privacy on android

>os by Google

How about using VPN software to force all traffic from your android through a computer of your choosing?

You could set up a linux box with a custom firewall and a dns resolver, or something.

>>59519275
good idea anon. that wouldn't stop apps from collecting data about you though, would it? if i understand it correctly, it would just get sent to them from the home server instead of from wherever you are

>>59519666
It wouldn't stop apps collecting data, no.

Depending on how tight your firewall is, you could stop apps contacting servers you don't want them to contact and using protocols you don't want them to use.

You'll have to understand what'd going on at the protocol level to do all that though.

Me, I'd just let http/https traffic through, as well as whatever ports my instant messanger used.
(Do we still call them instant messangers these days?)

>>59519790
>implying their tracking APIs aren't on port 80 or 443
smarten up.

File: maxresdefault.jpg (35KB, 1280x720px) Image search: [Google]

35KB, 1280x720px

>>59518509
Throw the phone into the trash and never look back if you want actual privacy.

Let's go through some what ifs...

Even if you can root, you'll still have CarrierIQ and apps like it which are dug into your kernel and possibly the bootloader. Even if you can unlock the bootloader and flash a custom OS, there are even more problems. You have to deal with non-free secondary bootloaders in some Samsung and HTC phones that don't use the Qualcomm one. Even lower you have the cellular modem running non-free baseband software. This connects you to cell networks and if it's not properly isolated, it can allow an attacker to access your cameras, mics, speakers, or any other hardware that isn't isolated. Proper modem hardware isolation means that the modem talks to the CPU, which talks to the kernel, which talks to a hardware abstraction layer, which talks to the devices. Otherwise the modem talks straight to the devices which is VERY bad. Because the modem hardware and baseband software are closed off blackboxes in nearly every smartphone, it is impossible to verify that it's not malicious or insecure. Then there's the first bootloader that could also be doing funny stuff with the cellular modem since it's usually what initializes it. This is always a closed off blackbox as well. Most of these bootloaders vary greatly from device to device making them hard to study and compare. Finally, you reach the bottom of the shitheap: the bootROM. It's write protected flash that boots the SoC and verifies and starts the first bootloader. Since most people who have tried to hack bootROMs don't have specilized equipment, the best they've gotten is USB dumps after purposefully crashing it, which give little information. More impenetrable blackboxes. Therefore it is impossible to have a secure phone due to like 75% of the bootchain being unverifiable.

Android boot chain for reference:

>bootROM > primary bootloader/baseband > secondary bootloader > kernel > Android