| ▲ | electric_muse 3 days ago |
| I just bought a pixel from best buy to install gos, which was an ordeal. At checkout they looked at me like I was up to no good when I said I didn’t want to give them my name, address, and phone number just to purchase the device. I didn’t set up a plan. They said it was for “restocking” or something. Fortunately they accepted obviously fake info. These front line sales people just don’t care as long as they can say they followed the policy. The user containers are very helpful. I have to have TikTok for work and I put it in a container all by itself with a vpn on kill switch. And for one app that needs google play services, I have it a container with that. The duress passcode is super clever, too. You enter a different device passcode and it just wipes the device. |
|
| ▲ | vid 2 days ago | parent | next [-] |
| Obviously avoiding surveillance can be a bigger red flag than being surveilled. I use a google account for convenience for some purposes, and host my own email (out of principle, not exactly super interesting material). It would be nice if when I enter the 'duress' password it erased everything except the gmail related activity. |
|
| ▲ | drnick1 2 days ago | parent | prev | next [-] |
| I recently bought a Pixel from a Google store and wasn't asked any personal information. I installed Graphene right away and the phone just works. I use FOSS apps obtained on F-Droid and don't bother with sandboxed Google Play and all that. For me that kind of defeats the point of a FOSS OS. |
| |
| ▲ | tranq_cassowary a day ago | parent | next [-] | | Sandboxed Google Play doesn't really defeat the point of GrapheneOS. Not wanting to use Google Play or any proprietary Google services is perfectly valid, for all clarity. But, it's just important to note that for people that heavily use Google services, the advantage of using those on GrapheneOS instead of on a GMS-licensing OS is very high. The GMS-licensing OS will bundle the Google Mobile Services (Google suite off apps, Google Play, ...) in a privileged way. They won't be treated as regular apps, as is the case on GrapheneOS, but will have invasive access on your phone. In general, GrapheneOS' many hardening and privacy features allow you to have a better grasp on privacy-invasive apps. | |
| ▲ | mewse-hn 2 days ago | parent | prev | next [-] | | > I recently bought a Pixel from a Google store and wasn't asked any personal information. A physical pop-up? The online google store requires a google account that has your personal info already.. | |
| ▲ | throitallaway 2 days ago | parent | prev | next [-] | | Yeah, I'm just worried about the future of this with the AOSP and "sideloading" changes that Google is making to Android. | | |
| ▲ | tranq_cassowary a day ago | parent [-] | | The planned sideloading instructions only apply to certified OSes. GrapheneOS is not certified because it doesn't bundle privileged Google Mobile Services. |
| |
| ▲ | madmads 2 days ago | parent | prev [-] | | That was my experience too. Up and running in 30 minutes, I was quite surprised |
|
|
| ▲ | pndy 2 days ago | parent | prev | next [-] |
| > (...) my name, address, and phone number just to purchase the device That's a thing in the US? Here, clerks in various stores ask me for postal code but nothing else and I could refuse giving that info. |
|
| ▲ | glitchc 2 days ago | parent | prev | next [-] |
| Did you pay cash? If not, you already gave them your real name and info. |
| |
| ▲ | pabs3 2 days ago | parent [-] | | ... and did you get the cash from an ATM? or other source that tracks serial numbers? | | |
| ▲ | pbmonster 2 days ago | parent [-] | | Do you think Best Buy assigns cash serial numbers to individual products they sold, by default, always? How would they even do that? As part of the machine that checks for counterfeit notes? They don't always use that, right? | | |
| ▲ | alt227 2 days ago | parent [-] | | > Do you think Best Buy assigns cash serial numbers to individual products they sold, by default, always? No but when you took that cash out of an ATM, it logged the serial numbers on the bills it gave you. Then when Best Buy deposited that cash at the bank they again scanned that serial number and can make an assumption that you spent that money at Best Buy. What that information is used for, who knows? But the flow of cash is definitely logged somewhere, for some reason! | | |
| ▲ | vid 2 days ago | parent | next [-] | | I'd never thought of ATMs scanning the serial numbers of cash, but that makes sense. However, and maybe this isn't leading practice, but stores just seem to put cash in a collective cash drawer, so they can't exactly tell what cash was used for what (though cash purchase would be rare these days). Are there regulations around logging serial numbers now? | |
| ▲ | glitchc a day ago | parent | prev | next [-] | | Commercial banks don't usually share consumer info with each other. Unless it's the same bank, they're probably safe. Plus, there's no way to obtain a network-connected SIM with cash, so all of this is moot. | |
| ▲ | pbmonster 2 days ago | parent | prev | next [-] | | Ah, but that is far less critical than having your name and device IMEI show up in some database by default! But yes, your bank could know you were at Best Buy, maybe. | | |
| ▲ | pabs3 a day ago | parent [-] | | The NSA's IMEI location logs will show you were at Best Buy at the time too. |
| |
| ▲ | godelski a day ago | parent | prev [-] | | You're over thinking it. You can determine this with much more available data, though you'd need to do this through aggregate. In one sense it is simpler, but in another sense it is more complex. If you have knowledge of a withdrawal and even a rough ball park of that amount, then you can probably determine it was a phone purchase. If you're a big company like Google or Facebook, you're going to be pretty good at that regardless of the prior knowledge (which then can be back inferred). The tracking is not just limited to what information your phone sends out but what information other devices get. It's good to mix up your fingerprints and all that, but this only goes so far. The social graph is a pretty critical tool for those doing the tracking, and that graph isn't just composed of other humans. Every device is constantly talking to every other device. Snoop on your radios and look at what they're doing. Things like WiFi and Bluetooth are constantly pinging things around you and this can be used for tracking if you know where certain MAC addresses are physically located. This won't work anymore, but like 15 years ago Samy Kamkar made a tool to do exactly that[0], because while they were mapping the streets they also recorded all the SSIDs, MACs, and whatever else they could get. So if you have a device like a router that is constantly connecting to something that's saying it is a phone, and you can see that that device is at a location at specific hours and you can reidentify someone by that. Especially when a device that normally fit a pattern stops fitting that pattern. I mean some of this sounds crazy but I feel like 10 years ago we had more posts and conversations about things like [0]. Where people were doing things like tracking their friends' sleeping schedules[1], exploiting Facebook ads to microtarget and prank your friends[2], or spending $1k to geolocate your friends[3]. While it's become more difficult to exploit this information from the user side, the capabilities haven't gone away. They've only grown over the last decade and been placed behind more expensive walls. Funny enough, it is a time of the internet I missed. These things were fun, scary, motivating, and made us talk more openly about the implications of surveillance capitalism. We've only just become used to it, while the severity has significantly magnified. I mean when I deleted my Facebook account in like 2016/2017 I did a takeout and found that they accurately were able to geolocate my photos to where I was standing inside a specific room of my house, by aggregating the GPS information with the WiFi information (you have neighbors?). I feel like we need to bring these conversations back. But I'm not sure how best we do them while being productive and not turning towards apathy. No one's going to kill the beast overnight, but I want to stress that it's at least better to reduce exposure. Apathy tends to come from the interpretation that it is binary. You're either fucked or not, and we're only fucked. But there's a big difference between a floor covered in shit and being neck deep in shit. I don't want to be in either situation, but if I had to choose then that's a very easy situation. It's also easier to clean up. So I guess... can we get more people to start normalizing things like Signal and Firefox? Or pick some other tools, I don't care. But encrypted communications and non-chromium based browsers (sorry Brave and Opera) do a lot to help. At worst they send a signal to these big companies that we care. Maybe all they see is money, but they'll care about your privacy if it is more profitable than not caring. They go with the tides, even if they don't really believe it. So they can be reigned, but people mostly don't know how to send a signal. [0] https://sa.my/androidmap/ [1] https://medium.com/@sorenlouv/how-you-can-use-facebook-to-tr... [2] https://ghostinfluence.com/the-ultimate-retaliation-pranking... [3] https://www.wired.com/story/track-location-with-mobile-ads-1... |
|
|
|
|
|
| ▲ | codethief 3 days ago | parent | prev | next [-] |
| > The user containers are very helpful You mean different user accounts? Those are available on stock Android, too. |
| |
| ▲ | subscribed 3 days ago | parent | next [-] | | On GrapheneOS they're profiles. Pretty much the same as with the stock aosp, but they add very extensive support - like notifications forwarding and a perfect balance between security and convenience, 2FA with shorter pin. | | |
| ▲ | codethief 2 days ago | parent [-] | | > but they add very extensive support Huh, I didn't realize they had added additional functionality not present on stock Android. Thanks! | | |
| ▲ | electric_muse 2 days ago | parent [-] | | It's incredibly useful! I have one profile for the "social" apps I don't trust (TikTok, Reddit, etc.). They can commingle. And there's another profile that contains the apps that rely on Google Play Services (e.g. something relies on google maps). As far as I understand it, it's like a strong firewall between them such that they are pretty close to having multiple different phones. | | |
| ▲ | tranq_cassowary a day ago | parent | next [-] | | It's not really like having multiple phones. User profiles are a useful features, also for privacy, but they are not a privacy or security silver bullet. Within any given user profile, apps are sandboxes. An app can't peak into the contents or internal data of another app and can't access things it isn't given access to per the permissions. Despite not being able to peek into other apps, apps can use IPC to communicate with other apps bases on MUTUAL consent. User profiles (secondary profiles, private space) don't enhance this sandboxing. The apps already were sandboxed. What they do, though, is aid in isolation in a number of ways. The allow the use of a seperate VPN slot which can help split up identities, they restrict the IPC to communication with apps within that profile (not other profiles), they have separate clipboard, user data and non-global settings, they have distinct encryption keys and can be put at rest on demand without rebooting the phone (not possible for Owner profile). | |
| ▲ | rs186 2 days ago | parent | prev | next [-] | | I understand that you have a concern, but may I ask what you mena specifically by "trust", and how would profiles help? Is it about accessing phone data or something else? As far as fingerprinting goes, I don't think profiles matter -- they already know who you are and can associate you with data from other sources. | |
| ▲ | codethief 2 days ago | parent | prev [-] | | What about settings, though? Don't you have to set up each user profile separately? Also, what if you ever want to share a file across user profiles? | | |
|
|
| |
| ▲ | strcat 2 days ago | parent | prev | next [-] | | Yes, but a small subset of the GrapheneOS features are enhancements to user profiles and Private Space. We enable more of the standard user profile functionality that's usually not available (such as ending secondary user sessions or toggling them running the background) and add extra features such as notification forwarding. For Private Space, we enable making them in secondary users instead of only Owner and provide control over clipboard sharing instead of it always being shared with the parent profile (the user it's nested in). Our more prominent 2-factor fingerprint authentication feature is also relevant when switching between users a lot. | | |
| ▲ | shaky-carrousel 2 days ago | parent [-] | | The only thing I don't like from private space is that all notifications from apps inside private space are hidden. Wish that was configurable. I use private space for containerization, not to hide things. |
| |
| ▲ | a0sud0a8s 3 days ago | parent | prev | next [-] | | True, although on GrapheneOS, apps on different profiles can remain active when you switch and notifications can be sent to the primary profile if you choose. | |
| ▲ | ysnp 3 days ago | parent | prev [-] | | I think it depends on the Android distribution. I am not sure it is available on Samsung's One UI. | | |
| ▲ | gertop 3 days ago | parent [-] | | Multiple user is available on Samsung. Both multiple profiles as well as work profile. Samsung also has "secure folder" which isolates apps and files and presumably uses multiple users to do the isolation. | | |
| ▲ | strcat 2 days ago | parent | next [-] | | Secure folder is an older approach to what Android provides via the standard Private Space feature since Android 15. Private Space and work profiles are based on the same infrastructure as secondary users including per-profile encryption keys, although typically work profile management apps don't take advantage of it. | |
| ▲ | aucisson_masque 21 hours ago | parent | prev | next [-] | | last time I tried, my samsung phone couldn't use multiple profiles. it is a setting that has been disabled in oneUI since a few years. Don't ask me why. | |
| ▲ | ysnp 3 days ago | parent | prev [-] | | Apparently multiple user profiles is available on their tablets but not on their smartphones. |
|
|
|
|
| ▲ | dosshell 3 days ago | parent | prev [-] |
| > I have to have TikTok for work I'm sorry but what? Your job demands what apps you have installed on your PRIVATE phone!? |
| |
| ▲ | electric_muse 2 days ago | parent | next [-] | | Well, nobody's forced it, but my company publishes content on TikTok that drives customers, and I want to be able to see it myself. You'd be surprised how many CISOs and security workers are on TikTok. Edit: "experts" > "workers" | | | |
| ▲ | TranquilMarmot 3 days ago | parent | prev | next [-] | | I would assume for advertising/business account. There are things you can only do on the TikTok app that you can't do on the web. | |
| ▲ | ffsm8 2 days ago | parent | prev [-] | | All jobs I've had since the mid 2010s essentially did the same for me by requiring 2fa in certain contexts | | |
| ▲ | usr1106 2 days ago | parent | next [-] | | What kind of 2FA? I run OTP on my work laptop. Yes, it's maybe not really a 2nd factor if someone had access to my laptop with LUKS open. But at least I don't expect any automated attack because it's my own piece of code using an otp library. | | |
| ▲ | ffsm8 2 days ago | parent | next [-] | | One of the contexts is login to the laptop , would be pretty challenging to facilitate on device ;) Sadly, biometric authentication as 2fa is not sufficient for that. | |
| ▲ | zikduruqe 2 days ago | parent | prev [-] | | Same here. If someone is accessing my OTP codes from my laptop, I've got bigger problems to worry about. |
| |
| ▲ | carlmr 2 days ago | parent | prev [-] | | Only my most recent job is doing this. Before the job provided a phone for 2FA that I didn't use much outside of that. |
|
|
