So I’ve got Android as I want. LineageOS, no Google, Magisk, MicroG but with AndroidAuto with OsmAnd+.
But the outside world of WhatsApp, Bank apps, etc is putting pressure to join. Plus not everything works properly with MicroG instead of the Google service provider. Makes me cross techno-politically, but I can’t always hard life tech choices when it effects others.
So, what do others do? At the moment, I’ve thinking I need a non-free phone and a free-phone! Then what, I keep swapping SIM?? I can’t see a workable VM solution to run a non-free Android in a freer Android.
The state of the phone market is pitiful.
GraphineOS sandboxes google services. You can take it a step further and only install sandboxed google services on a work profile or user profile so you can have toggle-able google services, allowing bank access and whatnot.
Update: Old phone on way out, Pixel coming for me to try this.
I think there is a common misconception that LineageOS is a good rom for privacy when in fact its really meant for keeping an old phone useful and does not provide much in the way of added privacy or security.
OP if you want privacy on your phone there are better roms, the trade off with privacy is convenience. Banking apps especially have issue with privacy oriented roms.
Oh my phone is old, but 6GB RAM is still ok. LineageOS gives me the latest Android on old hardware, while giving me an easy out of Google data mining.
It doesn’t do a whole lot to prevent Googles’ data gathering. Still connects to a quite a few services in the background
Even without any of the Google services installed? I don’t think that’s true. It doesn’t have my Google login.
Like the other commenter said, its usefulness doesn’t really exceed keeping an older device up-to-date.
This article is only available in german, so I guess that’s the time to shine for the new translation feature in Firefox:
https://www.kuketz-blog.de/lineageos-weder-sicher-noch-datenschutzfreundlich-custom-roms-teil4/
GrapheneOS does look interesting. Though the Android Auto, that I use as the car satnav (with OSMAnd+), looks like it might be even more a pain to setup…
I can’t get over what a techo-political dystopia is, without a lot of faff. We need some law here, forcing standardized open interfaces! (And copyright trolling DRM pushing dark forces will fight that, because of media playing)
And Lineage OS can be de-googled fairly easily to remove such telemetry.
To someone who installed Lineage in the first place, further degoogling shouldn’t be too hard, I agree.
Install shelter and have a isolated work profile for my intrusive apps
But im still stubborn with not using whatsapp and my banking apps have passed safetybet luckily.
You could also look at setting up a matrix server whatsapp bridge… but maybe thats a selfhosting server thing and not android per se
Update to this: I did try that on my LineageOS and it still wouldn’t run. I’m getting a Pixel for GraphineOS. See how that goes.
If I cant find the app I need on fdroid, i usually just use the web version.
Banks don’t always have a mobile friendly web interface. When you turn on desktop mode (Firefox on Android of course) the site may load but not be very useable. (Though sometimes that is more useable than a bad mobile site)
Its usually good enough. Mobile check deppsit doesnt work. Other things are fine.
Good enough with some. Unfortantly with this bank, they use the app to auth access at all. And the app doesn’t like custom roms and I’ve not managed to fool it. Finally trying GraphineOS this week, when the Pixel arrives.
GrapheneOS is what you’re looking for if you have a pixel device.
Update: This is the path I set for now. Have to replace old phone now anyway.
I got lucky that my MicroG phone works with my bank. But I had to call them to tell them about it, then they flipped some flag on their end and it has worked ever since. So idk, call your bank.
Update: I’m going to try a Pixel and GraphineOS first. I’m expecting very little flexibility and understanding from a bank.
well, good luck
I needed to upgrade phone anyway. This one is over five years old and the camera and CPU seam rubbish now. The RAM is still enough, but screen is cracked too now and screen replace videos just look not worth the effort.
I honestly will not put ANY banking app on my phone. There is a risk of getting mugged or murdered for it. I keep a crypto wallet there with abut $50.
I don’t understand; how would a potential mugger or murderer know ahead of time that you don’t have a banking app installed on your phone?
I use lineage os with Foss apps and no microG. I use ntfy for push notifications but the apps need to support it.
I did for many years too. But I needed Android Auto for a new car. It kind of forced the issue and it wasn’t easy and I’m not happy how custom my install is now.
Use different profiles. They seperate apps, data, settings, etc. I use these profiles:
- personal (for photos, communication, etc.)
- internet (lemmy, mastodon, vpn, torrent, new pipe, etc.)
- google (play store, drive, maps, translate, etc.)
- finance (bank, paypal, localmonero, crypto wallets, etc.)
- school (teams, canva, web shortcuts, etc.)
I think in vanilla android you can have 3 user profiles and 1 guest. I use grapheneos which supports 15 users and 1 guest.
But you can’t have a profile with MicroG, and another with google play services, because they are installed systemwide, and afaik can’t be confined to a profile.
Oh right… In that case I would install just google play services and disable/uninstall it on profiles I dont need.
But you can’t disable google play services on certain profiles. It’s there, system wide, has access to everything, and is accessible by all apps. Actually it does so heavy modifications to the system that once installed you can’t really remove it, or at least the advice for removal is always a clean install of the system, there’s no official way for removal or a way that is recommended by any popular ROM
I’m on GrapheneOS now. I like the Sandboxing of Google. A compromise without feeling too compromised. The bank app runs too. Thanks for heads on GrapheneOS.
I use beeper to have all my non free messaging apps on my phone then I don’t have to worry about the spying as much. But that might not work for you.
OK, now that is very cool. It’s like Pidgin for 2023 and phones. I may well give that a try! May solve the messaging bit.
If you need a code to get in let me know I still have some, I can’t remember if they did away with their cue and just let people join now.
It looks like another closed app “build on open source”. Not sure it’s much more trust worthy than WhatsApp anyway. Need to read up. I wonder if I’m better of exploring open alteratives also set up my own Matrix bridges that Beeper is built on anyway. Though I’ve not heard good things about maintaining Matrix bridges.
I hope the EU get through the forced interoperability of chat apps…
They still have a queue, I just joined the waiting list.
Thanks for the discovery!
Here’s what I do. I have GrapheneOS with 3 user profiles for compartmentalization. Mullvad VPN on and set to different locations in all profiles except owner profile. I straight up don’t use the owner profile. I let it sit empty. I only use the two other profiles as they don’t have as much access to the phone. One’s my FOSS profile, which is my main profile. The other one’s my big brother profile, which has Sandboxed Play Services. I think that’s good enough for me, and I try to keep on top of permissions to limit what apps can access. You can always go further though, with more compartmentalization, no Play Services whatsoever, using no SIM/toggling airplane mode,FOSS dedication,… but it all depends on your threat model. For me, I think what I’m doing is good enough.
I’m on GrapheneOS now. I like the Sandboxing of Google. A compromise without feeling too compromised. The bank app runs too. Thanks for heads on GrapheneOS.