Dodging Data Collection - Android Devices

Often, people trade privacy and security for convenience. However in today's concrete jungle, this is an extremely foolish decision considering the vast amount of technologies being used against consumer interest. First off, I won't waste any time explaining WHY one would want to deter any entity from mass collecting, retaining, and sharing my personal information and metadata. There are plenty of articles that shed light on why any and EVERY ordinary citizen should be concerned about this practice; no need for repetition.

This brief article is intended to be the first of many in a small series that will help liberate you from the chains of mass surveillance, beginning with your mobile device. I intend to keep these articles short and high-level due to a lack of time and the wealth of information available online anyways (you can search any of the steps I provide to find guides and a plethora of information).

Please note that regardless of how many safeguards you take, how many layers of protection you employ, there is no such thing as a 100% safe guarantee to anything when it comes to the Internet, or for electronics as a whole for that matter. Just remember the golden rule for everything in life, if you can make it you can break it.

I wrote this article specifically for Android devices for two reasons:

•  My experience in Android > iOS
•  To my knowledge, you cannot remove the stock Apple software off an iPhone (only modify it)

If anyone has any knowledge on how to replicate similar functionality in an iPhone, please share :)

Steps:

1. Root your phone (do not install GAPPS [Google Apps])
2. Install the xposed framework, then xPrivacy (update both)
3. Configure xPrivacy to send either preset or arbitrarily generated data (e.g. empty contact list, random serial #, random IMEI, etc.), make sure all your applications are only getting what they NEED (most are common sense, e.g. random application does not need online access, access to contacts, etc.). As a general rule, do NOT trust corporations with your information :) To avoid breaking things, if your unsure about a permission only disable one by one to identify if it will causing any undesired behavior in the application.
4. Install a firewall and only enable services one by one as needed
5. Disable all application and phone syncs
6. Do not associate phone with a Google account
7. Download open source alternative apps for stuff like Maps, Email, etc. and set appropriate permissions in firewall as well as limit what data is sent in xPrivacy
8. To avoid play store but still get any app you want you can just browse to it from your browser, copy the URL, and paste it inside any APK downloader (perform an online search for APK downloader and you'll find one).

Tips:

• Every time you install a new application, xPrivacy will apply a predefined restriction template (that you can modify)
• Don't forget to check once in awhile for framework and application updates! (Remember, no more play store notifications!)
• Never share real information online
• Use your common sense always!

If you have any questions feel free to throw them at me :) I will answer at my first available convenience. Hope this information helps some people, have a great week!