on the PC if you like (works with Excel for example).
Click to expand...
Click to collapse
Thanks! I'm not sure why the links didnt show up at first. I'll give this a look. I've been using "simple mobile tools" for quite a while, and I must say I like how they are completely autonomous and transparent about what prems they need and why.
GalaxyA325G said:
For GPS spoofing, I didn't mention you need to turn "Mock Location" on in the Android Developer Options, but that's what most people already do so I assumed you knew that.
Click to expand...
Click to collapse
I definitely saw the option in the dev settings, but didnt experiment with it. Well, now I know, thanks!
Funny you mentioned microG since I installed it for the first time yesterday when I was setting up Vanced Youtube based on this thread.
I generally choose apps that don't use GSF but sometimes you have to use a GSF app (e.g., Zoom meetings), and then it's nice to use MicroG instead of Google Services Framework.
I only installed it yesterday so I really don't know how well it will work for me as I didn't even need to install it to install VancedYoutube. You just need it to log into YouTube but I never do that anyway.
In summary, there's probably a hundred things we do to our phones to set up privacy but I'd have to write each one up in detail to help everyone and that's a lot of work.
Click to expand...
Click to collapse
I will give microG a try (in a form of LineageOS for MicroG). In fact I did install this rom before but I was a bit confused about what it did and assumed that it is a regular LinOS repack with Gplay store and apps built-in. Time to test again.
Especially if almost nobody reads these threads.
Click to expand...
Click to collapse
Threads like these is how I passed my uni exams. Not even exaggerating XD. Thanks again for a very detailed insightful read!
Hello my friends, very happy to meet good hearted people who think alike about Gugle.
as my name suggests I'm noob still and didn't understand much of discussion but very happy to meet you friends. My love & warm regards to all here. Here is what I did uptill now before I saw this thread :
1> Load GSI/ROM.
2> Load TWRP
3> Load Magisk
4> Load microG
5> Install Service Disabler
5.1> Disable bunch of internal services like telemetry, analytics, location (FusedLocation not possible to disable) for every app (3-rd party & system app), contacts sync etc.
6> Install SD-Maid Pro
6.1> Freeze apps like Gugle Calendar Sync Adapter & Gugle Contacts Sync Adapter
7> Install CIAFirewall Fake VPN & configure it.
8> I use Opera browser for Banking, Youtube, Cab booking, Surfing, Gmail, Food Order etc.
9> Install Aurora Store for general app management & installation
10> For contacts I save all contacts in notepad app, and let all calls purposely bounce then I call back aftter checking whose call it was & state false apologies.
#FYI :- Gugle, Mycrowsowft , eFbee are not really to be blamed, rhey are having to comply with FBI, Phentagon, Central Intelligence Agencies, Interpol, etc. or they have to shut bizness.
GalaxyA325G said:
Like you, my relationship with Google is strained where I don't set up any Google Account on Android and it works just fine.
Click to expand...
Click to collapse
Hi, I’m glad to have found this thread as I’m not happy with how my normal Android phone is spied upon by google. But I’m not technically knowledgeable and I don’t want to risk bricking my phone by trying amateur attempts at rooting, or installing Insular, etc…
So far I have not signed in, I allow only minimum permissions, use Netguard, Aurora and FDroid, and have disabled bloatware. I also force-stop apps as much as possible when not in use, and enable Location and Bluetooth only when needed.
I know this is just an amateur, token attempt to reduce spying - so I may have to eventually buy a degoogled phone.
I’ve also done some of the privacy suggestions in the attachments you posted.
Could you help me with a couple of newbie questions…
1): I might have minimised some personal data harvested by most of the apps I use, but I guess my privacy precautions will have no significant effect on the amount of telemetry collected by google?
2): If my precautions really have no significant effect, I’m wondering if would it make any real difference if I was signed in as I don’t use any of the google backup services anyway?
Thanks.

Categories

Resources