Just switched to a new phone carrier, and they had a promotion that included a free phone: the Google Pixel 8. I’m not a fan of Google, but I am a fan of free, so I took the bait.
It’s already bombarded me with pitches for their new AI bullshit. I’ve opted out of as much as the settings allow, but I’m under no illusion that doing so actually provides any real privacy.
So, damage control time.
On my previous device I used YouTube Vanced for music and videos, but I guess Vanced isn’t around anymore, and I’m pretty out of date on what the current options are… any insight on streaming specifically?
*I’m a medic who’s only surface-level competent with tech, so please idiot-proof any instructions.
Thanks all!
Consider yourself lucky for using a Pixel. These are actually the easiest devices to degoogle. You can replace the entire bloated and spyware-infested stock Pixel OS with GrapheneOS, a much more private, secure and minimalistic, open-source alternative. It is pretty easy to install, the web installer should be self-explanatory, but you can also watch this video: https://www.youtube.com/watch?v=ZAZlmYKrwfk (it does say for Pixel 7, but the steps are exactly the same on the Pixel 8 or any other Pixel, so don’t worry)
I‘m gonna be that guy and recommend GrapheneOS it is a different Android system and while that sounds like a really hard task to do for a beginner they have a really user friendly web-installer with step by step instructions. Adterwards you can just install and use google play store from their integrated app.
It’s made specifically for Pixel phones and you can’t much more degoogle than that
I’m gonna be the guy seconding it. It actually makes it feel like your own device. My favorite part is how each time you go to install an app it asks you if the app should have network access before it ever installs.
For YouTube install NewPipe (from the internet or from F-Droid)
Graphene OS . Best you can get on Android.
On android? In general!
GrapheneOS can install on a unlocked pixel 8 no issues, your best step to degoogle yourself.
https://grapheneos.org/install/web
Reinstall the operating system, which will wipe your phone clean, then only install apps you want, including google services in a work profile (if you want), so you control what google can see or doesnt see.
While others have mentioned the great GrapheneOS, I will throw two other options:
- CalyxOS — privacy oriented Android OS. While Graphene focus on security pretty much above all else, Calyx focus on privacy (and usability) more. Both essentially only target Pixel phones and are great choices.
- LineageOS + MicroG — AOSP fork, continuation of the old CyanogenMod, with an open implementatinon of Google Services. This is perhaps the most “normal” OS, seeing as Lineage’s core is user freedom and not exactly privacy; however, with MicroG, you get a pretty private system with very few to none of the side effects of deviating a lot from standard Android.
Graphene is a great project, but I think it may be a bit too much for someone that is just entering the privacy world, hence why I’m suggesting these two options as alternatives that are less strict and “cumbersome” to use, so to speak, while not really sacrificing privacy.
In the end, as all things privacy, it depends a lot on your threat model, your tech proficiency and willingness to make “sacrifices” and adapt.
I have runned all of them , graphene is is by far the easiest to get around for someone new
That is interesting to hear, why do you think so?
I agree that graphene is the easiest. Because you can install the Google subsystem in the work profile, everything will just work there no problems. It’s very clear what you’re doing, and what has access to what.
Because when you start graphing you have nothing on your phone, everything you install becomes a deliberate choice. So it’s very very very simple, oh I need a web browser I’m going to choose a web browser etc.
ReVanced has been working for me. I followed this guide since it’s not as straight forward as Vanced was. Sorry that it’s a reddit link :(
Before jumping to a whole new os, there’s a few easy things you can do.
FUTO keyboard instead of gboard
Install F-Droid app store to replace Google apps with foss versions: aegis, amaze, fossify gallery, grayjay, kvaesitso etc
Obtainium can pull lots of apps straight from github: Firefox, wireguard, OSS document scanner etc
Use DDG or something instead of Google search
These are the easiest things you can do.
After that there is self hosting things on your own server like immich for Google photos, Seafile for Google Drive backups etc
Just because you can’t replace everything does mean you can slowly chip away at it and greatly reduce the amount of data you are sharing with Google
The above steps make a huge difference in their own even without fully changing the os. Then one day when you are ready the option to change OS to graphene will still be there and you will already be used to your FOSS apps
How does the futo keyboard compare to heliboard?
/e/os is a good alternative to graphene
No, it is not.
Care to elaborate?
This page will give you a more detailed information:
Since it is a free phone from a carrier it will be locked until the phone is “paid off” by keeping their service for a specified amount of time. Once that time has passed, then your best option is to have the carrier unlock it and install Graphene OS. Until then, there is not much you can do.
This must be some weird American thing. I’ve gotten pixels on contract before in my country and I can OEM unlock and flash them no issue. If you don’t pay the cell carrier will just blacklist the IMEI. They don’t lock down the device itself.
If you cannot use another OS yet, install F-Droid and then install NetGuard. In NetGuard enable blocking of system apps in the settings and continue and block all apps. Then allow only the apps you need.
I think Rethink DNS would be better in this case because you can block internet to system apps, apply DNS blocklists, and set up a Wireguard VPN with a config file.
I believe NetGuard will act as a VPN. This will prevent you from using an actual VPN.
I believe NetGuard will act as a VPN.
Yes, correct.
This will prevent you from using an actual VPN.
It is indeed a drawback I forgot about (but a VPN connection can also be made on a local router at home).
A local VPN defeats the purpose. A VPN server that gets lots of request from different devices is what you want because then noone can know who made which request, they only see it’s coming from the VPN server.
NetGuard uses a VPN connection inside the phone. NetGuard is not like a VPN server, it will just block network access for apps you want to block access for.
As was mentioned, you probably cannot switch to GrapheneOs until the phone is paid off (out of the first two years contract).
In the meantime you can:
- Change all of your primary logins (site by site by site and app by app by app) to a non-Google email address. This should stop a lot of back channel tracking that Google does through their login framework.
- Install F-Droid to get access to popular free and open apps. It startled me how much essential software isn’t in the Play Store. These apps used to exist in the Google Play store, but lately the best I find in the Play Store are clones with ads jammed into them.
- Use free or open software, specifically, when accessing Google services - for example, use SkyTube for accessing YouTube. These apps typically have anonymous use options which I trust much more than the equivalent setting (if it exists) in Google’s own apps.
What does the phone contract have to do with what you can do with the phone? Contracts are for the SIM card (and the network access that comes with it) which may include the cost of a subsidised phone, but you’re still paying that regardless of what you do with the phone, right? Or to put it another way I think they can network-restrict the phone but I don’t think they can stop you putting GrapheneOS on it.
These are some good suggestions! The most crucial one is perhaps a ditching Gmail, but using alternative apps, such as newpipe and stuff, also go a long way. Unfortunately, the system is fighting against you and you’ll have to really use a freer operating system to properly get away from Google. Still, these are good steps to take.
Newpipe isn’t an alternative to Gmail, I’m assuming that was just awkward wording. A good alternative to the Gmail app is FairEmail or K-9 Mail. Newpipe (or better yet Tubular) is a good alternative to YouTube (without google signin and local only storage of subscriptions, history, and playlists)
I meant alternative apps to Google’s in general, not to GMail specifically. Ditching GMail is an important step, as you block a relevant source of personal information, but using alternative apps, like MajorHavoc recommended, is another great step. NewPipe is one of such apps (I disagree Tubular is a better pick, but that’s something for another post).
K-9 and FairMail aren’t a good alternative to GMail. Not alone, that is. GMail is both an e-mail provider and a client, but I’d argue the first point is the most relevant. If you use a FOSS e-mail client with your Google account, nothing is really changing, they will still read all your mail. You have to change providers as well, which isn’t trivial for most people.
E-mail is an insecure means of communication, so you shouldn’t even use it for sensitive things, depending on your threat model, as usual. I personally use Migadu as my provider, for all the customisability and “vanilla” e-mail infrastructure they have, but Proton and Tuta are good alternatives as well, if you don’t mind or don’t care about the non-standard extensions.