Do you take any specific measures regarding privacy on smartphones? Do you use a specific model? If so, share it here. Currently i prefer not to own a smartphone as i could not find a reasonable way to own one, but maybe i’m just not educated enough. What about you?
Articles on smartphone privacy or lack of it are also welcome.
It’s my interpretation that there are a couple ways to be secure on Android. One is by using CopperheadOS, but this only works on a small selection of phones (specifically certain Nexus and Pixel devices). [https://copperhead.co/android/downloads] That could work for you as an upgrade from what you’re used to though.
Another option could be using LineageOS (the current project of the team behind Cyanogenmod). I know that LineageOS has some privacyguard features so you can more easily limit what permissions each app you use has. I don’t know more specifics, but that might get you started looking into that. [https://download.lineageos.org/] LineageOS also supports a significantly wider selection of devices.
The third option I can think of is just purchasing a BlackBerry device, probably the KeyOne. I know little about modern BlackBerry specifics, but back in the day they were widely regarded to be the secure, safe option for a phone. Supposedly their Android distribution used on the KeyOne is a spiritual successor to their operating systems of old and has sufficient security/privacy features that you can lock that thing down tight. Again, look into specifics, as I stopped researching when I decided to get a OnePlus5 instead of a KeyOne, but it’s worth checking out.
Perhaps from these options, if you wanted, you could find a way to own a smartphone that you assess to be reasonable.
So get a smart phone and dumb it down? That is what I do. I remove all apps I can and disable what I can’t. Restrict proprietary apps by refusing permission to access parts of the phone like camera and contacts. I also only turn WIFI and Bluetooth on when needed. WIFI at home only and Bluetooth only at home or in truck. I disable telemetry of any kind.
I have to repeat above steps after every update.
You cannot find a more secure or privacy oriented smart phone on the market better than Blackberry. TCL makes them now, Android based. They have good software that monitors how secure your phone is and alerts you of apps acting badly.
I was going to get a Blackberry Motion for next smart phone, but the wife renewed company contract and came home with Samsung S8+s. After a week they still sit on my desk in the boxes. Samsung may be cutting edge, but their proprietary or sponsored apps are a nuisance. Can’t remove, problematic disabling, constantly need to be disabled after updates and still asking permissions after disabling. Also telemetry is a constant issue and getting worse.
I don’t know, with Android you have to go through great lengths since they love closing ARM as much as they could (of course x86_64 is definitely not 100% FOSS neither). May as well ditch Android at that point.
But there isn’t a compelling ternary option over Android or iOS. I might get the Librem 5 when it comes out, even though I wasn’t really invested in the Librem laptops.
My best advice for Android if ditching it too much is already said by MashedBrotato and Raziel.
In terms of smartphones, my weapon of choice is a Galaxy S7 running Lineage OS without the Google spyware Apps. Privacy guard is enabled, the few apps that I use are sourced only from f-droid.org due to their open-source policy.
Oh, and Firefox is downloaded straight from Mozilla, but I’m getting nervous about Firefox lately. Might start looking for a good alternative soon.
But even that isn’t enough sometimes. At the end of the day a smartphone is still an internet-connected computer, and hence vulnerable. For 2 Factor authentication etc I use a '00 Nokia 3310. You can’t hack a phone that has no internet connectivity at all.
what do you use for maps?
im already off of every other Gapp but i still user Gmaps
OsmAnd. The UI is quite a bit less refined than Google Maps, but overall I actually like it better. Works offline too, you just need to download the map in advance.
You actually don’t, you can choose another map tile provider that is online too (it’s a plugin). Not sure if it’s in the “official” build, but since you said you were using F-Droid you probably have OsmAnd~, and that definitely has it. Problem with the online tile plugin is that the “Map rendering” section of the options doesn’t seem to affect anything…
Rumour has it you can actually add a map tile provider that downloads the original google maps tiles, but I have not tried that and had no interest in it so far.
What I don’t like about OSMAnd (or most other OSM implementations for that matter) is that the maps look extremely cluttered. If you compare OSM and GMaps there’s a huge difference in visibility for the “important” stuff.
The only thing I have found based on OSM that has a similar map style is StreetComplete (which is not anything for actually navigating) and Scout, but that thing wants just… all the permissions 
Also traffic information is another thing I couldn’t really find on any OSM based navigation (Scout has it as an in-app purchase, but again…). It’s kind of weird since the traffic info that GMaps grabs is based on an open standard…
I did just recently install LineageOS to my OnePlus X, and this thing seems to have extra privacy layer, like even if I allow app, I may still forbid things from it
That is a feature as of Android 6… you can revoke specific permissions from an app even if it’s a legacy app that doesn’t use the new permission system.
Okay, as side note my OnePlus X seems to be atm android 1.7.2
I’ve been increasingly thinking about my phone privacy. I haven’t been able fully verify this, but I have noticed several times now something that bothers me. I’ll see something on TV, or read something on a webpage, and think (to myself) “Hmm, I want to look into that,” so I go to google and start typing, and the first suggestion is exactly what I was looking for. This has happened enough times now that I am leaning away from chance and more toward something else. Like I said, it bothers me.
On all my past phones I have ran custom ROMs, usually cyanogen. On my current phone, a Moto G5 (non-plus), I have been running the stock OS since I got it about six months ago. There aren’t any ‘official’ builds of Lineage for this phone, but there are a couple unofficial builds. I’m a bit hesitant to using something buggy, as I fought that battle on previous phones and didn’t like it. I need my phone to work reliably.
I’m, unfortunately, pretty dependent on Gmail. I use Maps occasionally. Youtube not so much. I’d probably be OK installing the smallest opengapps package. I use DNS66 for ads, which works good but prevents me from using a VPN. I have been using f-droid more and more, there are a lot of cool apps on there. I’ve been able to remove an app from the play store and install it with f-droid quite a few times now, so that’s cool.
In general, how is LineageOS more secure than a stock version of Android? What exactly does it do? Is it just more strict with permissions? Does it remove google telemetry stuff?
I am really excited for the Librem 5 phone.
I like how they decided to ditch the legacy phone baseband and just use a 4g wireless modem. So using it means you don’t need a traditional sim card with a number attached to it, instead you use a data-only plan using the telco infrastructure as dumb data pipes.
If this gains traction, I could see it planting the seeds for getting rid of legacy sim cards in mass, replacing them with pay for bandwidth usage regardless of wireless network the phone is currently using.
It would be hilarious if this actually happens and its all because Purism developers couldn’t afford to fund open source firmware for 4g basebands.
Same although I am not a fan with the idea of spending $600 on a cell phone.
Been using Sailfish OS on an Xperia X for a couple of months now, it’s neat that it’s a full-blown GNU/Linux distro based on OpenSuse (zypper available) but it’s nowhere near as mature as Android. Native apps are meh at best (but all the cli tools available then again is great, but it’s a phone afterall) and the lack of a couple basic features like fs encryption sucks.
But then again, it’s targeted for tinkerers and devs atm.
If it couldn’t run Android apps the phone would be just as limited as a dumb phone, or more like a plain linux handheld which it is… I haven’t installed the Play Services on it, and it’s not recommended either but people have done it, so for ie navigation I use Here Maps and for YouTube I’m using NewPipe.
Ran Wireshark on the phone for lulz a while back overnight while I slept and it basically had sat there dead silent not talking to any server, didn’t dig through the logs but such a low amount of traffic, with Android services turned off, was a positive surprise.