Mutt
Professional
- Messages
- 1,056
- Reaction score
- 643
- Points
- 113
The content of the article
You leave the entrance, squint against the sun, and you already receive a message on your phone. This is Google, it knows exactly where you are going and politely prompts the transport schedule. Wait, here's another message: "Schedule of flights to St. Petersburg." Indeed, yesterday you were looking for a cheap ticket, Google knows that too. He even knows that today you are going to the movies, that is what you discussed in Hangouts. Google's intelligence and knowledge of users has long been a surprise, but is its dubious privacy concern worth it?
Start
We are being watched, I do not recognize ordinary guys - school, home, institute.
When this song of the MultFilmy group was still played on Nashe Radio, the world was completely different. Smartphones did not exist as a class, the Internet was not available to everyone, and most had to use a dial-up modem, which not only slowed down insanely, but also occupied the telephone line. There were two years before the launch of Facebook, five years before the announcement of the Apple iPhone, and the idea of an Android startup was just maturing in Andy Rubin's head.
The idea that in ten years' time all of our digital information, including location, preferences, personal photos and documents, would be available in real time to large corporations was more like an Orwellian dystopia than a future. Nevertheless, today we have what we have: Google, together with Apple and Facebook, track all our movements, they know our name, surname, addresses of residence and work, all our passwords, credit card numbers, "see" our photos, can guess our preferences on a particular day of the week, they know what we eat, drink, who we sleep with, in the end.
Corporations are 100% infiltrated into our lives and want to infiltrate another 110%. This is true and it cannot but depress. Fortunately, we still have freedom of choice, and we don't have to trust our lives to a bunch of companies. Google sells us smartphones for next to nothing in order to get hooked on its services, and we will turn Google's weapon against it.
Getting ready
In this article, I will show you how, using very simple manipulations, to turn an Android smartphone from a "google probe" into a device that will be completely invisible to Google and other companies. We will have access to an anonymous app store, file synchronization with our own Dropbox, the contents of which are inaccessible to anyone but us, synchronization of contacts and calendar with our own service and, of course, an anonymous web browser, as well as a system for protecting personal data from applications. which we cannot trust.
Almost any Android smartphone will work, but you can make your life a lot easier by purchasing one of the Nexus smartphones. Their plus is the unlocked bootloader and the use of pure Android without manufacturer's bookmarks. The Google Play edition is also a good choice, but as I said, just about anything will do. Our first task is to free this smartphone from all Google software, including the market, mechanisms for logging into a Google account, synchronization services and other components, as well as bookmarks and synchronization tools provided by the smartphone manufacturer.
And here we have two ways: we can either clean the existing firmware, or install CyanogenMod instead. The second method is much more preferable, it is simpler and allows you to get a completely clean system in just a few minutes. Therefore, I recommend going the first way only if there are obvious obstacles to installing CM, for example, there is no CyanogenMod port for this model, or unlocking the bootloader is impossible (it is very rare in modern devices). In any case, we will consider both ways, and you can choose the most suitable one for you personally.
INFO
You can check the availability of the CyanogenMod port for your device on w3bsit3-dns.com. Just find a topic dedicated to your model and go to the "Firmware" section. Be careful: the port may be crooked or incomplete.
The first way. We use the drain
So you decided to stay on stock. The action plan is as follows:
Root
The most non-trivial moment. There is no universal and effective method for getting root rights for all smartphones, so you have to try different tools and hope for a successful result.
The easiest option is to use one of the "unlicker" applications for Android that allow you to get root rights in one click / tap. The most popular apps in this family are Framaroot and Kingo Root. The first has established itself as a stable tool, but does not work for all versions. The second one often fails, but, according to the developers, it is capable of ruining almost any version of the OS.
The original is uploaded to Yandex Disk - https://yadi.sk/i/xbiKE_NuFDE3jw
The content of the article
You leave the entrance, squint against the sun, and you already receive a message on your phone. This is Google, it knows exactly where you are going and politely prompts the transport schedule. Wait, here's another message: "Schedule of flights to St. Petersburg." Indeed, yesterday you were looking for a cheap ticket, Google knows that too. He even knows that today you are going to the movies, that is what you discussed in Hangouts. Google's intelligence and knowledge of users has long been a surprise, but is its dubious privacy concern worth it?
Start
We are being watched, I do not recognize ordinary guys - school, home, institute.
When this song of the MultFilmy group was still played on Nashe Radio, the world was completely different. Smartphones did not exist as a class, the Internet was not available to everyone, and most had to use a dial-up modem, which not only slowed down insanely, but also occupied the telephone line. There were two years before the launch of Facebook, five years before the announcement of the Apple iPhone, and the idea of an Android startup was just maturing in Andy Rubin's head.
The idea that in ten years' time all of our digital information, including location, preferences, personal photos and documents, would be available in real time to large corporations was more like an Orwellian dystopia than a future. Nevertheless, today we have what we have: Google, together with Apple and Facebook, track all our movements, they know our name, surname, addresses of residence and work, all our passwords, credit card numbers, "see" our photos, can guess our preferences on a particular day of the week, they know what we eat, drink, who we sleep with, in the end.
Corporations are 100% infiltrated into our lives and want to infiltrate another 110%. This is true and it cannot but depress. Fortunately, we still have freedom of choice, and we don't have to trust our lives to a bunch of companies. Google sells us smartphones for next to nothing in order to get hooked on its services, and we will turn Google's weapon against it.
Getting ready
In this article, I will show you how, using very simple manipulations, to turn an Android smartphone from a "google probe" into a device that will be completely invisible to Google and other companies. We will have access to an anonymous app store, file synchronization with our own Dropbox, the contents of which are inaccessible to anyone but us, synchronization of contacts and calendar with our own service and, of course, an anonymous web browser, as well as a system for protecting personal data from applications. which we cannot trust.
Almost any Android smartphone will work, but you can make your life a lot easier by purchasing one of the Nexus smartphones. Their plus is the unlocked bootloader and the use of pure Android without manufacturer's bookmarks. The Google Play edition is also a good choice, but as I said, just about anything will do. Our first task is to free this smartphone from all Google software, including the market, mechanisms for logging into a Google account, synchronization services and other components, as well as bookmarks and synchronization tools provided by the smartphone manufacturer.
And here we have two ways: we can either clean the existing firmware, or install CyanogenMod instead. The second method is much more preferable, it is simpler and allows you to get a completely clean system in just a few minutes. Therefore, I recommend going the first way only if there are obvious obstacles to installing CM, for example, there is no CyanogenMod port for this model, or unlocking the bootloader is impossible (it is very rare in modern devices). In any case, we will consider both ways, and you can choose the most suitable one for you personally.
INFO
You can check the availability of the CyanogenMod port for your device on w3bsit3-dns.com. Just find a topic dedicated to your model and go to the "Firmware" section. Be careful: the port may be crooked or incomplete.
The first way. We use the drain
So you decided to stay on stock. The action plan is as follows:
Root
The most non-trivial moment. There is no universal and effective method for getting root rights for all smartphones, so you have to try different tools and hope for a successful result.
The easiest option is to use one of the "unlicker" applications for Android that allow you to get root rights in one click / tap. The most popular apps in this family are Framaroot and Kingo Root. The first has established itself as a stable tool, but does not work for all versions. The second one often fails, but, according to the developers, it is capable of ruining almost any version of the OS.
Kingo root.
Try them first. It didn't work - we are looking for our smartphone on w3bsit3-dns.com and see how to get root on this device. There are practically no “unbreakable” smartphones, so you will surely find the right tool.
Unlink from Google
With root, removing Google apps from your smartphone is as easy as shelling pears. To do this, you just need to delete a few files from directories /system/appand /system/priv-app, a few files from /system/frameworkand a set of low-level libraries from /system/lib. I could give a list here, but it differs from version to version, so I'll tell you about a very simple and universal way to find out the correct list of files.
Open the Open GApps page, select the GApps package for our Android version, select the platform (ARM, ARM64, x86) and press the red button to download. Open the resulting ZIP in any file manager. What is in systemis the files that we need to delete from the smartphone. This can be done using any root-enabled file manager. For example, Root Explorer.
Google Apps in File Manager.
At the end of the operation, be sure to perform a factory reset (Settings -> Restore and reset -> Reset settings), otherwise you will get tired of the errors that appear on the screen.
It is also worth looking for recipes for disabling services on specialized forums. Often, users share such information and if there is a way, you will probably find it.
The second way. Install CyanogenMod
This option is good because, in addition to a clean firmware, in most cases we will also receive an updated version of Android with bug fixes and closed vulnerabilities. You will have to pay for this by having to unlock the bootloader. Fortunately, most manufacturers allow you to do this using an online service, or rather a digital key that you can get with it. Moreover, the bootloaders of Nexus smartphones and almost all Chinese smartphones (including Xiaomi, ZTE and OnePlus) are unlocked by default, or rather locked without using a digital key, and Samsung devices can be unlocked using their own CROM Service application.
In any case, you need ADB and fastboot tools from the Android SDK to install CyanogenMod on any device. The easiest way to install them on Windows is with a custom installer. It will install the necessary drivers, as well as the fastboot and ADB we need. On Linux, the same task is accomplished by installing the android-sdk-platform-tools or android-sdk-tools package, depending on the distribution. No drivers needed.
Fastboot and ADB installer.
Next, we need to find a custom recovery console for our smartphone. TWRP is best suited for this role. We go to the official website and look for your device. In the Download Links section we find the download link and get the file. If we could not find TWRP on the official website, we go through the forums in search of an unofficial version. It is almost always there, if not TWRP, so ClockworkMod.
Now you can unlock the bootloader and flash TWRP. Samsung owners must first install the CROM Service application from the local market and unlock the bootloader through it. Next, turn on "Debugging by ADB": "Settings -> About phone" -> five tapes by "Build number".
Next, "Settings -> For Developers -> Debug Mode".
We connect the smartphone using a USB cable to the computer and execute the command (Linux users substitute in front of this and all subsequent commands sudo)
adb devicesIf everything is configured correctly, at this moment the smartphone should show a debug request on the screen, we agree. Next, we reboot the smartphone into fastboot mode: Perhaps, after that, a menu will appear on the smartphone screen, with which you need to manually select fastboot (navigation - volume keys, Enter - power button). Next, HTC owners go to HTCDev, and Sony owners go to developers.sonymobile.com. In either case, you need to select your device and simply enter the fastboot commands indicated in the instructions, usually there are two of them: one to obtain a digital device key, the second to unlock the bootloader.adb reboot bootloader
Owners of Nexuses and Chinese devices don't go anywhere, they just do this:
Further, in all cases, you can flash TWRP and reboot:
fastboot flash recovery file_twrp.img fastboot continue
Now we need to find the CyanogenMod build for our device. All official builds are available at download.cyanogenmod.org . We just drive the device name into the search bar on the page and download the last one. Can't find an official port - it doesn't matter, go to the forums and look for an unofficial one. Please note that you need a ZIP file, firmware in other formats will not work.
The last step is to transfer the firmware to the device's memory card and reboot it into recovery mode:
When the TWRP interface appears on the screen, click Install, select the firmware file and move the slider labeled Swipe to Confirm Flash. After rebooting, you should get a clean CyanogenMod.
We put an alternative market
We now have a clean or near-clean firmware that does not contain Google components at all. But how to install software without the Play Market? There are several alternatives for this:
F-Droid in person.
These three stores should be quite enough to comfortably exist without a Google store (they do not conflict with each other), however, there is one problem: many applications are tied to Google services, and since we cut them out, applications will either work with failures, or at all will not start. To solve this problem, we will use the developments of the microG project.
We put microG
MicroG is a project that is developing a set of APIs that emulate Google mobile services (GmsCore). The developer plans to implement a lightweight replacement for open source Google services. However, we are interested in it because it has a Maps API (access to Google maps), a Location Provider API (a geolocation service based on cell towers and Wi-Fi networks) and a fake Google Play market, that is, all those components from in the absence of which software that depends on Google services may fail.
Installing microG is very easy, just download and install the GmsCore.apk and FakeStore.apk packages. In addition, you will need one or more UnifiedNlp plugins, which are required to correctly locate the device indoors. All of them can be found in F-Droid under the UnifiedNlp keyword.
I recommend installing the following:
If you want to be able to log into your Google account and enable the Google Cloud Messaging service that depends on it (these are push notifications that are used, for example, by Pushbullet), then you need to follow five more steps:
Bringing up your personal Dropbox
Unlinking a smartphone from Google is only half the battle. We also need to find a convenient and secure way to store files. The days of local storage like SD cards are long gone, and trusting your data to cloud services like Dropbox is not a far-sighted decision. Therefore, I propose to raise your personal Dropbox, since it is very, very simple to do this.
The only thing you need is a Linux machine that will be online at least during the day. An old home computer or the cheapest virtual server on Amazon or any other cloud will do. You can also use one of the ownCloud hostings, many of which offer free options. But let's stop all the same on a personal server.
Let's say we have an Ubuntu machine. To set up your personal Dropbox on it, you just need to install Docker, and then raise ownCloud in it:
sudo apt-get update sudo apt-get install docker.io sudo docker run --restart = always --name owncloud -p 80:80 -p 443: 443 -d l3iggs / owncloud
Now go to the address https: // machine_address / owncloud, drive in the administrator's name and password (you have to come up with them yourself) and click the Finish Setup button. Our personal Dropbox is ready to use. If this is a virtual host on Amazon, then you can already access it over IP, but if it is a home machine, then you will have to configure port forwarding on your home router.
In order not to drive in IP by hand and get rid of the problem of changing the IP of a home router, we will create a free dynamic domain. To do this, just go through a simple registration procedure at freedns.no-ip.com and add a new domain, it will have a name like blablabla.ddns.net. Further, if you have raised ownCloud on your home server, and DD-WRT is installed on the router, go to the router through the browser (192.168.1.1), then Setup -> DDNS , select No-IP.com in the drop-down list, enter your username and password to no-ip.com and the domain name, then the Save button. In routers with other firmware, the configuration method will be different.
Registering a dynamic domain on no-ip.com
If the router does not allow using dynamic DNS or the server is located on Amazon, you can hard-code the server's IP address when creating a domain. Naturally, it will have to be changed every time the IP address is changed.
OwnCloud has an official open source application to sync files with your smartphone. It can be found both in F-Droid and in the Play Store, and if in the first case you get it for free, then in the second you will have to pay 30 rubles. Just install the client via F-Droid, type in the server address in the format https: // address / owncloud, your username and password, and you're done. The functionality of the application is exactly the same as that of Dropbox, that is, the ability to view, receive and upload files with automatic upload of photos and videos (enabled in the settings).
OwnCloud app settings.
OwnCloud also has desktop clients for Windows, Linux or OS X. All of them can be downloaded from the official website.
INFO
If you don't want to bother installing ownCloud, you can use the MEGA cloud as a compromise. Their client uses client-side encryption, which means it will be much more difficult for company employees to see your data.
Synchronizing contacts and calendar
In addition to the market and a bunch of useless Google software, we also lost the most convenient function for synchronizing contacts and calendars. Fortunately, we can now get back contacts and calendar very quickly and easily. OwnCloud, which we installed in the previous step, has this functionality, but you have to connect a couple of plugins.
We go to ownCloud through the browser, find the Files menu in the upper left corner, click, then click on the plus sign. Select Not Enabled from the menu and look for the Calendar and Contacts plugins. Click Enable under each of them.
Install the DAVdroid application from the F-Droid on your smartphone (by the way, it costs $ 2 in the Play Store).
Next, open "Settings -> Accounts -> Add account", select DAVdroid, then "Login via URL with username" and type in the address http://server_address/remote.php/carddav/, name and password of ownCloud. This is for syncing contacts. Calendar synchronization Setting up is the same, but the address will be a little different: http://server_address/remote.php/caldav/.
Set up synchronization of contacts and calendar.
Restricting applications in permissions
By this time, we should already have a smartphone completely untethered from Google and other companies with its own cloud drive and synchronization of contacts and calendar. But third-party apps will still be able to send our data and location to third parties. Therefore, we need some kind of mechanism for revoking permissions from applications.
CyanogenMod has such a mechanism built in and is available in the
"Settings -> Privacy -> Protected Mode" menu.
Moreover, it works in two modes. Firstly, any application can be denied access to your personal data (contacts, messages, call log). Instead, they will receive random data that has nothing to do with you. You can activate this function by simply tapping on the application name in the list (the lock icon will change color).
Protected Mode Settings in CyanogenMod.
Secondly, any application can revoke any privileges, including the ability to access the Internet, to the camera, and location. To do this, you just need to find the application in the list and hold your finger on it for a long time. The revocation interface appears. However, it should be borne in mind that this mechanism differs from the similar function in Android 6.0 and may lead to the application crash.
Authorization revocation mechanism.
Those who remained on the stock will have to contrive, because the implementation of the revocation system, although available as a separate application, requires the installation of the Xposed framework, with different versions of it for different versions of Android. Next, launch the installer, open the "Framework", click "Install / Update" and reboot.
Starting with Android 5.0, things are a little more complicated. First, the installer itself must be downloaded from the XDA. Secondly, you need to get a ZIP file from there: xposed-v75-sdk21-arm.zip for smartphones based on Android 5.0 and ARM, xposed-v75-sdk22-arm.zip for Android 5.1, and so on. This ZIP file needs to be flashed using TWRP in the same way as CyanogenMod from the corresponding section above. Well, then install Xposed itself.
After installation, launch the Xposed installer, open the Download section and look for the Xprivacy module, install and reboot. Launch Xprivacy and revoke permissions from the required applications. The principle is the same as in CyanogenMod.
Tor, untracked browser and ad blocker
For additional privacy protection, you can install the Orbot app from F-Droid. This is the Android version of Tor, with root privileges it can wrap all traffic going out into Tor in general. Also, a good solution would be to install the AdAway ad blocker and the Ghostery browser, which blocks JS inserts that track users on sites and uses the default DuckDuckGo search engine.
Conclusions
It is very difficult to maintain privacy in the modern world. Every fifth application from the market tries to send your data to incomprehensible servers, every third website sets cookies and asks for your location. However, by strictly following the instructions in this article, you can make yourself almost invisible, and the price for this is just the loss of Google Now and the official app store.
- Start
- Getting ready
- The first way. We use the drain
- The second way. Install CyanogenMod
- We put an alternative market
- We put microG
- Bringing up your personal Dropbox
- Synchronizing contacts and calendar
- Restricting applications in permissions
- Tor, untracked browser and ad blocker
- Conclusions
You leave the entrance, squint against the sun, and you already receive a message on your phone. This is Google, it knows exactly where you are going and politely prompts the transport schedule. Wait, here's another message: "Schedule of flights to St. Petersburg." Indeed, yesterday you were looking for a cheap ticket, Google knows that too. He even knows that today you are going to the movies, that is what you discussed in Hangouts. Google's intelligence and knowledge of users has long been a surprise, but is its dubious privacy concern worth it?
Start
We are being watched, I do not recognize ordinary guys - school, home, institute.
When this song of the MultFilmy group was still played on Nashe Radio, the world was completely different. Smartphones did not exist as a class, the Internet was not available to everyone, and most had to use a dial-up modem, which not only slowed down insanely, but also occupied the telephone line. There were two years before the launch of Facebook, five years before the announcement of the Apple iPhone, and the idea of an Android startup was just maturing in Andy Rubin's head.
The idea that in ten years' time all of our digital information, including location, preferences, personal photos and documents, would be available in real time to large corporations was more like an Orwellian dystopia than a future. Nevertheless, today we have what we have: Google, together with Apple and Facebook, track all our movements, they know our name, surname, addresses of residence and work, all our passwords, credit card numbers, "see" our photos, can guess our preferences on a particular day of the week, they know what we eat, drink, who we sleep with, in the end.
Corporations are 100% infiltrated into our lives and want to infiltrate another 110%. This is true and it cannot but depress. Fortunately, we still have freedom of choice, and we don't have to trust our lives to a bunch of companies. Google sells us smartphones for next to nothing in order to get hooked on its services, and we will turn Google's weapon against it.
Getting ready
In this article, I will show you how, using very simple manipulations, to turn an Android smartphone from a "google probe" into a device that will be completely invisible to Google and other companies. We will have access to an anonymous app store, file synchronization with our own Dropbox, the contents of which are inaccessible to anyone but us, synchronization of contacts and calendar with our own service and, of course, an anonymous web browser, as well as a system for protecting personal data from applications. which we cannot trust.
Almost any Android smartphone will work, but you can make your life a lot easier by purchasing one of the Nexus smartphones. Their plus is the unlocked bootloader and the use of pure Android without manufacturer's bookmarks. The Google Play edition is also a good choice, but as I said, just about anything will do. Our first task is to free this smartphone from all Google software, including the market, mechanisms for logging into a Google account, synchronization services and other components, as well as bookmarks and synchronization tools provided by the smartphone manufacturer.
And here we have two ways: we can either clean the existing firmware, or install CyanogenMod instead. The second method is much more preferable, it is simpler and allows you to get a completely clean system in just a few minutes. Therefore, I recommend going the first way only if there are obvious obstacles to installing CM, for example, there is no CyanogenMod port for this model, or unlocking the bootloader is impossible (it is very rare in modern devices). In any case, we will consider both ways, and you can choose the most suitable one for you personally.
INFO
You can check the availability of the CyanogenMod port for your device on w3bsit3-dns.com. Just find a topic dedicated to your model and go to the "Firmware" section. Be careful: the port may be crooked or incomplete.
The first way. We use the drain
So you decided to stay on stock. The action plan is as follows:
- We get root.
- We remove all Google applications.
- We clear the firmware from the manufacturer's services.
Root
The most non-trivial moment. There is no universal and effective method for getting root rights for all smartphones, so you have to try different tools and hope for a successful result.
The easiest option is to use one of the "unlicker" applications for Android that allow you to get root rights in one click / tap. The most popular apps in this family are Framaroot and Kingo Root. The first has established itself as a stable tool, but does not work for all versions. The second one often fails, but, according to the developers, it is capable of ruining almost any version of the OS.
The original is uploaded to Yandex Disk - https://yadi.sk/i/xbiKE_NuFDE3jw
The content of the article
- Start
- Getting ready
- The first way. We use the drain
- The second way. Install CyanogenMod
- We put an alternative market
- We put microG
- Bringing up your personal Dropbox
- Synchronizing contacts and calendar
- Restricting applications in permissions
- Tor, untracked browser and ad blocker
- Conclusions
You leave the entrance, squint against the sun, and you already receive a message on your phone. This is Google, it knows exactly where you are going and politely prompts the transport schedule. Wait, here's another message: "Schedule of flights to St. Petersburg." Indeed, yesterday you were looking for a cheap ticket, Google knows that too. He even knows that today you are going to the movies, that is what you discussed in Hangouts. Google's intelligence and knowledge of users has long been a surprise, but is its dubious privacy concern worth it?
Start
We are being watched, I do not recognize ordinary guys - school, home, institute.
When this song of the MultFilmy group was still played on Nashe Radio, the world was completely different. Smartphones did not exist as a class, the Internet was not available to everyone, and most had to use a dial-up modem, which not only slowed down insanely, but also occupied the telephone line. There were two years before the launch of Facebook, five years before the announcement of the Apple iPhone, and the idea of an Android startup was just maturing in Andy Rubin's head.
The idea that in ten years' time all of our digital information, including location, preferences, personal photos and documents, would be available in real time to large corporations was more like an Orwellian dystopia than a future. Nevertheless, today we have what we have: Google, together with Apple and Facebook, track all our movements, they know our name, surname, addresses of residence and work, all our passwords, credit card numbers, "see" our photos, can guess our preferences on a particular day of the week, they know what we eat, drink, who we sleep with, in the end.
Corporations are 100% infiltrated into our lives and want to infiltrate another 110%. This is true and it cannot but depress. Fortunately, we still have freedom of choice, and we don't have to trust our lives to a bunch of companies. Google sells us smartphones for next to nothing in order to get hooked on its services, and we will turn Google's weapon against it.
Getting ready
In this article, I will show you how, using very simple manipulations, to turn an Android smartphone from a "google probe" into a device that will be completely invisible to Google and other companies. We will have access to an anonymous app store, file synchronization with our own Dropbox, the contents of which are inaccessible to anyone but us, synchronization of contacts and calendar with our own service and, of course, an anonymous web browser, as well as a system for protecting personal data from applications. which we cannot trust.
Almost any Android smartphone will work, but you can make your life a lot easier by purchasing one of the Nexus smartphones. Their plus is the unlocked bootloader and the use of pure Android without manufacturer's bookmarks. The Google Play edition is also a good choice, but as I said, just about anything will do. Our first task is to free this smartphone from all Google software, including the market, mechanisms for logging into a Google account, synchronization services and other components, as well as bookmarks and synchronization tools provided by the smartphone manufacturer.
And here we have two ways: we can either clean the existing firmware, or install CyanogenMod instead. The second method is much more preferable, it is simpler and allows you to get a completely clean system in just a few minutes. Therefore, I recommend going the first way only if there are obvious obstacles to installing CM, for example, there is no CyanogenMod port for this model, or unlocking the bootloader is impossible (it is very rare in modern devices). In any case, we will consider both ways, and you can choose the most suitable one for you personally.
INFO
You can check the availability of the CyanogenMod port for your device on w3bsit3-dns.com. Just find a topic dedicated to your model and go to the "Firmware" section. Be careful: the port may be crooked or incomplete.
The first way. We use the drain
So you decided to stay on stock. The action plan is as follows:
- We get root.
- We remove all Google applications.
- We clear the firmware from the manufacturer's services.
Root
The most non-trivial moment. There is no universal and effective method for getting root rights for all smartphones, so you have to try different tools and hope for a successful result.
The easiest option is to use one of the "unlicker" applications for Android that allow you to get root rights in one click / tap. The most popular apps in this family are Framaroot and Kingo Root. The first has established itself as a stable tool, but does not work for all versions. The second one often fails, but, according to the developers, it is capable of ruining almost any version of the OS.
Kingo root.
Try them first. It didn't work - we are looking for our smartphone on w3bsit3-dns.com and see how to get root on this device. There are practically no “unbreakable” smartphones, so you will surely find the right tool.
Unlink from Google
With root, removing Google apps from your smartphone is as easy as shelling pears. To do this, you just need to delete a few files from directories /system/appand /system/priv-app, a few files from /system/frameworkand a set of low-level libraries from /system/lib. I could give a list here, but it differs from version to version, so I'll tell you about a very simple and universal way to find out the correct list of files.
Open the Open GApps page, select the GApps package for our Android version, select the platform (ARM, ARM64, x86) and press the red button to download. Open the resulting ZIP in any file manager. What is in systemis the files that we need to delete from the smartphone. This can be done using any root-enabled file manager. For example, Root Explorer.
Google Apps in File Manager.
At the end of the operation, be sure to perform a factory reset (Settings -> Restore and reset -> Reset settings), otherwise you will get tired of the errors that appear on the screen.
Disconnect from vendor services
This is much more difficult. There are many smartphone manufacturers, and the implementation of synchronization mechanisms with services can be very different even in different firmware versions of the same vendor. Therefore, the best you can do is simply not register an account with the vendor (if possible).It is also worth looking for recipes for disabling services on specialized forums. Often, users share such information and if there is a way, you will probably find it.
The second way. Install CyanogenMod
This option is good because, in addition to a clean firmware, in most cases we will also receive an updated version of Android with bug fixes and closed vulnerabilities. You will have to pay for this by having to unlock the bootloader. Fortunately, most manufacturers allow you to do this using an online service, or rather a digital key that you can get with it. Moreover, the bootloaders of Nexus smartphones and almost all Chinese smartphones (including Xiaomi, ZTE and OnePlus) are unlocked by default, or rather locked without using a digital key, and Samsung devices can be unlocked using their own CROM Service application.
In any case, you need ADB and fastboot tools from the Android SDK to install CyanogenMod on any device. The easiest way to install them on Windows is with a custom installer. It will install the necessary drivers, as well as the fastboot and ADB we need. On Linux, the same task is accomplished by installing the android-sdk-platform-tools or android-sdk-tools package, depending on the distribution. No drivers needed.
Fastboot and ADB installer.
Next, we need to find a custom recovery console for our smartphone. TWRP is best suited for this role. We go to the official website and look for your device. In the Download Links section we find the download link and get the file. If we could not find TWRP on the official website, we go through the forums in search of an unofficial version. It is almost always there, if not TWRP, so ClockworkMod.
Now you can unlock the bootloader and flash TWRP. Samsung owners must first install the CROM Service application from the local market and unlock the bootloader through it. Next, turn on "Debugging by ADB": "Settings -> About phone" -> five tapes by "Build number".
Next, "Settings -> For Developers -> Debug Mode".
We connect the smartphone using a USB cable to the computer and execute the command (Linux users substitute in front of this and all subsequent commands sudo)
adb devicesIf everything is configured correctly, at this moment the smartphone should show a debug request on the screen, we agree. Next, we reboot the smartphone into fastboot mode: Perhaps, after that, a menu will appear on the smartphone screen, with which you need to manually select fastboot (navigation - volume keys, Enter - power button). Next, HTC owners go to HTCDev, and Sony owners go to developers.sonymobile.com. In either case, you need to select your device and simply enter the fastboot commands indicated in the instructions, usually there are two of them: one to obtain a digital device key, the second to unlock the bootloader.adb reboot bootloader
Owners of Nexuses and Chinese devices don't go anywhere, they just do this:
Code:
fastboot oem unlockFurther, in all cases, you can flash TWRP and reboot:
fastboot flash recovery file_twrp.img fastboot continue
Now we need to find the CyanogenMod build for our device. All official builds are available at download.cyanogenmod.org . We just drive the device name into the search bar on the page and download the last one. Can't find an official port - it doesn't matter, go to the forums and look for an unofficial one. Please note that you need a ZIP file, firmware in other formats will not work.
The last step is to transfer the firmware to the device's memory card and reboot it into recovery mode:
Code:
adb reboot recoveryWhen the TWRP interface appears on the screen, click Install, select the firmware file and move the slider labeled Swipe to Confirm Flash. After rebooting, you should get a clean CyanogenMod.
We put an alternative market
We now have a clean or near-clean firmware that does not contain Google components at all. But how to install software without the Play Market? There are several alternatives for this:
- F-Droid is an open source software store. It has a little more than a thousand applications, but all of them are open source, which means that by definition they do not contain backdoors and malicious code. In addition, in F-Droid you can find software that for one reason or another has been removed from Google Play, the same ad blocker AdAway.
- 1Mobile is one of the most famous and complete app stores, contains almost all free apps from Google Play and does not require an account. Recently, it allows you to download cracked paid software (of course, for free).
- Amazon Undeground is a one-stop shop for Amazon apps, books, music and movies. The software is much smaller than in Google Play, but every day one of the paid applications can be downloaded for free. Well, keep in mind that by installing this store, you are actually transplanting yourself from the Google needle to the Amazon needle.
F-Droid in person.
These three stores should be quite enough to comfortably exist without a Google store (they do not conflict with each other), however, there is one problem: many applications are tied to Google services, and since we cut them out, applications will either work with failures, or at all will not start. To solve this problem, we will use the developments of the microG project.
We put microG
MicroG is a project that is developing a set of APIs that emulate Google mobile services (GmsCore). The developer plans to implement a lightweight replacement for open source Google services. However, we are interested in it because it has a Maps API (access to Google maps), a Location Provider API (a geolocation service based on cell towers and Wi-Fi networks) and a fake Google Play market, that is, all those components from in the absence of which software that depends on Google services may fail.
Installing microG is very easy, just download and install the GmsCore.apk and FakeStore.apk packages. In addition, you will need one or more UnifiedNlp plugins, which are required to correctly locate the device indoors. All of them can be found in F-Droid under the UnifiedNlp keyword.
I recommend installing the following:
- GSMLocationNlpBackend - geolocation based on cell towers based on OpenCellID;
- MozillaNlpBackend - geolocation by cell towers and Wi-Fi networks using the Mozilla Location Service;
- OpenBmapNlpBackend is an analogue of openBmap's Mozilla service.
If you want to be able to log into your Google account and enable the Google Cloud Messaging service that depends on it (these are push notifications that are used, for example, by Pushbullet), then you need to follow five more steps:
- Install Xposed (more on that below) and the FakeGApps module.
- Install GsfProxy.
- Enable login and push notification options (Enable device checkin and Enable Google Cloud Messanging) in microG.
- Reboot.
- Add your Google account by standard means: "Settings -> Accounts -> Add account".
Bringing up your personal Dropbox
Unlinking a smartphone from Google is only half the battle. We also need to find a convenient and secure way to store files. The days of local storage like SD cards are long gone, and trusting your data to cloud services like Dropbox is not a far-sighted decision. Therefore, I propose to raise your personal Dropbox, since it is very, very simple to do this.
The only thing you need is a Linux machine that will be online at least during the day. An old home computer or the cheapest virtual server on Amazon or any other cloud will do. You can also use one of the ownCloud hostings, many of which offer free options. But let's stop all the same on a personal server.
Let's say we have an Ubuntu machine. To set up your personal Dropbox on it, you just need to install Docker, and then raise ownCloud in it:
sudo apt-get update sudo apt-get install docker.io sudo docker run --restart = always --name owncloud -p 80:80 -p 443: 443 -d l3iggs / owncloud
Now go to the address https: // machine_address / owncloud, drive in the administrator's name and password (you have to come up with them yourself) and click the Finish Setup button. Our personal Dropbox is ready to use. If this is a virtual host on Amazon, then you can already access it over IP, but if it is a home machine, then you will have to configure port forwarding on your home router.
In order not to drive in IP by hand and get rid of the problem of changing the IP of a home router, we will create a free dynamic domain. To do this, just go through a simple registration procedure at freedns.no-ip.com and add a new domain, it will have a name like blablabla.ddns.net. Further, if you have raised ownCloud on your home server, and DD-WRT is installed on the router, go to the router through the browser (192.168.1.1), then Setup -> DDNS , select No-IP.com in the drop-down list, enter your username and password to no-ip.com and the domain name, then the Save button. In routers with other firmware, the configuration method will be different.
Registering a dynamic domain on no-ip.com
If the router does not allow using dynamic DNS or the server is located on Amazon, you can hard-code the server's IP address when creating a domain. Naturally, it will have to be changed every time the IP address is changed.
OwnCloud has an official open source application to sync files with your smartphone. It can be found both in F-Droid and in the Play Store, and if in the first case you get it for free, then in the second you will have to pay 30 rubles. Just install the client via F-Droid, type in the server address in the format https: // address / owncloud, your username and password, and you're done. The functionality of the application is exactly the same as that of Dropbox, that is, the ability to view, receive and upload files with automatic upload of photos and videos (enabled in the settings).
OwnCloud app settings.
OwnCloud also has desktop clients for Windows, Linux or OS X. All of them can be downloaded from the official website.
INFO
If you don't want to bother installing ownCloud, you can use the MEGA cloud as a compromise. Their client uses client-side encryption, which means it will be much more difficult for company employees to see your data.
Synchronizing contacts and calendar
In addition to the market and a bunch of useless Google software, we also lost the most convenient function for synchronizing contacts and calendars. Fortunately, we can now get back contacts and calendar very quickly and easily. OwnCloud, which we installed in the previous step, has this functionality, but you have to connect a couple of plugins.
We go to ownCloud through the browser, find the Files menu in the upper left corner, click, then click on the plus sign. Select Not Enabled from the menu and look for the Calendar and Contacts plugins. Click Enable under each of them.
Install the DAVdroid application from the F-Droid on your smartphone (by the way, it costs $ 2 in the Play Store).
Next, open "Settings -> Accounts -> Add account", select DAVdroid, then "Login via URL with username" and type in the address http://server_address/remote.php/carddav/, name and password of ownCloud. This is for syncing contacts. Calendar synchronization Setting up is the same, but the address will be a little different: http://server_address/remote.php/caldav/.
Set up synchronization of contacts and calendar.
Restricting applications in permissions
By this time, we should already have a smartphone completely untethered from Google and other companies with its own cloud drive and synchronization of contacts and calendar. But third-party apps will still be able to send our data and location to third parties. Therefore, we need some kind of mechanism for revoking permissions from applications.
CyanogenMod has such a mechanism built in and is available in the
"Settings -> Privacy -> Protected Mode" menu.
Moreover, it works in two modes. Firstly, any application can be denied access to your personal data (contacts, messages, call log). Instead, they will receive random data that has nothing to do with you. You can activate this function by simply tapping on the application name in the list (the lock icon will change color).
Protected Mode Settings in CyanogenMod.
Secondly, any application can revoke any privileges, including the ability to access the Internet, to the camera, and location. To do this, you just need to find the application in the list and hold your finger on it for a long time. The revocation interface appears. However, it should be borne in mind that this mechanism differs from the similar function in Android 6.0 and may lead to the application crash.
Authorization revocation mechanism.
Those who remained on the stock will have to contrive, because the implementation of the revocation system, although available as a separate application, requires the installation of the Xposed framework, with different versions of it for different versions of Android. Next, launch the installer, open the "Framework", click "Install / Update" and reboot.
Starting with Android 5.0, things are a little more complicated. First, the installer itself must be downloaded from the XDA. Secondly, you need to get a ZIP file from there: xposed-v75-sdk21-arm.zip for smartphones based on Android 5.0 and ARM, xposed-v75-sdk22-arm.zip for Android 5.1, and so on. This ZIP file needs to be flashed using TWRP in the same way as CyanogenMod from the corresponding section above. Well, then install Xposed itself.
After installation, launch the Xposed installer, open the Download section and look for the Xprivacy module, install and reboot. Launch Xprivacy and revoke permissions from the required applications. The principle is the same as in CyanogenMod.
Tor, untracked browser and ad blocker
For additional privacy protection, you can install the Orbot app from F-Droid. This is the Android version of Tor, with root privileges it can wrap all traffic going out into Tor in general. Also, a good solution would be to install the AdAway ad blocker and the Ghostery browser, which blocks JS inserts that track users on sites and uses the default DuckDuckGo search engine.
Conclusions
It is very difficult to maintain privacy in the modern world. Every fifth application from the market tries to send your data to incomprehensible servers, every third website sets cookies and asks for your location. However, by strictly following the instructions in this article, you can make yourself almost invisible, and the price for this is just the loss of Google Now and the official app store.
