Daily tips to gain more privacy from Murena team

@Ana.117 If you can’t find your device here (Devices | LineageOS Wiki), you probably will find an inofficial build on XDA Developers (as I did for my Motorola One XT1941-4). Actually there are a crazy many different devices out there, with hundreds of new versions every year, so sadly there won’t be an officially maintained custom Rom for each one. However, older unmaintained builds may have considerable security flaws…

Until you can install a custom degoogled ROM:

  1. Don’t associate your phone with a Google account. Skip all that Google setup.
  2. Disable as many Google apps and services as the phone allows, as well as some of the OEM apps.
  3. Get your apps from F-Droid or Aurora store, or download the .apk from a reputable source, using checksum to verify it hasn’t been tampered with.
  4. Install a tracker-blocker such as Blokada 5, TrackerControl, Netguard, etc., and select one or more of the pre-configured automatic blocklists.
  5. Don’t install any app that sends data to Google, Facebook, et al. Check the known trackers for any app in Aurora store or at Exodus Privacy website.
  6. Use a privacy-respecting browser, like Firefox, Fennec (a version of Firefox), or IceCat Mobile (which is essentially Firefox-ESR)[EDIT: See below.], and also install a couple of privacy extensions like NoScript, uBlock Origin, Privacy Badger, etc., which can prevent unwanted scripts from loading on websites. Never use Chrome.
  7. Use a privacy-respecting search engine in your browser(s): DuckDuckGo, Startpage, etc.
  8. Don’t use email services or messenger apps that abuse your privacy.
  9. Don’t sign in to privacy-abusing websites from your phone. (If you must, then do it through Shelter.)

That should get you most of the way there, but there will still be some Google services running in the background.

4 Likes

@Taurus Pretty good list! Can’t think of something missing as far as the average user (me) is concerned. Probably you should also mention app privileges and be suspicious there. Also turn off location services if not needed.
Using several phones for differen purposes may also help…

3 Likes

Have you tried looking in the F-Droid app store?

Sell it and buy a suitable one.

IceCat is extremely out of date and not secure.
Please don’t recommend it.
If you want Firefox on Android use Fennec F-Droid or Mull, both are available via F-Droid.
You can also see my browser comparison here: https://divestos.org/index.php?page=browsers

Disclaimer: Mull is my project and I also help maintain Fennec F-Droid. I also have a handful of commits in most WebView browsers. bias blah blah

Also fun fact: /e/ Browser based on Chromium 96 is currently vulnerable to 113 known security issues.

3 Likes

Have you raised them as issues in /e/'s gitlab? :wink:

It isn’t my responsibility to remind the /e/ team every time a new version of Chromium comes out.
These dates are planed far in advanced and publicly available: Chromium Dash

1 Like

Thanks for the heads-up. I’ve edited my post above.

And Firefox? … (<- 20 more characters)

Wow, I did not realize that the /e/ browser is in fact a chromium clone… Behold the “Legal information” in the browser setting:

However, the Google websites linked here are blocked by the browser itself :wink:

So, does this mean that Googles terms and policies do not apply here? Or shall we just not get upset reading them?

Although I already follow most of the listed ideas it still is a great overview. Thank you!

@Octopus pointed out Posteo, which I would like to second.
I tried ProtonMail for a little more than a year too, but Posteo feels to be the better choice. I am more flexible there and the cost is lower.
ProtonMail is great, when it comes to use more than just one service, because you can combine VPN services with your mail account (and save a few bucks).

I am also no big fan of disposable email addresses. As a lot of services deny your approach to register when you want to use such an email address. I even experienced difficulties with ProtonMail. I think, because you can get these easily for free.
With Posteo you don’t have this problem: just add a new alias for an extra 0,10 Euro when you want to create a mail address for special services. Set up a filter so every mail that is sent to this alias is automatically saved in its own folder. It’s also great if you realize, that the address is part of a breach. Just delete it and set up a new one and you’ll never be bothered with spam mail anymore, nor have to be concerned about abuses.

Still I consider myself a newbie when we talk about alternatives to the big tech companys.
Lately I installed Zorin OS (like mentioned in the article above) successfully on both my PC and old Mid 2012 MacBook Pro. Both work great (well, PC has some issues because of AMD graphics card but booting into Recovery Mode first and then moving on helps).
I am especially surprised about the awesome experience I have on the old MacBook. Helped me reduce my cost, because I wanted to buy a new Tuxedo Notebook initially.

Airplane mode is another thing I’d like to sign to.
Sure, it may be not very useful for people who indeed often use their phone as intended (actually calling people). Nevertheless it helps increasing battery life quite decently. My phones most of the time are set to Airplane mode. Charging my GS 290 every… like once in a week (playing music, messaging, watching videos).
Yesterday flashed a OnePlus Nord with /e/ and (we don’t wonder, do we?) it works like a charm. I don’t expect a battery life as phenomenal as the Gigaset, because Airplane mode will be off during, let’s say, office hours. Everyone who misses me has the chance to speak to the mailbox (and who doesn’t like to… the call wasn’t necessary anyways then, I guess).

Instead of Shelter I am using Insular (also mentioned in the first post, almost at the end).
Although I like DeltaChat or Twinme a lot, most of my contacts don’t care much about privacy but I do care about them. So Whatsapp has its own island.

Newpipe for the phone, Freetube for PC (Zorin and Windows).

Brave is the browser I recommend. After install and before browsing, first go through all the settings.

One of my next “projects” will be using Pixelfed instead of Instagram.

Have been using Duckduckgo for a few years. I tried to. The search results are questionable most of the time. So at times went using Google when I didn’t find what I needed.
But a few weeks ago I gave Qwant a try. This one is great.

When it comes to navigation apps, Magic Earth is the clear winner. Which is the app behind the /e/ Maps app. Privacy, downloadable maps for offline use(!), maps always up to date (except for POIs, often utterly outdated; working on helping with this), speed camera warnings, even offroad tracks are mapped and usable for navigation. That is just awesome!

I am loving /e/OS, all the other Open Source apps, Operating Systems in general, and the effort you guys put in it is just mindblowing to me.
That’s why it doesn’t hurt to donate. You saved me a lot of money already, too.
Thank you!

5 Likes

Does that cause problems creating or restoring backups with TWRP? I experimented a while ago, using Shelter, and I was not able to make TWRP backup / restore work, so I gave up on Shelter.

I use WhatsApp in my normal profile, but I don’t allow it to access my Contacts, so I can’t initiate a call or message to a new recipient, only to people / groups who have contacted me. But that is OK for my use.

I’d be interested to know if Insular gets around the backup / restore problem.

I am not sure if this has something to do with it, but maybe it’s failing because of an error in Android Q. The file shuttle is deactivated in shelter, so it’s not possible to transfer files from one profile to the other.
Same goes with Insular. Tapping the button for it (where it says something like “Warning: experimental feature, may be broken”) has no effect.
My workaround here is: sharing things via Nextcloud.

However, I don’t save too much personal stuff on my phone. Main internet traffic and work is done on the PC machine. No, it wouldn’t hurt me much, when e.g. pictures would need to be deleted, because of reinstalling the system in case of an emergency. For photography I’ve got my camera. :wink:

But you will be in other peoples contacts list, so WA will still have most of your contacts.

1 Like

Yeah but who does this? I’ve had smart phones for more than 12 years now in ordinary daily use. In that time I made about four or five calls, not more. (OK, I got some more from people …)

I remember the detailed investigation about 21 browsers and their data privacy (German only) on the Kuketz Blog, half a year ago. Conclusion is for Brave (Desktop): mediocre impression. Even after fine-tuning all the settings remain unneeded connections at startup, self-presentation and real behavior differ.

3 Likes

Yes, well, if you want to have the ultimate experience in terms of privacy Brave is not the right choice.

Let’s say, Brave is some kind of better Firefox. It’s something you can recommend easily to anyone else, because it’s easy to use: they don’t have to look for certain plugins, don’t need to install them (we all know: this is already too much for most of the people outside this forum). The most basic stuff you always keep telling them about privacy is already on board.
And it has this nice overview each time when you open a new window/tab, displaying how many trackers already have been blocked.
I mean, sure, it’s flashy, but it’s a neat feature for persons who tend to only believe something they can actually see.

Plus, if they even want to dive in deeper, they can open a TOR window, that acutally works. No extra apps needed.

In total: Brave is a good starting point and best, if you want to have both. As much privacy as possible and usable internet.

2 Likes

Isnt that they are more focus in privacy than in security?

Not a lot I can do about that. I live in a world where many(most) people I know care less (or know less) than I do about privacy and “big tech”. I am not going to stop communicating with those people.

2 Likes

Since the whole point of /e/ is privacy, why doesn’t it have a built in, system wide Ad blocker?

4 Likes