I have been slowly degoogling my life by reducing my use of Google apps and switching to FOSS alternatives. I recently created a Proton account and tried to keep it completely isolated from my default Google account so as to not let it know what my Proton mail identity is. I have finished my transition in my desktop to the best of my ability and am planning to start the same with my mobile. The only thing I have done in my Android phone related to Proton is having downloaded ProtonVPN and signed into my account within the app. However I fear by downloading ProtonMail and signing into it, my Android phone would identify the email account, which could make this entire transition useless. Is there a way to avoid this situation or has the damage already been done. What does Google know about my Proton account, if at all?
If you’re that worried you should really switch to a degoogled Android like GrapheneOS. But fwiw I doubt google would know your Protonmail address just from logging in through the protonmail app
Doesn’t change anything. On GrapheneOS, you still need to install play services to get push services working on ProtonMail. Another privacy friendly email provider, Tutanota, they wrote their own push notification stuff to get it to work on degoogled phones specifically.
I would think a big reason to use proton is to keep google (or another provider) from reading the contents of your email.
Why is keeping your ProtonMail email “hidden” important to you? Answering that will hopefully let us come to a better way of achieving the goal.
Also, anyone can figure out if you’re using Proton by the email address or DNS on the domain name.
It’s not important at all why they want to do it.
Do they wanna prevent spam? Use SimpleLogin/addy and never give out their actual email. Google knowing it is probably not mean more spam, but you could still filter out emails to the base email address.
Wanna prevent hacking attempts? Enable 2FA, and again, Google knowing probably doesn’t increase the attack surface area too much.
There are a bunch of reasons why you’d want to hide an email account, but the remediations are all very different depending on that reason. At the end of the scale you’d probably never wanna use the app at all, and just login via browser (not chrome), but even then is Google key logging Android? Who knows.
So you’re right, it’s not important why they want to do it, it’s crucial if they actually want to be helped properly.
I am just a casual person who takes privacy a bit more seriously than the general public. To be frank, I don’t even use Google services that much. I just wished to end my reliance on Google due to what I learned about their practices. However I can only go so far. I have a busy life and I do all these privacy related work during my free time. I don’t have a GrapheneOS compatible android phone, I don’t have the liberty to switch to a new phone, and I don’t have the knowledge to set up a custom ROM. I just want to take as many measures to increase my privacy without going to extreme measures like rooting my phone or setting up pihole.
I’ve tried to use alternatives from f-droid. switched to firefox (specifically mull), disabled unnecessary permissions and telemetry from Google apps etc. However, seeing all of the comments here suggesting actions that I am simply unable to take feels like all the other things I’ve done so far have been in vain and I should just succumb to Google’s spying, which I am feeling to do indeed especially after learning how much data Google has collected about me, making privacy in my phone virtually nonexistent.
Look people have a very “all or nothing” approach that I myself disagree with. They want true privacy? Buy a dumb phone, never go online, and disconnect the landline.
I hear you, I also started out with just proton, but I’ve gone deeper slowly — I do have Pihole, I don’t use Google services, but these are not things you need to do to get more privacy.
I think from your comments it seems like you’re just worried Google will know your email address, and that’s… not a big deal?.You probably will give out that email address anyway, so they’ll find it eventually.
The contents of the emails, which is where important data really is, are encrypted in proton. Google shouldn’t be able to read your screen contents, but who knows for sure. So you should be fine for now, don’t worry about logging in the phone.
I sincerely thank you for understanding my situation and giving me actually useful advice.
deleted by creator
I dont think you can. As long as you use Android with GMS, Google will always know. Best is to get yourself a Pixel, immediately flash GrapheneOS, and use it.
Basically pointless to hide from Google on OEM android, but tutanota, Molly, and im sure other apps, will at least not send message contents as a notification.
What Android, LineageOS? Where are you logged in, a Browser or Apps?
Apps are shit, Androids sandboxing security model is hillarious as all preinstalled bloat has all permissions.
Even on LineageOS Google knows
- your IP from Connectivity check
- your IP from captive portal check
- your location and device data from SUPL / A-GPS
but if you are logges into any accounts in apps, no chance.
Simply use your google accounts through a seperate browser and never in “Apps”. Best would be to use ‘shelter’ from F-Droid, create a work profile, install a VPN in either the work profile or your regular one, set it to always on -block other connections in your network settings.
your location and device data from SUPL / A-GPS
IIRC this is worse on Qualcomm devices, where I believe the GPS almanac data is requested over plain HTTP, by the SoC itself outside of the OS’s control
Craaazy.
deleted by creator
Manufacturer’s version of Android. I’ve logged in the apps with multiple Google accounts.
While I could consider using my browser instead of apps for all google related services, I don’t think outright removing the accounts from my phone since Google has mandated use of mobile verification (the one where they ask to choose the correct option from the three given number) and I don’t want to provide them a phone number for SMS verification. I fear I would be locked out of my Google accounts if I don’t have them signed in in my phone directly.
I tried checking Shelter, however it says it is best optimized for Pixel phones and grapheneOS (which I have neither of) and you already said sandboxing in Android sucks, thus it may not be beneficial to go through all that effort to setting up the separate profiles if it isn’t even going to work well.
No shelter is not optimized anywhere. It runs on Android thats it. GrapheneOS is secure but they dont care about it at all, they think “oh I can use a USB stick to transfer files between profiles” is the definition of usable.
Get any LineageOS phone and you are way better off. No you wont use your Google account, maybe they force you to use a Chromium based browser, but logging into that crap is the beginning of the end.
Of course Google now knows all your device IDs so anonymous you will never get anymore.
Aurorastore with an own Google account works currently. Its always a fight of course. But I use GrapheneOS without these services and its fine.
Don’t use your own account with aurora, you can get banned
Yup but burner accounts seem impossible currently. But good point, I will try to create a new one
login to your protonmail through tor browser and voilà… i would have wrote but you used the same login for your proton vpn
don’t tell me that you’re using GBoard 😬
Just install a vanilla android rom without* gapps. Best you can do is install microg variant roms, if you want gms.
Edit: typo*
I’m sorry, but I do not have the time, experience or knowledge to set up custom ROMs in my device at the moment.
Then it’s literally impossible because you can’t compleatly degoogle your phone without custom rom. Else they know which apps you have installed and for how long you use them and even have access to notifications.
you can degoogle without a custom rom
Then my friend you can’t remove Google from your device. Only vanilla roms without any google shenanigans is your way to go.
Doesn’t even vanilla AOSP or what it’s called still phone home to Google for time, internet-check, cage-checks etc? I think you’d need Graphene (only available on Google hardware (Pixel) 👌) or another custom ROM (or do a lot of firewalling on vanilla / Lineage etc) to really be free of Google (if that’s even possible).
deleted by creator
Island has been deprecated by Insular, with Shelter as another option (that people say is better).
[This comment has been deleted by an automated system]
