OESF Portal | OESF Forum | OESF Wiki | LinuxPDA | #planetgemini chat on matrix.org | #gemini-pda chat on Freenode | #zaurus and #alarmz chat on Freenode | ELSI (coming soon) | Ibiblio

IPB

Welcome Guest ( Log In | Register )

4 Pages V  < 1 2 3 4 >  
Reply to this topicStart new topic
> [GUIDE] How to remove ALL spyware from Gemini! (Google, MTK)
jakfish
post Aug 9 2018, 01:31 PM
Post #16





Group: Members
Posts: 261
Joined: 12-September 10
Member No.: 91,772



>>Me and the husband watched it together, under the covers<<

An ALMOST wise decision--even better is to stay off-line and do the porn yourselves smile.gif

But of course, your point is valid. Google vs non-Google, privacy vs fatalism, it all gets very philosophical right away, and angrily so.

But hats off to NCI: s/he has rewritten the original post to include compelling instructions. The process operates on the assumption that the available Gemini root install is non-spurious, and we wish the same for our hardware, but NCI's step-by-step sounds more secure than anything I'm doing.
Go to the top of the page
 
+Quote Post
NCI
post Aug 9 2018, 01:44 PM
Post #17





Group: Members
Posts: 43
Joined: 13-July 18
Member No.: 826,042



QUOTE(rubus-3.142 @ Aug 9 2018, 12:53 PM) *
But seriously why do these threads relating to Google apps seem to morph into the rights and wrongs of Google?

I have to admit Google are actually great at what they do. They do have the best search engine, best video sharing platform, a somewhat lacking but still most popular mobile OS which gets better and better every update, etc. etc. It is the fact their services are shoved down people's throats in a deliberate manner regardless of their opinion what causes the problem.
Go to the top of the page
 
+Quote Post
graynada
post Aug 9 2018, 03:03 PM
Post #18





Group: Members
Posts: 116
Joined: 27-April 18
Member No.: 821,829



QUOTE(NCI @ Aug 9 2018, 02:47 PM) *
QUOTE(graynada @ Aug 9 2018, 05:40 AM) *
I think you have answered my question. It' is not just true spyware you want to get rid of but all data collection including legitimate and agreed to data collection but only by specific companies. I wonder what you use the Internet for if you won't agree to any terms and conditions that include holding data about you. No online shopping, no social networking, presumably no phone calls or SMS and of course no online forums...... But wait blink.gif wink.gif rolleyes.gif laugh.gif

And yes of course my ISP has my bank details so they can get there monthly fee by direct debt. Saves me queuing up each month hidden from CCTV cameras with my foil lined hood on to pay cash in random bank notes carefully collected from various outlets (no cash points please, they might know what you are up to) to settle my bill!

You clearly are not interested in the subject of this thread and came to troll about tin foil hats. The fact that you don't deal with sensitive data and potential exploit or backdoor on your smartphone is the least of your concerns does not in any way diminish your ignorance towards needs of other people who do, or justify such behavior on forum of device enthusiasts. Well, good job, have a nice day, and finally gtfo this thread.


I am no troll, I would suggest your thread trolls Google and MTK. I have tried very hard to understand what it is you are trying to achieve and having read your guide I can see. What I challenge is the title of your thread as what you are doing is removing Google and MTK (omly) data collection not 'spyware' so please consider addressing that. Secondly your first steps include rooting and allowing untrusted sources. These are 2 steps which are considered by pretty much every security expert to leave you more vulnerable to real spyware and attack from extremely harmful parties. Please be responsible and add a warning to your guide accordingly.

You have of course aright to remove Google apps from your device if you choose to do so but to present this as improving security while actually deminishing security is I believe wrong. I do not know personally of anyone who has come to any harm, physically, financially or perceived from Google's legitimate data collection and usage business model. Most harm online comes from social engineering, phishing and the like. Your approach would appear to make it easier to fall foul of such activities. Please engoy your Google free experience on your Android device (!) but please consider correcting it as I have suggested.

And finally please keep a civil tone. Thanks
Go to the top of the page
 
+Quote Post
depscribe
post Aug 9 2018, 03:54 PM
Post #19





Group: Members
Posts: 255
Joined: 3-January 18
Member No.: 815,753



QUOTE(graynada @ Aug 9 2018, 03:03 PM) *
I am no troll, I would suggest your thread trolls Google and MTK. I have tried very hard to understand what it is you are trying to achieve and having read your guide I can see. What I challenge is the title of your thread as what you are doing is removing Google and MTK (omly) data collection not 'spyware' so please consider addressing that.

Not to disparage your spirited defense of data harvesters, but applications that harvest our data, seems to me, are the very definition of spyware.
Go to the top of the page
 
+Quote Post
NCI
post Aug 9 2018, 04:56 PM
Post #20





Group: Members
Posts: 43
Joined: 13-July 18
Member No.: 826,042



QUOTE(graynada @ Aug 9 2018, 03:03 PM) *
I am no troll, I would suggest your thread trolls Google and MTK.
What I challenge is the title of your thread as what you are doing is removing Google and MTK (omly) data collection not 'spyware' so please consider addressing that.

Oh I can totally trust this company with my data, yes? https://www.cnet.com/news/googles-gmail-con...silicon-valley/
And having this shit on my smartphone is definitely the last thing I want https://nvd.nist.gov/vuln/detail/CVE-2016-10135

QUOTE(graynada @ Aug 9 2018, 03:03 PM) *
Secondly your first steps include rooting and allowing untrusted sources. These are 2 steps which are considered by pretty much every security expert to leave you more vulnerable to real spyware and attack from extremely harmful parties.

https://thenextweb.com/hardfork/2018/04/20/...y-apps-malware/
https://www.wired.com/story/google-play-store-malware/
https://www.tomsguide.com/us/android-antivi...news-26648.html
Also, good luck having a firewall on Android without root.

Go to the top of the page
 
+Quote Post
Murple2
post Aug 9 2018, 11:47 PM
Post #21





Group: Members
Posts: 138
Joined: 5-January 18
Member No.: 815,856



QUOTE(graynada @ Aug 9 2018, 03:03 PM) *
Secondly your first steps include rooting and allowing untrusted sources. These are 2 steps which are considered by pretty much every security expert to leave you more vulnerable to real spyware and attack from extremely harmful parties.


Seconded. Rooting your device has potential serious security implications. If you understand the risks, and can mitigate them by sensible practice then fine. But I wouldn't recommend it to people who don't consider themselves tech savvy, and certainly not for the sole purpose of making your device 'secure'. Yes it may allow you to remove some of the more fundamental bundled software (or 'malware' depending on your POV), but you are far more vulnerable to malware in the wild. If you are unlucky enough to install an infected app or navigate to a malicious webpage, you have effectively given criminals root access to your phone. Game over man.

QUOTE(NCI @ Aug 10 2018, 01:56 AM) *


These articles do not suggest you should allow untrusted sources. I took away the following - 1) be careful which apps you use to manage your cryptowallet (obvious) 2) don't install apps with names like "Earn Real Money Gift Cards" and "Bubble Shooter Wild Life," 3) only install what you need and trust. Which, incidentally, is why I would rather trust an app from Google than some company/developer I have never heard of.

Final edit: please consider changing the name of this thread to 'Guide to removing Google and MTK "spyware".. And I know this has been done to death now but really the MTK stuff isn't spyware. It is not secure because other apps can sniff the logs it creates (although it doesn't, as the logging behaviour is switched off by default)

Now can we finally get to the main issue - how do we remove all the backdoors from the firmware blobs?! Oh wait, we can't
Go to the top of the page
 
+Quote Post
graynada
post Aug 10 2018, 12:29 AM
Post #22





Group: Members
Posts: 116
Joined: 27-April 18
Member No.: 821,829



QUOTE
Not to disparage your spirited defense of data harvesters, but applications that harvest our data, seems to me, are the very definition of spyware


Only if they do it without your knowledge. I you have agreed within the terms and conditions and the company is upfront about what it is doing then that is not spyware. It is when it is happening without your knowledge, and you seem extremely aware of everything Google are doing, that it is spyware.

https://www.merriam-webster.com/dictionary/...tionary/spyware

QED
Go to the top of the page
 
+Quote Post
Eldkatten
post Aug 10 2018, 04:27 AM
Post #23





Group: Members
Posts: 85
Joined: 5-June 18
Member No.: 823,876



Hello,

thank you for this nice guide. I ask myself for instance, why there is still mobile data usage from Google apps though I switched it all off. Obviously Google (and maybe others) use backdoors and direct access to hardware resources (that's why my firewall obviously isn't able to block all network access), and worst of all, Google is ignoring the expressed will of the user. Yes, of course I "signed up" for this and sold my soul to Google and yadayadayada, but what are the - usable! - alternatives? "Trust" in a monopolist seems to me very naive.

So I try to pry my device, which I certainly own and I have paid for, not Google, out of Google's hands as good as I can. You, who trust Google with your life, can do whatever you want, but I am not discussing my attitude in this matter.

Anyway, back to the guide. I have some questions:

QUOTE(NCI @ Aug 9 2018, 12:47 AM) *
6.1 Download and install Official TWRP App from Yalp Store

What do I need TRWP for?

QUOTE(NCI @ Aug 9 2018, 12:47 AM) *
6.4. Backup -> Swipe to Backup

What does this mean? Is this to make a backup of the entire device in case anything goes wrong?

QUOTE(NCI @ Aug 9 2018, 12:47 AM) *
7.4. Freeze MTKlogger and Network Location

I seem not to have MTKlogger and Network Location on my device. I did the whole rooting thing already earlier, though. Maybe I already removed it? Can't remember. Where exactly would I find those Apps?

QUOTE(NCI @ Aug 9 2018, 12:47 AM) *
8. Download & install open-source location services from F-Droid
8.1. Unified Nlp (No GAPPS)
8.2. MozillaNlpBackend
8.3. NominatimNlpBackend
8.4. GSM Location Service
8.5. WiFi Location Service
8.6. Configure permissions for all apps above
8.7. Setup UnifiedNlp
8.8. Reboot, check UnifiedNlp after rebot

What exactly do I need this for? Is this for determining my location with GSM and WiFi (like GPS), or is it to locate available GSM and WiFi networks? What if I skip this step?

QUOTE(NCI @ Aug 9 2018, 12:47 AM) *
* Google apps list
(...)
Google *
(...)

Maybe the most stupid question: Why is there an asterisk behind "Google"?

And one general question: do apps - those I installed through the 'Playstore' (I allways wondered how serious or actually childish an OS is the software repository of which has such a stupid name) and those I download as an Apk file - rely on the presence of "Google services", "Google Playstore", "Google account manager" or any other Google stuff? Do I have to expect apps to stop working once I remove all "Google" parts? That would be especially annoying if it concerns apps I payed for, but of course all other apps as well. If I wouldn't miss it, I wouldn't have installed it in the first place.

Thank you and kind regards
Go to the top of the page
 
+Quote Post
Eldkatten
post Aug 10 2018, 05:17 AM
Post #24





Group: Members
Posts: 85
Joined: 5-June 18
Member No.: 823,876



Hello,

QUOTE(NCI @ Aug 9 2018, 12:47 AM) *
6.2 Choose Gemini PDA and install TWRP recovery

Restarting after recovery flashing with ESC key held takes me into a boot loop sad.gif Fortunately the system starts normally when I release the ESC key. Great unsure.gif

Kind regards
Go to the top of the page
 
+Quote Post
NCI
post Aug 10 2018, 06:24 AM
Post #25





Group: Members
Posts: 43
Joined: 13-July 18
Member No.: 826,042



QUOTE(Eldkatten @ Aug 10 2018, 04:27 AM) *
What do I need TRWP for?
What does this mean? Is this to make a backup of the entire device in case anything goes wrong?

TWRP is a custom recovery which allows making system backup. You might want to create backups in the process when removing extra apps, you may not like the end result or remove wrong app by mistake.
QUOTE(Eldkatten @ Aug 10 2018, 04:27 AM) *
Restarting after recovery flashing with ESC key held takes me into a boot loop

Try reinstalling it in TWRP app, maybe something went wrong. Do you have X27, X25 or WiFi only model?
QUOTE(Eldkatten @ Aug 10 2018, 04:27 AM) *
I seem not to have MTKlogger and Network Location on my device. I did the whole rooting thing already earlier, though. Maybe I already removed it? Can't remember. Where exactly would I find those Apps?

These are system apps, check System -> Apps -> System for them.
QUOTE(Eldkatten @ Aug 10 2018, 04:27 AM) *
What exactly do I need this for? Is this for determining my location with GSM and WiFi (like GPS), or is it to locate available GSM and WiFi networks? What if I skip this step?

You might want it to have working location functionality. These backends are open-source and don't spy on you; partricularly, GSM&WiFi apps use GSM and WiFi data in a manner Google does, but keep local databases on your device, without reporting anywhere.
QUOTE(Eldkatten @ Aug 10 2018, 04:27 AM) *
Maybe the most stupid question: Why is there an asterisk behind "Google"?

Google * = every app named Google-something.
QUOTE(Eldkatten @ Aug 10 2018, 04:27 AM) *
And one general question: do apps - those I installed through the 'Playstore' (I allways wondered how serious or actually childish an OS is the software repository of which has such a stupid name) and those I download as an Apk file - rely on the presence of "Google services", "Google Playstore", "Google account manager" or any other Google stuff? Do I have to expect apps to stop working once I remove all "Google" parts? That would be especially annoying if it concerns apps I payed for, but of course all other apps as well. If I wouldn't miss it, I wouldn't have installed it in the first place.

I would not recommend downloading APKs directly unless you're pirating something from a very trusted source - there's Yalp store for that. Some apps report that they're relying on GSF (Google Services Framework) but most or all functions work correctly without it, while others will misbehave.
QUOTE(Eldkatten @ Aug 10 2018, 04:27 AM) *
Thank you and kind regards

You're welcome! Hope you'll achieve your goals!

p.s. I personally am currently experimenting with keeping the google apps installed (most of them disabled) and routing Google traffic through interface directly while routing browser and messenger traffic through VPN, with properly setup browser of course - because there is no way to make voice recognition work without some Google stuff, even Saiy (FOSS voice assistant) relies on Google engine for speech recognition, sadly there's simply no working alternative.
Go to the top of the page
 
+Quote Post
Eldkatten
post Aug 10 2018, 08:23 AM
Post #26





Group: Members
Posts: 85
Joined: 5-June 18
Member No.: 823,876



Wow, thank you for that elaborate answer biggrin.gif

QUOTE(NCI @ Aug 10 2018, 04:24 PM) *
TWRP is a custom recovery which allows making system backup. You might want to create backups in the process when removing extra apps, you may not like the end result or remove wrong app by mistake.

Ok, that's what I thought.

QUOTE(NCI @ Aug 10 2018, 04:24 PM) *
Try reinstalling it in TWRP app, maybe something went wrong. Do you have X27, X25 or WiFi only model?

I tried three times, alas. I have an X27 device, and I used the latest image.
Since I rendered a tablet bricked and useless by trying to flash a custom recovery, I think I keep my hands off this, as long as my Gemini is still working.

QUOTE(NCI @ Aug 10 2018, 04:24 PM) *
These are system apps, check System -> Apps -> System for them.

Ah, there they are. And many more ohmy.gif I am able to force stop them, but can't remove or deactivate them. The button is greyed out.

QUOTE(NCI @ Aug 10 2018, 04:24 PM) *
You might want it to have working location functionality. These backends are open-source and don't spy on you; partricularly, GSM&WiFi apps use GSM and WiFi data in a manner Google does, but keep local databases on your device, without reporting anywhere.

Thanks for the explanation, I don't need these.

QUOTE(NCI @ Aug 10 2018, 04:24 PM) *
Google * = every app named Google-something.

Of course, a wildcard, how stupid of me wink.gif

QUOTE(NCI @ Aug 10 2018, 04:24 PM) *
I would not recommend downloading APKs directly unless you're pirating something from a very trusted source

You're right, of course, and the few Apks I used are all from trusted sources.

QUOTE(NCI @ Aug 10 2018, 04:24 PM) *
Some apps report that they're relying on GSF (Google Services Framework) but most or all functions work correctly without it, while others will misbehave.

Yes, I experienced that. Most apps don't complain at all, a few ones complain but work never the less, and very few complain and really don't work:
- Nina, which is a desaster alarm run by the german Federal Office for Civil Protection
- Timely, a nice alarm clock
(these two rely on Play Services)
- Prometheus, a learning app for anatomy, for which I lost the license once I turned off the Google stuff (I think it depends on Playstore itself), and it didn't come back after switching it on again, while the other two were fine once I switched Play Services back on.

Have a nice weekend, kind regards
Go to the top of the page
 
+Quote Post
NCI
post Aug 10 2018, 08:33 AM
Post #27





Group: Members
Posts: 43
Joined: 13-July 18
Member No.: 826,042



QUOTE(Eldkatten @ Aug 10 2018, 08:23 AM) *
Ah, there they are. And many more ohmy.gif I am able to force stop them, but can't remove or deactivate them. The button is greyed out.

You can, with Titanium Backup. Even the free version from Play/Yalp store will be able to remove them. On my device, however, option to disable MTKLogger in system settings was greyed out - so I had to use pirated Titanium Backup Pro to do it; couldn't remove it even with Titanium Backup, by the way.
Go to the top of the page
 
+Quote Post
jerome
post Aug 10 2018, 01:44 PM
Post #28





Group: Members
Posts: 27
Joined: 5-December 04
From: Europe
Member No.: 5,772



I would like to thank NCI for that guide, which is just what I needed.
Go to the top of the page
 
+Quote Post
jerome
post Aug 10 2018, 01:55 PM
Post #29





Group: Members
Posts: 27
Joined: 5-December 04
From: Europe
Member No.: 5,772



QUOTE(graynada @ Aug 10 2018, 08:29 AM) *
I you have agreed within the terms and conditions and the company is upfront about what it is doing then that is not spyware. It is when it is happening without your knowledge, and you seem extremely aware of everything Google are doing, that it is spyware.


Except that the proposal "accept to be spied upon or do not use a smartphone" can be understood as taking undue advantage of an inequality in bargaining power:

https://en.wikipedia.org/wiki/Unconscionability

I really wonder why there is always somebody on these threads to defend google, a multibillions rich company. Are you a google employee? All we want here is a technical discussion on how to design a particular custom rom for the device we all bought.
Go to the top of the page
 
+Quote Post
NCI
post Aug 10 2018, 05:32 PM
Post #30





Group: Members
Posts: 43
Joined: 13-July 18
Member No.: 826,042



QUOTE(jerome @ Aug 10 2018, 01:55 PM) *
All we want here is a technical discussion on how to design a particular custom rom for the device we all bought.

A proper LineageOS ROM would be fantastic,. I personally miss tons of little customization options here and there, which I learned to treat as something available by default using LineageOS/CM for years. \=
QUOTE(jerome @ Aug 10 2018, 01:44 PM) *
I would like to thank NCI for that guide, which is just what I needed.

You're welcome, glad it helps!
Go to the top of the page
 
+Quote Post

4 Pages V  < 1 2 3 4 >
Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 21st October 2019 - 07:33 AM