This is kind of a big project. The goal is, to have a "ceise and desist-proof", FDroid repo, as then you wouldn't need AuroraStore anymore, to download the Google-bloated shitapps. I use LuckyPatcher for the process, and document every removed permission and occurring Errors. Currently there is [my Magisk group](https://matrix.to/#/#fdroidppa:matrix.org), go there to stay up to date! I have two cloud backup solutions, safe and free for me, while I dont have setup a server yet, and don't know how to do that as a hidden service. [MEGA-storage](https://mega.nz/folder/JygQUTZR#_cXUNgDSIBB2_AzYM6-UOQ) - - - [Filen.io storage](https://filen.io/f/20e48f08-bcde-4ded-80ca-5633e580a2c8#!VEuQPTyfdCtLNqmF3dykd7o4a05Skd59) ## Offline Apps Many apps are just image editors, Volume control editors and more, that absolutely need no internet. Instead of making you dependend on NetGuard or LineageOSses feature to deactivate internet, ***anyone can just download and use these apps, with absolutely zero tracking!!!*** Its so easy, just remove the internet permission and dont update the apps through AuroraStore. The apps currently: - Volume Styles (change your volume control, customizable, even App opening possible!) - SnapSeed (intermediate image manipulation) - CuteCut (Video Cut) - inCollage - Notebloc (PDF scanner and processor) - AppLocker (with Fingerprint) - File Converter - FileManager+ - I cant wake up alarm clock - MirrorLab - MandelBrowser - Nova Launcher prime mod - PicTools (batch compression e.g.) - Rotation (useful for Tablets) - Viral Icon Pack ## Online Apps Many proprietary services (eBay, Spotify e.g.) have no widespread FOSS alternative. I donr focus on making the shitties of shit tolerable (Whatsapp, Instagram, TikTok), because these companies make their apps so, that they recognize when they are changed and dont start. - ADAC Führerschein - Beam Wallet - CycleFix bicycle repair - dict.cc (offline dictionary) - ebay Kleinanzeigen - Flora incognita (plant identification without tracking) - LuckyPatcher (unmodified as I dont know how) - MyIBidder (bidding sniper for ebay) - Nextbike (bike sharing) - OnlyOffice Documents - Mushroom identificator - Shazam Lite - Spotify older version - VNC Viewer ## Unavailable Apps - some downloadable APKs (only make sense for the repo) - Youtube Vanced all apps - System apps (AOSP file manager, keyboard, GCam mod, LineageSetupWizard, Seedvault, Trebuchet) ## Magisk modules - Magisk zip download - LSPosed, Riru - AudioMisc - WebViewManager - AppSettingsReborn - CameraControl - AndroidFaker - XposedUnifiedNLP --- I invested hours in this project and try to improve it. - multiple secure cloud backups - transparent logs in Markdown - a good repo in the future, to make privacy easy - torrenting - PGP verification ([get my public key here!](https://filen.io/d/ba118d80-d68b-4fe0-9815-52cd4ae76d7a#!Ff43CGV6xVHcIicDeUMeTpEPSkKuujlW)) for all patched apps - what else?

Google Photos comes preinstalled on modern Android, and (like with Edge etc) this seems to be enough reasons to just use it. As Google bloats stock Android to an extreme Extent, this should not be normal, but the state today poorly is, that a lot of people use a Photos app that analyzes faces, metadata, content and more. Google Photos, as well as the other Google bloat, is just horrible for privacy, and as face-recognition got so good, its power to track you and analyze your most intimate pictures should immediately shock everyone... but it seems it doesnt. As Photos are one of the most sensitive data, I will focus on "Google Photos". ### so how can we exchange it? First: The app is installed as a "system app", having more permissions as well as being uninstallable. Yes, thats insane, but thats Google. You can only deactivate it in the settings, even ADB (android debug bridge, using a second Phone with "ADB OTG" or a laptop) cant delete it fully, but thats not a problem, as apps in the system partition dont take up place you could otherwise use. ## 1. Download everything Many people dont even have their data on their own devices, but stored in a cloud. As unlimited Google drive costs very little, this is motivated by Google of course. To go on, you have to have physical access to your own photos, and this will be the case in the future. So you may need to buy an external SATA SSD, bigger micro-SD card or USB-Stick, to have all your photos offline. You can reuse a SSD or HDD from your Laptop / PC using a specific case, PC HDDs need an extra power supply for turning the disk. You have to use the browser to download the photos, as the app is made to track you. The function is called "Google Takeout". ## 2. Delete what you have offline and log out In the Google settings there are some general Tracking data you can delete, like your History, Location history (every place you have been is stored on Googles servers...) and more. Use that, although it may not do anything, but as its opt-out and not opt-in, many tech-illiterate People dont even do it so it can actually do something without immediately eliminating Googles business. After that, delete all your Drive data, you already have it offline. I will list some Drive alternatives, so dont worry. If you also plan to log out from Google completely, you will have to have your contacts accessable. You can download them as a .vcf file (regular and handy format) from the google contacts website. These can be imported and exported using Simple Contacs, and stored whereever you want, not depending on googles servers. (But you wont mysterically have all your contacts on a new phone, obviously) ## 3. Replacement apps ### Gallery I recommend Simple Gallery Pro or any other FOSS apps from F-Droid. It has every function a gallery needs, apart from face-filtering, location filtering etc. There are also some other good looking ones, like Stingle Photos, Photo Chiotte, Camera Roll,... Look for some with recent updates and no anti-features and see what suits your taste best! ### Sync Google Photos has the ability to have a lot of photos online and not even on your phone. In my experience this can provoke bad usage, cluttering of double images, not deleting them at all etc. All the sync alternatives will need you to have the Images on all devices you want them to be. **Syncthing** - Best choice if you want images just be there on multiple devices - FOSS apps for all platforms - You can select folders to sync - QR-Code for connecting devices - Device-to-Device, no costs, no servers, noone to trust - configurable sync-type for every folder **Nextcloud** - Open source Sync protocol - Sync to server (own or paid) - FOSS apps for all Platforms There are also providers like ente.io, Mega.nz, Disroot, Alternative-to has an [awesome collection of services](https://alternativeto.net/software/google-drive/) with user ratings (their site is awesome for replacing bad services and apps!). I always prefer Syncthing, as you dont have to pay and/or trust other people to handle your data. In many cases you pay **and** get tracked and analyzed, which is totally insane. But Googles low prices have to come from something, dont wonder, you will pay more for alternative Cloud-Providers. ### Image editing Simple Gallery Pro from Playstore has its own image editor, but you can use an external one, Simple Gallery Pro from FDroid doesnt have the Editor, as it isnt FOSS. SnapSeed was the best image Editor for Android I could find, Ad-Free, unpaid etc. It is made by Google, so it is a tracking risk, especially if its not the only Google app on your phone, if you have Play services for example There are ways to deal with software you dont trust, the easiest one is just deactivating Internet, so even if it tracks you, it cant send out the data to Googles servers, this can be done without root using NetGuard. With root you can use Warden to deactivate Trackers, with LineageOS you can deactivate the internet without NetGuard. ### AI-powered automatic sorting etc. I dont think this is really nessecary. You should have a rough overview over the photos on your device, but if you really just want to use AI-filtering, tagging and face-recogonition for increased efficiency there are a few projects you can try out. - Ownphotos ([Github page](https://github.com/hooram/ownphotos)) includes Face-Filtering, Location tagging, map view etc. It is in early development and self hosted. - [Piwigo](https://piwigo.org/) ([Github Site](https://github.com/Piwigo/Piwigo)) is a Gallery program for the web, can run on your own server, so targeted toward advanced users - [PhotoPrism](https://photoprism.app/), Open Source, Self-Hosted or bought. It is in early stages of development though. So concluding, it seems as there is no alternative for Google Photos intense analytics and metadata use, that is also easy to use without technical knowledge, yet... If you want to use something like that and its a reason to switch back go Google Photos, keep in mind that you will let an Ad Company run AIs on your private photos. So letting go of the many comforts Google offers is nessecary. ### Camera app I recommend OpenCamera for anyone, it has a huge amount of features, is available from FDroid, their site and the PlayStore (AuroraStore of course). OpenCamera also has some important privacy features like disabling location metadata. You should keep the Google Camera (with internet tutned off) for following reasons - support for specific camera setups - zoom lenses etc - some apps need it on Android 11 and higher, if they dont have their own camera API Metadata is bundled with images and can leak private data where you dont want it to be. There are many apps to remove Metadata (EXIF data) from photos, I use ***Scrambled Exif***. ### if you want to keep Google Photos... There are many reasons why you could choose Google photos. - the cheap cloud prices because of googles huge monopole and extra money through targeted ads - image editing may have advantages and better compatibility with GCam - integrated into the seemingly perfect Google ecosystem - you need AIs to filter your photos, because you have too many of them Sorry to be a bit rude here, but there are important things and unimportant ones. Even if you dont care about your privacy (which I dont really think you do), every person you have photos of will get analyzed by Googles AIs... So to prevent that, you can toggle all internet access of the app and use it in your Android work profile, which can be set up using the app "Shelter", available on FDroid. Now the app only sees the photos you send to it through the share-dialogue. **Without internet, you can only use the App as a Gallery, no image editing. So its basically useless.** (Does Google photos work with the share dialogue? Otherwise an easy solution is the Fdroid app "Save to...", which allows saving images using the share dialogue. Install it in the work profile and you can copy images easily.) ----- Anything missing? Any good service I have forgotten? I just use Simple Gallery and Syncthing for everything, no extras, so my experiences are limited. *this post was mirrored from my Reddit account*

This is a pretty big topic, although it may not look like it. A huge field for privacy and security is how you log into foreign servers, what accounts you own, what data is stored in them and how many there are. I used a free email provider that was horrible for privacy, like nearly everyone does. It actually is a lot of work to change your mail, but its totally worth it and you can learn a lot. ## 1. Get a private mail provider There are many things to consider, before choosing a mail provider. **Practical aspects**: - How much does it cost (if its free, they track you to get the money) - Do they work with apps you like (Android: K9-Mail/FairEmail, Desktop: Thunderbird) - Do they offer enough storage for the money - do they offer aliases, Spam-Filters, extra functions (that you actually want) **Security aspects**: - where are they located (Surveillance by Law, Digital laws) - What kind of Encryption do they use (unencrypted are unsafe and shouldnt be used for anything interesting) - Has the company had hacks or gave information to the government? If yes, how have they dealt with it and what were the circumstances - Is their software open source Here are some Lists of private Email providers ([List 1](https://privacysavvy.com/email/best/secure-email-providers/), [List 2](https://itsfoss.com/secure-private-email-services/)). Depending on what you like, you can choose an email provider from those lists. I chose Mailbox.org, as they: - offer 2GB storage for 1€/month, 5GB for 3€ - allow 3 aliasses, **25 for 3€!!** - use open source code - work in Thunderbird, FairEmail and K9-Mail (IMAP, unlike Protonmail and Tutanota) But others may be equally good or better. Just pay for what you use and stay away from those datakrakens (gmx,web.de,gmail,outlook,...) ## 2. Find your logins I had mine stored in Firefox, you may have a piece of paper or a password manager (or the very bad habits, stored in a messenger, an unencrypted file (.txt, .docx, etc.), an unencrypted notes app etc). **For the future** Store every password in a password manager like Keepass. It has apps for all platforms, and works by creating a file (.kdbx), encrypted completely (not just the password) by a master password. Create the file in a location you know, then you can sync it using Syncthing (device to device, free and private), Nextcloud, Mega-App or any other sync service, there is no danger as its encrypted. Dont use Closed-Source applications and unpaid cloud-based ones, as they will contain tracking. Bitwarden is also Open Source, there are other services too, but these are the main ones. ## 3. Change your mail or delete the account on websites This is a very important thing everyone should do once in a while, delete unused accounts. Some sites may no longer exist, you just bought something there once or used it once and forgot it... But your account data, often including an unsecure and widely used mail containing your name, and maybe other personal information, are stored on many many servers. If now one of those dozens (if not more) of servers gets hacked, this can have serious consequences. [HaveIBeenPwned shows if your mail adress was included in a data breach](haveibeenpwned.com) Many sites dont even offer the feature to delete your account, in that case email them mentioning your "right to be forgotten" (depending on the laws of the state you live in) and it will work most of the time. Ironically, you sometimes have to proof you are the one that wants to be deleted, like "Here is all my personal data and now please forget it". ## 4. Get rid of your old mail - copy important mails To get important mails from one profile to the other, you can copy them between folders in Thunderbird. - forward mails to your new adress If not everyone knows your new mail, you can setup forwarding of mails for nearly every provider. Just make sure to not use your main adress, best is to use a temporary mail, so that the unprivate providers (e.g. Google etc) dont know your new adress. (Google sends mails to your alias/temporary email, which sends the mail to your main one, Google doesnt know your new main email). When everyone has been contacted and knows your new adress after like 2 months or so, you can delete the alias/ temporary email and your old mail account. - delete as much data as possible This of course builds on trust in the company which you try to get rid of, but at least you can try it. I.E. ask Google to delete everything, your location history (insane shit), metadata, targeted ads, and what you can find else. - change your personal data very often if possible This is just an idea: Server costs are a thing, and a company should have limits for data storage. If you now change your real Name, Adress etc to fake ones like 6 times, maybe the real ones are permanently deleted, as they would take up too much storage. With Reddit this works, as they only store the last version before deletion (so deleting something doesnt work, you have to edit & delete) ## Change habits in the future If you need to create an account for something and you know you wont need it in the future, use a redirection service like Firefox Relay. Just create a throwaway adress, let it forward mails to your mail email-adress and delete that throwaway email when you dont need it anymore. You can still delete the account, but this will also save you from spam If you need to provide a Telephone-number, that isnt used for 2FA (two-factor-authentification, very important for security) or validated through an SMS code etc., you can use a fake number, as in many states your number is associated to your full name and more. There are also services like "Spam Frank" (Tel: 01631737743), that will deal with spam-calls you dont need. **Some obvious things** - never use your main email (the one you login with) if you can use aliasses - never use the same password for multiple accounts - use Keepass's Password creation-tool or make a difficult one yourself, dont use names, words or easy combinations (daniel, potato, 12345, password) - dont store your Passwords unencrypted! Hackers could just read **all** your logins when getting acces to your files - dont give your full name and other sensitive data if not needed or otherwise already given (payment by card, postal adress sometimes) - use 2FA as often as possible and with important logins **Some advanced tips** - use aliasses whenever possible (from your provider, AnonAddy, Firefox Relay, Simplelogin,...) - check haveibeenpwned.com, if your mail was included in a data leak, maybe use a service like "Firefox Monitor" - use mail-extensions - encrypt your mails yourself using OpenPGP - use a FOSS mail program that has private settings (no safe-browsing, blocked tracking images, filtered HTML, etc) ### 2FA (Two-factor-authentification) This can be a - TAN-list - phone number (obviously very unprivate although most commonly used) - an authentification app (Aegis is recommended, as its FOSS) 2FA can save you, as nobody can access your login with just password and mail, but needs to have access to the second Factor too. ### Mail-extensions A few weeks ago I didnt even know this existed, as you nearly never see it. A lot of mail providers (including mailbox.org) allow them, you use it like that: `user@mailbox.org` ---> `user+ACCOUNT@mailbox.org` The Extension can be the domain that you use the email for, for example "user+reddit@mailbox.org". Advantages: - easy filtering without filter algorithms like in Thunderbird - Transparency about who shared your email If you for example discover your reddit-login email on a completely different server, you know you cant trust that former server as it shared your data. Note: Some sites like Aliexpress dont allow extensions in your login mail, they say "enter a valid email" if it contains a "+" ### Hardening Thunderbird K9-Mail and FairEMail have really good privacy settings, some by default. Thunderbird, like Firefox, has its default settings mainly for easy usability, not privacy at all. But because of its open nature and customizability, you can use a file called "user.js", defining a lot of settings on every start of Thunderbird, overriding the old ones. There are a lot of presets to be found online, I have made my own one, combining best Privacy with needed usability and including short explanations and a guide how to add it. It is based on the Thunderbird-Addon "PrivaConf" and "Privacy-Handbuch"s user.js ([Here is a link to it in my Cloud](https://cloud.uol.de/s/3AP77a7BHSYBMaS)). Hardening your Browser and Email-Program can have negative effects on the usability, thats why tested user.js like mine are a good start, some hard presets like Arkenfox cause a lot of features to break, and falling back to an unconfigured version or a different mail program is not the solution, so a less hardened version may suit your needs better (keyword: Threat model), you dont always need TOR-anonymity. ### Note about anonymity - The smaller a provider is, the more you are fingerprintable because of the domain - creating an own domain avoids people seeing your mail provider but makes your mail unique = fingerprintable (but you can keep it even after a provider change) - smaller providers are less likely to be under pressure of the state (Protonmail as an example for the other side) - IP and more can be stored by email providers, if you want to be more private, use extra Encryption and Orbot/ Tor, or just not Email! Good providers make clear what data they gather ### Thats it! Changing your email and adapting good habits is some work, but the good thing is, that those healthy workflows will stay and get easier, and there is a ton of great software and great people out there, making it easy for anyone to be private. Lets keep fighting against the unleashed capitalist surveillance dystopia we live in, wake people up and keep ourselves safe! *this post was mirrored from my Reddit account*