Sorry if this analogy has already been thrown at you dozens of times, I like to think of DNS like an address book for the internet. On a traditional phone, I can’t just type in someone’s name, I have to type in a number. Without DNS, the internet would be like that, accessing any website would require recalling and typing in the IP address. But DNS translates domain names (hence Domain Name System), the part of the URL leading up to .com, .ml, etc, into the proper IP addresses for you.

Unless you self-host, the DNS service is hosted on someone else’s server, and many devices default to communicating with the DNS server in plain text. Which is why you want to trust your DNS provider since they can keep a list of which sites you visit. And DNS over HTTPS mitigates the possibility of interception by encrypting your DNS requests.

Worth it, especially if you are stuck with the phone. Find FOSS equivalents of the built-in utilities (gallery, files, etc.), disable what you can (judiciously) with uad-ng, block the apps that can’t be disabled from network access using Rethink DNS, and use the websites of services on a computer browser instead of apps whenever possible.

It’s still far from what privacy ROMs can do for you, but until you can get a GrapheneOS, etc. friendly phone, taking some action is much better than just letting the spyware run wild.

Are you keen on using wireless headphones or speakers? If not, I’d go all the way for one without Bluetooth so the thought of present or future vulnerabilities won’t have to cross my mind whenever I use it.

In addition to the Bluetooth vulnerabilities other commenters have mentioned, a recent one affects headsets with Google’s Fast Pair feature. Once forcibly paired, an adversary can register the headset with their Google account. The headset thereafter pings nearby Android devices as part of the find lost devices network and can be used to track the victim.

Not sure if they are in production any more, but I can recommend the old iPod-looking Walkman and Sansa MP3 players. Currently also using a no-name iPod nano clone for the fact that it has a microSD slot, even upgraded the internal battery a few months ago.

Any hidden screws or seams to pry? Is there alternative firmware for it?

If not, I’d imagine your only options would be physically crippling the bluetooth module, porting something like OpenWrt to it, or getting a router that doesn’t force Bluetooth on you.

Instander still works, but it has fallen victim to the bus factor (the sole developer the_dise was reportedly KIA)

Just installed it to see, login is still required

If you are in the US, take a look at Fidelity or Vanguard. They haven’t required the use of a smartphone app.

Using a phone with Android 8 isn’t best practice for security by any means, but unless you are being targeted or going around downloading shady apps, it’s more likely it will run into app incompatibility issues in the coming years than anything else.

For sites where I’m making a low-value, one-off purchase and never coming back, I’ll use a pseudonym alongside a prepaid gift card, or failing that, a privacy.com virtual card. Not quite a sustainable strategy with eBay or Amazon, especially if the package needs a signature, so I’ll just use a privacy.com virtual card and supply a P.O. Box address

Mostly accepted that it is the way it is for these things. If the privacy-friendly option is giving up a few conveniences, I’ll take it. But if it’s keeping me from reaching certain goals, I’ll tolerate a compromise. I don’t think I’m being targeted either, so it’s all tolerable in my personal threat model.

How time-consuming would doing it yourself be, if anyone here has tried?

In my opinion, the reward for rooting LineageOS is pretty limited for having to risk one of the more important aspects of the Android security model, since the base system is already decently clean. If you want to go the extra mile, you could try installing the LeOS GSI, which strips out the remaining pings to Google servers (see LineageOS column of the table).

Definitely double check if the build you use has anything weird configured, but modern LineageOS (and Android in general) should already have good encryption by default. Not sure if LineageOS already has a way to toggle per-app network access, but if not, take a look at RethinkDNS, does a fine job without root.

Not much you can do about the unlocked bootloader, but as long as you aren’t being targeted by some agency, sticking to trusted sources like F-Droid for apps will go a long way. I have a similar approach with two phones and minimal personal data stored on each, so I’d personally approve of those elements.

Faraday cage might be of interest with regard to the iPhone since those can still function as their own AirTags even when powered off. But modern phones are surprisingly sensitive to signals so the slightest imperfection, especially in cheap Faraday bags, could give you away. While you’re at it, make a threat model to see if Faraday cages are necessary for your needs.

Another common mozilla L

And me over here wanting to use parental controls to protect my elders haha

A win for you getting parental controls lifted, hopefully you can eventually prove to them that the phone is just fine (or even better) with your apps of choice.

My uncle has worked many years in IT and sometimes lectures me on digital privacy and security. But I got a glimpse of his phones and computers, it was disappointing. Bogus security apps and optimizations and a refusal to update Windows. Probably different situation with OP’s father, but quite emphasizes the importance of continuing education.

OP probably isn’t self-hosting it. I haven’t got around to self-hosting it either and:

• a majority of instances no longer include Google
• many instances return absolutely bogus results
• the ones that return reasonable results have a 50% chance of getting ‘Suspended: timeout’

The rate-limiting has hit once-reliable instances really hard in the past few months.

If I had to go WiFi-only, there would probably be hours-long gaps when I am unreachable. So my compromise is to use a non-KYC data-only SIM. Even if VPN is left off, it routes traffic first to a datacenter far from my actual location, and there is no longer a route for unencrypted calls and SMS and the associated spam. I don’t have a habit of streaming media on the go, so the data lasts quite a while and there isn’t much of an urge to use public WiFi.

Doesn’t fully eliminate the problem as IMEI is still sent and the cellular modem is still a rogue black box, but a step in the right direction. Knowing that the cellular modem can run whatever code with deep privileges as it wishes, I try to keep as little of my business on my phone as I can, with the bulk of my workflow centered around my laptop. Don’t get me wrong, I don’t think this automatically makes me immune, but I do think it’s a neat little exercise. Perhaps one could abstract the problem of the modem by getting a separate wireless hotspot.

My friends and family have accepted that they either need to get Signal, XMPP, or Matrix or I will be largely unreachable. The only remaining need for SMS and GSM voice calls stems from work, which is all handled by my work phone that is powered down, or at least disconnected, once I leave for the day. It sucks that this is not the norm, but it looks like I am quite fortunate that my friends, family, and employer all tolerate this workflow.

Take a look at “IoT” SIM cards, they’re a bit expensive and data-only, but might not be subject to the same KYC regulations.

Anyone else wanting to move to CoMaps but procrastinating because they’d have to go about downloading the maps again?

Wow! That’s much more that I would have thought. Can’t wait to liberate my dad’s phone over the holidays, he’s on board with me getting GrapheneOS on it. Will have to see what I can do to their home network as well though since mom’s stuck on a carrier-locked phone.

Me over here having to provide my own work phone because BYOD. At least it’s my old phone I upgraded from, so the cost is already sunk.

Even if they did, your messages are going to be scanned via your recipients who use Gmail without opting out.

Interesting, had no idea until now that there’s such a thing as first-party malware loaded with the BIOS. Admittedly I’m caught in an ivory tower with my Corebooted ThinkPad. Although I haven’t purchased one yet, I’d say you made the right choice going with Framework.

Lenovo’s ThinkPad line has a sterling reputation. Among the best in terms of quality, service, repairability, and Linux support.

As for the largely consumer-grade options of ASUS and Lenovo’s consumer-grade IdeaPads, they’re rather similar in reputation and quality. Not exceptional, but they’re both perfectly fine options as long as you avoid the budget laptop segment (plastic chassis, broken hinges, etc.)

Any difference in privacy would come down to the pre-installed software, which is irrelevant if you plan on using Linux. If you will be using Windows, it’s always better to install your own fresh copy to purge any potential spyware and bloatware installed by the manufacturer. The activation key for whichever edition of Windows it comes with is embedded in the BIOS, so it’ll activate automatically after a fresh reinstall.

the only way i escaped this until now as being able to afford the hefty price tags on linux-only hardware with something like system76 and i can’t afford it anymore since i no longer earn a software engineer’s salary.

Why not a second-hand ThinkPad/Latitude/ProBook? They’re cheap and cheerful and well-supported by most distros.