(1/2) Lemmy does not allow too long post walls

UPDATED 16/8/2020: Major edit, replaced closed source App Ops and Shizuku with AppOpsX (Free Open source) on F-Droid. This guide is nearly FOSS supported now.

UPDATED 17/9/2020: MAJOR EDIT, replaced closed source Access Dots with Privacy Indicator (FOSS) on Izzy’s F-Droid repo. This guide is completely FOSS.

Hello! I am the founder of /r/privatelife . Finally my smartphone non root guide is back, and there are some big upgrades. I was taking time to test everything myself on my daily driver, so apologies for keeping everyone in the wait, but stability and ease of use is the important goal to strive in my playbook. Privacy must be accessible to maximum amount of people without being annoying or tedious.

A kind request to share this guide to any privacy seeker.

#User and device requirement

  • ANY Android 9+ device
  • knowledge of how to copy-paste commands in Linux or Mac Terminal/MS-DOS Command Prompt (for ADB, it is very simple, trust me)

#Why not Apple devices?

iPhone does not allow you to have privacy due to its blackbox nature, and is simply a false marketing assurance by Apple to you. Recently, an unpatchable hardware flaw was discovered in Apple’s T1 and T2 “security” chips, rendering Apple devices critically vulnerable.

17/9/2020: Apple gave the FBI access to the iCloud account of a protester accused of setting police cars on fire.

Also, they recently dropped plan for encrypting iCloud backups after FBI complained. They also collect and sell data quite a lot. Siri still records conversations 9 months after Apple promised not to do it. Apple Mail app is vulnerable, yet Apple stays in denial.

Also, Apple sells certificates to third-party developers that allow them to track users, The San Ferdandino shooter publicity stunt was completely fraudulent, and Louis Rossmann dismantled Apple’s PR stunt “repair program”.

Also, Android’s open source nature is starting to pay off in the long run. Apple 0-day exploits are far cheaper to do than Android.


#LET’S GO!!!

ALL users must follow these steps before “for nerdy users” section.

Firstly, if your device is filled to the brim or used for long time, I recommend backing up your data and factory resetting for clean slate start.

NOTE: Samsung users will lose Samsung Pay, as Samsung has been caught and declares they sell this data: https://www.sammobile.com/news/samsung-pay-new-privacy-policy-your-data-sold/

  • Make DIY camera covers, for front camera notch use a tiny appropriate-sized thin opaque plastic cutout and use an invisible tape to stick it in place, replace every month (cost: tape roll and one minute of your time per month). My rear camera cover

  • Install F-Droid app store from here

  • Install NetGuard app firewall (see NOTE) from F-Droid and set it up with [privacy based DNS like Uncensored DNS or Tenta DNS or AdGuard DNS]

NOTE: NetGuard with Energized Ultimate HOSTS file with any one of the above mentioned DNS providers is the ultimate solution.

NOTE: Set DNS provider address in Settings -> Advanced settings --> VPN IPv4, IPv6 and DNS

  • In F-Droid store, open Repositories via the 3 dot menu on top right and add the following links below:
  1. https://rfc2822.gitlab.io/fdroid-firefox/fdroid/repo?fingerprint=8F992BBBA0340EFE6299C7A410B36D9C8889114CA6C58013C3587CDA411B4AED

  2. https://apt.izzysoft.de/fdroid/repo?fingerprint=3BF0D6ABFEAE2F401707B6D966BE743BF0EEE49C2561B9BA39073711F628937A

  3. https://guardianproject.info/fdroid/repo?fingerprint=B7C2EEFD8DAC7806AF67DFCD92EB18126BC08312A7F2D6F3862E46013C7A6135

Go back to F-Droid store home screen, and hit the update button beside the 3 dot menu.


###LIST OF APPS TO GET

  • Get Firefox Preview web browser from F-Droid (install uBlock Origin addon inside (if technically advanced, try doing this)). Also get Firefox Klar if you like a separate incognito browser.

  • Get Aurora Store from F-Droid for apps from Play Store without actually using Play Store, use Anonymous option to sign in

  • for 3rd party APKs source them only from APKMirror OR APKPure OR APKMonk, quite trusted, BUT TRY AND AVOID IT IF POSSIBLE

  • Get Privacy Indicator from F-Droid for iOS 14 like camera/mic dot indicator feature

  • Get OSMAnd+ from F-Droid or Qwant Maps inside web browser for maps and/or print physical maps if you live and travel in one or two states or districts.

NOTE: Qwant Maps has better search results than OSMAnd+

  • Get PilferShush Jammer from F-Droid to block microphone (use this in malls, restaurants or such public places if you can to prevent beacon tracking)

  • Get OpenBoard (user friendly) OR AnySoftKeyboard (nerd friendly) from F-Droid instead of Google GBoard, Microsoft SwiftKey et al, they are closed source keylogger USA spyware

  • Get FTP Server (Free) from F-Droid and FileZilla on computer for computer-to-phone internet less file sharing

NOTE: for phone-computer sync or sharing, can TRY KDE Connect, available for Android, Windows, Linux

  • Get TrebleShot instead of SHAREIt for phone to phone file sharing

  • Get K-9 Mail or FairEmail as e-mail client

  • Get NewPipe for YouTube watching, or YouTube in Firefox Preview/Klar

  • Get QKSMS from F-Droid as SMS client app

  • Get Shelter from F-Droid to sandbox potential apps that you must use (eg WhatsApp or Discord or Signal)

  • Get SuperFreezZ from F-Droid to freeze any apps from running in background

  • Get Librera Pro from F-Droid for PDF reader

  • Get ImgurViewer from F-Droid for opening reddit/imgur/other image links without invasive tracking

  • Get InstaGrabber from F-Droid for opening Instagram profiles or pictures without invasive tracking (seems like a revived fork is here, thanks u/sad_plan )

  • Get GreenTooth from F-Droid to set Bluetooth to disable after you have used it

  • Get Material Files or Simple File Manager from F-Droid for file manager app

  • Get ImagePipe from F-Droid if you share lot of pictures, and want to clear EXIF metadata snooping (often photos contain phone model, location, time, date)

  • Get Note Crypt Pro from F-Droid for encrypted note taking app

  • Get Vinyl Music Player from F-Droid for music player

  • Get VLC from F-Droid for video player


###CRITICAL FOR CLIPBOARD, LOCATION AND OTHER APP FUNCTION BLOCKING

I would say this is one of the critical improvements in my guide, and will solve the problem of clipboard and coarse location snooping among other things.

AppOpsX is a free, open source app that allows to manage granular app permissions not visible normally, with the help of ADB authorisation without root. This app can finely control what granular information apps can access on your phone, which is not shown in app permissions regularly accessible to us.

Now that you would have set up your phone with installing apps, now is a good time to perform this procedure.

Step 1: Install AppOpsX from F-Droid. (https://f-droid.org/en/packages/com.zzzmode.appopsx/)

Step 2: Plug phone to computer, and enable USB debugging in Settings --> Developer Options (you probably already did this in the starting of the guide)

Step 3: Keep phone plugged into computer until the end of this procedure! Open AppOpsX app.

Step 4: On computer, type commands in order:

adb devices

adb tcpip 5555

adb shell sh /sdcard/Android/data/com.zzzmode.appopsx/opsx.sh &

Step 5: Now open “AppOpsX” app, and:

  • disable “read clipboard” for apps except your messengers, notepad, office suite, virtual keyboard, clipboard monitor apps et al.

NOTE: Most apps that have text field to copy/paste text require this permission.

  • disable “modify clipboard” for every app except for your virtual keyboard or office suite app or clipboard monitor/stack special apps.

  • disable “GPS”, “precise location”, “approximate location” and “coarse location” for every app except your maps app (Firefox and OSMAnd+)

(2/2) in comment below.

  • cmxns@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    4 years ago

    Thanks for your post but your Apple section is questionable. Could you please provide sources for your claim that Apple sells data they collect? Also, after that Qualcomm f*ckup, using T1/T2 vulnerability as a reason not to buy Apple device is weird. The only valid arguments are all outlined in the Gist and they are surely concerning. But that’s not nearly enough to say that Apple devices should be avoided.

    • jsgohac@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      4 years ago

      Cook has gone so far as to call for tighter regulations on explicit user data sales, so likely not much there. Maybe in its ad platform aggregated data might be used.

      The closest thing in that regard I could find was their mention of advertising sales in their quarterly report. Likely user data in some aggregated form is sold to sellers, like FB does

      Services Services net sales increased during the third quarter of 2020 compared to the third quarter of 2019 due primarily to higher net sales from the App Store, Video and Cloud Services. Year-over-year Services net sales increased during the first nine months of 2020 due primarily to higher net sales from the App Store, Advertising and AppleCare. Advertising net sales includes net sales from licensing arrangements and the Company’s advertising platforms.

      Here is one snippet on their ad efforts (from an unlinkable ad cancer adweek site):

      Apple Is Quietly Ramping Up Its Ad Game With Search Ads Expansion The App Store is trying again at one of its few failures

    • TheAnonymouseJoker@lemmy.mlOP
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      4 years ago

      I provided sources for that already. https://i.imgur.com/n8Bk0bA.jpg

      I do not trust Apple or Qualcomm as they are NSA arms and USA has extended jurisdiction over me in India.

      All of the above reasons are why Apple devices must clearly be avoided for privacy and security, without doubt.

      Also, you cannot use app store until you make an Apple ID in Apple devices, unlike Android.

      • cmxns@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        4 years ago

        There’s nothing about Apple selling data to third-parties. Moreover, they are clearly saying in they privacy policy that they don’t sell it. So, again, do you have any sources on that?

        Any company from Five Eyes are potential NSA partners. Companies from other countries may be partners as well. See Crypto AG from Switzerland. If you don’t trust Apple that much then why do you trust other vendors? How can you be sure that, for example, Sony or LG does not ship backdoored phones to US or India or other countries? Most of the Android phones are with Qualcomm chips too. So, I don’t see how iPhones are less secure. You can have more privacy with something like GrapheneOS but definitely not more security.

        You can use fake Apple ID for App Store, you don’t need a credit card for it.

        • TheAnonymouseJoker@lemmy.mlOP
          link
          fedilink
          arrow-up
          0
          arrow-down
          1
          ·
          4 years ago

          You probably missed the 3rd link from bottom about selling data there. Not sure if you are intentionally overlooking it. Here, take it: https://hongkongfp.com/2017/06/08/china-uncovers-massive-underground-network-apple-employees-selling-customers-personal-data/

          Also this recent one: https://www.thewrap.com/apple-lawsuit-user-data-itunes/

          How can you be sure that, for example, Sony or LG does not ship backdoored phones to US or India or other countries?

          Bold claim. I wonder if there is someone else who blabbered a sentence similar to this… “backdoors in transit”? Until it is proven, I will just declare it to be FUD garbage.

          You can use fake Apple ID for App Store, you don’t need a credit card for it.

          And you still end up making an Apple account with plenty of your data going to Apple servers. You cannot avoid making an Apple account, which is the whole gist of it. On Android, you need not make a Google account, or root/jailbreak phone to install 3rd party FOSS app store like F-Droid.

          • cmxns@lemmy.ml
            link
            fedilink
            arrow-up
            0
            ·
            4 years ago

            Yeah, I missed these two links, thanks. So, the first one talks about unauthorised access from some employees. I don’t see how this proves that Apple sells personal data.

            From the second link:

            For example, any person or entity could rent a list with the names and addresses of all unmarried, college-educated women over the age of 70 with a household income of over $80,000 who purchased country music from Apple via its iTunes Store mobile application.

            I’ve tried to find a way to rent such a list and didn’t found how can I achieve this. Moreover, you can’t even get names nor addresses via Search Ads targeting. Given that this article is almost 1.5 years old and there was no more info about that lawsuit it’s either a fake or someone tried to get some easy money.
            So, we’re back to the question.

            Bold claim. I wonder if there is someone else who blabbered a sentence similar to this… “backdoors in transit”? Until it is proven, I will just declare it to be FUD garbage.

            Its not a claim. I’m asking why you don’t trust Apple but trust other vendors? Why they deserve your trust? Why other people should trust them more than Apple? That was the question.

            And you still end up making an Apple account with plenty of your data going to Apple servers.

            Yes, and that’s why I said you can get more privacy with something like GrapheneOS. But you won’t get more security by switching away from iPhone.

            • TheAnonymouseJoker@lemmy.mlOP
              link
              fedilink
              arrow-up
              0
              arrow-down
              1
              ·
              4 years ago

              If you are trading verifiable open privacy off for security that is totally proprietary and unknown (and unreliable as seen with Apple T1/T2 chips), it is same as claiming you have a great accuracy rate with blindfold shooting.

              The claim was not fake, Apple just happens to have too much money and power.

              Also, Apple works with NSA (and that data goes to 14 Eyes via NSA). Some other entities happen to have no relations with 14 Eyes or NSA.

              As we know, Google AI is used to murder people in foreign countries via US military drones: https://www.wired.co.uk/article/google-project-maven-drone-warfare-artificial-intelligence

              Also, we know Facebook, Apple, Google and other US companies are very friendly in giving and taking data: https://www.nytimes.com/interactive/2018/06/03/technology/facebook-device-partners-users-friends-data.html

              As such, giving data to NSA or 14 Eyes in any manner can put people at high risk of safety and real-life security. In the end, this proprietary Apple security is a facade and marketing ploy.

              • cmxns@lemmy.ml
                link
                fedilink
                arrow-up
                0
                ·
                4 years ago

                Are you intentionally evading questions related to profs for Apple selling user data? You still didn’t provide any sources nor you said anything about trust in other vendors.

                I can’t care less about Google or Facebook as well as I don’t care about US military. This thread is about Apple and how it handles personal data.

                • TheAnonymouseJoker@lemmy.mlOP
                  link
                  fedilink
                  arrow-up
                  0
                  arrow-down
                  1
                  ·
                  edit-2
                  4 years ago

                  Are you intentionally evading questions related to profs for Apple selling user data?

                  Are you intentionally acting ignorant towards the evidence I already gave for Apple spying and selling user data?

                  Guess what, your tiny comment train is not the thread. The thread is about the guide I made, and it seems to contain facts that others are not criticising except you.

                  • cmxns@lemmy.ml
                    link
                    fedilink
                    arrow-up
                    0
                    ·
                    4 years ago

                    Are you intentionally acting ignorant towards the evidence I already gave for Apple spying and selling user data?

                    Sorry for the questions, but did you read the “evidences” you provided? Could you please point me? Maybe I’m blind or something but I yet to see evidences for Apple selling my data.

                    Guess what, your tiny comment train is not the thread. The thread is about the guide I made, and it seems to contain facts that others are not criticising except you.

                    Apparently, I’m not the only one: https://news.ycombinator.com/item?id=24091709