Signing into apps. Security Risk


I haven’t seen the question asked before. Is signing into an app a security concern? Is it an opportunity to link your identity and credentials to your device?

Just wondering.

I see some posts that the advanced security may not be blocking all of the trackers so I’m just curious.

The new murena one phone is neat but its really hard to find information on strategies to make it an effective tool to avoid tracking and keep some anonymity.

Rob Braxman recently said something to the extent ( for his version of the phone) all you have to do is use it because without a google id you cant be tracked.
But what if you sign into the apps? Do they collect enough device id or network info to tie your device to your identity?

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone

1 Like

I don’t know much about all that, but when I signed into Facebook using my Pixel with /e/os, Facebook identified my phone as a Samsung Galaxy 8. So there is probably some truth that you’ll be harder to identify. But I’ve also been to some websites that knew I was using a Pixel.

1 Like

I think maybe you’re confusing security with privacy? Certainly if you sign into an app they can gather some information and create a profile that can be used to track your habits depending on what permissions you grant, but it might still be secure, in that no-one apart from the company tracking you will have access to that information due to it being encrypted.

The tracking blockers will stop third parties that the app developer has partnered with from being able to gather that sort of information on behalf of the developer.

1 Like

You can’t rely on never being tracked. This isn’t just a matter of how good Advanced Privacy is at filtering. What do you do if they send your data to facebook or another hundred services on the server side? No client-side blocker can prevent that.

I’d recommend not signing into apps unless you need to, never using “Sign in with Facebook/Google” etc. and using a separate e-mail address for every account and avoid giving your phone number for two-factor authentication so data from multiple apps and services cannot be combined as easily.

If you have your own domain, you can use the catchall feature to generate individual mail addresses. Some mail providers (including our favorite GMail, but I don’t know about eCloud) offer aliases, so if you have, then will also arrive in your inbox.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.