
A Guide to Using Android Without Selling Your Soul to Google - axiomdata316
https://fieldguide.gizmodo.com/a-guide-to-using-android-without-selling-your-soul-to-g-1827875582
======
bubblethink
This article has a couple of issues. It suggests downloading apks from
apkmirror in your browser. While apkmirror is not the worst thing you can do,
its security record isn't exactly stellar. Until about a year ago or so, their
downloads weren't even https by default. Leaving that aside for a moment, this
method has no meaningful signature verification built in. Unless you are going
to verify signatures manually, which you most likely aren't, you are just
trusting apkmirror. Further, you are adding chrome as a source of apk
installers, which opens the door for more questionable apks coming to your
phone. If you want apps from the play store, use yalp store.

~~~
j88439h84
Is yalp better?

~~~
bubblethink
Yes. Yalp is free software, and yalp is getting them directly from the play
store. Yalp is doing the bookkeeping for you. You also don't need to have
chrome as an allowed source for installations.

------
krn
Sony seems to provide an official way to build your own Android ROM without
Google:

"For some of the Xperia™ devices, we provide Android™ Open Source Project
(AOSP) device configurations on GitHub. This means that the software will be
open for you as a developer to use and contribute to. This is a way for us to
support the open Android community, and it is also a tool for us to facilitate
and verify contributions to AOSP."

[1] [https://developer.sony.com/develop/open-
devices/](https://developer.sony.com/develop/open-devices/)

~~~
Big_crimpin
The problem is half the stuff doesn't work properly using those because they
don't provide drivers for propriety stuff like the camera or playstation
services for example. The camera will no longer work in low light and the
23mpx camera takes pics like a 5mpx

~~~
bubblethink
Yeah, that's a known thing. Sony uses some DRM system for cameras, and you
lose the keys when you flash AOSP. If you google around, you can hack it to
save and restore the keys. Not worth buying Sony on general principle. Plenty
of other alternatives.

~~~
ForHackernews
> Plenty of other alternatives.

What is one alternative that ships with a Google-free Android in non-China
countries?

~~~
bubblethink
Best option: Pixels, since they are reference designs, and also have support
for self-signing builds and using verified boot. You can build AOSP using
official documentation. Pricey though. You need to buy the version sold on the
google store to get an unlockable bootloader. Carrier versions don't allow it.

------
ForHackernews
No mention of MicroG? [https://microg.org/](https://microg.org/)

It's a very impressive project to reimplement or stub out the Google Play
Services APIs so you can use third-party apps that rely on them.

~~~
mbaeten
To be aware, this still uses google servers. I'm not quite sure what the
benefit is then (beside it being open source).

~~~
ForHackernews
It doesn't have to use Google services, it's FLOSS and configurable. For
example, you can replace the location backend with one that uses Mozilla's
location service:
[https://github.com/microg/IchnaeaNlpBackend](https://github.com/microg/IchnaeaNlpBackend)

Furthermore, I think there's a difference between closed-source software
running on your device reporting who-knows-what and open-source software that
makes known, specific requests to cloud services.

------
gpvos
There's much more you can do, like disabling all Google apps (you usually
can't uninstall them), and deleting their data (frees up a tiny bit of space).
At least that works on Fairphone OS for FP2, based on Android 6.

I use a combination of F-Droid (most apps) and Yalp (for downloading a small
number of free apps from the Google Play Store from parties I mostly trust).

~~~
krn
As long as you have Google Play Services installed on your smartphone, it's a
Google phone, because it can call home whenever it wants.

~~~
gpvos
If Google Play Services is disabled, it shouldn't be able to run. Disabling it
takes a bit of extra effort, but is possible without rooting, at least on my
phone. (The Fairphone forums advise not to root the phone and uninstall it,
because then the phone won't boot. That does make me a bit suspicious, but at
least the process is not running during normal usage.)

------
Hnrobert42
I like that the author provides different degrees of separation. Everytime I
tried to do it, I went completely extreme. It was so difficult that I would
give up. A middle of the road approach that reduces, but doesn’t eliminate,
Google’s knowledge of me is probably best.

------
wilsonnb2
I find it rather easy to use android without selling my soul to Google. In
fact, I use android on a Google Pixel 2 on Google's own Project Fi network and
yet I don't feel as if I've sold my soul to them.

I could switch to an iPhone running iOS on Verizon in the span of a few hours
if I felt like it, or just chuck my phone into a river and call it a day. I
can install FireFox if I don't want to use Chrome, F Droid if I don't want to
use the Play Store, and a huge number of other apps from a huge number of
other companies.

The idea that you have to "sell your soul" to Google to use android, even
hyperbolically, is stupid.

------
u_ndef
BS With those setting start capturing packets, you probably will reconsider
using Android phone.

------
incompatible
I create a new Google account per device, no real name.

~~~
ForHackernews
It's almost certain that Google knows all those accounts belong to the same
human. They can correlate IP addresses, GPS locations, app installs, usage
behaviour, etc.

~~~
beagle3
They can surely tell if they want to. It used to be their stated policy that
they do not try unless requested by law enforcement. I don't know if that
policy is still in place.

This is in complete contrast to FB, whose modus of operandi had always been
"we will do whatever we can to figure out who you are".

