Privacy @lemmy.ml jabjoe @feddit.uk 1y ago

Boxing Android

So I've got Android as I want. LineageOS, no Google, Magisk, MicroG but with AndroidAuto with OsmAnd+.

But the outside world of WhatsApp, Bank apps, etc is putting pressure to join. Plus not everything works properly with MicroG instead of the Google service provider. Makes me cross techno-politically, but I can't always hard life tech choices when it effects others.

So, what do others do? At the moment, I've thinking I need a non-free phone and a free-phone! Then what, I keep swapping SIM?? I can't see a workable VM solution to run a non-free Android in a freer Android.

The state of the phone market is pitiful.

41 comments

Install shelter and have a isolated work profile for my intrusive apps

But im still stubborn with not using whatsapp and my banking apps have passed safetybet luckily.

You could also look at setting up a matrix server whatsapp bridge... but maybe thats a selfhosting server thing and not android per se
- Update to this: I did try that on my LineageOS and it still wouldn't run. I'm getting a Pixel for GraphineOS. See how that goes.
I think there is a common misconception that LineageOS is a good rom for privacy when in fact its really meant for keeping an old phone useful and does not provide much in the way of added privacy or security.

OP if you want privacy on your phone there are better roms, the trade off with privacy is convenience. Banking apps especially have issue with privacy oriented roms.
- Oh my phone is old, but 6GB RAM is still ok. LineageOS gives me the latest Android on old hardware, while giving me an easy out of Google data mining.
  
  It doesn't do a whole lot to prevent Googles' data gathering. Still connects to a quite a few services in the background
GraphineOS sandboxes google services. You can take it a step further and only install sandboxed google services on a work profile or user profile so you can have toggle-able google services, allowing bank access and whatnot.
- Update: Old phone on way out, Pixel coming for me to try this.
If I cant find the app I need on fdroid, i usually just use the web version.
- Banks don't always have a mobile friendly web interface. When you turn on desktop mode (Firefox on Android of course) the site may load but not be very useable. (Though sometimes that is more useable than a bad mobile site)
  
  Its usually good enough. Mobile check deppsit doesnt work. Other things are fine.
GrapheneOS is what you're looking for if you have a pixel device.
- Update: This is the path I set for now. Have to replace old phone now anyway.
Use different profiles. They seperate apps, data, settings, etc. I use these profiles:

personal (for photos, communication, etc.)

internet (lemmy, mastodon, vpn, torrent, new pipe, etc.)

google (play store, drive, maps, translate, etc.)

finance (bank, paypal, localmonero, crypto wallets, etc.)

school (teams, canva, web shortcuts, etc.)

I think in vanilla android you can have 3 user profiles and 1 guest. I use grapheneos which supports 15 users and 1 guest.
- I'm on GrapheneOS now. I like the Sandboxing of Google. A compromise without feeling too compromised. The bank app runs too. Thanks for heads on GrapheneOS.
I got lucky that my MicroG phone works with my bank. But I had to call them to tell them about it, then they flipped some flag on their end and it has worked ever since. So idk, call your bank.
- Update: I'm going to try a Pixel and GraphineOS first. I'm expecting very little flexibility and understanding from a bank.
  
  well, good luck
- I honestly will not put ANY banking app on my phone. There is a risk of getting mugged or murdered for it. I keep a crypto wallet there with abut $50.
  
  I don't understand; how would a potential mugger or murderer know ahead of time that you don't have a banking app installed on your phone?
I use beeper to have all my non free messaging apps on my phone then I don't have to worry about the spying as much. But that might not work for you.
- OK, now that is very cool. It's like Pidgin for 2023 and phones. I may well give that a try! May solve the messaging bit.
  
  If you need a code to get in let me know I still have some, I can't remember if they did away with their cue and just let people join now.
I use lineage os with Foss apps and no microG. I use ntfy for push notifications but the apps need to support it.
- I did for many years too. But I needed Android Auto for a new car. It kind of forced the issue and it wasn't easy and I'm not happy how custom my install is now.
Here's what I do. I have GrapheneOS with 3 user profiles for compartmentalization. Mullvad VPN on and set to different locations in all profiles except owner profile. I straight up don't use the owner profile. I let it sit empty. I only use the two other profiles as they don't have as much access to the phone. One's my FOSS profile, which is my main profile. The other one's my big brother profile, which has Sandboxed Play Services. I think that's good enough for me, and I try to keep on top of permissions to limit what apps can access. You can always go further though, with more compartmentalization, no Play Services whatsoever, using no SIM/toggling airplane mode,FOSS dedication,.... but it all depends on your threat model. For me, I think what I'm doing is good enough.
- I'm on GrapheneOS now. I like the Sandboxing of Google. A compromise without feeling too compromised. The bank app runs too. Thanks for heads on GrapheneOS.

41 comments