i’D i like to know what to do from, taking my phone right out of the box (droid) secure and private. a stetp by step and which tools and apps i should use. also maybe a few pointers on which apps NOT to put on my phone.
2 Likes
Well, that’s so hard to explain step-by-step. Basically… flashing GrapheneOS / LineageOS and never installing Gapps (Google services)
Then installing a firewall, Afwall+ (requires root) or Netguard.
To finish all you need is look for libre alternatives… Newpipe for Youtube, Osmand~ (p.e.) for GMaps, etc…
Stay away from Whatsapp, most convenient (not the most privacy one) alternative is probably Signal.
Of course, it is difficult to have an official ROM for your cell phone model.
If not, all you have to do is look for an unofficial one in the XDA forums, if you know nothing about Android and Linux… you have to trust the one who made and compiled the ROM… and it is also possible that it has bugs or unfinished functionalities.
GrapheneOS is just for Google Pixel phones.
LineageOS downloads.
However, flashing a custom ROM is not easy for the common user and can lead to a bricked phone, just disabling Google services and using alternatives should be enough to mitigate the data you give.
If you want to root the phone, don’t do it with some suspicious software… I think the only one probably safe is Magisk.
ClassyShark3xodus or Exodus are apps for identifying known trackers inside other apps.
Non-SystemWebView based browsers that are nice: Bromite (Chromium based without Google and adblocker integrated) / Fennec (Firefox without Mozilla) / Icecat (Firefox fork)
also maybe a few pointers on which apps NOT to put on my phone.
Pretty much don’t install GAFAM apps. Specifically Facebook app and related, Google Chrome, Google Services…
If you really want some app from the Play Store, Aurora Store is a nice app for that.
I’m not an expert, just an average user so no one should take my word for it without investigating for themselves.
Cheers.
1 Like
I think @Morgoth is definitely on the right track.
I’ve quit using Google apps on my phone a long while back and have built my own custom ROMs that are “Gappless” for myself and others. XDA is full of great ROMs for most phones and usually are fairly trustworthy.
To be very sure, you could build your own ROM from source, if you are interested, I have a YouTube channel where I teach others to do the same. You can check it out here: https://m.youtube.com/watch?v=yNVe3mjCI1k&t=5s
One thing to clarify, though. As long as you are hooked to your phone network, at&t, sprint, etc., a lot of your data, such as location, calls, texts, and any unencrypted traffic is always viewable by your carrier, and hence others. So, just wanted to mention that.
Good apps to use would be ones with encryption during transfer, like xmpp apps such as jabber and conversations. Encrypted messaging like with Linphone and others will help keep your data safe.
So, just a few thoughts for you. Hope it helps.
2 Likes
Don’t turn it on. This is the most secure and privacy-friendly setup.
Otherwise, you’ll have to make compromises. Making calls = reporting your location to your carrier. Using social networks = giving away your personal information to their owners. Using clouds = giving away your data to their providers. And so on, and so forth.
There’s no silver bullet that will magically make your phone private and secure. All depends on your needs and readiness to make compromises.
3 Likes
After unboxing don’t add a SIM card (not yet), setup as usual (but don’t connect to Wi-Fi).
Load NetGuard via an SDcard or Bluetooth or USB cable and block everything (whilelist mode).
Also load F-Droid, get your FOSS software (browser, encrypted SMS, etc) and only allow these to connect to the internet.
You can clean up more useless apps, use settings->uninstall, or disable or (if no option is available) use and USB cable and a PC to run adb and pm uninstall --user 0 appid instead 
3 Likes
Would installing something like Nebulo be also recommended? It is to avoid tracking over DNS by your ISP.
As far as I know, LineageOS based roms (Including GrapheneOS) has integratred firewall in their app permissions settings. Although it’s limited to a per app basis, it can completly block apps from wifi and data connection too.
1 Like
thanks i really appreciate the information. im more hip to desktops and i like to believe im pretty well equiped with the knoledge to make my computer privately.
1 Like
thanks my guy. is it posible to run tails of a cellular device?
2 Likes
No
Buuuuutttt, you can run Tor Browser and Orbot (enable the Guardian Project repo)
And Netguard (the Pro version iirc) can SOCKS redirect all (allowed) traffic through Orbot
1 Like
This topic was automatically closed after 60 days. New replies are no longer allowed.