(1/5)

Edit(11/1/2022): * MIUI has no biometric Lockdown, solution. * FFUpdater and UntrackMe apps recommended. * Added back Vinyl Music Player.

NOTE (June) 15/06/2020: r_privacy moderator trai_dep revengefully deleted my highly gilded 1.0 guide post before.

NOTE: I will NOT respond to prejudiced and political trolls.

Hello! It took a while before I could gather enough upgrades to create this fourth iteration of the smartphone guide so many people love. It seems to have benefitted many people, and it was only a matter of time before things got spicier.

It is time to, once again, shake up the expectations of how much privacy, security and anonymity you can achieve on a non rooted smartphone, even compared to all those funky “security” custom ROMs. It is time to get top grade levels of privacy in the hands (pun intended) of all you smartphone users.

Steps are as always easy to apply if you follow the guide, which is a pivotal foundation of this guide I started 2 years ago. After all, what is a guide if you feel unease in even being able to follow its lead?

Unlike last year, I want to try and fully rewrite the guide wherever possible, but some parts will seem similar obviously, as this, while technically being an incremental improvement, is also a massive jump for darknet users. This version of the guide took a while compared to the previous versions.

A kind request to share this guide to any privacy seeker.


User and device requirement

  • ANY Android 9+ device (Android 10+ recommended for better security)
  • knowledge of how to copy-paste commands in Linux or Mac Terminal/MS-DOS Command Prompt (for ADB, it is very simple, trust me)
  • For intermediate tech users: typing some URLs and saving them in a text file

What brings this fourth iteration? Was the previous version not good enough?

No, it was not, just like last time. There is always room for improvement, but I may have started to encounter law of diminishing returns, just like Moore’s Law has started to fail with desktop CPU transistor count advancements. This does not mean I am stopping, but upgrades might get marginal from here on. The upgrades we now have are less in number, higher in quality. So, we have a lot explanation to read and understand this time around.

A summary of new additions to the 3.0 guide:

  • Update to the Apple section
  • Many additions in section for app recommendations and replacements
  • NetGuard replaced with Invizible Pro (this is massive)
  • A colossal jump in your data security in the event of a possible physical phone theft using a couple applications
  • An attempt at teaching the importance of Android/AOSP’s killswitch feature for VPNs/firewalls
  • (FOR XIAOMI USERS) How to configure Work Profile, as Second Space causes issues, and adding back biometric Lockdown
  • How to be able to copy files from work profile to main user storage without Shelter/Insular’s Shuttle service
  • Some changes in phone brand recommendations
  • Caveat(s)

Why not Apple devices?

iPhone does not allow you to have privacy due to its blackbox nature, and is simply a false marketing assurance by Apple to you. Recently, an unpatchable hardware flaw was discovered in Apple’s T1 and T2 “security” chips, rendering Apple devices critically vulnerable.

Also, they recently dropped plan for encrypting iCloud backups after FBI complained. They also collect and sell data quite a lot. Siri still records conversations 9 months after Apple promised not to do it. Apple Mail app is vulnerable, yet Apple stays in denial.

Also, Apple sells certificates to third-party developers that allow them to track users, The San Ferdandino shooter publicity stunt was completely fraudulent, and Louis Rossmann dismantled Apple’s PR stunt “repair program”.

Apple gave the FBI access to the iCloud account of a protester accused of setting police cars on fire.

Apple’s authorised repair leaked a customer’s sex tape during iPhone repair. This is how much they respect your privacy. You want to know how much more they respect your privacy? Apple’s Big Sur(veillance) fiasco seemed not enough, it seems. Still not enough to make your eyes pop wide open?

Apple’s CSAM mandatory scanning of your local storage is a fiasco that will echo forever. This blog article should be of help. But they lied how their system was never hacked. I doubt. They even removed CSAM protection references off of their website for some reason.

Pretty sure atleast the most coveted privacy innovation of App Tracking protection with one button tracking denial would work, right? Pure. Privacy. Theater.

Surely this benevolent company blocked and destroyed Facebook and Google’s ad network ecosystem by blocking all those bad trackers and ads. Sigh. Nope. Now it is just Apple having monopoly over your monetised data.

Also, Android’s open source nature is starting to pay off in the long run. Apple 0-day exploits are far cheaper to do than Android.


LET’S GO!!!

ALL users must follow these steps except the “FOR ADVANCED/INTERMEDIATE USERS” tagged points or sections.

Firstly, if your device is filled to the brim or used for long time, I recommend backing up your data and factory resetting for clean slate start.

NOTE: Samsung users will lose Samsung Pay, as Samsung has been caught and declares they sell this data: https://www.sammobile.com/news/samsung-pay-new-privacy-policy-your-data-sold/

  • Install F-Droid app store from here

  • Install NetGuard app firewall (see NOTE) from F-Droid and set it up with privacy based DNS like AdGuard/Uncensored/Tenta/Quad9 DNS.

NOTE: NetGuard with Energized Ultimate HOSTS file with any one of the above mentioned DNS providers is the ultimate solution.

NOTE: Download the Energized Ultimate hosts file from https://github.com/EnergizedProtection/block and store it on phone beforehand. This will be used either for NetGuard or Invizible, whichever is picked later on.

(FOR ADVANCED USERS) If you know how to merge HOSTS rules in one text file, you can merge Xtreme addon pack from Energized GitHub. You can also experiment with the Porn and Malicious IP domain lists.

NOTE: Set DNS provider address in Settings -> Advanced settings --> VPN IPv4, IPv6 and DNS

  • Install Invizible Pro from F-Droid (LONG SECTION FOR THIS BELOW)

  • In F-Droid store, open Repositories via the 3 dot menu on top right and add the following repositories below:

  1. https://gitlab.com/rfc2822/fdroid-firefox

  2. https://apt.izzysoft.de/fdroid/index.php

  3. https://guardianproject.info/fdroid/repo/

Go back to F-Droid store home screen, and hit the update button beside the 3 dot menu. (This may vary if you have newer F-Droid store app with new user interface.)