Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
WHY? I've heard a lot that LineageOS cannot be called a private system. That it is more about extending the life of old devices. Can you tell me specifically point by point why it is not private? And I'm sure it's better than stock phone firmware in terms of privacy.
It comes without Google Play Services per default, but those are not the only services connecting to Google.
Like others say, it depends on how private you want to be. But it is fact that Lineage doesn't put in any outstanding effort to degoogle the system at its core. If that's what you want, while not sacrificing the compability of Lineage, DivestOS might interest you.
The one article I always refer to is exclusively in german, so if someone has a comparably extensive article in English, let me know
https://www.kuketz-blog.de/lineageos-weder-sicher-noch-datenschutzfreundlich-custom-roms-teil4/
To be fair here, this article looks at Lineage at its default state, and the preinstalled browser for example is not looking too hot. But since I'd reccommend you use Mull anyway, I wouldn't deduct too many points there.
Thank you. I haven't come across this author before. Very cool articles about Android ROMs. The type of data transmitted does not look very scary if you do not try to hide your geolocation.
What of it is supposedly not private?
What does "private" even mean to you? Private as in Firefox or private as in TOR Browser?
Every privacy conscious person has its own threat model and the solutions they find most comfortable for them. This is a very important question.
Seems like this is the article I needed. Privacy for me is no trackers of my touches, app list, no microphone/camera spying.
Well, you're in luck then since everything listed in that article is very far away from critical data source such as touches, apps or microphone/camera.
The most "severe" data "leak" described IMO is the connection between public IP address and nearest cell tower for AGPS.
Actual severe data leaks start when you decide to install Google ~~Spy~~Play Services.
Tha's why microG is my bro 😀
Note that, by its nature, µG "leaks" quite a bit more data to Google. It tries to do so as little as possible but it's still a helluvalot more than just pure LOS.
Sadly a necessity though.
Unfortunately it is so. And this is a necessity. But I can make this compromise for the sake of working apps/notifications. This is many times better than regular Google services. It will be very cool when someone will make a version of LineageOS with a built-in patch for Sandboxed Google Services, let’s say a fork (like LineageOS for microG). It'll be awesome news!
This.might be of interest for you:
microG is difficult to compare to Google Services in terms of features. I know about microG, I use it myself.
If that's your stance, you don't need to worry about any of Kuketz' findings in LOS.
This is true. These articles calmed me down a lot.
No Google services and no tracking is not enough for you?
From the article above, I learned what types of data Google learns about me. I'm not afraid of what kind of data it is. So it turns out that this is enough for me!
Ok good to hear that. From the title, I thought you found a privacy flaw in LineageOS 😀🙏
a little clickbait 😀
WHY?
👌
Privacy should never be the target of the core rom. Security is it. That's the reason I use grapheneOS.
A ROM can be the best privacy by default one, it's useless if the user puts gapps and tiktok etc. on it, afterwards.
it's not useless, because... At least the system isn't watching you. but Google services - yes, kill all privacy.
It does not come with the Google Play Services and you dont have to log in to any account in order to use it. Its okay, a default for many other roms who build on it. Yes it uses google for AGPS etc but if google collects that data, who does it belong to? No Add ID, no Account, who´s phone is it?
Location alone is probably enough to deanonymize you. Think about it: it shows where you live, where you work, when you leave for the office and when you come back. Who you see and when. What your hobbies and interests are. Where you go grocery shopping and when. There is a tremendous amount of information in location alone.
One example from 10 years ago (did not read, just linking a research paper that comes up on this topic):
https://www.sciencedirect.com/science/article/pii/S0022000014000683
Edit: This is wrong, AGPS exposes the nearest cell tower together with your IP address. Still a very minor bit of info, even for Google.
To my knowledge, AGPS does not expose your location. It's a protocol to get satellite position data via IP instead of waiting for the satellites to send it to you at staggering 50bit/s.
At no point does location data leave your device here. It couldn't, actually, as you don't know where you are; that's why you're fetching the position data.
The only data it does expose is that your current public IP tried to download satellite data at time x. Not ideal as Google could technically mine a bunch of data out of just that but it's not a huge leak either.