I have just received a Samsung galaxy fold5 through the post, however I imagine it’s full of bloatware and I’m inexperienced with this type of device. What is the first things that you would do to secure it? Thank you 😊
Edit: I mean to be more privacy focused
I think you confuse security and privacy. Samsung are pretty secure from what I saw. They are not private at all however. You can debloat it with adb and maybe tools such as Universal Android Debloater.
There is a couple of guide such as this one: https://linustechtips.com/topic/1402380-ultimate-samsung-oneui-debloat-privacy-customization-guide/
Hey that’s me!
One thing I noticed is I never updated the app icon customization section. You don’t need Asapticons/Icon mixer. Themepark has an option to add custom icons now!
I can also post my De-Bloater config (root only)/list of apps (that can be used to disable them via ADB) I’ve removed when I update the post in a bit.
I’m still on Fold3/OneUI 5.1 but apps should be similar.
Thank you very much. You’re right there 👍
deleted by creator
I use FOSS applications as much as I can and try to avoid all samsung and google apps. In addition to that I’m always on pi-hole network to block background network requests by Samsung/Google
Some apps I use:
- k9-mail
- Zulip
- Nextcloud/Talk/Notes
- tasks.org
- Signal
- F-Droid
- Magic Earth
- NewPipe
- Keepass2Android
- Brave
- Collabora Office
Don’t think I’d actually recommend Brave to anyone, it’s definitely not as privacy focused as they claim.
deleted by creator
Problems with Brave
I pasted here the post by u/foamed [https://libreddit.oxymagnesium.com/u/foamed] at https://www.reddit.com/r/FoamList/comments/q4z5js/brave_browser_controversies/ [https://www.reddit.com/r/FoamList/comments/q4z5js/brave_browser_controversies/]
Some information about the co-founder & CEO of Brave, Brandon Eich [https://en.wikipedia.org/wiki/Brendan_Eich].
Controversial past and opinions:
- https://blog.mozilla.org/en/mozilla/brendan-eich-steps-down-as-mozilla-ceo/ [https://blog.mozilla.org/en/mozilla/brendan-eich-steps-down-as-mozilla-ceo/]
- https://www.theverge.com/2014/4/3/5579516/outfoxed-how-protests-forced-mozillas-ceo-to-resign-in-11-days [https://www.theverge.com/2014/4/3/5579516/outfoxed-how-protests-forced-mozillas-ceo-to-resign-in-11-days]
- https://www.bbc.com/news/technology-26868536 [https://www.bbc.com/news/technology-26868536]
- https://www.standard.co.uk/tech/mozilla-boss-brendan-eich-quits-in-row-over-his-opposition-to-gay-marriage-9237701.html [https://www.standard.co.uk/tech/mozilla-boss-brendan-eich-quits-in-row-over-his-opposition-to-gay-marriage-9237701.html]
- https://www.theguardian.com/technology/2014/apr/02/controversial-mozilla-ceo-made-donations-right-wing-candidates-brendan-eich [https://www.theguardian.com/technology/2014/apr/02/controversial-mozilla-ceo-made-donations-right-wing-candidates-brendan-eich]
Anti-vaxxer:
- https://www.nytimes.com/2020/12/22/business/brave-brendan-eich-covid-19.html [https://www.nytimes.com/2020/12/22/business/brave-brendan-eich-covid-19.html]
- @BrendanEich: “Fauci lies a lot.” - Dec 11, 2020 [https://twitter.com/BrendanEich/status/1337496169690230784]
- https://www.reddit.com/r/BATProject/comments/khmbvl/do_you_feel_that_brendan_should_step_back_from/ [https://www.reddit.com/r/BATProject/comments/khmbvl/do_you_feel_that_brendan_should_step_back_from/]
Eich pushed an anti-vaxx conspiracy on Twitter: https://twitter.com/BrendanEich/status/1538253982845399040 [https://twitter.com/BrendanEich/status/1538253982845399040] - If you look at the “source” it’s from a nutritionist who’s also a conspiracy nut. There are no verifiable and trusted sources.
Here are some controversies surrounding Brave and their browser over the past couple of years:
Privacy related:
- https://www.lifewire.com/brave-browser-falls-short-of-its-promises-of-privacy-5206799 [https://www.lifewire.com/brave-browser-falls-short-of-its-promises-of-privacy-5206799]
Brave automatically redirected searches to affiliate version of URL’s which Brave profits from:
- https://decrypt.co/31522/crypto-brave-browser-redirect [https://decrypt.co/31522/crypto-brave-browser-redirect]
- https://www.zdnet.com/article/privacy-browser-brave-busted-for-autocompleting-urls-to-versions-it-profits-from/ [https://www.zdnet.com/article/privacy-browser-brave-busted-for-autocompleting-urls-to-versions-it-profits-from/]
- https://www.theverge.com/2020/6/8/21283769/brave-browser-affiliate-links-crypto-privacy-ceo-apology [https://www.theverge.com/2020/6/8/21283769/brave-browser-affiliate-links-crypto-privacy-ceo-apology]
Brave collected donations on content creators behalf without consent:
- https://bitcoinist.com/brave-browser-donations-not-optional/ [https://bitcoinist.com/brave-browser-donations-not-optional/]
- https://www.theblockcrypto.com/daily/5839/brave-browser-is-collecting-donations-on-your-behalf-did-you-know [https://www.theblockcrypto.com/daily/5839/brave-browser-is-collecting-donations-on-your-behalf-did-you-know]
- https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-browser-no-longer-claims-to-fundraise-on-behalf-of-others-so-thats-nice/ [https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-browser-no-longer-claims-to-fundraise-on-behalf-of-others-so-thats-nice/]
Brave leaked Tor/Onion service requests through DNS:
- https://www.reddit.com/r/netsec/comments/lndfms/more_in_comments_brave_browser_leaks_your_tor/ [https://www.reddit.com/r/netsec/comments/lndfms/more_in_comments_brave_browser_leaks_your_tor/]
- https://github.com/brave/brave-browser/issues/13527 [https://github.com/brave/brave-browser/issues/13527]
- https://www.ghacks.net/2021/02/25/latest-brave-browser-update-fixes-tor-onion-dns-leak/ [https://www.ghacks.net/2021/02/25/latest-brave-browser-update-fixes-tor-onion-dns-leak/]
And this to some degree where they temporarily whitelisted certain Facebook and Twitter trackers without telling their users:
Sending unsolicited marketing mail to users, though Brave claim its all anonymous:
- https://twitter.com/sebmck/status/1531740563900448769 [https://twitter.com/sebmck/status/1531740563900448769]
- https://www.reddit.com/r/brave_browser/comments/t4gzuw/update_on_braves_ongoing_direct_mail_marketing/ [https://www.reddit.com/r/brave_browser/comments/t4gzuw/update_on_braves_ongoing_direct_mail_marketing/]
And if you want more, here’s some more. https://www.reddit.com/r/privacy/comments/v44vut/brave_browser_sending_unsolicited_marketing_mail/ [https://www.reddit.com/r/privacy/comments/v44vut/brave_browser_sending_unsolicited_marketing_mail/] that links this Twitter interaction: https://nitter.net/sebmck/status/1531740563900448769 [https://nitter.net/sebmck/status/1531740563900448769]
deleted by creator
Thankfully firefox is open source and has amazing community forks and configs like librewolf, mullvad, and arkenfox user.js. I personally don’t like to support the chromium monopoly, and firefox hardened is better on desktop hands down. Brave also shills crypto so much and makes money off ads so not a great look for a privacy browser.
deleted by creator
I do agree on many of your points and I used to use Brave before certain deal breakers. I personally have in addition mulch, cromite, and Privacy Browser for mobile so i can try different options. On desktop, gecko browser are much more comfortable, but i have the ungoogled chromium flatpak browser with ublock. Mozilla has a better track record than google for privacy and is big enough to have good security and updates, and often disallow features that would compromise privacy, that otherwise chromium accepts iirc.
…if you really have trouble finding stuff on how Brave is terrible for privacy, I’m gonna go out on a limb and say you have trouble reading. It’s known by most people that it’s a scam. They sold private user data to machine learning companies, they are predominantly a crypto company who has a browser, they are chromium based, etc
deleted by creator
look up controversies surrounding brave search.
deleted by creator
I mean, the company and the browser is one in the same.
Next level mental gymnastics
Google play services constantly send information to google, the only functional and degoogled rom Ive found is Grapheneos.
Samsung locks their bootloader, so flashing is neigh impossible on them as of late.
Good to know, although I’m unsure how a custom boot would handle the folding display
Or LineageOS without GSF
The real downside of brave is the cryptocrap. It is still optional. However the fact that it support the chromium monopoly is also a bad point.
What about supporting anti-lgbtq causes
If you don’t install software made from people that are not align with your ethics there are probably more than just brave.
That’s quite a list, thank you. I’ll try to implement them 👌
I can’t even find a custom or stock rom for it :/ You might not have picked the best phone for privacy my dude.
NetGuard is a good app to block internet access to apps you dont want connected to the web.
Use ADB to remove Google and Samsung bloatware and tracking. Ask around for help.
You should be able to use Heimdall to unlock the bootloader, but there isn’t currently a build of LineageOS or DivestOS for this phone, so unfortunately you cannot yet flash a custom ROM (AFAIK). However, rooting should work if you need this (although it can hurt your security a bit).
I’d recommend removing Google Play Services and replacing it with microG, although this may be complicated.
The best solution, however, is probably to exchange the phone for a more versatile model, such as a Google Pixel or a Fairphone.
While many devices don’t have ROMs built for them, any recent device should work with a GSI.
I just bought a tab s8, as I know Andy yan’s LineageOS 20 works on it from other users’ reports. I currently use it on my old tab 10.8 2019.
- Factory reset
- Setup but SKIP GOOGLE & SAMSUNG LOGIN
- Install F-Droid/Droid-ify
- Install Aurora Store
- Uninstall or disable as much default apps as you can
- Install Simple Mobile Tools or other opensource alternative from F-Droid
- Install everything else you need
Use openaource apps from fdroid, or if you really have to then use Aurora store. For office use collabora office, for youtube newpipe, video vlc, etc. NEVER LOG IN TO GOOGLE/SAMSUNG ACCOUNT ON ANY APP except Aurora store. For any other recommendation/alternative just aak me.
deleted by creator
Ok
these changes are going to decrease security overall. privacy and security are not one in the same. edit: I guess they edited the post🫠also, logging in to aurora is almost guaranteeing your account getting banned. use a throw away account if the default ones are rate limited
logging in to aurora is almost guaranteeing your account getting banned
Im using my main account on aurora store on 4 profiles for past month and everything is ok (for now).
@chaosppe speaking from my personal setup, I’d do all of these but personally my way to prevent as much data harvesting from Samsung phones I also installed Netguard and set only a handful of apps and exclude the rest (even system one) to stop all these Samsung apps from transmitting all types of data (Yes I know this may be somewhat extreme and I know the limitations of Netguard), but hey it’s just my recommendation but maybe you can take this as a possible starting ground
Send it back and get a Pixel.
Removed by mod
As a graphene user, let people use what they want
I’m 95% sure this one is a troll. They call themselves a boomer and then act like a petulant child. It’s gotta be a bit.
I did, and I really like it.
Imagine gatekeeping phones.
Removed by mod
Bro it’s a phone. Are you OK?
No when I’ve to deal with people like you. Corporation makes shit to sell and people like you buy it thinking its some sort of weird flex. Eventually leading to waste and climate change. Its not your fault, some people are not that bright so its okay. Whatever makes you happy.
complain about people buying a phone
recommend buying a phone from a specific brand
Jesus fucking christ. Touch some grass, for your own sanity.
Seriously. Lighten up.
Removed by mod
If that’s what you need, go for it. Maybe try to be less of a fucking asshole to random people on the internet. What’s wrong with you?