I think we all draw a line between privacy and convenience and I think I found mine and settled into a comfort zone of sorts. I use Fedora 38. My browser is Mozilla Firefox with it’s “strict” setting. uBlock origin and uMatrix. When I need/want to use a site that doesn’t work due to blocked connections I relax the restrictions in uMatrix or temporarily disable it entirely if I get frustrated or I’m in a hurry. I watch videos on YouTube. Don’t use social media, but I do use Facebook messenger (although I prefer to use Signal with the handful of people I can). I use a Xiaomi phone with custom ad blocking DNS (I’d like to get a Pixel with GrapheneOS someday). I look for an app on F-Droid first, but install it through Google Play if I can’t find what I need there. I use Qwant and DuckDuckGo. I use ReVanced. I do not use a VPN. I think that’s all the relevant information. My question is: how easy do you think it still is for big tech to track me? Are there any suggestions you would have for a person like me that wouldn’t sacrifice too much convenience?
Don’t use social media
If you wrote this post, you do use social media.
I think that’s a good setup. If you must have Facebook Messenger, my advice would be to maybe use a work profile for apps that track you. Compartmentalization is the key word here. Apps like Shelter make it really easy. I have to use WhatsApp and that is an app that is in the “unsafe” profile, aka work profile.
I have a question about the work profile: would it make sense to isolate the PlayStore too, as it‘s google? Because this is the main painpoint for me, as I cannot move to a custom rom with my phone currently
Afaik Google Play store and services are always installed as an admin app. I’m don’t think there is much we can do without custom roms
If you dont root that will Not be possible. Playstore is a key Feature of most Android Roms that ship with the phones. I run grapheneos. There i have Google Services disabled im my core Profile and have a separate Profile with Gplay. I know, that due to imei and other factors Google could easily track me possible but that’s Not my worry
Firefoxes strict settings are okay but not perfect, have a look at librewolf for an easy solution, or my Arkenfox softening tool to modify arkenfox to be easy to use.
Did you debloat your xiaomi phone already? May help with some things, but of course not much, but
- do you have google play services enabled?
- what keyboard do you use
- what mobile browser
Facebook messenger is cancer as its unencrypted afaik, so they read everything. Poor you.
An adblocking dns is good, do you have android tracking blocklists, to make xiaomi phones usable? But to be fair, samsung is way worse
Try shelter and isolate all these bad apps and disable them when not needed
I hadn’t thought about the keyboard! I use SwiftKey (which I now realise is a terrible choice) from way back before I started caring about my privacy. Do you have any good recommendations? The main thing I need is the three word suggestions to have dictionaries for multiple languages. I use Firefox on mobile as well, with pretty much the same settings and uBlock. I’m not sure what you mean by having Google Play services enabled, as I did say I use the store. Is there a way to use it and have the services disabled? Won’t that mess with banking apps? Also not sure what you mean by android tracking blocklists, but I think my dns blocks ads and tracking. I also don’t get any ads in system apps like settings for example. Tbh, I am a little afraid of debloating as I tried that ages ago on a Sony M5 and after uninstalling the apps, my phone started running insanely hot and slow. I had to put it right next to the air conditioner to be able to use it, reinstalled all the apps and the problem went away :D
Florisboard.
Its default settings are not perfect, you can theme it OLED black which is nice, it has an internal clipboard with the action bar for “mark all” “copy” “crop” “paste” “delete last entry” “show history” and even cursors. Its brilliant for privacy as its internal clipboard cant be seen by apps if you disable “sync to system”
It doesnt have autocomplete and after a quick rise and development its very rarely developed anymore. But I dont miss anything, just autocomplete and maybe Sayboars Speech to text would be nice addons
NextDNS has presets to block OS tracking, this is different from just Ads. Any DNS with variable blocklists can use these. There is a windows one, but not sure about Xiaomi.
You dont need google services to use Aurorastore. It works currently.
Also try creating a shelter profile and then disabling the play services using adb in the main one with
adb shell
pm uninstall --user 0 APPNAMES
you find commands online.
Google play services spy on everything with privileged permissions (all) as they are system apps. On GrapheneOS you can install them as regular user apps, and they still work.
I recommend Mull from F-droid instead of firefox. Try adding my custom addon collection:
https://addons.mozilla.org/firefox/collections/17446767/Fenix-Addons/
Piped for desktop would be a better option for youtube imo, but really depends on which “Big tech company” you’re trying to hide from and what information do you want to share with them. For example, Google probably has your ip tied to your gmail account, which has whatever information you used, since you didn’t use a vpn when first creating it. Also unless you disabled the bloatware via adb that came with your xiaomi device some other third party company may also have your ip and whatever info you inputted into those apps, if at all. Again just depends on what you want so your setup might be fine.
Edit: if wanting to protect from google then your mobile device is the biggest issue. Getting an always on vpn is a must (look at proton or mullvad), remove your personal account and create a burner with fake info and use something like aurora store with that burner account should help a lot. Would be really inconvenient if you still use your personal gmail account so maybe before doing anything start migrating to a different email provider
Edit 2: if protecting from meta then facebook messenger is the biggest issue. Getting an always on vpn that comes bundled with protection from trackers/ads (mullvad and proton i think does this) maybe your best choice unless you want to recreate your account and lose all of your contacts/messages which would be really inconvenient. So just treat facebook messenger like a public forum and dont give up too much info. If its possible maybe use a hardened browser, like mull +ublock, instead to use facebook messenger again if thats possible
My goal is to reduce the information collected about me (increase my privacy) as much as possible and at the same time keep as much of my convenience as possible. I’m not sure how much of an effect this has, but I never used any of the Xiaomi bloatware apps, because when you first open any of them you have to agree to their terms & conditions and when I tap disagree the apps just close (even the calculator, for example). Piped sounds like an interesting thing I should look into, I keep seeing it being mentioned everywhere. But I would assume that if there is a way to login to my account to get all my subscriptions and recommendations the privacy aspect will still be heavily compromised.
Havent personally created an account with piped since I like to limit accounts where ever possible but I believe you create an account with the piped instance that you choose so you dont login to your google account at all. You’ll have to do a google takeout iirc inorder to get a copy of your youtube subscription which you can then import.
Rethink for Android is an app firewall, DNS solution, and ad/malware/spam/etc blocker.
Might be worth giving a try.
