Hey guys, it's pretty much the tittle. I've been using Lineage with microg for a year now and despite using the majority of FOSS apps in my routine I still feel like I have to struggle to preserve my privacy and keep Google away from my data. Do you guys feel the same sometimes?
Every time I have to use a banking app is a pain ..I kept changing banks to the ones who I could use with Magisk but every app update breaks my setup and I have to find a workaround or change to another app. I just quit using banking apps and passed them all to the wife.Now even home brokers have been blocking me asking to use a "official android version"
Today even a government app we must use to get access to services and information started complaining about my play store.
I self host a nextcloud service on my old desktop that serves as a server but every now and then the updates crash something. Sharing calendar and notes is too complicated if you don't have a vps or a domain. I keep getting complains from the wife about how come I just don't use google keep and Google drive anymore.
After a year I'm starting to think that maybe my data is not worth the hassle just to keep big tech out of my digital life.. I guess Big Brother wins
What do you say? Am I too lazy or it is unpractical to stay away from big tech?
I posted this before when another user posted a similar problem. Obviously yours is particular with google so some parts may not apply, but the gist is that you need to figure out your threat model.
You need to step back and review your threat model, then figure out the balance point between privacy and convenience/QoL. There is no such thing as complete privacy unless you go completely offline and live like a hermit. So something has to give, and your threat model will help you identify that. Figure out first what exactly you’re protecting, and from who. Then you can assess which ones you will deem non-negotiable when it comes to privacy, some where you can relax a bit in exchange for covenience (and this has levels as well), and lastly the ones where you have no choice because blocking something will make it cease to function. Having this threat model will also help you figure out what extent you would want to expose yourself depending on the service. Don’t put everything into the same tier because that will be impossible. Good luck.
Ultimately there are always going to be people who don't have smartphones or computers, so society (including things which are currently almost mandatory to participate in society, like being able to bank) should be accessible to these people. If it's accessible for them, it's also accessible to people with smartphones or computers who have just removed the spyware from them.
I don't do mobile banking; I just bank from my desktop browser. Not sure if this is an option for you or not, but I would have thought that online banking in the web browser should be even more common than having a mobile app for it.
Not sure what you mean by "home brokers" blocking you but if you mean their wifi blocks you, I've experienced that too on GrapheneOS but have found that VPNs allow me to use pretty much any public wifi.
Does your government app have a web alternative? If not that seems incredibly discriminatory against people who don't have smartphones. If it has a web alternative but doesn't work with any particular privacy settings, do you have a local library with computers you can use?
I'm about 4-5 years from where I started to self host things. I went through a raspberry, minipc and now I built a small rack where I have a custom built PC where I self host things. Is it a pain in the ass to start without anyone teaching you? YES. I spent a lot of time trying, testing, failing and retrying, but it was a nice trip, I learnt a ton of things and a lot of things I'll learn, I'm still definitively not an expert but I'm improving myself.
I tried (more than one time) nextcloud and I've definitively not liked it. I tried filebrowser which is more near to my use case, than I finished choosing a WebDAV instance using apache, it is perfect for my use-case, compatible with my windows job-pc and mounted perfectly from my LineageOS Android phone.
I've LineageOS without microG and any google thing at all; all I need is self hosted and available through a custom domain and/or through a VPN I self host. 90% of my apps are Foss.
My bank app works great without an official Android OS ( I didn't root my phone).
It's all about the amount of time you can invest through it:
- A lot of time: learn about self host, try the available solutions and choose which one fit your use-case
- Some time: find available solutions that don't require you to do anything (like proton drive, private nextcloud instances etc...)
- No time: use Google.
If you need something, I have some free space on my server that you can use (don't trust me or anyone else, use it by thinking).
Don't give up!
For banking, can you use a browser instead of the app?
I do very little banking through my phone - what's there to do?
There are some browsers that support sites-as-an-app, such as Cromite and Hermit, that may solve this issue.
Just wondering if it's that way for OP's bank.
I don't really use the app or the website (maybe to check a balance), so I have no idea what uses there are. Frankly I wouldn't have banking at all if I could avoid those bastards.
I think the best thing for cases like this is to see if the applications you want to use allow you to do what you want to do just using the web browser. Oftentimes there's a progressive web act that will function well enough, or the desktop site can be accessed on mobile with enough function to make it through.
Can you do your banking through their website? Can that government app be used similarly through desktop?
I've tried and could not use none of them without the website requesting the app to login or to verify the transactions
I self host a nextcloud service on my old desktop that serves as a server but every now and then the updates crash something. Sharing calendar and notes is too complicated if you don’t have a vps or a domain.
Self hosting is a pain imo. You can pay a small cloud provider with nextcloud. There is a middle ground between big tech and self hosting.
Then don't. It's that simple. It is impossible to live a 100% private life, you have to value your own time and enjoyment.
It seems like a lot of things you want to do on your phone are unnecessary. Why not just use the banking websites in your browser at home? Why not just keep a paper calendar?
I’m wondering this too. Does your bank not have a website OP? Webapps are the way to go for tracker heavy apps if possible
All the banks I have an account need an app in order to login. I've tried to use them using the browser but they all request you to use their app as 2fa. So the app doesn't work and I just can't do shit using only my browser.
All banks I have an account need an app in order to login. I've tried several times to use the browser but I always get to use their app as 2fa. None of the 4 banks I have an account let you use the browser without installing and verifying your phone via official app. It's ridiculous and annoying. As of calendar I just use the AOSP calendar app but sometimes I need to share my work schedule with my wife and that would be great to just share a calendar without sending her the screenshot of the days I have work. Besides that I just could use paper with no problems at all.
I'm on unrooted lineage with mindthegapps / Google play services with my Google Services Framework ID registered with Google, but I still have to make 3 attempts to log in to my bank with the first 2 attempts always giving a vague error like "we're not sure why we couldn't connect", similar with fidelity. Using a password manager so I'm entering the same credentials every time.
(Edit: in the case of fidelity, instead of faking a connection issue it tells me my account is blocked and to call support to unblock it - that's also fake because I called once and they said my account wasn't locked and trying to log in a second time always works)
My understanding is that it's impossible to pass strong integrity unless you're using the stock unmodified rom with the bootloader locked.
I changed banks last week and the new bank (Aspiration) logs in fine the first time every time.
It sounds like the situation is better with graphene but I find it a lot easier to switch banks than roms.
Yeah I've switched 3 times already but every once in a while the app crashes or fails the integrity test and I note in the worse possible time..when I need to pay for something. Looks like the best alternative is to have a cheap android phone just to do banking.
Yeah I did that because of the banking apps issues so I've installed magisk. Looks like I made a mistake.
I use and older phone for banking, stock firmware as updated as it can be. VPN connection, no SIM, powered on just for transactions. Still, my bank requires a location for every transaction, supposedly by law. In the beginning I thought I should spoof the location to a fixed one, but I'm tired of this shit, too. It feels like it's impossible to just be in peace, at the same time, apps are being used to rob clueless people their savings and to discriminate, alienate elder people.
Not really a answer to your question but I thought it might help.
I tried the next cloud setup since I already self-host a bunch. And I didn't like it. Like you said updates can mess it up and sharing is annoying. Just in general it was buggy for me.
So I switched to proton. Which even though is hosted on someone else computer, it feels plenty private to me with the E2E encryption. I use proton drive which is easy to share things just like google drive. I use proton Calendar. And I use proton Email. Its slow progress but proton really seems to be fully replacing google for me. They even just added live collaboration to drive. Which was like the one thing I still use google drive for sometimes.
I think we have to persist. Make our statement and presence. Let banks know. Let everybody know there are people who care. Each day we are more. One day we will be many.
I just have 2 extra profiles besides my main one (which has absolutely nothing proprietary), 1 for financial apps and another profile for my work apps. This allows me to keep the financial profile off until I needed, and the work profile active during work hours. The rest of the time, I'm away from al that proprietary crap.
After a while you will find that you really don't need most, if not all of it. But the disconnect does take time.
The other commenters in this thread seems to be giving you good advice and moral support, so I'm just going to give my input which comes from a perspective that's a bit different.
Sometimes especially when the options we have are contrary to our beliefs, we have to consider if we really need to be a part of it. Sometimes the burden is the smartphone itself. I don't use smartphones and I couldn't be happier, somehow my life didn't end. The last one I had was the N900 and even though it was a pretty cool pocketcomputer, I guess it's now been around 10 years since I last had a smartphone. I don't miss it and especially not when I see other people who have one. It's scary so addictive it seems to be. Pen and paper for data sharing and just calling people can accomplish many tasks.
Old people with bad eyesight also need banking, so I'd hope theres a bank out there who don't require a smartphone. In my country banks use the national id for authentication and you can get a TOTP keychain for the 2FA instead of an app, perhabs similar options exist.
Anyway, I hope you find something that works for you. Life is a process.