<

Dodging Data Collection - Android Devices

Published on
3,731 Points
631 Views
1 Endorsement
Last Modified:
Often, people trade privacy and security for convenience. However in today's concrete jungle, this is an extremely foolish decision considering the vast amount of technologies being used against consumer interest. First off, I won't waste any time explaining WHY one would want to deter any entity from mass collecting, retaining, and sharing my personal information and metadata. There are plenty of articles that shed light on why any and EVERY ordinary citizen should be concerned about this practice; no need for repetition.

This brief article is intended to be the first of many in a small series that will help liberate you from the chains of mass surveillance, beginning with your mobile device. I intend to keep these articles short and high-level due to a lack of time and the wealth of information available online anyways (you can search any of the steps I provide to find guides and a plethora of information).

Please note that regardless of how many safeguards you take, how many layers of protection you employ, there is no such thing as a 100% safe guarantee to anything when it comes to the Internet, or for electronics as a whole for that matter. Just remember the golden rule for everything in life, if you can make it you can break it.

I wrote this article specifically for Android devices for two reasons:
  •  My experience in Android > iOS
  •  To my knowledge, you cannot remove the stock Apple software off an iPhone (only modify it)
If anyone has any knowledge on how to replicate similar functionality in an iPhone, please share :)

Steps:
  1. Root your phone (do not install GAPPS [Google Apps])
  2. Install the xposed framework, then xPrivacy (update both)
  3. Configure xPrivacy to send either preset or arbitrarily generated data (e.g. empty contact list, random serial #, random IMEI, etc.), make sure all your applications are only getting what they NEED (most are common sense, e.g. random application does not need online access, access to contacts, etc.). As a general rule, do NOT trust corporations with your information :) To avoid breaking things, if your unsure about a permission only disable one by one to identify if it will causing any undesired behavior in the application.
  4. Install a firewall and only enable services one by one as needed
  5. Disable all application and phone syncs
  6. Do not associate phone with a Google account
  7. Download open source alternative apps for stuff like Maps, Email, etc. and set appropriate permissions in firewall as well as limit what data is sent in xPrivacy
  8. To avoid play store but still get any app you want you can just browse to it from your browser, copy the URL, and paste it inside any APK downloader (perform an online search for APK downloader and you'll find one).
Tips:
  • Every time you install a new application, xPrivacy will apply a predefined restriction template (that you can modify)
  • Don't forget to check once in awhile for framework and application updates! (Remember, no more play store notifications!)
  • Never share real information online
  • Use your common sense always!
If you have any questions feel free to throw them at me :) I will answer at my first available convenience. Hope this information helps some people, have a great week!
1
Comment
2 Comments
 
LVL 6

Expert Comment

by:Rafael I
This is kind of overkill, since you could also just get a throwaway, pre-paid cell phone and a google number/skype handle to forward calls to yourself, but some of your steps are useful.  I will deny any involvement you had if I am arrested.  In the meantime, enjoy my vote!
0
 
LVL 6

Author Comment

by:Sir Learnalot
@Rawsteak
A throwaway prepaid cellphone is probably your best bet :) But this doesn't defeat any data collection when trying to use apps (or even just the basic OS) on new smart phones. Additionally, I would imagine if one tried to retain the same phone and exchange prepaid sim cards, they would run into the same problem (IMEI of phone does not change, serial #, etc.)
0

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Join & Write a Comment

This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
In this video I will demonstrate how to set up Nine, which I now consider the best alternative email app to Touchdown.

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month