Related
First of all, let me say that I believe users doooshty and jjcd51590 has a great idea in this thread about remaking all the Google closed source apps form scratch in this thread.
http://forum.xda-developers.com/showthread.php?t=564263
However this has the obvious disadvantage that this could only help us at sometime in the future when all the new non Google apps are fully developed and stable. I have an idea that can help save the rom dev community immediately and it's 100% legal. (At least I think it is. Anyone on here a lawyer?)
This closed source app situation got me thinking about other programs I've used on my PC in which the legality of it was questionable; specifically PlayStation emulators. If you ever installed one you know that they come missing important files (the bios) that are needed for it to run because it is illegal for them to be distributed by anyone except Sony. You are left to obtain these files on your own and complete the program yourself. The legal way to obtain these missing files is to download them directly off your own personal PlayStation. This has many similarities to the current situation.
Only members of the Open Handset Alliance can legally distribute the Google closed source apps. Unfortunately, Cyanogen is not a member of this group. Neither is any other dev on this site. However, HTC is. HTC publicly distributes the Official rom for the Dev Phone and the Google I/O phone, which legally contains all the Google closed source apps.
http://www.htc.com/www/support/android/adp.html#s3
http://www.htc.com/www/support/android/google-io-device.html
My idea is for all rooted users to store the official Android release from HTC on there SD card in the same way you need to get the bios file for the emulator. Then perhaps someone (maybe Cyanogen) could create a new recovery image that can processes scripts in the update.zip files that can pull individual apk files from the HTC_Official.zip so the closed source apps don't have to be included in the custom rom itself. Allowing the devs to bundle an app extraction script to their roms would allow for a noob friendly and seamless transition. It would also give the devs the direct ability to choose which apps to install and where they want to install them to, much like they can do now. Does anyone know if this can already be done by using the firstboot.sh script? If scripts can't be run from the rom's zip file during the install, then maybe a separate menu option to generically install the closed source apps from the HTC_Official.zip on your sd card. Although this would limit the control the devs have over their roms.
In order for something like this to work, we would need to set standards that everyone could do. Similar to the way the SD card is always divided into three partitions ,first one fat32, second one ext2/3 and the third one linux-swap, always in that order. Downloading the official HTC release and saving it on a standardized location on the SD card will have to become common practice.
Please keep this thread limited to the discussion of if this idea is doable. I don't want this to turn into a "Google sux for doing this" thread.
This is a great idea. We would't have the new market, but ok ;-)
It was originally doooshty idea i liked it and asked if i could start the thread on it since he was busy
and it sounds good to me and i guessed the bios in the other thread (they were a b!tc# to get a hold of... legally of course )
but yea if nothing else a folder and a script moving them to the correct directory
izzit possible to cyanogen to leave out close source apps in his update.zip and we download the left out close source apps from some torrent sites?
ie so as to avoid the legal troubles?
Great idea, i hope this closed apps aren't need to boot rom witouth them.
I tought there were a big integration of this package.
But for sure this the good solution.
Hope devs can make it.
jjcd51590 said:
It was originally doooshty idea i liked it and asked if i could start the thread on it since he was busy
Click to expand...
Click to collapse
Thanks. Post edited. Credit given to doooshty as well.
Really I would be happy without the new market if that's all it takes who needs it what because it's prettier it's worth having Cyan make better ROMs that G ever did to not have it. just my opinion.
Alternatively, if someone were to post a tread about how to extact the needed files from a ROM, and the devs made ROMS missing those peices then the individual user could be responsible for putting them on their phone. This whole thing is a very fine line legally. I find it weird that Google are issuing the C&D to Cyanogen when EVERY ROM that has been posted here (except maybe 1 if I remeber right) Has had propriatory code from Google and/or HTC in it.
Relating it to your emulator example, the owners of the ROM copyright have every right to prevent you from doing this, it is their property, but what they usually do is get the sites distributing ROMS shutdown, not go after individual users.
testing567 said:
Thanks. Post edited. Credit given to doooshty as well.
Click to expand...
Click to collapse
haha thanks i dont want him to think i took full credit
terrible - i have one question: why? (for the money )
Android should be open, why google turn back from developers? Custom roms are better and they probably see danger
this sucks, we need customs roms
Baldyman1966 said:
Alternatively, if someone were to post a tread about how to extact the needed files from a ROM, and the devs made ROMS missing those peices then the individual user could be responsible for putting them on their phone. This whole thing is a very fine line legally. I find it weird that Google are issuing the C&D to Cyanogen when EVERY ROM that has been posted here (except maybe 1 if I remeber right) Has had propriatory code from Google and/or HTC in it.
Relating it to your emulator example, the owners of the ROM copyright have every right to prevent you from doing this, it is their property, but what they usually do is get the sites distributing ROMS shutdown, not go after individual users.
Click to expand...
Click to collapse
HTC can legally distribute the rom, and any user can legally download the rom directly from their site. As for putting the apk's in manually, yes that would work but I was wondering if it could be made noob friendly by having it built into the recovery console. Not only that, but if it could be done through scripting in the dev's individual update.zip's, then it allows the devs the freedom to choose which apps to install and to where.
Maybe it's time for a visual kitchen,
1 download the rom
2 add package
3 compile it
4 flash it
imfloflo said:
Maybe it's time for a visual kitchen,
1 download the rom
2 add package
3 compile it
4 flash it
Click to expand...
Click to collapse
THIS is a nice idea!
what if we took the official htc rom pulled the closed sourced apps, made a flash pack with just those apps, and left it to the individual user to flash, or would not work bc we would be giving them the apps?
another idea, have the closed sourced apps in a folder on your sdcard, use gscprits to make a script that would push all them to /system/app/ would that work?
or one more
on the principle of the above idea have a .sh file on the fat32 part of sdcard that you could run in the recovery console
Code:
mount /system
cp /sdcard/(standardized folder name)/appname.apk /system/app/
and have the cp command for each of the .apk names. something like
Code:
mount sdcard
sh /sdcard/scriptname.sh
My Opinion
Hey all,
I've mostly been a watcher here at XDA but I felt the need to make a comment. I'm not a lawyer but I am a developer on the application level. Anyways these are just my opinions and should be verified by legal counsel to hold merit
There's some good and viable ideas here for distributing modified Android ROM's w/o Google's proprietary apps. But rest assured any ideas which involve either distributing, installing, ripping, re-packaging, etc, any of Google's proprietary apps w/o their consent is ILLEGAL. That is what spawned off this whole rocus in the first place. Although I do applaud what Cyanogen is doing for the Android community... but I digress.
If Cyanogen or other devs can't workout a deal w/ Google, then the only LEGAL solution is to develop replacements for these proprietary apps. Lets keep in mind that the apps are what needs replacing, not the service that Google provides.
All these apps are replaceable, it will take some work but it is doable. The biggest hurdle, which Cyanogen made a comment about in this thread (http://forum.xda-developers.com/showthread.php?t=564263) is the syncing process. I don't really know the amount of effort required to come up with a workaround for the sync process. My knowledge of Android is mostly on the framework level.
“The most successful people are those who are good at Plan B.”
A build without google apps is a bit different from one with them.
imfloflo is dead on, without google apps, the phone won't work for phone calls (needs the SDKSetup package so that phone works), you lose contact syncing ability (so it depends on your SIM Contacts, therefore STK is a must). SDK Setup also interacts with ContactsProvider, and it would conflict if GoogleContactsProvider is also in the build, so the script would have to remove SDK setup and any other files meant to make the phone boot without the Google Apps.
This idea is dead on. When you buy the phone, you enter an end-user license, but we need to read the fine print to see if the license applies in a per-app and per-driver basis or if it only applies to the whole build, otherwise, it means we have to make TRULY custom roms (not a bad idea).
I could work a quick cupcake build that's based entirely on AOSP so you guys can see what it's like (it's not thaaaaat bad), but then there's the issue with the HTC proprietary files, since this event has raised that issue too. I guess I could toss in a script so that you guys have the files extracted on your sdcard and the script will copy them to the propper locations so that the phone can boot.
BoxyD said:
1. But rest assured any ideas which involve either distributing, installing, ripping, re-packaging, etc, any of Google's proprietary apps w/o their consent is ILLEGAL....
2. If Cyanogen or other devs can't workout a deal w/ Google, then the only LEGAL solution is to develop replacements for these proprietary apps. Lets keep in mind that the apps are what needs replacing, not the service that Google provides....
3. “The most successful people are those who are good at Plan B.”
Click to expand...
Click to collapse
1. It's redistribution that's illegal. If the app takes the existing program for which you already are licensed to use, then it's perfectly legal to 1. make a backup of that program and 2. re-install the program in the same environment provided that you're not using said backup application to restore the backup to more devices than which your license has allowed you to. If what you're saying were true, then there would be no backup programs. If you keep an image of the build with the programs you received, then it's basically the same as still having the installation medium, thus you can use this medium to restore your application, again, as long as it's done in a legal usage manner.
2. Making open-source alternatives to Google's apps would be great. We need to find out Google's API's for things such as contact sync, Maps (this is already part of the AOSP project), Market and YouTube, these are biggies, don't think there's an open API for them, for YouTube we could make an flv player based on an open-source player and then find out a way to force the video stream to be played, but without a legal API to stream YouTube content, it's still shakey ground.
3. I like your quote, I'm stealing it
BoxyD said:
Hey all,
I've mostly been a watcher here at XDA but I felt the need to make a comment. I'm not a lawyer but I am a developer on the application level. Anyways these are just my opinions and should be verified by legal counsel to hold merit
There's some good and viable ideas here for distributing modified Android ROM's w/o Google's proprietary apps. But rest assured any ideas which involve either distributing, installing, ripping, re-packaging, etc, any of Google's proprietary apps w/o their consent is ILLEGAL. That is what spawned off this whole rocus in the first place. Although I do applaud what Cyanogen is doing for the Android community... but I digress.
If Cyanogen or other devs can't workout a deal w/ Google, then the only LEGAL solution is to develop replacements for these proprietary apps. Lets keep in mind that the apps are what needs replacing, not the service that Google provides.
All these apps are replaceable, it will take some work but it is doable. The biggest hurdle, which Cyanogen made a comment about in this thread (http://forum.xda-developers.com/showthread.php?t=564263) is the syncing process. I don't really know the amount of effort required to come up with a workaround for the sync process. My knowledge of Android is mostly on the framework level.
“The most successful people are those who are good at Plan B.”
Click to expand...
Click to collapse
Ehh I think we CAN extract from the free downloadable package by HTC..
I don't think it's illegal, but it depends on where you live ;-)
Legal
You may not copy (except for backup purposes), modify, adapt, redistribute, decompile, reverse engineer, disassemble, or create derivative works of the Google Software or any part of the Google Software. You may only load the Google Software onto the Android Developer Phone 1, and except in conjunction with third party software that makes up the Android system image, you may not combine any part of the Google Software with other software, or distribute any software or device incorporating a part of the Google Software.
Nothing in this License Agreem
Click to expand...
Click to collapse
Source:
http://www.htc.com/www/support/android/adp.html#s3
testing567 said:
My idea is for all rooted users to store the official Android release from HTC on there SD card in the same way you need to get the bios file for the emulator. Then perhaps someone (maybe Cyanogen) could create a new recovery image that can processes scripts in the update.zip files that can pull individual apk files from the HTC_Official.zip so the closed source apps don't have to be included in the custom rom itself. If scripts can't be run from the rom's zip file during the install, then maybe a separate menu option to install the closed source apps from the HTC_Official.zip on your sd card.
Click to expand...
Click to collapse
I was thinking about something similar.
When you build the AOSP code from scratch for your G1, you first have to pull some files off the phone which are device-specific and Google/AOSP doesn't have the rights to distribute them. But everyone who has a G1 already has those files on the ROM that came with it, so he/she can build a new one.
As for the closed source Apps, they're already on the phone. If a user first switches from the official ROM to CM, the closed source apps will be on the phone already (if it's a "Google Experience" phone).
So I think all that has to be done is just not touching those apps when flashing the new ROM. Users who don't have those apps preinstalled could always install them manually once using adb.
Of course, this would mean that we don't get the newest closed source apps when upgrading to a new CM version (like the new Market right now). But that's something I can live with...
I have about two weeks experience with Android OS and as a software developer I will be interested to know the technical details behind the Android OS.
I have already noticed this is possible to upgrade applications ported with the handset's ROM i.e. the Market app. This raised the question to me why can't I uninstall applications from the ROM without rooting or risking my handset's warranty to achieve this?
Is my expectation as a user of computers for 20 years unreasonable to think in 2010 with all software development and technological advances the uninstall feature should have been in Android OS from day one?
This is not exactly like Google is the first company in the world developed an OS to just the lack of experience with what users would want. From what I have seen so far in world of Android is that, the first thing users would want to know how to root their handset to remove packages that they have no use for.
My guess is that Google doesn't want users removing Systems apps. I'm assuming that they think that these applications are core and thus don't want you removing them. Remove the market, no more apps... or way to get it back etc.
Applications installed by you can be uninstalled, I'm just thinking it is the same as in windows, you can't uninstall the task manager etc (Bad example but meh =P)
Very simple - to prevent lay users from removing critical components.
Can you imagine the service costs involved in reparing devices that that have been damaged by people trying to remove bloatware?
They still give you the option to restore.
OK DISREGUARD THIS AS I MISSED THE PART ABOUT NEEDING TO ROOT!
They can be removed but its not recommended to do so without know EXACTLY what your removing and weather is vital to your phones operating system.
BUT in order to do so your phone needs root access, and root explorer installed. There are several forums on just about all android support sites that explain how to root, install the manager, and which apps/files NOT to remove.
J_HaX said:
They can be removed but its not recommended to do so without know EXACTLY what your removing and weather is vital to your phones operating system.
BUT in order to do so your phone needs root access, and root explorer installed. There are several forums on just about all android support sites that explain how to root, install the manager, and which apps/files NOT to remove.
Click to expand...
Click to collapse
Ye u can remove almost every stock app but this may affect the stability of your phone, modifying your phone always comes with the option restoring it back to default. If something goes wrong with moding (something really hard and extraordinary rare ) u can restore it. Browsing through Xda might solve many questions, we all didn't wanted stock rom (not because it was bad, because we can have s omething better. This community has VERY VERY good developers.
Androids own!!!
One thing I still don't get is...
How can Google upgrade Market app without the su privilage but the rest of the world has to root their phones to remove bloatware such as 'amazon mp3'?
@ftgg99: How much bloatware in Windows cost Microsoft or PC manufacturers? None in fact they get paid to include them with your hardware. However, I see an issue with mobile devices. You have already paid for the ROM storage, the bigger ROM size is the more expensive your handset would be, then the manufacturer uses your already paid ROM to make even more money by installing bloatware. I would be a fool to think manufacturers would pass on a percentage of the bloatware earnings by reducing the cost of their products to the consumers in this model.
The way I see it, the burden has been put on the communities such as xda. Users wouldn't ask the manufacturers how to root their handsets and this is left to the dedicated individuals to overcome the mess compnies normally leave us with. I'm not going to say the mess is a cost saving measure by companies.
The thing is that there are a lot more people buy and use phones than computers. After someone buys a smart phone with intention to use for calls, text, web and to use some apps, they realize the possibilities of the smart phone, they start digging in to the files, therefore Google blocked the root folder from modifying, otherwise Google would have to repair warrantied phones that didn't have to end up there just because people didn't know or care what they did. But if you got passed ROOTING, you must know what you are doing and from this point you can modify files and apps, but now ROOTING becomes too easy.
Basically just because too many juveniles got their hands on the equipment.
CSharpHeaven said:
One thing I still don't get is...
How can Google upgrade Market app without the su privilage but the rest of the world has to root their phones to remove bloatware such as 'amazon mp3'?
Click to expand...
Click to collapse
I'm also very interested to read the answer for this one!
CSharpHeaven said:
One thing I still don't get is...
How can Google upgrade Market app without the su privilage but the rest of the world has to root their phones to remove bloatware such as 'amazon mp3'?
Click to expand...
Click to collapse
RAMMANN said:
I'm also very interested to read the answer for this one!
Click to expand...
Click to collapse
The answer, from my point of view, is quite simple: they just upgrade the application on /data/app ON TOP of the /system/app default Market version. So, you can always go back to your "default" version just by "uninstalling updates".
Summary: they do not upgrade the Market form ROM, just install the new version on top.
CSharpHeaven said:
I have about two weeks experience with Android OS and as a software developer I will be interested to know the technical details behind the Android OS.
I have already noticed this is possible to upgrade applications ported with the handset's ROM i.e. the Market app. This raised the question to me why can't I uninstall applications from the ROM without rooting or risking my handset's warranty to achieve this?
Is my expectation as a user of computers for 20 years unreasonable to think in 2010 with all software development and technological advances the uninstall feature should have been in Android OS from day one?
This is not exactly like Google is the first company in the world developed an OS to just the lack of experience with what users would want. From what I have seen so far in world of Android is that, the first thing users would want to know how to root their handset to remove packages that they have no use for.
Click to expand...
Click to collapse
Have you tried to work with iPhone(don't know about iPhone 4)? They build fortress around their system and even the apps you install cannot be uninstalled until you gailbrake it and use 3rd party installer to uninstall. And not talking about the "MONOPLY" they run with AT&T.
Hi
I need some advise?
I've developed and application that is used i the courier industry. I want to know from anyone vast amount of knowledge. When i need to work with over 200+ phones and between 7 different make and model is it more logical to create a robust app (Will asct like a home screen app) or to create a custom ROM.
Reason being we would like full control, not let the employees waste data and battery life "playing" on the phone.
Signing off on me first post. thanks
Wil_Ryan said:
Hi
I need some advise?
I've developed and application that is used i the courier industry. I want to know from anyone vast amount of knowledge. When i need to work with over 200+ phones and between 7 different make and model is it more logical to create a robust app (Will asct like a home screen app) or to create a custom ROM.
Reason being we would like full control, not let the employees waste data and battery life "playing" on the phone.
Signing off on me first post. thanks
Click to expand...
Click to collapse
i would say the app, mainly because if you have 7 different make and model, you would need 7 different roms and the ability to unlock and put custom recovery on before you could flash the rom.
however, with the app, im sure you would need root privileges to limit the user as much as you want to, and that brings up the question of if these devices can be rooted.
im no expert, just throwing out my 2c.
Hi,
I'm currently programming an app for a hospital as a bachelorsproject. Now I've discussed with my mentor about the fact we want the devices to be used only as pupose for the app I'm making, apps we preinstall and future apps that are made for the personel thats using them.
Currently I'm working with a Galaxy Tab A 10.1 (2016) running android 6.0.1 without it being rooted.
So what do you guys suggest with this I've done some reading along how to root whats possible and seen some guides for my device on how to root it.
What I want to do is actually have like a stock android so no samsung bloatware and microsoft apps etc, even chrome doesn't need to be installed as they don't need acces to browsing. And then pre install specific apps like my app, the one from the hospital itself, future apps and others we specifically need.
Also I'm new to android in general so can I create like a nurse user, and a IT-desk user so the IT desk user can log on the tablet and install an app, while the nurse doesn't even have acces to settings maybe.
Would love to hear what you guys think along what to do, and maybe some general steps like root it, flash a stock rom, create your (2)users, and install apps.
Tommyboy500 said:
Hi,
I'm currently programming an app for a hospital as a bachelorsproject. Now I've discussed with my mentor about the fact we want the devices to be used only as pupose for the app I'm making, apps we preinstall and future apps that are made for the personel thats using them.
Currently I'm working with a Galaxy Tab A 10.1 (2016) running android 6.0.1 without it being rooted.
So what do you guys suggest with this I've done some reading along how to root whats possible and seen some guides for my device on how to root it.
What I want to do is actually have like a stock android so no samsung bloatware and microsoft apps etc, even chrome doesn't need to be installed as they don't need acces to browsing. And then pre install specific apps like my app, the one from the hospital itself, future apps and others we specifically need.
Also I'm new to android in general so can I create like a nurse user, and a IT-desk user so the IT desk user can log on the tablet and install an app, while the nurse doesn't even have acces to settings maybe.
Would love to hear what you guys think along what to do, and maybe some general steps like root it, flash a stock rom, create your (2)users, and install apps.
Click to expand...
Click to collapse
You could build an AOSP ROM for that model number with only the apps and features you choose, it would require AOSP source code and your stock source code.
Then, yes, android natively supports setting up user profiles, with root access you can set it so that the "nurse user" profile can only use the device and an "admin user" would have exclusive permissions to make whatever changes are needed. You can set it so that the "nurse user" would not be able to install new apps, wouldn't be able to browse the web or even set it so they could browse if needed but would be limited in what they can access on the web, and you'd be able to set it so they would be locked out of all settings.
What you want is very possible, the most difficult part would be compiling the ROM if you go that route, you may not need or want to though because with root, you can strip down the existing stock firmware to remove the extras you don't want or need.
Mind you, there would be some details and specifics to deal with that would require trial and error along the way, obviously.
I would like to setup my phone to be able to browse/use apps as anonymously as possible. I realize that will require Tor/VPNs, and I am working on getting that information elsewhere. Here I am focusing on the phone itself.
It will be a new Samsung on Verizon. I would like to anonymize and secure it as much as possible. For example, I know that Verizon and Google are shipping new phones with spyware and other tagging features. I am not very tech saavy (I cant code), but I am a fast learner.
I will be trying to avoid using Google products at all costs (No Play Store, GMail, etc) - except for Android system updates (I assume this is a necessity?). I am willing to do anything, *except*: Replace the OS - it has to be regular Android (Unless someone can show me an add-on/alternative that wont require constant maintenance/detailed knowledge of how a phone OS works), or compromise the basic software so that it become unstable or wont work with basic apps.
I assume rooting is a must - but I will need some direction as to how this can be done safely, and what I will then need to do to keep the phone updated and stable.
Specifically I am looking for:
- How to remove all native spyware/malware/unnecessary apps (without accidentally deleting something critical).
- Remove any features that could ID my device over the internet
- What kind of software/app I need to set up to protect against future malicious software (some kind of anti-virus/malware scanner?).
- How to most securely encrypt the phone and any data on it (so that if someone was able to get control of it, accessing it's contents without the pass key would be as difficult as possible).
- If necessary, before I web connect it, I could download any apps/programs on another device and trasfer via MicroSD
- Any general tips that might help with this.
Thank you.
EDIT: I was originally planning on getting an S8, but I have read that it might have some issues, so I can get an LG G6 or even Galaxy S7 if it is still preferred for privacy/security.
If you didn't read it, it could be a good start in your search.
https://forum.xda-developers.com/general/security/tuto-how-to-secure-phone-t2960077
VPN!!!!
I think, regular updates with security patches is a must. But if you don't trust your original OS, how can you trust it's updates? I use mokee OS for this reason. And no gapps.
ThirdEchelonSam said:
I would like to setup my phone to be able to browse/use apps as anonymously as possible. I realize that will require Tor/VPNs, and I am working on getting that information elsewhere. Here I am focusing on the phone itself.
It will be a new Samsung on Verizon. I would like to anonymize and secure it as much as possible. For example, I know that Verizon and Google are shipping new phones with spyware and other tagging features. I am not very tech saavy (I cant code), but I am a fast learner.
I will be trying to avoid using Google products at all costs (No Play Store, GMail, etc) - except for Android system updates (I assume this is a necessity?). I am willing to do anything, *except*: Replace the OS - it has to be regular Android (Unless someone can show me an add-on/alternative that wont require constant maintenance/detailed knowledge of how a phone OS works), or compromise the basic software so that it become unstable or wont work with basic apps.
I assume rooting is a must - but I will need some direction as to how this can be done safely, and what I will then need to do to keep the phone updated and stable.
Specifically I am looking for:
- How to remove all native spyware/malware/unnecessary apps (without accidentally deleting something critical).
- Remove any features that could ID my device over the internet
- What kind of software/app I need to set up to protect against future malicious software (some kind of anti-virus/malware scanner?).
- How to most securely encrypt the phone and any data on it (so that if someone was able to get control of it, accessing it's contents without the pass key would be as difficult as possible).
- If necessary, before I web connect it, I could download any apps/programs on another device and trasfer via MicroSD
- Any general tips that might help with this.
Thank you.
EDIT: I was originally planning on getting an S8, but I have read that it might have some issues, so I can get an LG G6 or even Galaxy S7 if it is still preferred for privacy/security.
Click to expand...
Click to collapse
Assuming you are just talking about general privacy and security, then you are in with a chance to minimise data available to Google etc and be largely secure. If you are trying to prevent the likes of the NSA then you have no chance. At the very least your cell provider will know somethings about you (you have to show id in the US don't you?)
Without going to extremes as in the first link below and ending up pretty much with a dumb phone your best bet is to follow something more like this
https://privacytoolsio.github.io/privacytools.io/
As for security you can "harden" your system, there are some good threads etc on this. Or you could just buy a phone that is already hardened see Copperhead OS.
You are your phones best security, but I would say EVERYONE is fallible and could be tricked into opening a malicious email etc under the right circumstances so you should run a good antivirus, it may just save you one day. However they are not even 100% against all known malware let alone future ones or other exploits, it's just another layer of defence. Keeping your phone up dated with monthly security patches is probably your 2nd best defence after you! At some point you are trusting whoever provides your OS, network and any apps installed. Then of course this level of security must extend to all your devices that may link to your phone, no good running a router which doesn't get regular firmware updates, just this week all Linksys ones were found to be vulnerable, before that some Netgear ones, before that ....
Even using TOR does not guarantee anonymity as the NSA, GCHQ etc have been able to identify users in several ways, and no doubt still can, but it is the best way, though can be slow
Use your phones built in encryption, though this only works on a looked phone, anyone can see your data if they lack it up unlocked, or if using remote admin. Using an app to encrypt folders/files can prevent a local person viewing saved files though.
Rooting & removing bloatware would certainly help reduce data "leaks", but it has it's own risks and will void your warranty (though not up to date on S8 & tripping knox etc or on unlocking bootloaders on Verizon phones as I'm not in the US.) If it was me I'd buy an older model that has great support on xda & that you know you can unlock bootloader/root which has a good choice of roms from reputable devs that release monthly security updates quickly & then get a limited set of apps from fdroiod or similar.
whirlpool95 said:
VPN!!!!
Click to expand...
Click to collapse
But be choosy!
https://blog.csiro.au/tinker-torrentor-streamer-spy-vpn-privacy-alert/
(some vpn's are named in the full report, link at bottom of page)
Yea just don't use the internet on your phone, that's my advice .