I have just received a Samsung galaxy fold5 through the post, however I imagine itβs full of bloatware and Iβm inexperienced with this type of device. What is the first things that you would do to secure it? Thank you π
Edit: I mean to be more privacy focused
Send it back and get a Pixel.
I use FOSS applications as much as I can and try to avoid all samsung and google apps. In addition to that Iβm always on pi-hole network to block background network requests by Samsung/Google
Some apps I use:
- k9-mail
- Zulip
- Nextcloud/Talk/Notes
- tasks.org
- Signal
- F-Droid
- Magic Earth
- NewPipe
- Keepass2Android
- Brave
- Collabora Office
Donβt think Iβd actually recommend Brave to anyone, itβs definitely not as privacy focused as they claim.
β¦if you really have trouble finding stuff on how Brave is terrible for privacy, Iβm gonna go out on a limb and say you have trouble reading. Itβs known by most people that itβs a scam. They sold private user data to machine learning companies, they are predominantly a crypto company who has a browser, they are chromium based, etc
Problems with Brave
I pasted here the post by u/foamed [https://libreddit.oxymagnesium.com/u/foamed] at https://www.reddit.com/r/FoamList/comments/q4z5js/brave_browser_controversies/ [https://www.reddit.com/r/FoamList/comments/q4z5js/brave_browser_controversies/]
Some information about the co-founder & CEO of Brave, Brandon Eich [https://en.wikipedia.org/wiki/Brendan_Eich].
Controversial past and opinions:
- https://blog.mozilla.org/en/mozilla/brendan-eich-steps-down-as-mozilla-ceo/ [https://blog.mozilla.org/en/mozilla/brendan-eich-steps-down-as-mozilla-ceo/]
- https://www.theverge.com/2014/4/3/5579516/outfoxed-how-protests-forced-mozillas-ceo-to-resign-in-11-days [https://www.theverge.com/2014/4/3/5579516/outfoxed-how-protests-forced-mozillas-ceo-to-resign-in-11-days]
- https://www.bbc.com/news/technology-26868536 [https://www.bbc.com/news/technology-26868536]
- https://www.standard.co.uk/tech/mozilla-boss-brendan-eich-quits-in-row-over-his-opposition-to-gay-marriage-9237701.html [https://www.standard.co.uk/tech/mozilla-boss-brendan-eich-quits-in-row-over-his-opposition-to-gay-marriage-9237701.html]
- https://www.theguardian.com/technology/2014/apr/02/controversial-mozilla-ceo-made-donations-right-wing-candidates-brendan-eich [https://www.theguardian.com/technology/2014/apr/02/controversial-mozilla-ceo-made-donations-right-wing-candidates-brendan-eich]
Anti-vaxxer:
- https://www.nytimes.com/2020/12/22/business/brave-brendan-eich-covid-19.html [https://www.nytimes.com/2020/12/22/business/brave-brendan-eich-covid-19.html]
- @BrendanEich: βFauci lies a lot.β - Dec 11, 2020 [https://twitter.com/BrendanEich/status/1337496169690230784]
- https://www.reddit.com/r/BATProject/comments/khmbvl/do_you_feel_that_brendan_should_step_back_from/ [https://www.reddit.com/r/BATProject/comments/khmbvl/do_you_feel_that_brendan_should_step_back_from/]
Eich pushed an anti-vaxx conspiracy on Twitter: https://twitter.com/BrendanEich/status/1538253982845399040 [https://twitter.com/BrendanEich/status/1538253982845399040] - If you look at the βsourceβ itβs from a nutritionist whoβs also a conspiracy nut. There are no verifiable and trusted sources.
Here are some controversies surrounding Brave and their browser over the past couple of years:
Privacy related:
- https://www.lifewire.com/brave-browser-falls-short-of-its-promises-of-privacy-5206799 [https://www.lifewire.com/brave-browser-falls-short-of-its-promises-of-privacy-5206799]
Brave automatically redirected searches to affiliate version of URLβs which Brave profits from:
- https://decrypt.co/31522/crypto-brave-browser-redirect [https://decrypt.co/31522/crypto-brave-browser-redirect]
- https://www.zdnet.com/article/privacy-browser-brave-busted-for-autocompleting-urls-to-versions-it-profits-from/ [https://www.zdnet.com/article/privacy-browser-brave-busted-for-autocompleting-urls-to-versions-it-profits-from/]
- https://www.theverge.com/2020/6/8/21283769/brave-browser-affiliate-links-crypto-privacy-ceo-apology [https://www.theverge.com/2020/6/8/21283769/brave-browser-affiliate-links-crypto-privacy-ceo-apology]
Brave collected donations on content creators behalf without consent:
- https://bitcoinist.com/brave-browser-donations-not-optional/ [https://bitcoinist.com/brave-browser-donations-not-optional/]
- https://www.theblockcrypto.com/daily/5839/brave-browser-is-collecting-donations-on-your-behalf-did-you-know [https://www.theblockcrypto.com/daily/5839/brave-browser-is-collecting-donations-on-your-behalf-did-you-know]
- https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-browser-no-longer-claims-to-fundraise-on-behalf-of-others-so-thats-nice/ [https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-browser-no-longer-claims-to-fundraise-on-behalf-of-others-so-thats-nice/]
Brave leaked Tor/Onion service requests through DNS:
- https://www.reddit.com/r/netsec/comments/lndfms/more_in_comments_brave_browser_leaks_your_tor/ [https://www.reddit.com/r/netsec/comments/lndfms/more_in_comments_brave_browser_leaks_your_tor/]
- https://github.com/brave/brave-browser/issues/13527 [https://github.com/brave/brave-browser/issues/13527]
- https://www.ghacks.net/2021/02/25/latest-brave-browser-update-fixes-tor-onion-dns-leak/ [https://www.ghacks.net/2021/02/25/latest-brave-browser-update-fixes-tor-onion-dns-leak/]
And this to some degree where they temporarily whitelisted certain Facebook and Twitter trackers without telling their users:
Sending unsolicited marketing mail to users, though Brave claim its all anonymous:
- https://twitter.com/sebmck/status/1531740563900448769 [https://twitter.com/sebmck/status/1531740563900448769]
- https://www.reddit.com/r/brave_browser/comments/t4gzuw/update_on_braves_ongoing_direct_mail_marketing/ [https://www.reddit.com/r/brave_browser/comments/t4gzuw/update_on_braves_ongoing_direct_mail_marketing/]
And if you want more, hereβs some more. https://www.reddit.com/r/privacy/comments/v44vut/brave_browser_sending_unsolicited_marketing_mail/ [https://www.reddit.com/r/privacy/comments/v44vut/brave_browser_sending_unsolicited_marketing_mail/] that links this Twitter interaction: https://nitter.net/sebmck/status/1531740563900448769 [https://nitter.net/sebmck/status/1531740563900448769]
Google play services constantly send information to google, the only functional and degoogled rom Ive found is Grapheneos.
The real downside of brave is the cryptocrap. It is still optional. However the fact that it support the chromium monopoly is also a bad point.
Samsung locks their bootloader, so flashing is neigh impossible on them as of late.
- Factory reset
- Setup but SKIP GOOGLE & SAMSUNG LOGIN
- Install F-Droid/Droid-ify
- Install Aurora Store
- Uninstall or disable as much default apps as you can
- Install Simple Mobile Tools or other opensource alternative from F-Droid
- Install everything else you need
Use openaource apps from fdroid, or if you really have to then use Aurora store. For office use collabora office, for youtube newpipe, video vlc, etc. NEVER LOG IN TO GOOGLE/SAMSUNG ACCOUNT ON ANY APP except Aurora store. For any other recommendation/alternative just aak me.
these changes are going to decrease security overall. privacy and security are not one in the same. edit: I guess they edited the postπ«
also, logging in to aurora is almost guaranteeing your account getting banned. use a throw away account if the default ones are rate limited
logging in to aurora is almost guaranteeing your account getting banned
Im using my main account on aurora store on 4 profiles for past month and everything is ok (for now).
I think you confuse security and privacy. Samsung are pretty secure from what I saw. They are not private at all however. You can debloat it with adb and maybe tools such as Universal Android Debloater.
There is a couple of guide such as this one: https://linustechtips.com/topic/1402380-ultimate-samsung-oneui-debloat-privacy-customization-guide/
Hey thatβs me!
One thing I noticed is I never updated the app icon customization section. You donβt need Asapticons/Icon mixer. Themepark has an option to add custom icons now!
I can also post my De-Bloater config (root only)/list of apps (that can be used to disable them via ADB) Iβve removed when I update the post in a bit.
Iβm still on Fold3/OneUI 5.1 but apps should be similar.
