Just switched to a new phone carrier, and they had a promotion that included a free phone: the Google Pixel 8. I’m not a fan of Google, but I am a fan of free, so I took the bait.
It’s already bombarded me with pitches for their new AI bullshit. I’ve opted out of as much as the settings allow, but I’m under no illusion that doing so actually provides any real privacy.
So, damage control time.
On my previous device I used YouTube Vanced for music and videos, but I guess Vanced isn’t around anymore, and I’m pretty out of date on what the current options are… any insight on streaming specifically?
*I’m a medic who’s only surface-level competent with tech, so please idiot-proof any instructions.
Thanks all!
Consider yourself lucky for using a Pixel. These are actually the easiest devices to degoogle. You can replace the entire bloated and spyware-infested stock Pixel OS with GrapheneOS, a much more private, secure and minimalistic, open-source alternative. It is pretty easy to install, the web installer should be self-explanatory, but you can also watch this video: https://www.youtube.com/watch?v=ZAZlmYKrwfk (it does say for Pixel 7, but the steps are exactly the same on the Pixel 8 or any other Pixel, so don’t worry)
First try to replace your apps with those presented here : Lemmy’s apps alternatives
Then if you want to maybe try to install Graphene Os, you’re lucky it’s very easy to do it on your phone, Web installer, just follow carefully step by step the instructions, I know that it could be an hardship but once done you’ve done a great step into privacy!
Graphene OS . Best you can get on Android.
Before jumping to a whole new os, there’s a few easy things you can do.
FUTO keyboard instead of gboard
Install F-Droid app store to replace Google apps with foss versions: aegis, amaze, fossify gallery, grayjay, kvaesitso etc
Obtainium can pull lots of apps straight from github: Firefox, wireguard, OSS document scanner etc
Use DDG or something instead of Google search
These are the easiest things you can do.
After that there is self hosting things on your own server like immich for Google photos, Seafile for Google Drive backups etc
Just because you can’t replace everything does mean you can slowly chip away at it and greatly reduce the amount of data you are sharing with Google
The above steps make a huge difference in their own even without fully changing the os. Then one day when you are ready the option to change OS to graphene will still be there and you will already be used to your FOSS apps
How does the futo keyboard compare to heliboard?
Never tried heliboard, I’ve been meaning to try it but you have to download the app, then add the swipe library then download futo voice to get all the same functionality that futo keyboard has. I’ve been meaning to do it but before I got to it futo released their keyboard that has it all in one
A couple of days ago I installed Futo’s keyboard, not bad. The swipe typing needs a lot of work but improving this is on their to-do list. Nice to have a keyboard where the swipe engine is not Google.
I don’t use the built-in voice typing but the their voice input app. The large model is far more accurate and doesn’t take very long to process on a Pixel running GrapheneOS.
Oh, is FUTO Voice not what they have in keyboard? Should Install that separately?
GrapheneOS can install on a unlocked pixel 8 no issues, your best step to degoogle yourself.
https://grapheneos.org/install/web
Reinstall the operating system, which will wipe your phone clean, then only install apps you want, including google services in a work profile (if you want), so you control what google can see or doesnt see.
I‘m gonna be that guy and recommend GrapheneOS it is a different Android system and while that sounds like a really hard task to do for a beginner they have a really user friendly web-installer with step by step instructions. Adterwards you can just install and use google play store from their integrated app.
It’s made specifically for Pixel phones and you can’t much more degoogle than that
I’m gonna be the guy seconding it. It actually makes it feel like your own device. My favorite part is how each time you go to install an app it asks you if the app should have network access before it ever installs.
I’ve found that the Proton apps do a decent job of replacing Google’s suite of apps like Drive, Mail and Calendar.
Since it is a free phone from a carrier it will be locked until the phone is “paid off” by keeping their service for a specified amount of time. Once that time has passed, then your best option is to have the carrier unlock it and install Graphene OS. Until then, there is not much you can do.
This must be some weird American thing. I’ve gotten pixels on contract before in my country and I can OEM unlock and flash them no issue. If you don’t pay the cell carrier will just blacklist the IMEI. They don’t lock down the device itself.
American telecoms are some of the sleaziest companies on the planet.
Yes, it’s an American thing. It can sometimes be worked around with a VPN with an exit IP in Europe.
I believe this is only for Verizon on the US
If you cannot use another OS yet, install F-Droid and then install NetGuard. In NetGuard enable blocking of system apps in the settings and continue and block all apps. Then allow only the apps you need.
I think Rethink DNS would be better in this case because you can block internet to system apps, apply DNS blocklists, and set up a Wireguard VPN with a config file.
I believe NetGuard will act as a VPN. This will prevent you from using an actual VPN.
I believe NetGuard will act as a VPN.
Yes, correct.
This will prevent you from using an actual VPN.
It is indeed a drawback I forgot about (but a VPN connection can also be made on a local router at home).
As was mentioned, you probably cannot switch to GrapheneOs until the phone is paid off (out of the first two years contract).
In the meantime you can:
- Change all of your primary logins (site by site by site and app by app by app) to a non-Google email address. This should stop a lot of back channel tracking that Google does through their login framework.
- Install F-Droid to get access to popular free and open apps. It startled me how much essential software isn’t in the Play Store. These apps used to exist in the Google Play store, but lately the best I find in the Play Store are clones with ads jammed into them.
- Use free or open software, specifically, when accessing Google services - for example, use SkyTube for accessing YouTube. These apps typically have anonymous use options which I trust much more than the equivalent setting (if it exists) in Google’s own apps.
These are some good suggestions! The most crucial one is perhaps a ditching Gmail, but using alternative apps, such as newpipe and stuff, also go a long way. Unfortunately, the system is fighting against you and you’ll have to really use a freer operating system to properly get away from Google. Still, these are good steps to take.
Newpipe isn’t an alternative to Gmail, I’m assuming that was just awkward wording. A good alternative to the Gmail app is FairEmail or K-9 Mail. Newpipe (or better yet Tubular) is a good alternative to YouTube (without google signin and local only storage of subscriptions, history, and playlists)
I meant alternative apps to Google’s in general, not to GMail specifically. Ditching GMail is an important step, as you block a relevant source of personal information, but using alternative apps, like MajorHavoc recommended, is another great step. NewPipe is one of such apps (I disagree Tubular is a better pick, but that’s something for another post).
K-9 and FairMail aren’t a good alternative to GMail. Not alone, that is. GMail is both an e-mail provider and a client, but I’d argue the first point is the most relevant. If you use a FOSS e-mail client with your Google account, nothing is really changing, they will still read all your mail. You have to change providers as well, which isn’t trivial for most people.
E-mail is an insecure means of communication, so you shouldn’t even use it for sensitive things, depending on your threat model, as usual. I personally use Migadu as my provider, for all the customisability and “vanilla” e-mail infrastructure they have, but Proton and Tuta are good alternatives as well, if you don’t mind or don’t care about the non-standard extensions.Ditching your gmail account is the hardest step of degoogling and really isn’t one step. Ditching Gmail the app is good because it is one less permissive google app you have installed.
Tubular is just newpipe with sponsorblock and return YouTube dislike, which have their own Privacy Policies to worry about but are great features to have. Either way, you should be using a VPN because otherwise it isn’t much different then the scenario you mentioned with a FOSS client for a proprietary google service.
Yes, it is a hard step, but it is perhaps the most relevant one, hence why it’s important to get started with it, unless some external factor prevents the change. If you still have other Google apps (including Google Services), then uninstalling Gmail really does very little to nothing.
The assumption I was under for the parent comment’s scenario was that the device would remain with its default ROM, in which case Google services are installed as a system app and disabling/uninstalling through ADB would do little to change things (cus of the proprietary kernel and all). Moving to alternative FOSS clients helps a new user get used to alternatives and learn better compromises they can use in the future on a degoogled ROM with services they maybe be forced to use.
I see, that’s a good point indeed, it can be a good learning step. From a privacy standpoint, however, it’s not that effective.
What does the phone contract have to do with what you can do with the phone? Contracts are for the SIM card (and the network access that comes with it) which may include the cost of a subsidised phone, but you’re still paying that regardless of what you do with the phone, right? Or to put it another way I think they can network-restrict the phone but I don’t think they can stop you putting GrapheneOS on it.
Not in the US. A phone “purchased” on contract is carrier locked and you can’t unlock the bootloader, which needs to be done in order to install a different OS.
Apparently not, I have a Pixel 8 Pro that I got free on a promotion from AT&T. The bootloader is locked on it and grayed out.
That’s some serious bullshit, my condolences
Google does not let you unlock the boot loader if the device is carrier locked. It needs to get paid off and unlocked before the boot loader can be unlocked to install custom roms.
Oh wow, I thought we left that sort of thing behind in the 3310 era!
/e/os is a good alternative to graphene
No, it is not.
Care to elaborate?
This page will give you a more detailed information:
While others have mentioned the great GrapheneOS, I will throw two other options:
- CalyxOS — privacy oriented Android OS. While Graphene focus on security pretty much above all else, Calyx focus on privacy (and usability) more. Both essentially only target Pixel phones and are great choices.
- LineageOS + MicroG — AOSP fork, continuation of the old CyanogenMod, with an open implementatinon of Google Services. This is perhaps the most “normal” OS, seeing as Lineage’s core is user freedom and not exactly privacy; however, with MicroG, you get a pretty private system with very few to none of the side effects of deviating a lot from standard Android.
Graphene is a great project, but I think it may be a bit too much for someone that is just entering the privacy world, hence why I’m suggesting these two options as alternatives that are less strict and “cumbersome” to use, so to speak, while not really sacrificing privacy.
In the end, as all things privacy, it depends a lot on your threat model, your tech proficiency and willingness to make “sacrifices” and adapt.
I have runned all of them , graphene is is by far the easiest to get around for someone new
That is interesting to hear, why do you think so?
As alredy mentioned, but also install wise , very easy compared to installing twrp and Micro-g etc. Also Installing GOS and sandboxed playstore in main profile, hand it to someone completely oblivious and they will have no problems using it as they would normally do on stock. Learning to use it in separate profiles is just a matter of getting used to it.
I agree that graphene is the easiest. Because you can install the Google subsystem in the work profile, everything will just work there no problems. It’s very clear what you’re doing, and what has access to what.
Because when you start graphing you have nothing on your phone, everything you install becomes a deliberate choice. So it’s very very very simple, oh I need a web browser I’m going to choose a web browser etc.
ReVanced has been working for me. I followed this guide since it’s not as straight forward as Vanced was. Sorry that it’s a reddit link :(
