I am increasingly conscious of security and privacy. I don’t want my data or telemetry being sent to google or Facebook, and I want to make sure my device is encrypted and not readable by anyone other than me.

Is there a standard go-to guide on securing an android device with these types of goals in mind? Is true privacy possible without having to install Graphene?

  • MrSoup@lemmy.zip
    link
    fedilink
    English
    arrow-up
    10
    ·
    edit-2
    6 months ago

    “True” privacy is up to you and what you do with your phone. By default Android uses some Google services impossible to remove without changing ROM, like Google Play Services, SUPL and PSDS.

    What you can do for other apps and services is what I’ve done with my old phone (not GrapheneOS compatible):

    • Use TrackerControl to block apps’ network requests
    • Use alternative to Google Apps and other not so privacy respecting apps
      • Aurora Store and F-Droid instead of Google Play Store
      • OsmAnd instead of Google Maps
      • LibreTube instead of Youtube
      • Always prefer foss apps to closed ones (see F-Droid)
    • Try to uninstall pre-installed apps with ADB
    • Lock down your web browser with privacy addons
    • Cris16228@lemmy.today
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      6 months ago

      LibreTube instead of Youtube

      I prefer grayjay! It’s great and it has a good-ish desktop version

      • MrSoup@lemmy.zip
        link
        fedilink
        English
        arrow-up
        2
        ·
        6 months ago

        I remember reading time ago that Google enforces file-based encryption by default on Android which gets decrypted on first unlock when you boot your phone.

        Try to look up in your settings for “encrypt”, then you should find the option “Encrypt Phone” with or without the label “Encrypted”.

        Anyway this defends you only from an “hands-on” attack with physical access to the phone.

  • Admiral Patrick@dubvee.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    6 months ago

    AFAIK, there’s two types of “secure” when it comes to Android:

    1. Secure against your phone getting stolen
    2. Secure against Google’s data harvesting

    (I guess a third “secure” would be 'Secure against exploits", but that’s outside the scope of my advice).

    It’s not impossible to be both types of secure, but it is difficult. The main reason both is hard is because to achieve #2, you have to unlock the bootloader which leaves you open to #1 since re-locking it after installing a good custom ROM will prevent the device from working (or brick it at worst).

    Achieving #2 is sufficient for me since I don’t keep a lot of sensitive data on it, and that sounds like what you’re asking.

    On my phones that support it, I do unlock bootloader, install LineageOS without GApps, and make sure I have root available. I run few apps, but the ones I do all come from FDroid (or Aurora Store in a pinch).

    On phones where I can’t unlock the bootloader, my options are much more limited. Typically I’ll disable all the Google and carrier services (including Play Services) and disable and replace all the stock apps with ones from F-Droid.

    • shortrounddev@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      If my phone is physically compromised and the bootloader is unlocked, my hope is that storage encryption would make it a “non-issue”. Yes, they could wipe the device and delete my data then resell the phone, but at that point all they’ve stolen is a $300 phone with maybe $80 resale value and not my entire identity

  • smq@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    not sure about standard, but privacyguides.org has some nice resources for getting started. I recommend their “threat model” resource in particular; it shows you what direction you should work towards depending on your privacy goals.

    Privacy Guides has an Android page as well.