
How to stay private when using Android - amorfati
https://protonmail.com/blog/android-privacy/
======
throwaway41597
Honestly, Android is hopelessly so much worse than that. You need to
disable/adb uninstall tens of apps because, you have no way to actually remove
them. Some of them cannot be disabled (Google Play Services for instance).

Additionally, you cannot have a secured up-to-date WebView (rendering library
for Android apps showing web pages) without signing in with a Google account
and updating Google Chrome. I found out while trying to remove as much spyware
as possible from my Xiaomi A3 Android One phone. As suggested in the blog
post, I didn't sign in with a Google Account.

But the WebView [0] is updated via the Play Store which requires an account.
So I said I'll just compile Chromium and provide my own WebView. But the
system has a whitelist [1] of WebView implementations that excludes everyone
but Google to render webviews.

So I'll root my phone and find my way into the whitelist? Well it seems (at
that point I'm discouraged to look) that will break future OTA updates because
the diffs they send assume the system partition is bit-for-bit unchanged.

So I'll compile Android (AOSP) and flash it? Well, I should have bought
another phone, because although my Xiaomi Mi A3 has its kernel on Github,
binaries such as the radio firmware aren't available [2].

So I'll just install a precompiled ROM from XDA forums? Well, I'm still
reluctant honestly, I'm sure the devs are great but they're still anonymous
people on the Internet.

Maybe I should have bought a Sony, AOSP support is better [3], maybe I should
have bought something supported by Lineage but then I'd depend on the branch
developers.

I should say, it looks like there is some progress (more granular permissions,
Android One, Treble, Mainline...) but it's regressing at the same time
(removal of the Internet permission, Google Assistant, Play Store distributed
system updates in Android 10...).

I remember Larry Page ranting about MS Windows a few years after he started
Google. Well, my phone spies on me, is full of uninstallable Google-made
bloatware, is locking aftermarket alternatives out with some gotchas and is
nowhere close to the freedom I get from a commodity computer (which is far
from perfect still). I remember the early Android team promising you can
replace every app but a decade later and there are these whitelisting
shenanigans.

By the way, I'm open to suggestions if anyone can help.

[0]: Technically, for Android 9, the fallback WebView is updated over the air
but Google Chrome is updated with the Play Store

[1]: [https://github.com/bromite/bromite/wiki/Installing-
SystemWeb...](https://github.com/bromite/bromite/wiki/Installing-
SystemWebView)

[2]: Technically, they're already on my phone but I wouldn't get updates
anyway.

[3]: [https://developer.sony.com/develop/open-devices/#overview-
co...](https://developer.sony.com/develop/open-devices/#overview-content)

~~~
nextos
I think the best practical solution these days is to buy a Pixel or some Sony
Xperia, and install your own AOSP. Then run a F-Droid userland. If you have a
Pixel, you also have access to things like
[https://grapheneos.org/](https://grapheneos.org/), which is the successor to
CopperheadOS, and perfect AOSP support. Sonys tend to loose some features.

A good alternative if you want a cheaper phone is to run LineageOS on a
popular device in the Lineage community.

Something that is becoming a really good alternative is to run a device-
independent ROM on an unlockable Treble device:
[https://github.com/phhusson/treble_experimentations](https://github.com/phhusson/treble_experimentations)

As you said, stock Android is pretty hopeless in terms of privacy.

~~~
throwaway41597
phh-treble looks pretty good, thanks for bringing it up! Any idea how one gets
authentic updates to the radio after flashing a GSI though? Anyone here has
tried it with a Xiaomi A3? Looks like most phones have partial support still.

Pixel phones are out of my budget so GrapheneOS isn't an option.

Stock Android has long been dead to me but I wasn't aware Android One is just
as bad because most reviews focus on the UI.

------
andrepd
Unfortunately all of these things are bandages on a sinking ship. They're
technically better than nothing, but in reality they simply do not fix the
problem. Even worse, it's possible (even probably) that some privacy controls
simply do not do the think they say they do. You are essentially trusting a
company with a rubbish track record in privacy violations to pinky swear they
stop tracking you when you toggle a switch.

~~~
pinepinetree
Exactly. Scottiestech's YouTube has some good info on how your smartphone is
tracking you more than you think. Sometimes I think about building my own
phone with a Raspberry Pi or use LineageOS.

~~~
endemic
AFAIK one of the best solutions for smartphone privacy is using a custom
Android ROM without Google apps installed. Of course that means basically no
3rd party apps, but you can still get a surprising amount of functionality
with just a web browser. You’ll still get tracked by your mobile provider, but
I think that would happen even with a dumbphone.

~~~
icefog
> Of course that means basically no 3rd party apps

I'm using LineageOS without Play Store/Services and would like to dispel this
myth. Here are just some of the third party applications I can install
directly from the developer using adb, without going through a third party
store: Signal, Firefox, NetGuard, NewPipe, Orgzly, OsmAnd, Tor Browser. Those
pretty much cover all of my smartphone needs and more.

~~~
im3w1l
Three kinds of apps that are very important to me, that I cannot get without
play store:

The national 2fa app. The app people use to send money to their friends,
sometimes street vendors. Rideshare app.

------
tyingq
Starting with Android Pie, backups are encrypted with a key not known to
Google[1]. Doesn't cover all of sync, but that is encouraging.

[1] [https://security.googleblog.com/2018/10/google-and-
android-h...](https://security.googleblog.com/2018/10/google-and-android-have-
your-back-by.html)

~~~
panpanna
This has been the case for chrome sync 10+ years now.

You need to enter a second password thought.

------
emodendroket
If you want to stay private, give up the idea of a smartphone altogether. If
you (quite understandably) do not want to do that, you're pretty much just
kidding yourself.

~~~
chappi42
It's not all or nothing privacy. If you give up Android/Google Play (and
Facebook etc.) you have a much smaller exposure.

Buy an iPhone or a Jolla (or, maybe in future, PinePhone or Librem). Then use
Firefox with uBO, DuckDuckGo and Fastmail. And you have a much better privacy
in 2020.

~~~
morganvachon
> Buy...a Jolla

I would absolutely love to do this, but I live in the US. Recently I visited
Jolla's website and was excited to see that they offer an officially supported
installation for Sony Xperia 10 and XA2 phones. I found several listings for
those devices on eBay, got really excited, and almost pulled the trigger on
one. I went back and read the fine print on the Jolla site and discovered that
they won't sell the OS to you or allow you to download the free version if you
live outside the EU, Switzerland, and Norway.

It's so frustrating that there is a total lockout in the US when it comes to
smartphone OSes; I have a Lumia 830 sitting in a drawer I'd be fine with using
but since Microsoft officially dropped support it has developed issues that
prevent it from being a daily driver. Besides, Microsoft's track record on
privacy is hardly better than Google's.

For now I can either carry a dumbphone and a separate smart device like the
Gemini PDA running Linux, or just continue using my increasingly slow and
glitchy iPhone 7 (I don't want face recognition or a notched display, so I
refuse to upgrade to the X and beyond, and the 8 is still too expensive to
justify such a minor upgrade).

I am eagerly awaiting the opportunity to buy a PinePhone (fuck Librem and
their constant deception around their products), and if it works out as a
daily driver I'm all in.

~~~
chappi42
Maybe ask on 'together.jolla.com' about buying from the States? IIRC I read
about people buying Sailfish from not officially supported countries. Make
sure that the provided bands match what you have available.

Edit: didn't find much about US:
[https://together.jolla.com/questions/scope:all/sort:age-
desc...](https://together.jolla.com/questions/scope:all/sort:age-
desc/tags:usa/page:1/)

------
wildmanxx
This article is surprisingly and disappointingly simple-minded to appear on a
place called Hacker News. It's a list of things aimed at my mom, not at a
"hacker", whatever meaning you assign to this term.

The most telling may well be section "5\. Be wary of unknown sources" which
recommends "You should never trust software from these sources". One of the
key ways of making Android privacy focused is to install F-Droid and use the
non-cloud alternatives it offers to all the standard Play Store crap.

Sorry, I would have expected more from something posted on Hacker News. I
expect everybody here to roll their eyes when reading a heading such as "Use a
PIN".

~~~
fiatjaf
Install everything from Google Play, that's all good. Never install anything
from F-Droid, that's all bad.

That's basically what this article is saying.

------
decasteve
> 7\. Review your cloud sync

I used an Android device for a short while a few years ago. I disabled all
sync functionality and would back up to my own storage device.

After an OS update, all of the sync functionality was automatically enabled
and everything on the device was uploaded to Google’s services anyway. So I
deleted everything that was uploaded, then deleted my google account, and
bought an iPhone and swore to never use a google product again — and I
haven’t.

~~~
squarefoot
While it is undeniably true that Android, just as any other networked product
by Google, is a nightmare with respect to privacy, I hardly believe that Apple
doesn't collect any user data. They very likely want to remain the #1 solution
for wealthy people who don't want their communications to be bugged, and
they're surely much much better than Google in that context, still I don't
trust them because their product is even more closed than Android, therefore
impossible to audit just as Android.

~~~
Benjammer
Apple's incentives as a product business align much better with user privacy
than Google's incentives as an ad business though.

~~~
lern_too_spel
And yet Apple's OS collects more information than Google's. You cannot even
write an app for your device without handing over banking details like a
credit card. You cannot get your location without also sending that location
to Apple. If you're in China, everything in your iCloud is accessible by the
Chinese government.

Edit: this is not whataboutism. People are seriously suggesting using Apple
devices instead for privacy, when doing so is worse, as I have shown. If you
believe anything I've said is false, go ahead and point it out. I've stated
these claims multiple times on Hacker News and not once have they been
refuted, so I'll be happy to get corrections before I state them again.

~~~
cnlwsu
A lot of what you just claimed is completely false or misleading, given your
rants throughout this thread though I doubt it’s worth time to enumerate it.
You seem very intent to distract the discussions for this post towards Apple
and whataboutisms.

~~~
lern_too_spel
Now that I can respond, this is not whataboutism. People are seriously
suggesting using Apple devices instead for privacy, when doing so is worse, as
I have shown. If you believe anything I've said is false, go ahead and point
it out. I've stated these claims multiple times on Hacker News and not once
have they been refuted, so I'll be happy to get corrections before I state
them again.

------
dguido
If you're looking for privacy advice for iOS, then check out iVerify from
Trail of Bits. It includes automated detection for certain kinds of malware,
configuration checks, and privacy guides for all the rest.

Blog: [https://blog.trailofbits.com/2019/11/14/introducing-
iverify-...](https://blog.trailofbits.com/2019/11/14/introducing-iverify-the-
security-toolkit-for-iphone-users/)

iOS App Store:
[https://apps.apple.com/us/app/iverify/id1466120520](https://apps.apple.com/us/app/iverify/id1466120520)

Article in VICE: [https://www.vice.com/en_us/article/bjw474/this-app-will-
tell...](https://www.vice.com/en_us/article/bjw474/this-app-will-tell-you-if-
your-iphone-gets-hacked-iverify)

~~~
ghostpepper
Aren't apps pretty heavily sandboxed on iOS? I am curious how this app has
permission to read the places it needs to read to look out for stuff like
malware.

------
newscracker
They should’ve added a point #0 advising people to get a flagship device or an
Android One device from vendors who have a track record of selling a phone
with the latest Android release and also getting updates to the devices
quicker.

Every other point in the article pales in comparison if the new device you
bought is running a release more than a year old and you’re guaranteed never
to get another update (or may get an update for a year). The point about
keeping the software up to date is moot for most Android users.

------
wheelerwj
"Don't"

If anyone who has been a google fan/early adopter can attest to, the more
things you learn to turn off, unistall, or otherwise disable, Google will find
a way to add in even more shit to track you. They are, without absolute
certainty, an advertising company. They will always find a way to sell more
ads, its the only reason they exist.

------
swiley
I hate iOS but good god android is awful! I bought a cheap one on new years to
use as a balloon tracker (GPS boards are expensive so it seemed like a good
idea.)

There are absolutely no diagnostics, every setting (including critical ones)
seems to move around between OS updates. They’re constantly breaking things
you actually need (termux API is missing half of what’s useful and silently
fails on most things now) while still letting malware installed by
manufacturers through. I think when I first connected the phone to a network
it pulled down ~1Gb of shovelware including facebook. Thankfully it was on
WiFi since I didn’t want to use up the data until we launched the balloon.

This of course never worked. It was able to connect and use data for about 30
minutes, I’m not sure what we did to make it work but it randomly stopped
after that.

Mobile OSes need to die, they don’t help people they’re just another tool for
corporations to push users through confusing broken mazes in order to
manipulate them.

~~~
jblz
> "android is awful!" ... "I bought a cheap one"

Nothing like condemning the entirety of a thing based on a single limited
intentionally-bottom-of-the-barrel experience!

~~~
freehunter
This is one thing I don't understand about the Android ecosystem... Android
fans like to point out that you have a choice of phone price points from $100
up to $1000, where on Apple devices it's generally $600 to $1000. But if you
actually buy one of those $100 phones and have a problem with it, the first
response is always "well yeah that's what you get for buying a cheap phone".

Seems like an _illusion_ of choice if you're guaranteed a working phone only
if you buy the latest $1000 Samsung flagship.

~~~
Open-Sourcery
Smartphones are like many other technology products. Yes, you can get the
cheapest one available but it will be total garbage or you could spend another
$100 or so and get a pretty decent phone. Going beyond this point you get
diminishing returns, is spending another $700-800 really worth it for a better
camera, a faster CPU/GPU and a screen with a bit better colour when all you do
is watch Youtube videos and browse facebook/instagram/whatever other social
media?

------
xvector
At this point you’re probably better off buying an iPhone and disabling iCloud
backup (or disabling iCloud entirely).

~~~
oriettaxx
some of you wrote here, many months ago, something I will never forget: "how
can you pretend privacy from a phone 'made' by an ads company"

------
sidcool
Any experience with ProtonVPN? I am looking to give it a try

~~~
art4ur
I use their free tier and it's relatively snappy. Plus you can get the actual
ovpn files and avoid having any proprietary software on your machines.

------
Despegar
I've been saying this for a long time, but there's no technical solution to
staying private. It's not scalable and no one has time to janitor every
product and service they use in their lives.

The only solution to it is regulation. Fortunately one rich guy in California
is putting his personal money up to move the ball forward [1]:

>Mr. Mactaggart said his 2020 state ballot initiative, among other things,
would create a state enforcement agency, limit targeted advertisements based
on geolocation and add items covered by the “negligent data breach” section,
which would allow consumers to pursue legal action in more instances of a
hack.

>Most significantly, Mr. Mactaggart said, his new effort would make it harder
to adjust the current law any further. The initiative includes a “purpose and
intent” section that requires any amendment to the law to be in the service of
protecting consumers’ rights to privacy, a legally binding clause that Mr.
Mactaggart said would prevent industry from chipping away at the measure.

CCPA is a mediocre version of GDPR, but it's certainly better than the status
quo.

>The lobbying against Mr. Mactaggart’s earlier initiative kept it from the
ballot in 2018, and legislators instead passed the privacy law. “It was the
right thing to do because there was no guarantee at the ballot box,” Mr.
Mactaggart said of his agreement to drop his measure. “Now, it’s different
because we have the law.”

>Mr. Mactaggart said he would do whatever it takes to pass his initiative next
year, including spending millions of his own money. He bankrolled his last
campaign almost entirely himself, spending more than $3 million. Mr.
Mactaggart will have to collect more than 623,000 signatures for his new
initiative to qualify for the ballot. A survey in October by Goodwin Simon
Strategic Research of 777 registered voters in California found that most
supported Mr. Mactaggart’s initiative.

If you care about privacy, help this guy get his ballot initiative over the
finish line. California can serve as inspiration for other state privacy laws
(and may just become the default, as it often does). Tech people love scale,
and you know who has scale? Governments. You can't fix a systemic problem like
lack of privacy with individual action.

[1] [https://www.wsj.com/articles/activist-behind-californias-
new...](https://www.wsj.com/articles/activist-behind-californias-new-privacy-
law-already-wants-to-improve-it-11577615401)

------
doc_gunthrop
A simple step toward thwarting a mischievous app that demands internet access
privileges (even though its functionality has no apparent need for it) is to
install a firewall like NetGuard[1]. It's a simple step because it doesn't
require rooting your device.

1: [https://www.netguard.me/](https://www.netguard.me/)

~~~
noja
NetGuard is great, but it uses battery about 20% faster with it on (mainly
because the cpu cannot enter sleep states long enough iirc)

------
mmd
So why do I need google play store to install and google play services to use
the ProtonMail app on android? Please release a standalone version like
whatsapp does.

------
harry8
Look at the general tone of all this thread.

The Nokia n900 was an _excellent_ smart phone. Still would be without nearly
10 years of improved tech hardware updates.

~~~
MisterTea
I'm really hoping the Pinephone, and other Linux phones succeed in creating a
niche yet affordable libre phone with secure software. I ordered a developer
phone simply because I'm interested and want to see what it has to offer.

The only thing that will be hard is working without my current setup of apps.
A browser can only get you so far. The transition will be a little tough but
i'll manage.

------
OrgNet
Android is a nightmare (both for privacy and for the artificial limitations
imposed by Google)... the only solution appears to be a pure Linux phone like
this: [https://store.pine64.org/?product=pinephone-braveheart-
limit...](https://store.pine64.org/?product=pinephone-braveheart-limited-
edition-linux-smartphone-for-early-adaptor)

I don't sign-in to my google account on my phone but I'm pretty sure that they
do shadow profiles like Facebook does

~~~
panpanna
Do you use a web browser?

Then 200+ companies already have shadow profiles on you.

~~~
OrgNet
I block most trackers...

but they don't have access to all those sensors on my phone anyways...
including camera, microphone, gps, etc... unlike Google on your Android phone.
You are comparing apple and oranges.

------
oriettaxx
I cannot find many of the settings they talk about (android v.9), is it my
o.s. old?

------
MobileVet
... don’t use Android, period. Google did a great job with PR in the early
years, but the reality has always been that your data is exploited to their
ends.

~~~
elric
What are the alternatives? The iphone is prohibitively expensive for most
people, and it's unacceptable that privacy should only be available to the
wealthy.

There's basically an Android/iOS "duopoly" out there, and it's only getting
worse. There are now bank accounts that are unusable without a smart phone
app, and guess which platforms are supported...Google Play and Apple App
Store. And don't even think about sideloading onto a rooted device, it won't
work "for security reasons". Such bank accounts, and services like Apple Pay,
are effectively enabling vendor lock-in for very important services.

~~~
chappi42
There a secondhand iPhones (it's also better for the environment). Otherwise
no alternative than using a desktop computer and forego some smart
conveniences.

~~~
elric
There are literally banks out there that are _unusable_ without an
Android/Apple smartphone. And while it's currently still possible to use a
bank that isn't as insane, I expect this trend will only get worse. It'll no
longer be a case of foregoing some smart conveniences, but about being able to
access important parts of the economy.

~~~
freehunter
Not only is it still possible to find a bank that works without a smartphone,
at least in America you'd have to go dramatically out of your way to do
business with a bank that only works if you have a smartphone.

The number and quality of banks that work without a phone is so much higher
than the number of banks that require a phone, it's barely even worth
mentioning.

~~~
elric
The course has been set, that's the way all banks are headed.

Challenger banks like Revolut, N26, Bunq, ... are all very reliant on smart
phone apps. Even if they have web interfaces, you can't log in without
authenticating with the app

Tangent: American banks might not be the best example here, given their
reliance on ancient tech like signatures, paper checks and magnet strips. But
they, too, will move in this direction.

------
icefog
Step 1: Never, under any circumstances, sign into Google Play Services. Better
still would be to rid your Android of it altogether and install LineageOS.

------
paulcarroty
Google or privacy - choose the one.

------
loraa
99% of the population don't want to essentially make their phone useless and
difficult to use. This is the problem.

Also that 99% doesn't care that the government knows they have downloaded
Candy crush.

~~~
ulfw
Also 99% "of the population" doesn't use Android.

~~~
TedDoesntTalk
What? I thought Android has market share in the billions. Where do you live?
Mars?

~~~
ulfw
Billions = 99% of the population. Oh I see. Okay.

------
izacus
These Android topics are always full of complete fabrications about how
Android actually works (usually from Apple users, which don't know a lot about
the OS).

Let's see if this time is any better or we'll see Apple marketing people come
out of the woods again :)

~~~
dang
Please don't take HN threads into brand-fan flamewar or insinuate shillage or
astroturfing. These things break the HN guidelines and lead to much lower-
quality discussion. Your comments include substantive points—please stick to
those.

~~~
panpanna
I think his point is (and yes, he could have put it more nicely) that this
sort of articles often turn into Android bashing and praising Apple which
unfortunately steals attention from an important discussion.

This is specially annoying when people who don't understand the subject
immediately enter the discussions to promote a company/product pretty much
regardless the context.

I'm sad that OP was heavily downvoted and later flagged.

------
TedDoesntTalk
Amazingly bad advice. They don't even mention to set a non-chrome, privacy-
focused browser as default (brave, Cliqz, Firefox, etc).

~~~
ddevault
Amazingly bad advice yourself, listing Brave and Cliqz as privacy-focused
alternatives before Firefox.

~~~
dorkinspace
I've been using brave and Firefox because of a perceived privacy benefit over
chrome.

Would you mind expanding upon this statement on regards to Brave?

Thank you and happy new year!

------
qrbLPHiKpiux
> smartphones per se are not evil.

No, just the people who write the code.

~~~
stjohnswarts
It's not the people who write the code, it's their management. If they were
paid to write secure privacy centric code then that's what would happen

~~~
alicorn
I suspect that a significant amount of developers do not care. A job is a job,
if the problem to solve is interesting enough or it pays well enough, rest is
irrelevant. This is supported by my experiences interviewing developers who
apply for jobs in my department. Questions about the ethical implications of
the things they have worked with more often than not are incomprehensible to
them. Note that this is distinct from having made an informed and motivated
choice, let's say, 'yes, I am aware of x, but due to a, b and c I work with it
anyway' or similar. I do not judge the content of the motivation, but I
strongly judge the presence or absence of it. This is why I strongly support
having strong courses in both etics and diversity / inclusion in all CS / data
engineering programs. The blind spots seen in the thinking of some people who
work with software that has potentially far-reaching consequences for
minorities, privacy etc is sometimes really unnerving.

------
anjel
Another tactic not mentioned: I disable automatic app updates, and never
update most Google apps, at all. Eventually, they fall so out of date that
they break or at least suffer from reduced functionality eg. Google exchange
services.

~~~
yjftsjthsd-h
That sounds like disabling apps, but with more vulnerabilities along the way.

------
itvision
> How to stay private when using Android

1\. Stop using Android.

FTFY

> How to stay private in general

1\. Stop using the smartphone - some of its tracking features are near
impossible to disable

2\. Use VPN or/and TOR

3\. Enable either DNS over TLS and DNS over HTTPS

4\. Never login anywhere

5\. Use the most common OS (Windows 10 at the moment) + the most common web
browser (Chrome at the moment)

6\. Make sure your web browser locale is set to English

7\. Set your system timezone to US

8\. Make sure your desktop resolution is 1920x1080 and your Chrome and Windows
are as default as possible

9\. Do not install any additional fonts

10\. Install a single extension which hides your WebGL vendor string e.g.
WebGL Fingerprint Defender

11\. Do NOT visit websites from your country (it's quite easy to match your
VPN traffic patterns with local websites visits and de-anonimize you)

12\. for each site that you visit: * Clean all web browser data before
visiting it * Close the browser * Open the browser again * Open your website

I've probably missed something like canvas fingerprinting protection, JS
timings detection, CPU concurrency detection, etc. etc. etc.

TLDR: It's near impossible to browse the web without being tracked if the
company which wants to track you has the resources for that. Web browsers and
the web were not designed this way.

~~~
evgen
> 5\. Use the most common OS (Windows 10 at the moment) + the most common web
> browser (Chrome at the moment)

Use the OS with built-in telemetry and the web browser that constantly reports
your activity to a data harvesting company and which keeps trying to prevent
people from blocking ads or limiting data harvesting on the browser? Try
again.

~~~
itvision
Wiping all data in Google Chrome is enough for Google to lose track of you.

Windows 10 leaking personal data hasn't been conclusively proven by anyone in
the entire world. There's no evidence Microsoft has ever downloaded a single
file off Windows 10 PCs (except for telemetry, e.g. application minidumps,
which doesn't uniquely identify you, or contains any of your personal
documents). Disabling telemetry in Windows 10 isn't too difficult either.

There's a lot of unwarranted mass hysteria in regard to the most innocuous
things in this world which is perhaps an indication that people have no other
real worries to attend to.

Even this post about "staying private in Android" is overblown out of
proportions. Yes, there are individual apps which abuse your data but you can
get rid of them.

Yes, Google assigns a unique identificator to your Android device but that
doesn't mean this data is leaked/sold left and right.

And no one is even talking about the fact that US cell operators have been
implicated in tracking their users 24/7 and it's not apparent they've stopped
doing that.

Your cellphone company (which also serves for most as an Internet operator) is
already a threat enough not to use any cell phone at all.

Then there are technologies to break into cellular networks by impersonating
cell towers and monitor users against their will and I'm quite sure this
feature is used and abused to no end by at least three-letter agencies in the
US.

If you're an average American you're passing by dozens if not hundreds of
CCTVs daily which are monitoring your whereabouts 24/7.

Privacy in this world only exists for those who don't use the perks of our
modern society or who's quite rich and can afford their own island without
dealing with the rest of the world.

~~~
dTal
>Disabling telemetry in Windows 10 isn't too difficult either.

Really? For future reference, how does one do this? Because I was under the
impression that it was not possible to disable _all_ telemetry, and that even
the lowest "level" of telemetry that Microsoft offers is only available to
"enterprise" versions of Windows. At least, that is what the wording used in
the Group Policy Editor implies:

[https://techcortex.com/wp-content/uploads/2019/01/disable-
mi...](https://techcortex.com/wp-content/uploads/2019/01/disable-microsoft-
compatibility-telemetry-using-group-policy-step-4.png)

[https://techcortex.com/disable-microsoft-compatibility-
telem...](https://techcortex.com/disable-microsoft-compatibility-telemetry/)

