This is good. Will make it a Google Free World.
No chaos, no irritation.

Small Privacy and Security Guide for Android
by @Thespartann and @AOSDPx

1. Encrypt your /data partition and even sdcard.
2. Use Enforcing Selinux
(You probably knew all of this)
3. You can use AFWall+ to restrict internet acces and other permissions from other apps.
4. You can use a secure email and email client [Encrypted]
5. You can use more foss apps, and try to replace the apps you use everyday with foss ones.
6. You can restrict app permissions that aren't required with some apps
7. You could think of using something like MicroG instead of Gapps, or even living Gapps less.
8. You can use Encrypted chat apps [P2P]
9. You can use F-Droid android app store that only has FOSS apps
10. Remember that even if you think you don't have software backdoors, there can always be hardware backdoors!
11. Use a VPN, preferably not NordVPN or things like that. VPN is for hiding your data from your ISP, and not for sending it to someone else instead. "Yeah but how you can be sure that VPN collects data" - Most of them do. It's just a thing to make money from. Think about these free VPNs, how do they make money? Selling data. Ads are not a thing to make a lot of money from in this century. I would recommend Wireguard with Azire/Mullvad, as both value your Privacy & Security, supporting IPv6, P2P and no data monitoring.
12. Do not use Proprietary apps. "Why shoudn't i use them?" Because you can't know what is in the code, even if the app looks to not have anything shady. "So open source apps are always safe?" No they aren't. But at least the code can be modifyed for removing the data leaks or anything that might impact your Privacy or Security. FOSS apps tend to not collect data
13. Remember even AOSP has some Google stuff in it. For example AOSP dialer has Google lookup, the Captive Portal is Google one.
14. Do not use Social Media platforms like Facebook, as they are simply data mines.
15. Use Custom Roms instead of Stock Roms as, you know, Stock Roms are Proprietary. Custom Roms also might have Security improvments or other nice features.

Why should i do all of this? No one tells you to do it. These are only some tips. And think about it, if a friend asked for your Email password and adress or Social Media one, would you gave it to him? The answer is No most of the times. That's because you want a level of Privacy. If someone asked you to give him your phone password, you would probably have answered, I don't want to. Because you want a level of Privacy & Security. So if you know that Google or others companies can know a lot of things about you, would you still use Google stuff? Most say they don't care, as they think it is only for improving their product or their data will not get anywhere. But that is wrong. You can't be fully private or secure in this century, but you can at least be more than before with just some little changes.

[FOSS = Free Open Source Software]
[FLOSS = Free/Libre Open Source Software]
[P2P = Peer To Peer Connection]
[MicroG = Open Source alternative to Google Play Services Framework for Android]
[VPN = Virtual Private Network]

[Wireguard = New VPN technology, being called The most simple, easiest to use and simplest VPN solution in the industry. Comparing to OpenVPN which is based on IPSec Standard, Wireguard has around 4000 lines of code, while OpenVPN has around 120000 lines of code]

[Captive Portal = A captive portal is a Web page that the user of a public-access network is obliged to view and interact with before access is granted. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hot spots for Internet users]

Wikipedia definition of anonymous P2P: "An anonymous P2P communication system is a peer-to-peer distributed application in which the nodes or participants are anonymous or pseudonymous. Anonymity of participants is usually achieved by special routing overlay networks that hide the physical location of each node from other participants"

Intra (DNS) for Android

Intra (DNS) for Android

☣ Beware this company is owned by Alphabet = evil Google

Intra protects you from DNS manipulation, a type of cyber attack used to block access to news sites, social media platforms, and messaging apps. Intra also helps protect you against some phishing and malware attacks. It’s easy for anyone to use — just download the app and get started in a few seconds. You can leave it on and forget about it.

Features
• Free access to websites and apps blocked by DNS manipulation
• No limits on data usage and it won’t slow down your internet connection
• Open source
• Keep your information private - Intra doesn’t track the apps you use or websites you visit
• Customize your DNS server provider — use your own or pick from popular providers

Intra Website - https://getintra.org

Google Play - https://play.google.com/store/apps/details?id=app.intra


📡 @cRyPtHoN_INFOSEC
#dns #intra

NanoDroid

NanoDroid is a microG installer (by Setialpha) that can install MicroG either in system or systemlessly (as a Magisk module)

🌏Web:
https://nanolx.org/nanolx/nanodroid

📚 RTFM:
https://gitlab.com/Nanolx/NanoDroid

📝 Changelog:
https://gitlab.com/Nanolx/NanoDroid/blob/master/ChangeLog.md

🗣 XDA:
https://forum.xda-developers.com/apps/magisk/module-nanodroid-5-0-20170405-microg-t3584928

📲 F-Droid repo
https://nanolx.org/fdroid/repo
Link to add:
https://nanolx.org/fdroid/repo?fingerprint=862ED9F13A3981432BF86FE93D14596B381D75BE83A1D616E2D44A12654AD015

🆚 The full list of differences compared to upstream microG can be read here:
https://github.com/Nanolx/android_packages_apps_GmsCore#changes


Nanodroid zips:

♦️NanoDroid-*.zip
--This is the biggest zip and full of other foss apps.
--Flash either this or the MicroG zip.

♦️NanoDroid-microG-*.zip
--The real package. Contains MicroG stuff and patched Play Store.
--Flash either this or the full NanoDroid zip. This is recommended.

♦️NanoDroid-fdroid-*.zip
--Contains F-droid and its privileged extension. Optional.

♦️NanoDroid-patcher-*.zip
--Signature spoofing enabler.

♦️NanoDroid-setupwizard-*.zip
--Aroma setup wizard for MicroG nanodroid. Either use this, or default settings.

♦️NanoDroid-uninstaller-*.zip
--Self-explanatory.

(Note: * = latest version)


🏗 Steps to Install NanoDroid are:

NOTE: Do this on a clean flash of the ROM. That is, wipe Data, Cache and System, and flash your ROM again. (Otherwise you may have permission problems and battery drain.) Optionally, flash Magisk.
Make sure your ROM supports Signature Spoofing. Check #sigspoof

1. Flash NanoDroid-setupwizard-*.zip and configure your install.
2. Flash the NanoDroid-microG-*.zip (or NanoDroid-*.zip) and optionally NanoDroid-fdroid-*.zip. Note: If you have Magisk, no need to flash this again after future dirty flashes.
3. Setup MicroG using the microg #guide.

Report problems with NanoDroid here:
https://forum.xda-developers.com/apps/magisk/module-nanomod-5-0-20170405-microg-t3584928/


📡 @NoGoolag
#nanodroid #microg #guide

List with some of the problematic apps and issues with microg

https://github.com/microg/android_packages_apps_GmsCore/wiki/Problem-Apps

https://github.com/microg/android_packages_apps_GmsCore/issues

#issues #problems #microg

Dance Like No One's Watching,
Encrypt Like Everyone Is

Japan Orders Facebook to Improve Data Protection

The Japanese government on Monday ordered Facebook to improve protection of users' personal information following data breaches affecting tens of millions of people worldwide.
read more (https://www.securityweek.com/japan-orders-facebook-improve-data-protection)

📱 WebApps
(Sandbox for webapps)
https://f-droid.org/app/com.tobykurien.webapps

Provide a secure way to browse popular webapps by eliminating referrers, 3rd party requests, cookies, cross-site scripting, etc.

It accomplishes this by providing a sandbox for multiple webapps (like Google's apps, Facebook, Twitter, etc.). Each webapp will run in it's own sandbox, with 3rd party requests (images, scripts, iframes, etc.) blocked, and all external links opening in an external default web browser (which should have cookies, plugins, flash, etc. disabled).

By default, all HTTP requests are blocked (only HTTPS allowed). This improves security, especially on untrusted networks. The app can also handle HTTPS links and open them in their own sandbox.

Based on GApps Browser.


📱 GApps Browser
(Sandbox for web apps)
https://f-droid.org/app/com.tobykurien.google_news

This app started out as a way to view Google News on the author's phone but now encompasses Google+, Google Maps etc. The idea is to be able to access the Google web apps without having to log into Google on your browser, so that you can browse privately. It is a good way to access the Google webapps if you have an AOSP-based ROM and reject the proprietary GApps. Also the webapps are less bandwidth and battery-hungry than their native counterparts.

Links to external sites (such as news articles, etc.) will be opened in a regular browser, thus keeping the Google authentication sandboxed in the app


📡 @NoGoolag
#gapps #webapps

Google ends controversial practice with its mobile apps in the E.U.

In making their decision, antitrust officials in Europe had said that Google’s practice of tying the apps together could harm competition by giving Google a built-in advantage over new apps struggling to attract an audience. Regulators said 95 percent of Android users around the world were using their device’s default search engine — Google Search — rather than choosing an alternative.

📡@cRyPtHoN_INFOSEC

Portuguese app store Aptoide wins court battle against Google

A European court has ruled against Google in a landmark case brought by Portuguese app store Aptoide.

The US tech giant was ordered to stop removing the Aptoide app from users’ mobile phones without their knowledge, according to the report.

https://www.ejinsight.com/20181023-portuguese-app-store-aptoide-wins-court-battle-against-google

📌 This Week In F-Droid 26, Week 42, 2018 #TWIF

https://f-droid.org/en/2018/10/20/twif-26-tagesschau-f-droid-repo-and-translation-workflow-improvement.html

This Tor-Enabled SIM Card Will Keep You Anonymous On Mobile Networks

https://fossbytes.com/tor-enabled-sim-card-keep-you-anonymous/

https://redd.it/9r09g6

📡 @r_privacy

My phone is spying on me, so I decided to spy on it

https://www.abc.net.au/news/2018-10-25/my-phone-is-spying-on-me-so-i-decided-to-spy-on-my-phone/10306586

Google and Facebook have been hit separately by class action lawsuits accusing the companies of secretly tracking users’ locations, even after those users were led to believe that they had switched such tracking off.

Anyone whose location information has been tracked without their knowledge could join these class action suits. With millions of users potentially eligible, the bill could stretch into billions if plaintiffs get full relief in court.
https://nakedsecurity.sophos.com/2018/10/25/google-and-facebook-accused-of-secretly-tracking-users-locations/

📡@cRyPtHoN_INFOSEC

Pine64 is Working on a Linux Smartphone Running KDE Plasma

The actual phone design has already started but will not be finalized until Q2, 2019 after getting inputs from developer board and also pending on open software progress.

Lim said that they are using this three steps approach to avoid other Linux Phone misstep failures. The PinePhone separate out SoC and LTE module due to mainline binary blobs and GPL concern.

The targets price should be in $100+ range for 2GB RAM and 16GB storage configuration.

Read more:
https://itsfoss.com/pinebook-kde-smartphone


#pinephone #pine64 #kde #plasma #mobile #phone

Google’s smart city dream is turning into a privacy nightmare

https://www.engadget.com/2018/10/26/sidewalk-labs-ann-cavoukian-smart-city/


#google #smart #city

link
suggested gmap versions 9.87.3, 9.80.2, 9.83, 9.60.1 try your luck or use #alternatives

https://www.apkmirror.com/apk/google-inc/maps/

#gmaps