Hello. Since I use my phone for many important activities such as banking, 2FA, etc. I don't want to wind up without any alternative should I lose it or take it in for repair. One option appears to be LineageOS however, by design, it does not tamper with Google's SafetyNet API and the options for working around this seem unstable. It's likely many of the apps I use would make use of SafetyNet so that is a significant issue. Option 2 is keep an old phone around however I'm uncomfortable with using an old and unsupported version of Android to keep important information on. Are there any options beyond continuously buying new (or second hand) supported phones?
Thanks.
I don't understand the arguments. People own multiple houses, cars, bicycles, shoes, clothes, and you would want one phone for everything?
I don't really see how my mobile phone relates to houses, cars, shoes and clothes, etc. I use my phone for many tasks, particularly calls, texts, etc. I also use it for the occasional bit of web browsing when I'm not at a PC and checking email, etc. Most importantly it is my primary tool for 2FA and like most people I know I have only one smartphone. I have to send it in for repair so I was wondering what the best option would be for a reserve phone to use when my main phone is unavailable. I'd prefer one that is currently supported because I am uncomfortable using an old and unsupported OS. LineageOS appeared to be an option however many of the apps I use likely make use of Google's SafetyNet and LineageOS by design does interfere with this. What I would like to know is what kind of options are available.
Related
Currently looking for a suitable Phone Tracker/Locators in case phone gets misplaced.
For those interested in your options, this sums it up well: http://www.androidpolice.com/2011/11/28/mobile-security-app-shootout-final-roundup-out-of-a-sea-of-apps-just-one-emerges-as-a-clear-winner-in-keeping-your-device-safe/
My questions is, how safe in terms of privacy are the trackers that also provide a centralized web interfaces?
Think about it, you are essentially installing an agent that allows the developer (if they so choose) to track where ever it is you are at and control your phone at anytime.
Sure YOU require a password to access your account, but surely the developer could have full access to all accounts using this software.
I used to use Tasker for remote SMS tracking, but the added features of these web integrated trackers are appealing since they also have remote picture taking, remote erase, locking, etc.
How would you weight on privacy vs feature trade off?
klau1 said:
Currently looking for a suitable Phone Tracker/Locators in case phone gets misplaced.
My questions is, how safe in terms of privacy are the trackers that also provide a centralized web interfaces?
Think about it, you are essentially installing an agent that allows the developer (if they so choose) to track where ever it is you are at and control your phone at anytime.
Sure YOU require a password to access your account, but surely the developer could have full access to all accounts using this software.
How would you weight on privacy vs feature trade off?
Click to expand...
Click to collapse
In my opinion it's really a matter of trust. First and foremost, do some research on the developer and app you're considering, look at the feedback, reputation, etc. then make a decision on how safe you feel about the service. It's similar to deciding if you feel safe signing up with a company like LIfeLock. In order for them to protect your sensitive data, you must freely give them all of your sensitive data. How safe would you feel about that? Would you trust them enough not to be malicious?
But then again, aren't you putting the same amount of trust and taking the same risks with the developer of ANY app you install on your phone?
As far as the apps themselves, I have used Find My Droid, the one Best Buy offers, and I can't remember the name of the third one and I found that all three are not as useful as I originally thought.
1. The gps feature was nice but did not pinpoint an exact address, just a general area. How useful is that?
2. I did a "stolen phone" test with the apps and it took them all between 5 and 15 minutes to lockdown the phone and one just plain failed.
3. The remote picture taking feature didn't work and if you plan on using an ICS rom, since the front facing camera doesn't work, the picture taking feature doesn't do much good.
4. The apps are useless if a perp pulls the battery which renders the gps completely useless.
So in summary, I personally wouldn't use one of those phone tracker apps. If you misplace your phone, just call it from someone else's and if you accidently left your phone at a bar or someplace public, call your provider for a replacement because you probably won't see that old one ever again.
Hello all!
New to XDA Forums here... well, new on posting, been lurking for years now.
So, I have this new pet project that I want to invest some time and money come 2017, and it's like this:
I want to get an Android tablet that will be kept permanently offline after initial setup, and will hold all sorts of personal information away from the interwebs.
After thinking about it, I decided to share thoughts, receive input and comments here and perhaps in some other forums to see if I can accumulate some interesting ideas.
I'll start with the most obvious question: which tablet brand and model would you think is interesting for something like this?
The ones I considered so far: HTC Nexus 9 for rooting, Samsung Galaxy Tab S or S2 for the fingerprint scanner, nVidia Shield Tab K1 for raw power and futureproofing.
Plan is to go full paranoia, disassemble the tablet, pull out stuff like cameras, microphones, possibly even speakers, and let this become a device that can only be accessed via touchscreen or connecting external speakers and microphones. Wi-fi chip and/or antenna will also go, Bluetooth, NFC if it's there, eventually modify the USB connector for power only. New stuff only via SD card perhaps.
Yes, this means I'll be forever locking it into a certain state, but it's a pet project to see how far I can go without rendering it useless... further, I'll see if there's a way to make those changes reversible, as long as you open the device up again and such. This is of course all gradual, just ideas, might not go so far.
OS and software wise, this will need a relatively recent version of Android for full disk encryption... though it would be kinda nice to have Nougat's file encryption instead. Pros and cons to consider with each device.
Some offline apps I put in a consideration list... some of them I haven't tested just yet, but will be looking into soon enough:
Apps: AppLock
Files: Crypt4All Lite, ES File Explorer
Calendar, Contacts: Flock, Fruux
Passwords: KeePassDroid
Assistant: Utter!
Dictionary: Offline Dictionaries
Translation: Bing Translate
Maps: HERE Maps
Notes: MonoSpace
Again, the idea is to have the tablet fully functioning and connected at first - update, install, configure and load it up with everything needed, and then permanently make it an offline device. I'm not sure how many of those will actually work without any network connection, but my research has been around apps that have offline options.
Any inputs are welcome, I appreciate any recommendations for hardware, apps and custom roms for the task.
You can imagine the device overall as a personal assistant, media consumption device that will securely hold private information like calendar, passwords, contacts and files in general. Not meant to be disposable, but of course, inaccessible if stolen or lost.
Thanks for reading so far, I'll keep this thread updated with progress, but I'll probably only start working on it early next year.
XSportSeeker said:
Hello all!
New to XDA Forums here... well, new on posting, been lurking for years now.
So, I have this new pet project that I want to invest some time and money come 2017, and it's like this:
I want to get an Android tablet that will be kept permanently offline after initial setup, and will hold all sorts of personal information away from the interwebs.
After thinking about it, I decided to share thoughts, receive input and comments here and perhaps in some other forums to see if I can accumulate some interesting ideas.
I'll start with the most obvious question: which tablet brand and model would you think is interesting for something like this?
The ones I considered so far: HTC Nexus 9 for rooting, Samsung Galaxy Tab S or S2 for the fingerprint scanner, nVidia Shield Tab K1 for raw power and futureproofing.
Plan is to go full paranoia, disassemble the tablet, pull out stuff like cameras, microphones, possibly even speakers, and let this become a device that can only be accessed via touchscreen or connecting external speakers and microphones. Wi-fi chip and/or antenna will also go, Bluetooth, NFC if it's there, eventually modify the USB connector for power only. New stuff only via SD card perhaps.
Yes, this means I'll be forever locking it into a certain state, but it's a pet project to see how far I can go without rendering it useless... further, I'll see if there's a way to make those changes reversible, as long as you open the device up again and such. This is of course all gradual, just ideas, might not go so far.
OS and software wise, this will need a relatively recent version of Android for full disk encryption... though it would be kinda nice to have Nougat's file encryption instead. Pros and cons to consider with each device.
Some offline apps I put in a consideration list... some of them I haven't tested just yet, but will be looking into soon enough:
Apps: AppLock
Files: Crypt4All Lite, ES File Explorer
Calendar, Contacts: Flock, Fruux
Passwords: KeePassDroid
Assistant: Utter!
Dictionary: Offline Dictionaries
Translation: Bing Translate
Maps: HERE Maps
Notes: MonoSpace
Again, the idea is to have the tablet fully functioning and connected at first - update, install, configure and load it up with everything needed, and then permanently make it an offline device. I'm not sure how many of those will actually work without any network connection, but my research has been around apps that have offline options.
Any inputs are welcome, I appreciate any recommendations for hardware, apps and custom roms for the task.
You can imagine the device overall as a personal assistant, media consumption device that will securely hold private information like calendar, passwords, contacts and files in general. Not meant to be disposable, but of course, inaccessible if stolen or lost.
Thanks for reading so far, I'll keep this thread updated with progress, but I'll probably only start working on it early next year.
Click to expand...
Click to collapse
If you're going to keep it offline then there is no reason to be paranoid about it.
Sent from my SCH-I535 using Tapatalk
Droidriven said:
If you're going to keep it offline then there is no reason to be paranoid about it.
Sent from my SCH-I535 using Tapatalk
Click to expand...
Click to collapse
Well, it's going to be offline, but still mobile.
I realize I'm still going overboard with it, but it's mostly for testing purposes... honestly, I'm not really all that paranoid about it, boring life with nothing to hide blah blah.
I wanna see if the tablet can even work if I take all those modules off (cameras, wi-fi, bluetooth, etc). I've tested some smartphones that can work perfectly well even if you physically disconnect cameras, not sure about the rest.
I also have another pet project to have a device that is still online, but with the most security and privacy oriented measures in place... so it's a bit of testing for that too.
The underlying purpose is to see if I can modify multiple types of devices to be used in highly secure and privacy oriented scenarios. Part of my curiosity as a journalist I guess. Already turned an old laptop into a locked down Linux machine, but I didn't do much on the hardware side.
Other stuff like encryption and a strong user login system would need to be in place in case of robberies and such.
In any case, think of it as a testing platform... I know no devices will ever be completely secure and private, but willing to do as much as possible with a single device and no specialized tools to enhance things.
I have an old Sony Xperia Z2 that is not being used. I plan to either sell it or use it as a surveillance camera.
The one thing that makes me hesitant to just make it a surveillance camera is the security concern that I have. I’m simply afraid that it might get hacked as the phone does not receive any more security patches for the stock ROM.
If using it as a surveillance camera, I would not use it for anything else and would uninstall all other apps than the surveillance app. I would probably not have any SIM in the phone, just have it connected to my WIFI and through that send images to an online server.
Should I be concerned about the security or just go on and make it a surveillance camera?
Would the phone be more secure if running Cyanomodgen instead of the stock ROM? There are nightly builds for the Z2 but I want the time spent on phone maintenance to be as short as possible.
My WIFI is encrypted and I only use strong passwords.
I would not worry.
An old slow phone is not a priority for hackers.
And you could make it a non issue by firewalling it to only connect to your lan router.
Then it could not even be used as the world's slowest email spammer.
Thanks for your reply.
But if I want to upload images to a web server online then I cannot block it off from the internet. Which, I guess, makes it somehow vulnerable.
Is Droidwall a good option if looking for something to block everything but the IP addresses of my current hosting company.
Would the phone be more secure if running Cyanomodgen instead of the stock ROM? There are nightly builds for the Z2 but I want the time spent on phone maintenance to be as short as possible.
Droid wall had not been updated on a long time as I remember.
You should be looking at afwall.
Which is basically a front end for iptables rules
(Which is what most Linux based network protection is based on.And I think you could get a doctorate and still not know everything about ip tables) but the fire wall is not designed to block single ip addresses do you will have to look at custom rules, which means lots of confusing research. (Only confusing for the first while)
No I don't know of a simple way of doing it.But there is tons of information on iptables rules online.
You may also want to look at the hosts file to block common attacking addresses.
It should not matter if you are on a oem Rom or a custom one. (Other than a oem will have more things running slowing down your phone)
I don't think the phone receives any more updates for the stock ROM. So in that case, I guess the custom ROM, which receives updates, is safer.
I'm leaning towards just putting a memory card in the phone and run it offline. That way I don't have to worry about any updates or firewalls, I can just check the images on the memory card in case anything bad has happened inside or outside of the house.
I'm really tempted to buy a Pixel 2 XL but the privacy aspect of it freaks me out a bit.
I'm concerned with my online privacy: I don't have FB, try to avoid having a central provider of apps (i.e. Google), use a VPN, Signal, you get the picture.
Is it possible to stay this way and own a Pixel 2? Some specifics of things I'd like to avoid: microphone recording all the time, definitely not uploading my photos to Google Photos, Google having the ability to "see" my phone screen at all times, location being constantly recorded, etc.
Could rooting the Pixel 2 help with this? Also, does rooting to use something like LineageOS on the Pixel 2 negatively impact the quality of the camera?
Thanks!
How comfortable are you with building android from sources? The pixel 2 is supported by copperhead OS which would probably cover all of your needs.
Miguel Carvalho said:
I'm really tempted to buy a Pixel 2 XL but the privacy aspect of it freaks me out a bit.
Click to expand...
Click to collapse
First, as someone who spent years working on other company's databases, I can tell you from experience that the few people at Google who can access your data aren't going to be accessing it. When they're working on a database, it's not your data they're looking for, it's the reason the database isn't working that they're looking for. Once they find that they go on to the real work they're being paid for and try to catch up on the time they wasted getting the database (which may hold everyone's pictures or everyone's contacts) working. Fixing data isn't their primary job. And they don't have a moment to waste looking at your contacts to see if there's someone they'd like to call. Put someone in with a totally wrong ZIP code (like someone in Los Angeles with a ZIP code starting with 6 - which is Illinois) and they'll never change it for you. It's wrong, if they see it they'll know - but they'll never be looking at it.
I'm concerned with my online privacy: I don't have FB, try to avoid having a central provider of apps (i.e. Google), use a VPN, Signal, you get the picture.
Click to expand...
Click to collapse
And the VPN keeps a log of every connection you make, so that keeps it nice and centralized, if the government ever wants it. Bad idea.
Is it possible to stay this way and own a Pixel 2? Some specifics of things I'd like to avoid: microphone recording all the time
Click to expand...
Click to collapse
Don't turn on your voice recorder. The Pixel doesn't record "all the time".
definitely not uploading my photos to Google Photos
Click to expand...
Click to collapse
Then turn Photo Sync off. (Although even if you had pictures of a plot to overthrow the government, I doubt that anyone would ever find them.)
Google having the ability to "see" my phone screen at all times
Click to expand...
Click to collapse
They don't, any more than anyone else on the internet does. If you don't run a VNC server, no one does.
location being constantly recorded
Click to expand...
Click to collapse
Keep location turned off. Of course, if you lose your phone, you won't be able to use Android Device Manager to find it.
Could rooting the Pixel 2 help with this?
Click to expand...
Click to collapse
Not unless you want to use an app that requires root access that would "help with this". And none of what you're talking about so far involves root access.
Also, does rooting to use something like LineageOS on the Pixel 2 negatively impact the quality of the camera?
Click to expand...
Click to collapse
You can run Lineage without rooting. If you root, then install Lineage, you'll have to root again, because (as far as I know - I haven't run Lineage yet) Lineage doesn't come rooted. Does it affect the camera? Not if you still run Google's camera app. If you run a 3rd party camera app, probably. (Google does the HDR in the software of the camera app.)
If you want total anonymity, just do 2 things - never use a phone and never get on the internet. (Also never use a credit or debit card, don't have a bank account, pay cash for everything all the time, don't have a real job [wages have to be reported to the government - any government] ...) Basically, live totally off the grid. As soon as you get on the internet (even from a library's computer) you've left a trail. As soon as you've opened a bank account you've left a trail. As soon as you've applied for a credit card you've left a trail. And any of those 3 is a lot less secure than the data you back up to Google.
So you have a choice - live a totally paranoid life as a hermit in a cave, or learn to live in society, take normal precautions and stop thinking that everyone's trying to get your information. Very few people (other than organizations like your government's taxing agency) care. (I've been on the internet, storing data on servers, since servers used to dial each other up once a day - and I've never had any data compromised or had a "visit from the black helicopters". [And, on most sites, I've used my real name and real location, so I'm easy to find, if anyone wants to look for me.] I've been bothered more by people trying to sell me their brand of religion waking me up, and I don't have "No Trespassing" signs on my lawn.)
(Just don't use your phone for anything illegal. But don't use a computer for anything illegal either. If the police come for you they'll take your phone. But they'll take your laptop, desktop and all your papers.)
Miguel Carvalho said:
I'm really tempted to buy a Pixel 2 XL but the privacy aspect of it freaks me out a bit.
I'm concerned with my online privacy: I don't have FB, try to avoid having a central provider of apps (i.e. Google), use a VPN, Signal, you get the picture.
Is it possible to stay this way and own a Pixel 2? Some specifics of things I'd like to avoid: microphone recording all the time, definitely not uploading my photos to Google Photos, Google having the ability to "see" my phone screen at all times, location being constantly recorded, etc.
Could rooting the Pixel 2 help with this? Also, does rooting to use something like LineageOS on the Pixel 2 negatively impact the quality of the camera?
Thanks!
Click to expand...
Click to collapse
I'm just like you! I suggest to check all the settings on myactivity.google.com and turn every option off, especially "web activity and apps". I stay away from social networks and use a good VPN too, but I've just found out on XDA that it's a bad idea, as VPN keep log of your activity... What do you think??
I also use Orbot sometimes, but with all scripts disabled some sites are unreachable.
As to the photos, to tell you the truth I'm not concerned at all, since I only post pics of my cats, animals, wallpapers and so on... :laugh:
I can't help you with rooting, this is my firt Android phone, I bought it in April!
Good night, gentlemans.
Long story short: I have tryed a lot and cant find super simple and direct order solution. And iam very confused and dissapoint.
Below I will explain in details, but if you wont spend time or have not itm Q:
1. Is it REALLY possible have an android phone the way you want it, fully under your control and without issues like "you cant do it, go suck dog's tail"?
/
long ver. expl.
/
long time i have used android phones (always loved samsungs, from buttons folds to first smarts. iam old fart and member era before Iphone, before one-fit-all glance brick form factor and world with only 2 phone OS. some maybe member 3 (win), but long time ago there was much more. and them was REALLY diff; so then i had done stupidest thing for all time when switch to Xi.), and not ever thinked about non-stock roms , etc (but knew it very long time. my fried starts to learn and go in to testing then dev smth about 2.3 – 2.3.2android era, then go to work in Samsung. iam know about stuffs that you can fully customize you phone etc etc, but just wasnt interested into. i have browsing, phone services, maps, and thats was totally enough for me.)
... years spent.
and at one day i have realized that i doesnt like the state and our interactions between me and my android phones. then start some censorship era, i bought good mega premium vpns for years and forgot again.
then times spent.
and i have realized that Google not my friend, not on my side and not a solid trusted partner.
bad thing is that here Usually you know from start or very quickly who is who.
for ex "we" (mine workaround enviroment and oth) always knew that MS is a [bad] corporation and has no ullusions, trust and reliable, and has played that way couter plays. the same with FB, and a lot a lot others.
on other side there is a another side, totally counter polis - some who has solid proved rep, much more trust credit and etc.
G was a big illusion.
ok, would not go deeper.
So i have realized that i dont want interact with google and it services any more. AND i has really NO any need in them atm.
Ok. iOS.
(never understood iphones all that years, tried and it was nightmare for me. and the biggest trouble - at that moment just non exist opportunity to interact with blockchains ****s and stuff in full state and manner i used and need. non exist by concept and design).
so go to A.
not long time ago i knew that here was conceptual revolution in apple vision about that ****s, and atm in 2022 i can obtain and use everything i need and used in ios as in A. maybe not that way super comfortable, but WORKS and fully covered. i bought iphone (XR) and put androids in junk.
But iOS really not for me.
iam would not to start argue or holywar, but FOR me and my big expirience in diff online ways interaction (iam online from 1999) ios user expirience and implementation of a LOT of aspects just a hell, nightmare.
(and am totaly not mean a "paid for everything" thing. no no, no proublem, iam paid what i need, even if it laughable that it havent native and need to be buhyed, also like media managnets etc etc etc. BUT iam still use iphone, BECAUSE atm here is very very very thin nuances, that iam forced to use IOS instead A. and struggling and cry, but still staying. coz ATM here is thin thin nuances that has > all nightmare part of everything in ios user expirience. ok, ok, need to say honestly: but one thing amazed me in iOS enviroment. you can obtain DIRECT, PERSONAL, HUMAN customer support 24/7 real time. with no **** like "neural networks writed by monkeys **** dogs" - the case about 7/10 of EVERY customer services in all spheres nowadays. )
so iam look some little deep more i knew about customize android phone and starts to trying.
start from old one Xi , unlock my 1st BL, and start experiments.
than anoter more modern Xi.
than diff Android phone.
about less in a year i have all the ****s went.
tried million custom roms, learn to flash things here in there, in win and in *.nix, has brick to full dead my phones and unbrick it by myself with all that engeneer roms, qfils, sometimes paid services like edl, etc etc etc.
and iam realized one thing:
IT IS ALL JUST "SKINS" and no more.
Yes you can find "no google" something offered but it would be anyway somehow **** iam doesnt want. gaps micro gs, spoffs, jerking here and there.
root firewalls, debloaters of all kind, auroras, fdroids, lOS, and oth.
and in the end of a day iam ALWAYS stuck into some wall there i have see an a sign "YOU CANT, GO SUCK DOG".
or i can physically, tryed hard, but after 1st reboot that glance lights brick became an a just brick. and here we go again...
for example iam REALLY DOESNT WANT to has an a bluetooth, wifi direct, "smart connections" features and any location services, especually fused ones.
iam doesnt want an a preinstalled browser, gallery, fm radio or some other ****s that i can put into "disable" and like "restrict" some kind of activitys, but thats all butafory. OR - brick state incoming.
as a some option: super old ber of A with Permessive SElinyx - so it just has no sence to use at all, directly install huge backdoor and cosmic wide security issue. even if you woul not plan to use smth serios. you can did it ocasionally and... you would rekt.
and that only yours fol - u wided yours ass by yourself.
ok iam read about make an a ROM.
as i have understood i need an a hiend pc, a lot of things, time and knowledge, and [seems] in result best i would obtain it be some "pixel like" skin with all pretends.
So i have really cant understand - is here a POSSIBLE to have an a ROM for A, with totally NOPE ties to G ayways, even firebase ****s, just the way i want, witout some hardtied things that i "cant" manage or get rid.
i have an very good 3rd party paided services, iam not need no mail from g or some other, i have an a premium vpns of all kinds so i doesnt need any (even as feature) "safe browsing", i dont need any g or it partners clouds, coz i have my own etc etc. i dont need Gpay services, i can obtain apks i need DIRECTLY, no gp, no aurora, no FD. i can pay for services DIRECTLY, witout involve in that process any G **** etc.
but seems i cant has an a host os at my phone to put it all into. the way i want.
OR iam wrong?
but seems i can have an my own