Just switched to a new phone carrier, and they had a promotion that included a free phone: the Google Pixel 8. I’m not a fan of Google, but I am a fan of free, so I took the bait.

It’s already bombarded me with pitches for their new AI bullshit. I’ve opted out of as much as the settings allow, but I’m under no illusion that doing so actually provides any real privacy.

So, damage control time.

On my previous device I used YouTube Vanced for music and videos, but I guess Vanced isn’t around anymore, and I’m pretty out of date on what the current options are… any insight on streaming specifically?

 

*I’m a medic who’s only surface-level competent with tech, so please idiot-proof any instructions.

Thanks all!

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    52
    arrow-down
    1
    ·
    edit-2
    7 months ago

    GrapheneOS can install on a unlocked pixel 8 no issues, your best step to degoogle yourself.

    https://grapheneos.org/install/web

    Reinstall the operating system, which will wipe your phone clean, then only install apps you want, including google services in a work profile (if you want), so you control what google can see or doesnt see.

  • TheFool@infosec.pub
    link
    fedilink
    arrow-up
    40
    ·
    7 months ago

    I‘m gonna be that guy and recommend GrapheneOS it is a different Android system and while that sounds like a really hard task to do for a beginner they have a really user friendly web-installer with step by step instructions. Adterwards you can just install and use google play store from their integrated app.

    It’s made specifically for Pixel phones and you can’t much more degoogle than that

    • ITGuyLevi@programming.dev
      link
      fedilink
      arrow-up
      7
      ·
      7 months ago

      I’m gonna be the guy seconding it. It actually makes it feel like your own device. My favorite part is how each time you go to install an app it asks you if the app should have network access before it ever installs.

  • SecurityPro@lemmy.ml
    link
    fedilink
    arrow-up
    14
    ·
    edit-2
    7 months ago

    Since it is a free phone from a carrier it will be locked until the phone is “paid off” by keeping their service for a specified amount of time. Once that time has passed, then your best option is to have the carrier unlock it and install Graphene OS. Until then, there is not much you can do.

  • Lem453@lemmy.ca
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    7 months ago

    Before jumping to a whole new os, there’s a few easy things you can do.

    FUTO keyboard instead of gboard

    Install F-Droid app store to replace Google apps with foss versions: aegis, amaze, fossify gallery, grayjay, kvaesitso etc

    Obtainium can pull lots of apps straight from github: Firefox, wireguard, OSS document scanner etc

    Use DDG or something instead of Google search

    These are the easiest things you can do.

    After that there is self hosting things on your own server like immich for Google photos, Seafile for Google Drive backups etc

    Just because you can’t replace everything does mean you can slowly chip away at it and greatly reduce the amount of data you are sharing with Google

    The above steps make a huge difference in their own even without fully changing the os. Then one day when you are ready the option to change OS to graphene will still be there and you will already be used to your FOSS apps

      • Lem453@lemmy.ca
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        7 months ago

        Never tried heliboard, I’ve been meaning to try it but you have to download the app, then add the swipe library then download futo voice to get all the same functionality that futo keyboard has. I’ve been meaning to do it but before I got to it futo released their keyboard that has it all in one

        • Tazerface@lemmings.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 months ago

          A couple of days ago I installed Futo’s keyboard, not bad. The swipe typing needs a lot of work but improving this is on their to-do list. Nice to have a keyboard where the swipe engine is not Google.

          I don’t use the built-in voice typing but the their voice input app. The large model is far more accurate and doesn’t take very long to process on a Pixel running GrapheneOS.

          • Lem453@lemmy.ca
            link
            fedilink
            arrow-up
            1
            ·
            7 months ago

            Oh, is FUTO Voice not what they have in keyboard? Should Install that separately?

            • Tazerface@lemmings.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              7 months ago

              Futo Voice is in the keyboard but the separate app has the option of the large voice model which has more words and is more accurate. Downside is a larger voice model takes longer to process your speech into text and isn’t suitable for slower devices. The keyboard does offer a way to move to a larger voice model (settings > languages) but I couldn’t figure out how to make the switch. Maybe it’s currently not available.

              Edit: Clipboard is a keyboard feature I use nearly everyday. Turns out Futo keyboard doesn’t have it and it’s not a planned feature. Perhaps I’ll check in a few times per year to see if this has changed.

    • Lemongrab@lemmy.one
      link
      fedilink
      arrow-up
      9
      ·
      7 months ago

      I think Rethink DNS would be better in this case because you can block internet to system apps, apply DNS blocklists, and set up a Wireguard VPN with a config file.

      • lemmyreader@lemmy.ml
        link
        fedilink
        English
        arrow-up
        7
        ·
        7 months ago

        I believe NetGuard will act as a VPN.

        Yes, correct.

        This will prevent you from using an actual VPN.

        It is indeed a drawback I forgot about (but a VPN connection can also be made on a local router at home).

        • pumpkinseedoil@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          ·
          6 months ago

          A local VPN defeats the purpose. A VPN server that gets lots of request from different devices is what you want because then noone can know who made which request, they only see it’s coming from the VPN server.

          • lemmyreader@lemmy.ml
            link
            fedilink
            English
            arrow-up
            1
            ·
            6 months ago

            NetGuard uses a VPN connection inside the phone. NetGuard is not like a VPN server, it will just block network access for apps you want to block access for.

  • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    7 months ago

    Consider yourself lucky for using a Pixel. These are actually the easiest devices to degoogle. You can replace the entire bloated and spyware-infested stock Pixel OS with GrapheneOS, a much more private, secure and minimalistic, open-source alternative. It is pretty easy to install, the web installer should be self-explanatory, but you can also watch this video: https://www.youtube.com/watch?v=ZAZlmYKrwfk (it does say for Pixel 7, but the steps are exactly the same on the Pixel 8 or any other Pixel, so don’t worry)

  • MajorHavoc@programming.dev
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    7 months ago

    As was mentioned, you probably cannot switch to GrapheneOs until the phone is paid off (out of the first two years contract).

    In the meantime you can:

    • Change all of your primary logins (site by site by site and app by app by app) to a non-Google email address. This should stop a lot of back channel tracking that Google does through their login framework.
    • Install F-Droid to get access to popular free and open apps. It startled me how much essential software isn’t in the Play Store. These apps used to exist in the Google Play store, but lately the best I find in the Play Store are clones with ads jammed into them.
    • Use free or open software, specifically, when accessing Google services - for example, use SkyTube for accessing YouTube. These apps typically have anonymous use options which I trust much more than the equivalent setting (if it exists) in Google’s own apps.
    • tmpod@lemmy.pt
      link
      fedilink
      arrow-up
      3
      ·
      7 months ago

      These are some good suggestions! The most crucial one is perhaps a ditching Gmail, but using alternative apps, such as newpipe and stuff, also go a long way. Unfortunately, the system is fighting against you and you’ll have to really use a freer operating system to properly get away from Google. Still, these are good steps to take.

      • Lemongrab@lemmy.one
        link
        fedilink
        arrow-up
        2
        ·
        7 months ago

        Newpipe isn’t an alternative to Gmail, I’m assuming that was just awkward wording. A good alternative to the Gmail app is FairEmail or K-9 Mail. Newpipe (or better yet Tubular) is a good alternative to YouTube (without google signin and local only storage of subscriptions, history, and playlists)

        • tmpod@lemmy.pt
          link
          fedilink
          arrow-up
          4
          ·
          7 months ago

          I meant alternative apps to Google’s in general, not to GMail specifically. Ditching GMail is an important step, as you block a relevant source of personal information, but using alternative apps, like MajorHavoc recommended, is another great step. NewPipe is one of such apps (I disagree Tubular is a better pick, but that’s something for another post).

          K-9 and FairMail aren’t a good alternative to GMail. Not alone, that is. GMail is both an e-mail provider and a client, but I’d argue the first point is the most relevant. If you use a FOSS e-mail client with your Google account, nothing is really changing, they will still read all your mail. You have to change providers as well, which isn’t trivial for most people.
          E-mail is an insecure means of communication, so you shouldn’t even use it for sensitive things, depending on your threat model, as usual. I personally use Migadu as my provider, for all the customisability and “vanilla” e-mail infrastructure they have, but Proton and Tuta are good alternatives as well, if you don’t mind or don’t care about the non-standard extensions.

          • Lemongrab@lemmy.one
            link
            fedilink
            arrow-up
            2
            ·
            7 months ago

            Ditching your gmail account is the hardest step of degoogling and really isn’t one step. Ditching Gmail the app is good because it is one less permissive google app you have installed.

            Tubular is just newpipe with sponsorblock and return YouTube dislike, which have their own Privacy Policies to worry about but are great features to have. Either way, you should be using a VPN because otherwise it isn’t much different then the scenario you mentioned with a FOSS client for a proprietary google service.

            • tmpod@lemmy.pt
              link
              fedilink
              arrow-up
              2
              ·
              7 months ago

              Yes, it is a hard step, but it is perhaps the most relevant one, hence why it’s important to get started with it, unless some external factor prevents the change. If you still have other Google apps (including Google Services), then uninstalling Gmail really does very little to nothing.

              • Lemongrab@lemmy.one
                link
                fedilink
                arrow-up
                1
                ·
                7 months ago

                The assumption I was under for the parent comment’s scenario was that the device would remain with its default ROM, in which case Google services are installed as a system app and disabling/uninstalling through ADB would do little to change things (cus of the proprietary kernel and all). Moving to alternative FOSS clients helps a new user get used to alternatives and learn better compromises they can use in the future on a degoogled ROM with services they maybe be forced to use.

                • tmpod@lemmy.pt
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  7 months ago

                  I see, that’s a good point indeed, it can be a good learning step. From a privacy standpoint, however, it’s not that effective.

    • smeg
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      2
      ·
      7 months ago

      What does the phone contract have to do with what you can do with the phone? Contracts are for the SIM card (and the network access that comes with it) which may include the cost of a subsidised phone, but you’re still paying that regardless of what you do with the phone, right? Or to put it another way I think they can network-restrict the phone but I don’t think they can stop you putting GrapheneOS on it.

      • SecurityPro@lemmy.ml
        link
        fedilink
        arrow-up
        5
        ·
        7 months ago

        Not in the US. A phone “purchased” on contract is carrier locked and you can’t unlock the bootloader, which needs to be done in order to install a different OS.

        • smeg
          link
          fedilink
          English
          arrow-up
          2
          ·
          7 months ago

          I found some very old posts that says network and bootloader unlocking are unrelated, is this no longer the case?

          • SecurityPro@lemmy.ml
            link
            fedilink
            arrow-up
            3
            ·
            7 months ago

            Apparently not, I have a Pixel 8 Pro that I got free on a promotion from AT&T. The bootloader is locked on it and grayed out.

            • smeg
              link
              fedilink
              English
              arrow-up
              3
              ·
              7 months ago

              That’s some serious bullshit, my condolences

      • Matt@lemdro.id
        link
        fedilink
        English
        arrow-up
        3
        ·
        7 months ago

        Google does not let you unlock the boot loader if the device is carrier locked. It needs to get paid off and unlocked before the boot loader can be unlocked to install custom roms.

        • smeg
          link
          fedilink
          English
          arrow-up
          3
          ·
          7 months ago

          Oh wow, I thought we left that sort of thing behind in the 3310 era!

  • foremanguy@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    7 months ago

    First try to replace your apps with those presented here : Lemmy’s apps alternatives

    Then if you want to maybe try to install Graphene Os, you’re lucky it’s very easy to do it on your phone, Web installer, just follow carefully step by step the instructions, I know that it could be an hardship but once done you’ve done a great step into privacy!

  • tmpod@lemmy.pt
    link
    fedilink
    arrow-up
    6
    arrow-down
    3
    ·
    7 months ago

    While others have mentioned the great GrapheneOS, I will throw two other options:

    • CalyxOS — privacy oriented Android OS. While Graphene focus on security pretty much above all else, Calyx focus on privacy (and usability) more. Both essentially only target Pixel phones and are great choices.
    • LineageOS + MicroG — AOSP fork, continuation of the old CyanogenMod, with an open implementatinon of Google Services. This is perhaps the most “normal” OS, seeing as Lineage’s core is user freedom and not exactly privacy; however, with MicroG, you get a pretty private system with very few to none of the side effects of deviating a lot from standard Android.

    Graphene is a great project, but I think it may be a bit too much for someone that is just entering the privacy world, hence why I’m suggesting these two options as alternatives that are less strict and “cumbersome” to use, so to speak, while not really sacrificing privacy.

    In the end, as all things privacy, it depends a lot on your threat model, your tech proficiency and willingness to make “sacrifices” and adapt.

        • jet@hackertalks.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          7 months ago

          I agree that graphene is the easiest. Because you can install the Google subsystem in the work profile, everything will just work there no problems. It’s very clear what you’re doing, and what has access to what.

          Because when you start graphing you have nothing on your phone, everything you install becomes a deliberate choice. So it’s very very very simple, oh I need a web browser I’m going to choose a web browser etc.

        • LoveSausage@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          7 months ago

          As alredy mentioned, but also install wise , very easy compared to installing twrp and Micro-g etc. Also Installing GOS and sandboxed playstore in main profile, hand it to someone completely oblivious and they will have no problems using it as they would normally do on stock. Learning to use it in separate profiles is just a matter of getting used to it.

  • Everett@reddthat.com
    link
    fedilink
    English
    arrow-up
    2
    ·
    7 months ago

    I’ve found that the Proton apps do a decent job of replacing Google’s suite of apps like Drive, Mail and Calendar.

  • sbexpert@lemmy.world
    link
    fedilink
    arrow-up
    3
    arrow-down
    2
    ·
    7 months ago

    ReVanced has been working for me. I followed this guide since it’s not as straight forward as Vanced was. Sorry that it’s a reddit link :(