This article has a couple of issues. It suggests downloading apks from apkmirror in your browser. While apkmirror is not the worst thing you can do, its security record isn't exactly stellar. Until about a year ago or so, their downloads weren't even https by default. Leaving that aside for a moment, this method has no meaningful signature verification built in. Unless you are going to verify signatures manually, which you most likely aren't, you are just trusting apkmirror. Further, you are adding chrome as a source of apk installers, which opens the door for more questionable apks coming to your phone. If you want apps from the play store, use yalp store.
Yes. Yalp is free software, and yalp is getting them directly from the play store. Yalp is doing the bookkeeping for you. You also don't need to have chrome as an allowed source for installations.
Sony seems to provide an official way to build your own Android ROM without Google:
"For some of the Xperia™ devices, we provide Android™ Open Source Project (AOSP) device configurations on GitHub. This means that the software will be open for you as a developer to use and contribute to. This is a way for us to support the open Android community, and it is also a tool for us to facilitate and verify contributions to AOSP."
The problem is half the stuff doesn't work properly using those because they don't provide drivers for propriety stuff like the camera or playstation services for example. The camera will no longer work in low light and the 23mpx camera takes pics like a 5mpx
Yeah, that's a known thing. Sony uses some DRM system for cameras, and you lose the keys when you flash AOSP. If you google around, you can hack it to save and restore the keys. Not worth buying Sony on general principle. Plenty of other alternatives.
Best option: Pixels, since they are reference designs, and also have support for self-signing builds and using verified boot. You can build AOSP using official documentation. Pricey though. You need to buy the version sold on the google store to get an unlockable bootloader. Carrier versions don't allow it.
They even maintain a premade fork of LineageOS with microG preinstalled, which I recommend if you ever need to use Android: https://lineage.microg.org/
It doesn't have to use Google services, it's FLOSS and configurable. For example, you can replace the location backend with one that uses Mozilla's location service: https://github.com/microg/IchnaeaNlpBackend
Furthermore, I think there's a difference between closed-source software running on your device reporting who-knows-what and open-source software that makes known, specific requests to cloud services.
There's much more you can do, like disabling all Google apps (you usually can't uninstall them), and deleting their data (frees up a tiny bit of space). At least that works on Fairphone OS for FP2, based on Android 6.
I use a combination of F-Droid (most apps) and Yalp (for downloading a small number of free apps from the Google Play Store from parties I mostly trust).
If Google Play Services is disabled, it shouldn't be able to run. Disabling it takes a bit of extra effort, but is possible without rooting, at least on my phone. (The Fairphone forums advise not to root the phone and uninstall it, because then the phone won't boot. That does make me a bit suspicious, but at least the process is not running during normal usage.)
I like that the author provides different degrees of separation. Everytime I tried to do it, I went completely extreme. It was so difficult that I would give up. A middle of the road approach that reduces, but doesn’t eliminate, Google’s knowledge of me is probably best.
I find it rather easy to use android without selling my soul to Google. In fact, I use android on a Google Pixel 2 on Google's own Project Fi network and yet I don't feel as if I've sold my soul to them.
I could switch to an iPhone running iOS on Verizon in the span of a few hours if I felt like it, or just chuck my phone into a river and call it a day. I can install FireFox if I don't want to use Chrome, F Droid if I don't want to use the Play Store, and a huge number of other apps from a huge number of other companies.
The idea that you have to "sell your soul" to Google to use android, even hyperbolically, is stupid.
It's almost certain that Google knows all those accounts belong to the same human. They can correlate IP addresses, GPS locations, app installs, usage behaviour, etc.
They can surely tell if they want to. It used to be their stated policy that they do not try unless requested by law enforcement. I don't know if that policy is still in place.
This is in complete contrast to FB, whose modus of operandi had always been "we will do whatever we can to figure out who you are".
