76
Privacy Apps and Settings

  1. cmitchellshaw
    KitKat Jan 23, 2017

    cmitchellshaw , Jan 23, 2017 :
    Edit 04/11/2019: A lot has changed since I wrote this post. To see more up-to-date info on keeping your phone secure from surveillance, read over the thread. Newer info appears toward the bottom. I will plan to do an updated post soon, if there is sufficient interest.

    I am an unapologetic privacy advocate. If it does not bother you that your phone calls, texts, e-mails, and other communications as well as your location information, pictures, videos, etc. are being harvested by others, that is your choice. This thread is probably not for you. If those things do concern you, I hope this thread helps you.


    Living in the age of nearly ubiquitous surveillance, I know that many people are concerned about how technology — especially mobile technology — impacts privacy. I consider privacy as a fundamental issue related to liberty and have spent years learning about how different technologies can be used by overreaching governments and nosy corporations to spy on us all. I have also learned how to limit — if not totally stop — that surveillance. My philosophy is that if you do not own your data (meaning you alone get to decide who sees it and what they can do with it), you are not free. Flowing from that philosophy is the idea that if anyone — whether a representative of a nosy corporation or a government agent — is going to spy on me, I am going to do everything in my power to subvert that surveillance.


    I purchased the OP3 because OnePlus does not lock users to a particular carrier and allows unlocking the bootloader and rooting the phone without canceling the warranty. I was also pleased that the phone came running Android 6.0 which allows per-app permissions denial. These are features that were non-negotiable to me. But they are not enough. Fortunately, there are some settings that can be tweaked and some apps that can be installed to increase privacy. Some are better than others and all have their place.


    Having said that, even using all of these suggestions is no guarantee that you will not be the target of surveillance and data-mining. Part of the battle is the technology you use; the other part is how you use that technology.


    So, here are my suggestions. Feel free to use whichever you like and discard the rest, but keep in mind that my primary objective is protecting my privacy and liberty. You may not feel as strongly about that as I do, but this will serve as a good guide for you.


    I would love to hear what others are doing to protect themselves from surveillance.

    Settings

    Here are the settings I recommend. As I said above, use your own judgment. Also, do your own research. You and you alone are responsible for making the decisions to protect your privacy. You don’t know me; don’t trust me. Learn about each of these settings yourself.

    • I highly recommend making sure your phone is encrypted. Unless you have done a full reset, it probably is since it comes that way by default. To check, go to Settings > Security and fingerprint and scroll to the bottom. Under Encryption, it should say "Encrypted." If not, make sure your phone is fully charged and click "Encrypt." You will have to set up a password for this. Make sure it is long, random, and uses uppercase letters, lowercase letters, numbers, and symbols. DO NOT EVER FORGET THIS PASSWORD! If you do, you will have to factory reset and will lose everything on your phone.

    • Set your phone up to require password to start device. This will keep anyone from booting into recovery to access the files on your phone. WARNING! If you are rooted and running TWRP, this may cause issues with the encryption password in TWRP . Do your own research to find a solution, as it will depend on which version of the OS and which version of TWRP you are using.

    • While you are right there in Security and fingerprint, scroll up to Device administrators and click it. Turn off Android Device Manager. It’s a neat feature that allows you to find or wipe a lost phone or remotely install apps by logging into your Google account. It also makes tracking you a breeze if anyone gains access to your Google account. I recommend turning it off even at the cost of being able to track your own phone.

    • While you’re still there, click Unknown sources. This will allow you to install apps from sources outside the Play Store. BE VERY CAREFUL/SUSPICIOUS/PARANOID about the apps you install — whether they come from the Play Store or not.

    • Go to Settings > Apps and click on each app, one at a time. In each app, click permissions. Ask yourself whether those permissions make sense to you. Does your keyboard really need to see your location? Turn off everything you think is odd. Do these one at a time and then use your phone for a while to see if that disabled permission causes problems. If not move on to other apps and do the same thing. If it does break something, consider using a different app that does not require those permissions. This will require some thought. Maybe you really like that app, but is it worth risking your privacy and liberty over? You have to decide that for yourself.

    • Completely disable Google Now! It is pure spyware. In fact, disable any Google app you can live without. On my phone, I have Google Play Services (because the phone won’t work correctly with that) and Play Store (for apps). No other Google apps. Period. Later, in the Apps section of this post, I’ll cover some apps to replace those.

    • In the camera, TURN OFF LOCATION. When you post pics taken on your phone, anyone can see the metadata. If you save location, that is part of the metadata. Do you really want your pics to create a trail of your comings and goings?

    • Speaking of location. Pull down the notification bar and turn off location. Do not turn it back on unless you absolutely need it. As soon as you don't need it, turn it off. Mine is almost never on.

    • Do the same with NFC, WiFi, and Bluetooth.

    • Go to Settings > Google. Do the following:
      • Click Smart Lock for passwords and make sure it is off. Google cannot be trusted with your passwords.

      • Click Location. Make sure it is off.

      • Click Security. Turn everything off. There are better ways to handle everything in this section without giving Google the keys to your phone.
    • Go to Settings > Backup & reset. Turn off Back up my data. Do your own backups. As I said before. Google cannot be trusted with that data.
    Apps

    Here are the apps I recommend. As I said above, use your own judgment. Also, do your own research. You and you alone are responsible for making the decisions to protect your privacy. You don’t know me; don’t trust me. Learn about each of these apps yourself. Most, if not all, of these are available in the Play Store. If not, do a search. There may be better apps than these. These are the ones I use. I would be interested in hearing about what someone thinks is better.

    • Anti Spy Mobile — scans for known spyware and warns you of apps with “suspicious permissions.” It can be a little too picky. For instance, it warns me that Orfox (the Tor browser I use on my phone) may be “suspicious.” But I would rather it err on the side of being too careful than to not be careful enough.

    • Block Mic — blocks the microphone from being used by any app except the stock phone app. Even then, it alerts you when the microphone is activated. I turn it on and only turn it off when I need the mic to record sound for a video or recording. Then I turn it back on.

    • Camera Blocker — does the same thing for the camera.

    • Cell Spy Catcher B — monitors and learns the local cell towers and alerts you if there is a strange tower. This helps alert you to the possibility of Stingrays or other cell-site simulators used by government agents and hackers to capture mobile traffic.

    • Encryptr — a zero-knowledge, end-to-end encrypted password vault that syncs between platforms. Use it to create and store strong passwords for all of your accounts. You can install it on your phone and computers and whatever you save will be accessible on all of your devices.

    • Fake Hotspot Detector — like Cell Spy Catcher, but for hotspots.

    • Lookout — an antivirus scanner. It replaces the Google feature you turned off earlier to help identify apps that are designed to install malware on your phone.

    • Brave browser — a browser that does not track you. It blocks ads and provides greater security.

    • Orbot and Orfox — install both of these and use them together to encrypt and anonymize your mobile traffic. Research the Tor network to make sure you are using this properly.

    • Secure Wipe — clears the unused space on your phone to destroy traces of things you have deleted.

    • Signal — encrypted texts and calls between Signal users. It can completely replace your text app. If you text someone who does not use Signal, the text will not be encrypted and will only have one checkmark. If you text another Signal user, it will encrypt and show two checkmarks. It does not replace the stock dialer, but you can call from it. If the other person uses Signal, the call will go over data instead of voice and will be encrypted.

    • ProtonMail — Goodbye Gmail. This service offers 2GB storage for free and can be used by the app on your phone or on your computer over the Web. It offers end-to-end, zero-knowledge encryption for your e-mail. This means that ProtonMail cannot see your data and does not know your passphrase. You will set up two passphrases. One logs you into your account (ProtonMail knows this passphrase.) The other logs you into your mailbox (ProtonMail does not know this passphrase.) The app can be protected by a PIN and if too many attempts are made, it reverts to the passphrase. You can even send encrypted e-mails to non-ProtonMail users by password protecting the e-mail. The other person would enter the password for that message and be able to reply with an encrypted e-mail
    There are other things I could suggest if there is sufficient interest. I hope this is helpful to some in this community. Because where privacy and liberty are concerned, Never Settle!
     
    Last edited: Apr 11, 2019

    #1
  2. meatandy
    Oreo Jan 23, 2017


    #2
    Immi007, agoinfly, S0bek and 3 others like this.
  3. cmitchellshaw
    KitKat Jan 23, 2017


    #3
    Immi007, dorvin, fahad_maniar and 4 others like this.
  4. meatandy
    Oreo Jan 23, 2017

    meatandy , Jan 23, 2017 :
    I'm still rereading your information :rolleyes:
    :D
     

    #4
    Sun90 and cmitchellshaw like this.
  5. joelsedit
    Gingerbread Jan 24, 2017

    joelsedit , Jan 24, 2017 :
    I like the way you think, and just like you I looked forward to permitting certain permissions to certain apps: facebook using my mic, Weather using my dialer, that sort of thing. I know your intent to use Lookout solely as a virus detecting app, but for those that will rely on it to find your lost or stolen phone, then you will either have to enable location because without it Lookout won't be able to locate it.
     

    #5
    meatandy and cmitchellshaw like this.
  6. cmitchellshaw
    KitKat Jan 24, 2017

    cmitchellshaw , Jan 24, 2017 :
    I agree and that is a decision that each person will have to make for himself of herself. I personally don't have location enabled. I'd rather risk a lost or stolen phone than lost privacy and stolen liberty.
     

    #6
    dorvin, Emalinho and meatandy like this.
  7. G_Jason_Scheffler_XVAp
    Gingerbread Jan 24, 2017

    G_Jason_Scheffler_XVAp , Jan 24, 2017 :
    As big of a security/privacy advocate that I am I think you may have entered the tin foil hat area a bit. :)

    If we did all that you suggest we take a smartphone and turn it into an expensive dumb phone, everything in life is a trade off including security and privacy. We have to fund a balance between what we want and what it "costs".

    I do have concerns though about suggesting apps such as lookout. All apps like that do is generally cause problems
     

    #7
  8. LEFEUVRE E-Y
    Gingerbread Jan 24, 2017

    LEFEUVRE E-Y , Jan 24, 2017 :
    @cmitchellshaw Coming from IOS ( had a jailbreak Iphone 4 for 7 years, with settings like this), and new to android since july, but I 've done exactly same settings first hands on O+3, did the same after OTA nougat 4.0.2 after factory reset, some settings without wifi or LTE open ( in some case you can't do properly settings without data, wifi open...google shit )
    I also blocked/disable some google services/apps, and weather from O+3, community app...Why the weather's app, need to have contacts rights ? feel strange !

    And guess what ? I lost 0% per night ! ( Both doze switch on ) [​IMG]

    For the apps you had mention, i don't trust them for privacy or drain battery, I prefer not use of those kinds.
     
    Last edited: Jan 24, 2017

    #8
    G_plusone likes this.
  9. cmitchellshaw
    KitKat Jan 24, 2017

    cmitchellshaw , Jan 24, 2017 :
    I respectfully disagree. I am able to do just about anything I want with my phone. I use it both professionally and personally. I send and receive emails and texts, shoot and watch videos, shoot and view pictures, browse the web, download and upload files, manage my bank account, read books, manage social media, and more. I just do so without sacrificing privacy.
     

    #9
  10. SamiDutch
    Cupcake Jan 24, 2017


    #10
    cmitchellshaw likes this.
  11. djjokerdavid
    Donut Jan 24, 2017


    #11
    cmitchellshaw likes this.
  12. cmitchellshaw
    KitKat Jan 24, 2017

    cmitchellshaw , Jan 24, 2017 :
    thanks for the feedback. what did do you prefer for privacy and battery drain? by the way, though I didn't mention battery drain as part of my post, I'll mention that I get anywhere from a day and a half with heavy use to two days with moderate use.
     

    #12
    dorvin, Sun90 and Kiran.a.joseph like this.
  13. LEFEUVRE E-Y
    Gingerbread Jan 24, 2017

    LEFEUVRE E-Y , Jan 24, 2017 :
    I don't use 3rd part or apps for privacy, need to be more android user, later, maybe when I will go for root device, and searching for more info how android works, will probably do more custom settings....

    And for the drain part, since I lose 0% at night, I'm fine with it, just mention it cause talking about privacy= drain on background...
     

    #13
  14. cmitchellshaw
    KitKat Jan 24, 2017

    cmitchellshaw , Jan 24, 2017 :
    Actually, the privacy things i do run very little overhead as far as battery is concerned. For instance, my phone has been running for 22 hours and i have an estimated 21 hours left. That's with 3.5 hours SOT.
     

    #14
    dorvin likes this.
  15. SevenG
    Cupcake Feb 14, 2017

    SevenG , Feb 14, 2017 :
    I'm currently running Lineage specifically to add Privacy Guard to all those other controls you have in place, as well as sourcing things from F-Droid when practical. Are you running OOS? Are there any apps left that give that level of granular control? I am getting frustrated with the camera stability (I can live with the quality and shutter lag) in Lineage, and thinking about going back to stock after only three days with this thing.
     

    #15
  16. cmitchellshaw
    KitKat Feb 14, 2017

    cmitchellshaw , Feb 14, 2017 :
    I ran CyanogenMod for years. the per-app ability to refuse permissions is part of all Android after 6.0, do most of the reasons I was running CM are irrelevant to me now. I'm running OOS 4.0.3 and loving it. The camera is great!
     

    #16
  17. SevenG
    Cupcake Feb 15, 2017

    SevenG , Feb 15, 2017 :
    Right, but if I use Android to block, say, location data, the app is aware and can chose not to function. I also have to go back in to the permissions for said app to adjust it. PG lets me always allow, silently block, or ask every time. The latter is useful for the few occasions where I may want to use my camera to video chat, but not always have the camera available to that app. If there's a third party shim I could use (think Better Open With) to get that level of control with OOS, I'd jump ship just as soon as I'm back to a secure connection.
     

    #17
    cmitchellshaw likes this.
  18. cmitchellshaw
    KitKat Feb 15, 2017

    cmitchellshaw , Feb 15, 2017 :
    that's why i use camera blocker and block mic ( both from play store) to block the camera and mic when I'm not using them. check them out.
     

    #18
  19. GeekMax
    Eclair Feb 15, 2017


    #19
    cmitchellshaw likes this.
  20. cmitchellshaw
    KitKat Feb 15, 2017

    cmitchellshaw , Feb 15, 2017 :
    having read it, what are your thoughts? I'm surprised this thread didn't get more attention.
     

    #20