I have just received a Samsung galaxy fold5 through the post, however I imagine it’s full of bloatware and I’m inexperienced with this type of device. What is the first things that you would do to secure it? Thank you 😊
Edit: I mean to be more privacy focused
I think you confuse security and privacy. Samsung are pretty secure from what I saw. They are not private at all however. You can debloat it with adb and maybe tools such as Universal Android Debloater.
There is a couple of guide such as this one: https://linustechtips.com/topic/1402380-ultimate-samsung-oneui-debloat-privacy-customization-guide/
I use FOSS applications as much as I can and try to avoid all samsung and google apps. In addition to that I’m always on pi-hole network to block background network requests by Samsung/Google
Some apps I use:
- k9-mail
- Zulip
- Nextcloud/Talk/Notes
- tasks.org
- Signal
- F-Droid
- Magic Earth
- NewPipe
- Keepass2Android
- Brave
- Collabora Office
Don’t think I’d actually recommend Brave to anyone, it’s definitely not as privacy focused as they claim.
deleted by creator
…if you really have trouble finding stuff on how Brave is terrible for privacy, I’m gonna go out on a limb and say you have trouble reading. It’s known by most people that it’s a scam. They sold private user data to machine learning companies, they are predominantly a crypto company who has a browser, they are chromium based, etc
deleted by creator
look up controversies surrounding brave search.
deleted by creator
Next level mental gymnastics
I mean, the company and the browser is one in the same.
Problems with Brave
I pasted here the post by u/foamed [https://libreddit.oxymagnesium.com/u/foamed] at https://www.reddit.com/r/FoamList/comments/q4z5js/brave_browser_controversies/ [https://www.reddit.com/r/FoamList/comments/q4z5js/brave_browser_controversies/]
Some information about the co-founder & CEO of Brave, Brandon Eich [https://en.wikipedia.org/wiki/Brendan_Eich].
Controversial past and opinions:
- https://blog.mozilla.org/en/mozilla/brendan-eich-steps-down-as-mozilla-ceo/ [https://blog.mozilla.org/en/mozilla/brendan-eich-steps-down-as-mozilla-ceo/]
- https://www.theverge.com/2014/4/3/5579516/outfoxed-how-protests-forced-mozillas-ceo-to-resign-in-11-days [https://www.theverge.com/2014/4/3/5579516/outfoxed-how-protests-forced-mozillas-ceo-to-resign-in-11-days]
- https://www.bbc.com/news/technology-26868536 [https://www.bbc.com/news/technology-26868536]
- https://www.standard.co.uk/tech/mozilla-boss-brendan-eich-quits-in-row-over-his-opposition-to-gay-marriage-9237701.html [https://www.standard.co.uk/tech/mozilla-boss-brendan-eich-quits-in-row-over-his-opposition-to-gay-marriage-9237701.html]
- https://www.theguardian.com/technology/2014/apr/02/controversial-mozilla-ceo-made-donations-right-wing-candidates-brendan-eich [https://www.theguardian.com/technology/2014/apr/02/controversial-mozilla-ceo-made-donations-right-wing-candidates-brendan-eich]
Anti-vaxxer:
- https://www.nytimes.com/2020/12/22/business/brave-brendan-eich-covid-19.html [https://www.nytimes.com/2020/12/22/business/brave-brendan-eich-covid-19.html]
- @BrendanEich: “Fauci lies a lot.” - Dec 11, 2020 [https://twitter.com/BrendanEich/status/1337496169690230784]
- https://www.reddit.com/r/BATProject/comments/khmbvl/do_you_feel_that_brendan_should_step_back_from/ [https://www.reddit.com/r/BATProject/comments/khmbvl/do_you_feel_that_brendan_should_step_back_from/]
Eich pushed an anti-vaxx conspiracy on Twitter: https://twitter.com/BrendanEich/status/1538253982845399040 [https://twitter.com/BrendanEich/status/1538253982845399040] - If you look at the “source” it’s from a nutritionist who’s also a conspiracy nut. There are no verifiable and trusted sources.
Here are some controversies surrounding Brave and their browser over the past couple of years:
Privacy related:
- https://www.lifewire.com/brave-browser-falls-short-of-its-promises-of-privacy-5206799 [https://www.lifewire.com/brave-browser-falls-short-of-its-promises-of-privacy-5206799]
Brave automatically redirected searches to affiliate version of URL’s which Brave profits from:
- https://decrypt.co/31522/crypto-brave-browser-redirect [https://decrypt.co/31522/crypto-brave-browser-redirect]
- https://www.zdnet.com/article/privacy-browser-brave-busted-for-autocompleting-urls-to-versions-it-profits-from/ [https://www.zdnet.com/article/privacy-browser-brave-busted-for-autocompleting-urls-to-versions-it-profits-from/]
- https://www.theverge.com/2020/6/8/21283769/brave-browser-affiliate-links-crypto-privacy-ceo-apology [https://www.theverge.com/2020/6/8/21283769/brave-browser-affiliate-links-crypto-privacy-ceo-apology]
Brave collected donations on content creators behalf without consent:
- https://bitcoinist.com/brave-browser-donations-not-optional/ [https://bitcoinist.com/brave-browser-donations-not-optional/]
- https://www.theblockcrypto.com/daily/5839/brave-browser-is-collecting-donations-on-your-behalf-did-you-know [https://www.theblockcrypto.com/daily/5839/brave-browser-is-collecting-donations-on-your-behalf-did-you-know]
- https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-browser-no-longer-claims-to-fundraise-on-behalf-of-others-so-thats-nice/ [https://davidgerard.co.uk/blockchain/2019/01/13/brave-web-browser-no-longer-claims-to-fundraise-on-behalf-of-others-so-thats-nice/]
Brave leaked Tor/Onion service requests through DNS:
- https://www.reddit.com/r/netsec/comments/lndfms/more_in_comments_brave_browser_leaks_your_tor/ [https://www.reddit.com/r/netsec/comments/lndfms/more_in_comments_brave_browser_leaks_your_tor/]
- https://github.com/brave/brave-browser/issues/13527 [https://github.com/brave/brave-browser/issues/13527]
- https://www.ghacks.net/2021/02/25/latest-brave-browser-update-fixes-tor-onion-dns-leak/ [https://www.ghacks.net/2021/02/25/latest-brave-browser-update-fixes-tor-onion-dns-leak/]
And this to some degree where they temporarily whitelisted certain Facebook and Twitter trackers without telling their users:
Sending unsolicited marketing mail to users, though Brave claim its all anonymous:
- https://twitter.com/sebmck/status/1531740563900448769 [https://twitter.com/sebmck/status/1531740563900448769]
- https://www.reddit.com/r/brave_browser/comments/t4gzuw/update_on_braves_ongoing_direct_mail_marketing/ [https://www.reddit.com/r/brave_browser/comments/t4gzuw/update_on_braves_ongoing_direct_mail_marketing/]
And if you want more, here’s some more. https://www.reddit.com/r/privacy/comments/v44vut/brave_browser_sending_unsolicited_marketing_mail/ [https://www.reddit.com/r/privacy/comments/v44vut/brave_browser_sending_unsolicited_marketing_mail/] that links this Twitter interaction: https://nitter.net/sebmck/status/1531740563900448769 [https://nitter.net/sebmck/status/1531740563900448769]
deleted by creator
Thankfully firefox is open source and has amazing community forks and configs like librewolf, mullvad, and arkenfox user.js. I personally don’t like to support the chromium monopoly, and firefox hardened is better on desktop hands down. Brave also shills crypto so much and makes money off ads so not a great look for a privacy browser.
deleted by creator
- Factory reset
- Setup but SKIP GOOGLE & SAMSUNG LOGIN
- Install F-Droid/Droid-ify
- Install Aurora Store
- Uninstall or disable as much default apps as you can
- Install Simple Mobile Tools or other opensource alternative from F-Droid
- Install everything else you need
Use openaource apps from fdroid, or if you really have to then use Aurora store. For office use collabora office, for youtube newpipe, video vlc, etc. NEVER LOG IN TO GOOGLE/SAMSUNG ACCOUNT ON ANY APP except Aurora store. For any other recommendation/alternative just aak me.
these changes are going to decrease security overall. privacy and security are not one in the same. edit: I guess they edited the post🫠also, logging in to aurora is almost guaranteeing your account getting banned. use a throw away account if the default ones are rate limited
logging in to aurora is almost guaranteeing your account getting banned
Im using my main account on aurora store on 4 profiles for past month and everything is ok (for now).
welp. good luck
Use ADB to remove Google and Samsung bloatware and tracking. Ask around for help.
You should be able to use Heimdall to unlock the bootloader, but there isn’t currently a build of LineageOS or DivestOS for this phone, so unfortunately you cannot yet flash a custom ROM (AFAIK). However, rooting should work if you need this (although it can hurt your security a bit).
I’d recommend removing Google Play Services and replacing it with microG, although this may be complicated.
The best solution, however, is probably to exchange the phone for a more versatile model, such as a Google Pixel or a Fairphone.
While many devices don’t have ROMs built for them, any recent device should work with a GSI.
I just bought a tab s8, as I know Andy yan’s LineageOS 20 works on it from other users’ reports. I currently use it on my old tab 10.8 2019.