I hate it that they put al the nice features behind data harvesters. Want to have that nice traffic info (a nightmare on it's own, but it is handy)? Share all your data. Want to have Spotify? Share all your data.
I use GrapheneOS, I run Instagram in a seperate user profile within its own storage scope alongside an app called “Tracker Control” and block most trackers that way.
my favourite "Cyber-Security-Tool"? None of those logos up there qualify for that descrption... well... Authy perhaps...
yet, my favourite "Cyber-Security-Tools" would be
Configs:
This would make life very difficult for the vast majority of people. Many 2FA schemes only have SMS available and a SIP/VoIP number sometimes are barred from using them.
It’s an interesting experiment though, so I applaud this person for trying out a way to maximize their personal privacy.
I’ve tried carrying multiple devices but it’s honestly hard to do.
I made the switch when I got a new phone. So I kept both the old phone with android and the new phone with GrapheneOS. There was a transition period when I would bring both phones with me, just in case. Now my old phone is my “whatsapp” phone which I keep at home and turn on rarely. During the transition period I used my old phone number whenever I needed to provide my phone to use a service, but eventually I transitioned that to a VoIP. But, even then, many services will reject VoIP phone numbers, so I still make use of the old one.
I had to request a special scanner from my bank because the banking apps do not work with GrapheneOS. And I had to make sure that nothing important goes into my gmail anymore because google would request that I used my old phone 2FA in the most inconvenient moments, and also I don’t want to access google from my GrapheneOS phone.
I think that there are many annoyances that can and probably will happen if you try to jump right into GrapheneOS after having previously relied in the google/meta ecosystem. If you attempt to switch too quickly you might inadvertently lose access to your bank, and you might become suddenly unable to communicate with family and friends. My government’s online identification system requires that I use their app, which runs on google services, so I still have to use my old phone for that. And I have encountered situations in which the only reasonably convenient way to proceed is to download an app. For example, recently I registered for a gym that would then require me to use their google-store app so that I could identify myself when purchasing a physical card.
I am not sure as I did not test this one. Maybe you can go in person and get a worker to get you access to the kiosk through your account to print the card. It is one of those massive chains with gyms in every corner. I think that by now they rely on their digital infrastructure and many of their workers are not trained to handle uncommon situations. At least I get that from some of my experiences, but I could be wrong, maybe if I would have called them could have helped me with this. It was just easier to get the app into my old phone, print a card, delete the app.
Does WhatsApp not work at all on Graphene OS or do you just need to enable Google Play services for it to work? (I do understand why you personally may not want to enable the Play services, but I’m just curious about the potential capabilities).
I think that it works, but for it to work you need to enable Google Play services. From what I understand, this is done in a sandboxed manner simulating a fake identity, so it is possible to do this while isolating Google from your phone to an extent. But I think that WhatsApp is in itself problematic and one of the direct offenders that I want to avoid, regardless of its reliance on Google Play services, and so I have not gone through this effort myself.
Many people have the misconception that they’re defeating the purpose of GrapheneOS by using privacy invasive apps but in fact the opposite is true. If you want to use those apps, then using GrapheneOS allows you to protect your privacy from them far better than another OS.
GrapheneOS arguably makes the biggest difference for someone who is going to be using a bunch of mainstream apps including very privacy invasive ones. They need features like Storage Scopes and Contact Scopes more.
You’ll substantially benefit from our privacy and security features without making significant changes to your apps. In fact, you’ll benefit more from features like Storage Scopes, Contact Scopes, Sensors toggle, etc. if you use a bunch of very privacy invasive apps.
Looks like a good “best practices” sort of list. Would be nice if there was a bit more explanation as to why some of them are recommended (just because it’s good to understand why you’re disabling something rather than blindly following a guide), but still good!
To add to that other (much more in-depth) comment, I remember reading on the GrapheneOS FAQs that disabling everything you’re not actively using will generally improve security as you’re reducing the number of potential ways for an attacker to get in (phrases like “attack vectors” and “surface area” were used).
On a separate note I didn’t even know 2G towers were still active anywhere; they’re shutting down the 3G ones here!
I’m not the writer of the article, but here’s an answer you can find on running a quick search.
According to this article from the Electronic Frontier Foundation (EFF):
What is 2G and why is it vulnerable?
2G is the second generation of mobile communications, created in 1991. It’s an old technology that at the time did not consider certain risk scenarios to protect its users. As years have gone, many vulnerabilities have been discovered in 2G and it’s companion SS7.
The primary problem with 2G stems from two facts. First, it uses weak encryption between the tower and device that can be cracked in real time by an attacker to intercept calls or text messages. In fact, the attacker can do this passively without ever transmitting a single packet. The second problem with 2G is that there is no authentication of the tower to the phone, which means that anyone can seamlessly impersonate a real 2G tower and your phone will never be the wiser.
Cell-site simulators sometimes work this way. They can exploit security flaws in 2G in order to intercept your communications. Even though many of the security flaws in 2G have been fixed in 4G, more advanced cell-site simulators can take advantage of remaining flaws to downgrade your connection to 2G, making your phone susceptible to the above attacks. This makes every user vulnerable—from journalists and activists to medical professionals, government officials, and law enforcement.
Any outlook alternative that doesn’t look pre-dotcom? I really liked the Microsoft Mail app for its simplicity and the ability to have multiple inboxes, it’s a shame it is being replaced by outlook.
Most of the modern ones do store certain information on servers, though. Spark and Mailbird both do. Mailspring does as well if I recall correctly.
Most modern mail app developers seem to think that it’s more important to do search indexing and account storage on a server for ease of use, and expect inherent trust, foregoing all sense of real privacy under the veil of “we’re not evil, we promise.”
I’ve yet to find an email client that has a good modern look and feel, but doesn’t try to use server-side storage for some UX convenience factor.
I want the look and feel and mail host integrations of Spark (OAuth, like GMail, or preconfigs of hosts like iCloud) with the dumb-pipe-ness of Thunderbird. That’s the email unicorn I’m after.
privacyguides
Top
This magazine is from a federated server and may be incomplete. Browse more on the original instance.