Firewalls are a great way to tell if new apps are secrely installed
Btw what is the key verifier thing?
So glad I moved to GrapheneOS last month.
this post was submitted on 04 Mar 2025
331 points (99.1% liked)
Privacy
37170 readers
384 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Got myself a Pixel 9 pro just to go Graphene... Sold my s24 ultra
Yeah I'm super keen, but my lower-tier Samsung isn't supported. I really wish FairPhone would offer a cheaper option :(
I already have a pixel. Is it just as easy as installing Lineage OS on the phone?
Yes, perhaps even easier if you use a Chromium based browser with their WebUSB installer.
Even if it's not the case, I found the console installer to be surprisingly easy.
Absolutely the easiest phone OS installation I've ever done. Completely web-based and easy enough for anyone to use. Even easier than flashing LineageOS.
The big hurdle to GrapheneOS is can you do without Google Wallet and other apps that won't work. The flashing process isn't something to worry about IMO.
Does lichess work on graphene os? How is compatibility with classic stuff line firefox, signal, ...?
I play Lichess on my GrapheneOS Pixel6a, works well. Same with Signal, Firefox with several mobile browser extensions.
Bitwarden, NewPipe, Tailscale, Duolingo, Uber, Discord, Matrix Element, all the Proton mobile apps, Backblaze, etc etc.
Pretty much every app I try works flawlessly. On rare occasion I'll experience minor bugs, and twice I've had to use GOS's extra privilege mode to get an app to work.
Overall, Love GrapheneOS and I'll use them as long as they are around and making an awesome alternative to Google's garbage.
Thanks!
Is graphene available on Xiaomi phones?
Only on Google Pixel phones. You might want give LineageOS a shot.
Lineage is great, been using it for years
load more comments
(1 replies)
I had zero problems with either FF or Signal after the first weeks though I migrated over to Fennec and Molly as alternatives since then. Sorry, I can't help with lichess though I can say that my nonograms work fine. =P
load more comments
(1 replies)
There are functional firewall apps for android? Is Rethink good?
Rethink is better than good. It's great.
Yes, it also let you change your DNS and block websites. There's also invizible pro which also adds tor and i2p but rethink have a better UI.
It often feels like I am just a user of someone else's device.
Even from the stuff that is shown like "Your device has new features" and "Settings changed by carrier". And how Motorola tried forcing updates by using non-dismisable (they would re-appear immediately) full-screen notifications, and trying to disable the app led me to "Blocked by your IT admin" (I returned that phone).
Also when I connect any modern phone to Wi-Fi not manually set as metered it starts downloading a bunch of random shit automatically.
It keeps killing apps I want running (I had to use a cheap dumb phone as alarm clock with the past 2 smartphones), but keeps all Google services conveniently spending data and battery.
Did you find a way to get rid of that full screen update notification?
I did, as I said, by returning the phone xD
I think I also (unsuccessfully) tried ADB.
load more comments
(1 replies)
load more comments
(2 replies)
Yeah, what is the key verifier thing? It's not like it's Windows and needs a purchased license key, right?
It's for E2E encryption in chat apps.
I uninstalled it on my Samsung last time and just checked but it hasn't reinstalled itself again (yet).
You can install this to prevent the official one from being installed automatically .https://github.com/daboynb/Safetycore-placeholder
Bit out of the loop. What am I looking at?
Google is automatically installing an app on you phone that analyzes your media βto prevent you accidentally viewing nudesβ
Phew, I'm always terrified of that. It won't affect my gore folders, will it?
Provides a single process that can be used by all message apps so that they don't need to implement backdoors into all of them?
Worried I'm getting a bit too paranoid, but...
Why backdoor the messaging apps when you can just monitor the entire OS?
Having control over the OS doesn't help if the OS doesn't understand the app's data.
If only there was an AI that monitors everything going on on the device which they could force onto everyone
... the OS doesn't understand the app's data.
I assume you are referring to End to End Encrypted (E2EE) messaging apps here. I'm no programmer/developer/software engineer and I'll be the first to admit that I don't know a ton about how most apps work on the backend. That being said, my understanding is that E2EE apps decrypt whatever is being transmitted to them when they get to your device (assuming phone here) (of course it would decrypt it, otherwise how would you make sense of the information?). Once the data is on your phone, it is decrypted. From what I understand, sandboxing apps is not all that robust on Android (at least on "mainstream" versions)
Therefore, the data that was Encrypted from End to End was decrypted at the End and therefore accessible by other applications and processes on your phone. Unless Android sandboxing has improved greatly in the last few weeks.
Applications like signal are encrypted at rest on your device as well - https://security.stackexchange.com/questions/277330/how-does-signal-protect-data-on-the-device-from-unauthorized-access
load more comments
(1 replies)
load more comments
(1 replies)
And with it unified, it's easier to tie multiple online identities back to which one single person they all are.
Note: The "Key Verifier" one is supposed to be tied to E2EE on Google chat platforms or something on those lines, although you shouldn't be using those and go for a safer chat instead though
Which FW (Firewall) could be recommended?
LineageOS or /e/OS would be my picks. Graphene and Calyx are better, but likely don't support the device in question.
RIP DivestOS.
load more comments
(1 replies)
These are usually installed as core Google apps on Android, and most flavours have them hidden since they're really just background daemons/libraries.
Gf had the same happen on her Huawei P30 which clearly wasn't set up to have the apps hidden by default.
If youre degoogling obvs not what you wanna have on your device but technically they shouldn't be doing much on their own.
I'll he RethinkDNS for its firewall. It took me a while to work out how to use it (not very skillful at these things), but ever since, I've felt much safer. Rightly or wrongly
view more: next βΊ