this post was submitted on 25 Feb 2024
431 points (98.9% liked)

Privacy

31798 readers
218 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I might have misunderstood this but is Android really trying to push this as tracking as a privacy upgrade, simply because it let's us choose which of our interests we want advertisers to have access to?

you are viewing a single comment's thread
view the rest of the comments
[–] Pantherina@feddit.de 20 points 8 months ago (6 children)
[–] Zetta@mander.xyz 9 points 8 months ago (4 children)

¯\_(ツ)_/¯ I wish but switching to Apple would be just as bad and I would want to die being forced to use their fisher price software for the tech illiterate.

Soon though, in the next 5 years I think Linux phones (I know Android is Linux, you know what I mean) will be in a good state. So hopefully I can switch soonish

[–] michael_palmer@lemmy.sdf.org 5 points 8 months ago (1 children)

Google and SOC vendors are trying their best to stop developing of Linux phones. That's why available Linux phones use 10 year old chipsets.

[–] Bloodyhog@lemmy.world 1 points 8 months ago (1 children)

Lets be frank, the main reason is that only like 1% of the market has an articulated preference towards free software and privacy. No money to be made equals no product in our cruel world. And of course FOSS, even if it is free to a user (as in you do not have to pay to use it. You do need to spend your time and resources to learn it though, and that is not free already), is by no means free to develop. The time spent on it by devs has to be compensated somehow, enthusiasm is unfortunately not the only fuel our bodies need. And then, for phones, the hardware required is not free as well. And then we need a manufacturer, who would be much more interested in making a billion Android phones than a million of a niche product.

Does Google actively try to stop development of the alternatives? Unlikely, because they don't have to. They do not make it easier of course, why would they. And they do buy out everything they can, because they can use it to improve their products.

I do not see a good way out of this loop for now. Do you?

[–] michael_palmer@lemmy.sdf.org 2 points 8 months ago

https://postmarketos.org/faq/#why-postmarketos-over-ungoogled-android-or-halium Hardware vendors just use proprietary drivers so it's almost impossible to port linux to their devices. It is so crazy that you can't even update linux kernel in Android without vendor's help.

[–] The_v@lemmy.world 4 points 8 months ago (1 children)

I am waiting for the same thing. The amount of shit you have to disable, block, or unistall on android is getting ridiculous. It's getting really old.

Most of the new "features" that either apple or google add anymore are absolute trash. I am constantly having to go through the settings and disable shit.

The stock android is so full of non-romovable crap that a launcher is required anymore.

It's the same for windows, win11 is only usable with a launcher like startallback.

[–] Pantherina@feddit.de 1 points 8 months ago* (last edited 8 months ago) (1 children)

Dont wait, just get a Pixel 6a-8 and install GrapheneOS.

(8 is expensive but will last 7+ years with extended GrapheneOS updates)

[–] ridethisbike@lemmy.world 1 points 8 months ago (1 children)

What do you use in place of GApps? F-droid?

Also, what's the flashing process like these days? Does it still wipe everything or is there a way to save all the personal stuff?

[–] Pantherina@feddit.de 1 points 8 months ago* (last edited 8 months ago)

Just check grapheneos.org

They have only a minimal appstore preinstalled, which they use for their own apps. It is the best there is with full background updates etc. Every store could do this if they used modern libraries.

You have Vanadium preinstalled, from which you can install "F-Droid Basic" (the modern client), or Aurorastore, or accrescent, obtainium etc.

Their own solution is sandboxed google play, installed as regular user apps with way more restricted permissions and an opt-in method (only dedicated calls are allowed) in contrast to the extremely privileged microG or even "GAPPS" which can do everything (and in the place of microG having selected things removed, badness enumeration while still using proprietary Google code).

GrapheneOS is basically Android done right, play services etc. work, you can install all Google apps from the playstore, not as system apps, if you wanted to. (wallet and others are exceptions as they require a Google certified OS).

[–] delirious_owl@discuss.online 2 points 8 months ago

I dont think they're saying to use Apple. I read that as "Use Android without Google" ... Which is actually easier than using Android with Google if you install the OS yourself.

[–] Quastamaza@lemmy.ml 2 points 8 months ago (1 children)

There's Always graphene or calyx...

[–] Pantherina@feddit.de 1 points 8 months ago (1 children)

Calyx is way worse than Graphene. Only use it if your device is not supported by GrapheneOS > DivestOS.

And afaik Calyx doesnt even support many phones lol. On GrapheneOS this is actually due to missing security, which Calyx doesnt even use.

load more comments (1 replies)
[–] delirious_owl@discuss.online 9 points 8 months ago (1 children)

I mean, yeah. Use Android AOSP without Google.

[–] Pantherina@feddit.de 13 points 8 months ago (2 children)

AOSP is not a usable product and it is full of Google stuff. GrapheneOS and LineageOS (and derivates) make it usable.

GrapheneOS was the first at complete degoogling, others followed, but still have no secure solution for apps needing Google Play. MicroG is proprietary Google code, ran unsandboxed and still unreliable and less secure.

So GrapheneOS really is the only usable OS right now, it is FOSS (even in the BSD way that companies could make their proprietary fork) and other projects should base on it and weaken its security to make it run on existing other phones. This is still better than alternatives, but it is a hell of maintenance as all that security causes infinitely more bugs than just using AOSP (which is rock solid) and adding some apps lol.

Please donate to GrapheneOS, the project is not yet fully sustainable and they are doing incredible work.

[–] delirious_owl@discuss.online 3 points 8 months ago (1 children)

Obviously by "google" were talking about proprietary blobs.

For example TOTP is great. There's no issue with the fact that it was developed by Google. Same with AOSP.

Any ROM doesn't have Google Play Services by default and therefore its google free in all the ways that matter

[–] Pantherina@feddit.de 1 points 8 months ago (1 children)

No some OS preinstall microG. Because only if the core is finished you can hash and sign it, if the user flashes some apps afterwards that doesnt work.

Btw ROM is read only memory, a tiny part of the firmware

[–] Fisch@lemmy.ml 2 points 8 months ago (1 children)

MicroG is open source tho and only talks to Google if you explicitely activate it

[–] Pantherina@feddit.de 0 points 8 months ago (1 children)

No its not. They download Google Binaries which run as system apps and have privileged access.

They practice badness enumeration in some form, while their permission model (only activating what is needed) is a better approach but incomplete.

Any app that relies on Play has those libraries implemented, so they could show ads etc. on their own. But with microG they have a component with privileged system access, in contrast to sandboxed play where no component is privileged.

[–] Fisch@lemmy.ml 2 points 8 months ago (1 children)

That's completely false, where did you get that info from?

[–] Pantherina@feddit.de 1 points 8 months ago

GrapheneOS discuss. Their Github repo looks like they actually have the sources for everything.

[–] toastal@lemmy.ml 8 points 8 months ago (3 children)

Fuck banking institutions & their apps. We are seeing them eliminate online banking now & cash is slowly not being accepted by vendors & in-person experiences are worse—instead everything is siloed to only Android or iOS & disallow any sort of modifications to your device with all these attestation assertions. If a user wanted to ditch their phone, go Linux, use an unGoogled phone, or get a dumbphone, etc. they will be disconnected from the banking network—to which most users would view as an immediate nonstarter. Apple is just a different data-collecting advertising business.

[–] boomzilla@programming.dev 4 points 8 months ago* (last edited 8 months ago)

The browser login of my bank needs a separate application that's windows only or an app. The Java(!) application Jameica saved my ass for the 6 years I'm on Linux now. It can manage multiple accounts. It offers statistics, saves all the transfers, deposits and balances ad infinitum on your disk, is searchable and has templates and schedules for transfers.

The protocol my bank uses is FinTS, I think. I'm logging in via a certificate file and a password.

I don't want to use an app, cause I trust my cutting edge Linux (Kernel 6.7.6) a lot more than my possibly malicious app riddled outdated android.

[–] delirious_owl@discuss.online 1 points 8 months ago (1 children)

In many places its illegal to not accept cash. Report any businesses and if its legal in your area, donate to your local privacy lobbiest NGO and contact your representative.

[–] kungen@feddit.nu 3 points 8 months ago (1 children)

In many places its illegal to not accept cash.

Where? I can't think of many places where that'd be true.

[–] delirious_owl@discuss.online 4 points 8 months ago

San Francisco. Law was passed like 10 years ago because not everyone can get a bank account and its discrimination

load more comments (1 replies)
[–] JohnDClay@sh.itjust.works 7 points 8 months ago (2 children)

Apple is terrible right to repair, and lineage has a bunch of weird bugs, so I'm kinda stuck with it

[–] N4CHEM@lemmy.ml 6 points 8 months ago (1 children)

Which bugs have you found in LineageOS? There's quite a big community behind it, so maybe you can find some help. There are also other LineageOS-based ROMs worth checking: CalyxOS, DivestOS, iodéOS, /e/OS.

[–] hanke@feddit.nu 2 points 8 months ago

I've been using iodeOS for about a year soon! Very happy with it :)

load more comments (1 replies)
[–] stebo02@lemmy.dbzer0.com 4 points 8 months ago (2 children)

Return to Nokia 3310 then I guess

[–] MigratingtoLemmy@lemmy.world 3 points 8 months ago (1 children)

DeGoogle your Android ROM/use a custom ROM. What exactly was so hard to understand in that comment that made you want to switch to a feature-phone?

[–] stebo02@lemmy.dbzer0.com 4 points 8 months ago (2 children)

I just want to buy a phone and use it without having to figure out all that

[–] MigratingtoLemmy@lemmy.world 5 points 8 months ago (4 children)

Not in this century, unfortunately. Even using a SIM card is going to let companies track you.

[–] delirious_owl@discuss.online 2 points 8 months ago (1 children)
[–] Hamartiogonic@sopuli.xyz 1 points 8 months ago* (last edited 8 months ago) (1 children)

Two cans and a string should be a good solution then. It respects your privacy and the battery life is unbeatable.

[–] delirious_owl@discuss.online 2 points 8 months ago

Vulnerable to the tin can in the middle attack.

Honestly theres a half dozen e2ee apps these days with voice calling support, and WiFi is everywhere. Most people have no reason for a SIM card

load more comments (3 replies)
[–] Pantherina@feddit.de 3 points 8 months ago* (last edited 8 months ago) (1 children)

Thats how you do it with GrapheneOS. Buy a pixel, take like 30min to install the OS, install F-Droid Basic and sandboxed Play and get your apps.

Degoogling Android is not possible, and LineageOS and other more difficult to install Androids are less secure.

GrapheneOS has a graphical installer, you just need a Laptop (Windows, Linux, Mac), a Chromebook or another Android phone and a USB cable, thats it. You can literally install it from one phone (using some variant of Chromium like Chrome, Cromite, Brave etc.) By opening a website and clicking 4 buttons.

[–] stebo02@lemmy.dbzer0.com 1 points 8 months ago

yeh maybe in a few years when I need a new phone

[–] yourgodlucifer@lemmy.world 1 points 8 months ago

Probably wouldent work on modern cell networks.

[–] pugsnroses77@sh.itjust.works 0 points 8 months ago (5 children)
[–] feannag@sh.itjust.works 19 points 8 months ago

Or other Android ROMS that help distance you from Google, like GrapheneOS or LineageOS.

[–] OrangeCorvus@lemmy.world 17 points 8 months ago (1 children)

ios is not really privacy friendly. It's more the result of an amazing PR campaign. That plus the fact that Apple wasn't really in the ad game but now it is slowly changing. In reality you are giving your data to Apple. You will say, yeah but Apple is ok, of course they are because they have great marketing. Google doesn't and Google = privacy nightmare, which is also true.

[–] Pantherina@feddit.de 1 points 8 months ago

IOS being private is such a horrible lie. Techlore is really annoying with those subtle ads, even though they also often cover GrapheneOS.

If Apple wants your shit, with any of their OS you are theirs. You are not private if you need to rely on the mercy of Big Brother to not steal your stuff

[–] RogueBanana@lemmy.zip 16 points 8 months ago (1 children)

Its funny that I was forced to buy a google pixel just to avoid google. Wish more companies here allow people to unlock bootloader on the mobile they own.

[–] Pantherina@feddit.de 4 points 8 months ago* (last edited 8 months ago) (1 children)

Its not about an unlockable bootloader only, but full support for all hardware features

https://lemmy.ml/post/12310012

https://grapheneos.social/@GrapheneOS/111976026139453712

[–] RogueBanana@lemmy.zip 1 points 8 months ago (1 children)

Oh I am aware but I was replying to him asking other alternatives to google android, not op. I wanted any mobile that let's me degoogle it on day 1 without voiding warranty and it ended up being a google mobile.

[–] Pantherina@feddit.de 2 points 8 months ago

Yup Google is a very strange Company. Chromebooks are sometimes the easiest Coreboot Linux Laptops to buy.

[–] delirious_owl@discuss.online 3 points 8 months ago

No, just use Android without Google. Actually if you install Android yourself, it doesn't include Google by default.

load more comments (1 replies)