Android sandbox is needed more than apps fund, that's why

Just to be clear.
I agree some apps are better if native and open, but there are apps that my government is making that are only available for android and ios, are closed source, and ofc i do not trust them.

So i have 2 options

  1. have 2 phones, the librem and an android
    I don’t like this option i don’t wanna carry 2 phones and i don’t wanna be in need to buy 2 phones

  2. have a secure, hardened android ecosystem built into my librem5
    this will help me to have only one phone and use what our big bro gov want me to install without compromise my privacy

Someone wrote that some apps need google stuff, i think inside that box we could install microg if needed

last but not least you are going completly off topic, so please open another post if you wanna talk about something else

Thank You

You have a third option.

Build a secure, hardened Android ecosystem into another computer and remotely access it, when necessary, from your Librem 5.

Hopefully most of the advantages and disadvantages of that are obvious.

This third option comes with two suboptions.

  1. Host this computer yourself at home.
  2. Host it (presumably virtualised) in the cloud.


at least that is how “business-as-usual” works … not to mention BIG-TECH … first they bombard you with subliminal messages, then they bring out something “new” on the market and make you think it was your idea all along after you become dependent on it … the classic drug addiction problem (problem-reaction-solution) … fast forward to 2030 please already :money_mouth_face:

How do you want to avoid that the app running in an Android sandbox is “phoning” home, let’s say on port HTTPS, as it’s making connections to your bank? Not having the sources of the app, it’s impossible to avoid this risk.

I do not need and want such sandbox to run spyware. To be very clear.


Yes, I think the key will be to use the Librem 5 to access other servers for essential services that won’t run natively under Linux and to increase privacy and increase processing power that I can use from my phone. I envision having several virtual machines running on my home PC, at least one of which is Android with all of the Google crap installed on it. If they want to track my location, from what they can see, I never leave the house, never buy anything online, and never browse the web. Other anonymous people all do that from my house for all the surveilance people can tell… all from my Librem 5.

Does anyone here know if it is possible to run a full google-ized Android server that has all of the play store apps, from an x86 PC? If not, is it possible to run an Android server from some kind of ARM server machine? Knowing Google, there is probably no server available and extreme measures in place to stop anyone who tries to do that. If it doesn’t exist, someone should hack together, a version of Linux that identifies itself and runs as Android, enough to run any of Google’s crapware that people need to use to gain any kind of access to anything.


I dont think have a remote access to a machine with private and sensible data is a good idea for someone who is not a sysadmin.
I also know a sandboxed app could call home, but imagine you will run your pureos on librem app with a vpn, and the anbox world without, ip will be different so your navigation and personal data wont be related, and inside your anbox you will put in only the data you are willing to share.

I know nothing is perfect, but we need to do the better we can, and i think decouple our data and enviroment in one machine (librem5) is our best bet

You can try Bliss, though I never have myself

I think you can’t avoid that - and you can’t really know what information it is sending.

What you can control is the information that the sandboxed app has access to. If the app only has access to information that the server end already has / has already sent to the client app and/or information that you, the user, have entered directly into the app then that may be as good as it gets.

Obviously you would in general deny the app access to location information and to any unique identifiers such as MAC address / IMEI / IMSI - or at least if the app is given that information, it should be possible in the sandboxed environment for that information to be falsified.

My landline is DSL, but on a “dry pair” – no POTS. Can’t wait for StarLink to go GA.
. . . . . . . . . . .:artificial_satellite:
. . . . :computer: . .:satellite:
= :nerd_face:

You can also make an app that dials your bank and interacts with its touch tone interface. I did this about 35 years ago with my good old C= VIC-20. It used AT commands to generate the touch tones from menus.

I still use the same credit union for banking services and they still use (largely) the same touch tone interface. I wonder if I can recover the the old BASIC code from cassette tapes in my garage.

1 Like

Before AT&T turned off pulse dialing, I used to amaze my kids by “dialing” without using the keypad on the phone. I would use my index finger to pulse out the numbers using the receiver switch (hook). I never timed it, but steady input of pulses and a short pause between numbers worked fine.


Wot? You mean you can’t hum the tones for DTMF? :rofl:


My Mom showed me that trick in the 1960’s. Our rotary phone had a metal dial (stainless steel?), not plastic. It was quicker pulsing with the thumb on one of the two buttons on the top, like a telegraph.

1 Like

Only Mongolian Overtone Singers[TM] can hum tones for DTMF!


Bulgarian folk might be capable, too - Biserovi Sisters. Modem-emulators… :wink:

1 Like

I’m used to do phone banking with “my” bank too. The problem is that their voice menu system uses a mixture of DTMF and spoken commands like “account balance” or “transfer” (ofc in German), etc, and text in transfers must be spelled in single letters, like “A” as “Anton” and “B” as “Berta”, etc.

1 Like

Nope. They are white voice singers. Only one tone per singer with this technique. DTMF requires you to sing two tones at the same time :slight_smile:

1 Like

Not just two tones where one tone is a harmonic of the other tone either, but two tones with unrelated frequencies.

1 Like

And there I hooped that nobody would spot this. But aren’t we seriously off-topic now?

1 Like