Android Privacy

So I am becoming very bothered by the fact Google and Samsung just take whatever information they desire and any "option" to opt-out seems to be the new high-tech unicorn.

For me the saga begins from the early days of smart phone. We're talking before Apple invented them, we're talking about the late 90's with devices called PDA's. PDA's, personal digital assistants, was the beginning of keeping your data on a small mobile device. While many went the way of the Palm devices, I found myself going the way of the WindowsCE devices. My first device was a Cassiopeia with a small suite of tools to enable you to keep your life in digital bliss. But this was the early days. There were offline devices with physical sync cables. And permissions were unnecessary because each app was it's own, oblivious to the existance of other apps.

None the less these simple devices with their limited suite of apps created some unexpected pit falls. Namely, you would need to find creative ways to store your data on the device. An early winner was the contacts app. It is much that same as it is today, but one found themselves using the app for much more than simply storing a phone number to a name. You would store everything you would ever need or want in that contact. Yes, this included SS#'s, CC#'s, passwords.... you get the idea.

Fortunately password managers came along quite quickly and I had settled down on one, to use in lieu of my contact app, but other sensitive data still resided in contacts.

As time went on and the devices got bigger, better, and more robust, It was not uncommon to upload your existing contacts to the latest device and their contact app. Then Google came along and everything moved to the cloud. For some stupid reason, I still felt safe.

Around ~2015 I started feeling the unease of my private data no longer being private.

By 2018 Samsung was the clear winner of the device wars but Samsung was doing something creepy. Their baked in Samsung apps stopped working unless you enabled "ALL" permissions! You want to use the samsung calendar app? well you must share your contacts, your location, everything!

Fast forward to 2021, The lastest saga for me begins with my upgrade to the Samsung Galaxy Fold 3. Samsung has taken their "we want ALL you data" to the next level. They have now given all of their baked in apps "administrator" rights. and yepp, the administrator will not bother you with asking for permission, they will simply give them access! Go in and turn the permission off? They will simply turn them back on! Whats worse, is even if you use an alternative app. the Samsung apps load in the background and snag the data they want anyways. MEGA CREEPY.

So what to do? Well this is my current strategy.

I have discoved a very nice ADB app to let you kill system apps and bloatware. So I have killed all of the samsung apps, and most of the google apps.

I am also trying to sever my relationship with Google. To date I have moved and deleted my contacts, calendar, email from google. Google drive is 90% deleted and im looking for an alternative. Google pictures and voice are on the todo list.

Samsung is deleted, no data there, no apps on my samsung phone.

Other privacy issues I'm working on, a private/offline copy/paste keyboard, a built in firewall to block internet access from selected apps (wtb Datura firewall on my phone!).

Once the bloatware is killed. I use a host of alternative apps to help assist in keeping my data private.

1. Shelter - This gives you fairly powerful way to use the work profile. While I don't log into any google or samsung accounts in my main profile, I do use the work profile to run the few remaining apps that are married to google. I have google sync turned off and some of the nasty offenders get put to sleep when they are not being used.

2. OpenContacts - This is a simple phone dialer that keeps contacts in the private database that is not seen, recognised, or shared as contact information. I still get caller ID information from this, and any apps forcing access to my "contacts" are met with an empty database. (I have also cleaned up my contacts, removing non-contact information such as SS#, CC#, etc).

3. eWallet - I'm migrating away from this as the version I am using if from the very early days of Android. I have intentionally never upgraded as my version is not very internet aware, does not share information with other apps, does not auto-fill websites. It is mostly an offline database that syncs with a PC app.

4. Memento Database - This is my main goto app for keeping data on my device. It is essentially a proprietary database that you can design for whatever information you want to keep. I use it to index my encrypted containers, I'm working on getting off evernote, and I store my private data here in encrypted tables. The only concerning downside is it seems to keep ALL of my various databases internally as one giant database. So corruptioin is a very real fear. I back up often!

5. Proton Mail, Calendar - In a move away from Google, I now use these apps. All of my data from Google has been deleted (save for email receipts).

6. Windscribe vpn/adblocker - Just a simple vpn with ad blocker, seems to work pretty well. Blokada would be my first choice but their vpn's are simply too slow for me.

7. Google Apps - Still married to this. I have synced my data to offline and deleted all of my old documents, so mainly only current documents, and I try my best to avoid creating documents I don't every tom, dick and harry to read. I also only access this via my webbrowser (Opera is pretty friendly for this - i.e. not wanting to open the app). No google apps are installed. -- I'm looking for an alternative!

8. Google Voice - Still married to this. I love this app and don't see any viable alternatives. It resides in the work profile, and while I used to turn off my work profile when not using it. this app has wore me out and I tend to leave the work profile running.

9. EDS - I keep all my offline data in a set of encrypted containers. The EDS Pro app is DRM locked to google so I am stuck using to free version (so no searhing). Not about to put my encrypted containers in the work profile! I did index my containers and put this in a memento database, so if I need to search for something, I just make the side-step over there to find out where my file is.

10. Opera - My favorite web broswer. Does very well for me. and I try to use more "apps" via their webpage opposed to using their android app. It also is configured to not open links in associated android apps.

11. Aurora Store + Fdroid - I download the majority of apps via these two apps. Of the few paid apps (that are not DRM locked) and oddballs that don't show up on Aurora, I download from the workprofile and use Shelter to move them to the main profile.

12. Gaia GPS - This is an offline map I've used for years, I can download aviation charts, marine charts, topo, sattelite, etc. And it has become a very nice replacement for Google MyMaps.

Other privacy practices.

1. I abandoned my Samsung Gear S3 watch for a chinese knockoff that does all of my fitness tracking in an app that does not require an online account.

2. In looking to replace Google Drive, I've been going through my old backups looking for an older office suite that works but has not yet jumped on the online/clound bandwagon. This one is hard!

3. I use the "Freeze" feature of shelter for those few apps married to google.

4. I still have my ES File Explorer Pro, but it is really showing it's age. Seems that android 11 (mebby 10) very agressively blocks access to the android app folders and this is a problem. Looking for something to replace, but honestly been looking for this for YEARS without success. There just does not seem to be anything even close to what this app can do.

5. I use a "backward" vpn profile to keep apps from accessing the internet. Essentially I add apps I want to block to the split-vpn list, and then set the VPN configuration to block all non-VPN traffic. It's a crazy concept I know, I'm telling the vpn to let my scary apps to bypass the VPN and then rely on the android kill-switch to block those apps from the internet. Would love to hear a better way to do this.