PrivacyGuard how to configure?

Hello,

I just discovered PrivacyGuard today. I don’t understand half of what’s listed on the config. What’s a toast lol? I search for a while and can’t find documentation anywhere about how this has to be configured what is what is the potential impact of switching things off or no.

What is the “ignored” option? Does ignored mean “not allowed”?
I see some apps need to read external storage. What’s the external storage? The SD card?

Are each permissions no “always ask” by default? Why are there so many apps given access to things without explicit permission first?

I have so many questions. Can someone give me a 101 here? Thanks.

Just of interest, which application/service are you talking about?

Do you mean which I am worried about having access to stuff? Pretty much all :slight_smile:

For instance I installed a 7/11 delivery app, which I use quite often. I look at the permissions and it wants to read and write external devices and record audio. So I disabled that because I don’t see why it should.

No, i’m wondering which app or service do you mean. I’ve searched for PrivacyGuard, but cannot find a android appliction other than https://github.com/thialfihar/apg, but i don’t think you are talking about this application. Do you?

Mhh, it’s not an app it’s part of settings, there’s a thing call Privacy Guard in there that helps managing app access to system and sensors etc. :man_shrugging:

I don’t know what to say, I’m new to Android and stuff.

A toast provides simple feedback about an operation in a small popup. It only fills the amount of space required for the message and the current activity remains visible and interactive. Toasts automatically disappear after a timeout.

Makes sense. If a application work like it should without the extra permissions (i guess record audio is needed to control the app via voice, but i have no clue for what the external devices permission is needed), it is totally fine to disable them. You could also check Tracker Control, if you are concerned about apps and there communication.

Maybe the /e/OS version for your phone (i use a Gigaset GS290) is based on another Android version (mine is based on Android 10) and this is the reason why i can’t find the PrivacyGuard on my phone. I have a Dashboard in the Privacy settings.

1 Like

Im using /e/ on a Moto G7 Plus, and also could not find “PrivacyGuard”.
On mine, i found OpenKeyChain, not sure is the same thing tough, im also learning.

I’m on my second /e/, the previous phone had an older Android version. I had the privacy guard on there. I had looked for it when I upgraded, now I’m on 10, and it seems to have gone away. Maybe the feature is only part of older versions and that’s why some cannot find it?

Sorry, can’t help figuring out the set up since I don’t seem to have it anymore.

1 Like

Open Key Chain is something else, it manages accounts. FYI I have both Privacy Guard and Open Key Chain.

You’re right, it is something else, but it doesn’t manage accounts. OpenKeyChain helps to manage PGP keys. This doesn’t answer your question, but i want to note this to avoid confusion of other users that might read your comment.

1 Like

By any chance, would you have a link to a tutorial, or a vídeo that explains how to properly use OpenKeyChain? Thank you!

1 Like

To be clear, I think what the OP is referring to is: Settings -> Security & Privacy -> Trust -> Privacy Guard.

I agree it’s not obvious how to use its features.

1 Like

Sorry, not really. The FAQ on the website for OpenKeyChain explains some things.

Regarding PGP, i guess this documentation is not bad, but you can also search with your prefered search engine for “What is PGP”, there are plenty of informations.

In short:

  • you generate a pair of keys, one is public and the other is private (The public key can be uploaded to a key-server or send to someone to encrypt files, the private key is yours and you never give it to someone else!)
  • to encrypt something for a reciever, you’ll need the public key of the reciever and encrypt the data with it
  • the encrypted data can then only decrypted by the private key of the reciever or your own private key

@nottolino has already posted some links. I had a hard time some years ago to figure out what PGP, GPG, GnuPG, OpenPGP and other terms mean. You have to read some stuff if you like to use PGP, but after you get your head around it is easy to implement nowadays.

Maybe you even don’t need PGP. For mails it makes only sense if your contacts also have a key, maybe it is of interest to you for file encryption. In any case you should first read how it works.

Yes, i think this too, after reading about it. Seems to be integrated in LineageOS, maybe it was removed from /e/ afterwards. I read that it caused trouble if you remove permissions with it, but this may be already fixed in the current versions.

1 Like

Cheers for the response mate!!!

1 Like