Need to be safe as much as possible on Android

mr.robot 2019-10-09 13:55:49 UTC #1

Heyya people, I'm using an Android phone, lemme not disclose the model here! I did some research online and found out that my mobile is not compatible with Lineage OS or some Free Software, what are my chances to stay safe from the preying eyes of Goggle!

Now don't tell me that some binaries of Lineage OS has some Google component on it, I'm not looking for that answer

gonzo 2019-10-11 09:20:03 UTC #2

hey mr.robot,

sometimes you could find in the xda-forum an unofficial lineageos for some devices. i'm running since nearly a year my device with an unofficial and it works and works and works really fine. then there are some other custom-roms like resurrection mix, paranoid android and lineageos for microg.

see you, gonzo

elr 2019-10-11 17:44:42 UTC #3

Just a thing about LineageOS from microG. They archive at least the last build of devices not supported by LineageOS in newer versions so you can use their builds if your devices is not supported anymore by LineageOS but was supported time ago as is specified in the list of devices inside the wiki.

strypey 2020-03-07 02:55:27 UTC #4

Pretty low One thing you can do is install F-Droid and only use apps installed from that. That way, all your apps will be compiled from source code by the F-Droid team and checked for proprietary dependencies, trackers etc. Be aware that F-Droid don't remove apps after they've been included, even if they haven't been updated for years, so look for apps with recent updates, especially for anything that matters to your security.

Also keep an eye out for the lists of "anti-features" that F-Droid adds to the description of some apps. These are things like the app being free code itself, but used for connecting to a non-free server. You need to decide for yourself what compromises to make here for the functionality you need.

If you can get root on your device, consider stripping it right back to the essentials of the OS, and replacing every component you can with one from F-Droid. Eg replacing the default SMS app with Silence and replacing Goggle Maps with OSMand+.

Ironic, in the context of the OP, that the xda-forum website serves up Javascript from a bunch of third-party domains controlled by Goggle, and uses Cloudflare which centralizes the web, and tends to make it hard to reach for Tor users.

symphonia 2020-03-15 18:56:24 UTC #5

Getting a decent system that doesn't include OpenGApps requires some exploring.
LineageOS, ArrowOS (includes signature spoofing), OmniROM and Resurrection Remix look good.

Bliss ROM includes Gallery Go from Google and has statistics you can't opt out of.

Looking at the XDA forums helps.
You might want to install Magisk (root) and install the Magisk modules: microG, Bromite SystemWebView.
Otherwise there's NanoDroid which is arguably somewhat bloated. Make sure not to install the entire NanoDroid package as that fills your phone with all kinds of unnecessary apps. Install NanoDroid-microG and/or NanoDroid-Bromite instead.

Nutpantz 2020-03-20 15:36:27 UTC #6

Look on xda to see if your device can be rooted... Yes it can open you up to some vulnerabilities, but a firewall (afwall) to block unwanted internet access is far more beneficial.
It will put the security onus on you over trusting Google and unknown developers to protect you.
(If you tend to install frivolous apps that are questionable you have no privacy or safety and nothing can save you)

If you can't root, then disable everything you don't use and only use apps you feel you can 100% trust..
And think about getting a device that you can root if you want maximum safety.