For those that have either a L5 or degoogled phone, or both, how do you manage what you do or don’t do on your phone to maintain as much privacy and security as you can?
As in what apps you will/won’t use, maybe no banking, or limited texting/calls to certain numbers? Do you use it in conjunction with another phone possibly compartmentalizing tasks as you would on different browsers on a computer? Turning off things to minimize tracking etc? removing SIM card when not needed?
Any and all thoughts and/or input on any of this and more would be welcome.
1 Like
On my degoogled /e/OS phone, I get most all of my apps from F-Droid, and don’t use any proprietary apps whatsoever. Before I installed /e/, I did acquire the Signal .apk from Signal’s website, but after /e/, I then installed Signal from their Apps store. If I recall, that’s also how I installed the Protonmail app.
On other Androids I own, which are instead running LineageOS, I installed Signal from Aurora store.
I don’t do banking on mobile devices, and never cared to. Especially before I started using custom ROMs, since my Androids were frequently no longer getting OS security updates.
I block trackers with Blokada 5 or TrackerControl, although there’s now precious little, if anything, to block with /e/OS.
When I was on stock Android, I sometimes got apps from Amazon (Hotels . com, Delta Air Lines, etc.), but I have since stopped that practice. If I feel I absolutely need some app like that for a trip, I’ll probably install it temporarily from Aurora or /e/'s curated app store, and block the hell out of it.
I use Firefox-based browsers from F-Droid, with NoScript and uBlock Origin extensions. Combined with the tracker blocker, I achieve pretty good privacy.
It should go without saying that I don’t use any of Google’s services, like Maps or YouTube, even in a browser (i.e. it’s OSMand+ for me!).
As for the Librem 5, I don’t do a lot of browsing, and I trust the available apps anyway.
Edit: And I use a VPN on the Androids when I feel it’s warranted.
5 Likes
Have dedicated phone with no SIM for running the two unpleasant authenticator apps that I can’t avoid running. This is just a spare old iPhone.
I try to avoid running any apps at all, as far as is possible. As a corollary, I don’t use any banking app. Never had the need for mobile payments and transactions. It can wait until I get home.
“Yes” to the idea of multiple browsers - so that, for example, fingerprinting of the browser on one web site does not automatically associate with web sites visited on a different browser. Also, in Firefox, enable privacy.resistFingerprinting
1 Like
Change the value to “true” ?
Yes
Okay. Thanks
Does anyone use just one SIM and switch it between phones or seperate SIM/numbers for each phone?
Although this could dilute or help to compartmentalize your tracked internet activity from online collectors, it obfuscates nothing on your carrier’s end. They only see that your SIM number, let’s call it 1234567890, is now inserted in a device with a different IMEI number. So, for example…
Before:
SIM 1234567890
IMEI 0987654321a
Location (approximate or precise): xyz
After:
SIM 1234567890
IMEI 7890654321b
Location (approximate or precise): xyz
If the carrier itself is tracking your internet activity, they would still acquire it.
Separate SIM cards, preferably with different carriers, would do the trick, though. If both SIMs are with the same carrier, they could conceivably be able to associate both to you, and collate your activity, by a common IMEI, if you use the same device for both.
Best find a carrier that publicly states they do not track their customers’ internet activity, don’t use apps that spy on you, and limit the permissions for the apps you install.
1 Like
So if I follow you then probably a separate SIM for the new degoogled phone is best.
Are there carriers that you would recommend?
Another point: One might think a dual-SIM phone would help compartmentalize where the carrier is concerned, as each SIM slot has a different IMEI. So you could move the SIM from one slot to the other. But this doesn’t account for the Device ID, which I think stock Android uses for advertising purposes, and perhaps other purposes, and which is still present on a degoogled phone (though perhaps not being used as Google intended it anymore).
So yes, separate phones would be best for compartmentalizing. And perhaps separate SIMs for further obfuscation.
My current carrier is Ting, which uses mostly T-mobile’s network, but also allows Verizon’s network for some customers, based on coverage availability. Ting has excellent account security, by authenticator app of your choice, which I think is unique in MVNO land.
They have said they don’t collect or market their customers’ browsing data. Although that link’s a few years old, I don’t think they’ve reversed their position; it’s not really how they roll. They also provide a pay-per-use international roaming add-on, albeit expensive, which is convenient, and also rare with MVNOs.
Their customer service is excellent.
I’m on their Flex plan: $15/month+tax/fees ($1.50 or so for me), which includes unlimited calls/unlimited SMS/1GB data, just for info. If you’re not concerned about having OTP security, there are cheaper carriers that get good reviews. It all depends on who has the best coverage for you.
2 Likes
Depending on the laws in your country, if both SIMs are with the same carrier, they can associate both to you because it may not be legal to have the SIM without proving your identity to the carrier. So the carrier knows both SIMs are you whether in the same phone or in different phones (or even never used in a phone!).
It should also be noted that any web site that relies on sending security codes via SMS (e.g. for 2FA) can associate two phones where the SIM switches between the two phones i.e. they are associated by the mobile phone number which you obviously have to give to the site.
(Security codes via SMS is not considered best practice these days but some sites still do it.)
2 Likes
I don’t have any banking apps on mobile devices because I don’t think that the convenience is worth risk. In practice I only use a lineageOS phone (although I am looking at get another pixel to put CalyxOS on it to see how I like it). For apps, I most confine myself to f-droid although I have the odd app downloaded using aurora. I always use a algo vpn so that the only real information that the provider (which is Ting for my degoogled phone) sees is my location and the current IP address of my vpn cloud server.
3 Likes
I’ve been using CalyxOS for a couple years now and been very happy with it. Never used lineageOS, but if you’re looking for a change CalyxOS is a good way to go.
I use a Pixel 3A with Graphene OS, only run apps off of F-Droid or turn certain web pages I frequently visit into its own app icon for quick access. Use Newpipe instead of Youtube, but if I get a text with a Youtube video, I will watch it, but never log in or run a YT app. Also run Lbry app, but have Bit Chute and Rumble as app icons which are really just web pages. I also have a lens cover on the front and rear cameras that can move left or right when I need to use the camera. I use fairmail as my email app.
I don’t do social media (other than Gab), banking, gaming at all on my phone.
1 Like
You can, if you’re so inclined, open these in newpipe.
2 Likes
Will Newpipe run on PureOS, for the L14? Is Free Tube a good option?
Newpipe is an android app.
1 Like
There are also Firefox extensions that can redirect privacy-abusing links to Invidious, Nitter, Teddit, etc.
1 Like
I trying to find a new device on which to try it, but I don’t want to buy it from google since it would mean that they have my name and the device id. Any suggestions?
I bought mine from google because it was readily available. I figure if the phone has been de-googled (by installing calyx) then it’s not really an issue.
1 Like