Staying Private with stock Android?

I’ve been using /e/ for a while now on OnePlus phones, and I am mostly very happy with it and the ecosystem in general. As a result, my daily driver is /e/, and I keep a backup phone maintained with it. That backup phone is the 8T.
It’s pretty well known at this point that the 8T is having problems with its fingerprint scanner, and as I’ve brought up in another topic, the PayPal app is no longer working on /e/. Long story short, I am starting to believe that my backup phone should be kept on stock Android to ensure that it works without issue in an emergency situation.
Before you all grab your torches and pitchforks, I do want to ensure that I stay as private as possible. Even before /e/, i had ProtonVPN (which includes an ad and tracker blocker) always on on mobile devices, and utilized NextDNS to block the trackers identified on the various privacy focused lists that exist. I also used the DuckDuckGo app to identify trackers that fell through the cracks.
I understand that the act of logging into Google itself will invade privacy. I’ve long had Activity Tracking/Location History/Watch History turned off, so my assumption is that Google isn’t getting anything from me that they aren’t already getting from my RokuTV. If i were to go the route of my OP8T running stock Android 12, is there anything else I should do besides what I’ve identified above to maximize privacy without running /e/? My goal is to ensure that the backup phone (and if it comes to it, my daily driver) doesn’t give up anything more than I already give up over the course of everyday internet use.

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone

1 Like

If you’re logging in to Google and the phone has Play services then there’s nowhere to hide. They’ll say you can prevent logging of this or that but you’d be naïve to trust them. All your data are belong to Google.

That’s what i figured, but I felt it was worth it to see where the line is with regard to overkill.

If it’s halfway stock Android, you could just run it without a Google account and use Aurora Store (anonymously) and F-Droid instead of the Play Store for a start.
Is that not an option (I don’t know the OnePlus stock OS)?

1 Like

I believe the OnePlus Android variant is OxygenOS, but if I’m not mistake there was some sort of merger with OPPO and ColorOS? I haven’t kept up with stock Android in some time, honestly.

The important part is, that the usual Android initial user setup will ask for a Google account, but you can just skip that step, if the phone vendor didn’t change this.

before customroms I used to just remove all* packages (yep all, dialer and contacts and messages) from a stock android and replace them with f-droid alternatives - and to my surprise things kept working and its useable.

You can keep the playservice to have paypal run. It will certainly reduce the “network footprint”, but I can’t speak to by what amount you gain “privacy”. Also the connectivity check you can point to any domain via adb settings, DNS is in your hands etc. There are some scripts to automate the whole affair

1 Like

Do not log in! If you resist that temptation then any android phone can be managed.

The goal here would be to never have to use this phone, only to have it if needed. I care about data privacy but the PayPal issue has shaken me somewhat- i need the functions of a smartphone to work and in my mind, i have to plan for the unlikely (yet possible) reality that apps I need may cease functioning at any time.
These are all good suggestions that i’ll be sure to take into account if I go through with the plan.

I like this! How is it done? Via adb?

@HellsBells, I’ll just add, for that stock phone, remove or disable absolutely every app you don’t need, continue with your present privacy measures (NextDNS, DDG, etc.), check the Exodus Privacy score of every new non-FOSS app you consider, and only allow the minimum functionality they require to work. (Some connections are not blocked by tracker-blockers, because they’re not technically trackers, but you don’t necessarily have to allow them.)

Yes, via ADB.

Perhaps you could search the internet if anybody has done this on your device before, sometimes there are lists of what can be uninstalled safely without hampering phone operation. At least there should be lists of bloatware which can be uninstalled.

Also search the complete Settings for Google stuff.

Before I used /e/OS, I used the stock OS of my device in such a way, worked really well.


Thanks for the tips. Tried to uninstall a couple of bloatware apps (e.g. com.facebook.katana) on my old Asus Memopad 8, which has [EDIT: does not have] an unlockable bootloader, but unfortunately only got “Failure” as a response. I was able to use pm block... successfully, but I don’t know if this is any better than disabling directly in the tablet settings… (?)
Anyway, good to know the info.

There’s also pm disable-user --user 0 in case you want to try.

Do you really believe that they will track those things after you’ve turned it off in your Google account privacy setting?. If they were caught doing that - and they would be - there would be hell to pay for them.

This from Google’s own website…

" * Some location data may continue to be saved in other settings, like Web & App Activity, as part of your use of other services, like Search and Maps, even after you turn off Location History."

There is sufficient lack of interest in reading ts & cs by users and a propensity for obfuscation by companies that many people would miss something like the statement above.

Furthermore, Google has form for collecting data secretly and then blaming some unspecified developer for failing to remove some test/debug code. This is how wifi triangulation happened.

Oh, can we catch them, please? The EU can always use a few billion EUR (whatever for) :slight_smile: .


I did read that, and I also turned off all the other stuff, including Web & App Activity, Search history and and Maps history.

Yes, a very long time ago, and at no point did they claim that they were not collecting that data. I have never seen evidence - or even any credible suggestion - that Google are collecting any data that they say they are not collecting. If they were, they are under so much scrutiny that it would have been made public

I’m sure plenty of people - governments, regulatory authorities, the EU, paranoid conspiracy theorists - are trying, and would let us know if they found anything. The conspiracy theorists will just claim that the lack of evidence, is proof that it is happening :slight_smile:

1 Like

Well I guess you are more trusting than me, which is fine. But if Google can be trusted, why is so much effort going into de-Googling Android phones? Surely we could just log in & change the settings and everything will be just dandy.

For the record, didn’t wanna kick off a debate on how dirty Google is :laughing:.

1 Like