Is GSF-less android safe enough?

I use AOSP-based custom ROM, microG without google account and F-droid apps for stuff where possible.
I am aware Android still uses proprietary vendor drivers, but network monitoring didn't report any connection to google or other suspicious sites except for connectivitycheck.gstatic.com which can be blocked at dns level.
So is this solution relatively safe from data collection or do you know about something I don't know?

Attached: microg.png (772x282, 35.65K)

Other urls found in this thread:

github.com/jmdugan/blocklists/blob/master/corporations/google/non_localized
twitter.com/NSFWRedditImage

why are you even here

Attached: botnet.png (600x450, 554.9K)

Whenever you connect to a WiFi network all versions of Android (including Cyanogen et al) ping Google servers in order to determine whether or not it has internet access. In order to get rid of this you have to edit the URL out of the source and build the ROM yourself.

You are still being tracked by GSM towers.

That's dumb, why doesn't Cyanog, Lineag, Copprh, etc. run their own ping domains?
That's what most Linux distros do.

Even if AOSP has the option hidden away somewhere, how did they not bother to change it in all these years??

If you're gonna ping something that often, the phone should come with a list of top 1000 websites and ping a random 3 of them every time.

I guess pings aren't that big threat to privacy.
Google probably receives many of such pings every minute from same IP so they can hardly track you unless you have public IP.
Btw forget about copperhead, bad guys took over it and fired main dev, it is not safe anymore.

Android is fucking huge and infested with Google botnet, same shit as Chromium.

No, Android is fucked at the core, see permissions.

That is not a concern, pinging google is one of the best ways to check connectivity in fact.

why ping anything. its just a waste of resources and good way to spy the user because the latest ip and possibly other identifying data is always logged somewhere

You can block the host using hosts file and AdAway. LineageOS is also connecting to the time.android.com and even www.google.com, I think. I have 4 or 5 domains blocked which LineageOS tried to connect to in my first hour of using it, before installing any apps other than AdAway.


This. I've blocked the domain and my phone works just fine. It has an x and says "no internet" but I can live with that.


It would be better if you could change the domain you're pinging to in the developer settings and the domain of the time sync service.

cryptos.im

Or find any sim provider from one of the many countries where ID isn't required for activation that has favorable international/roaming rates.

Because it's part of the core Android network APIs. NetworkCapabilities#hasTransport

NTP config is located at /frameworks/base/core/res/res/values/config.xml

element with name: config_ntpServer

Change it and recompile.

And just block Google in your host file

/system/core/rootdir/etc/hosts

The point of pinging google is that google has ridiculous uptime (so false negatives are rare), and that traffic to google is both enormous and spread out, so a few more pings don't make you stand out.
If you were to ping mydubmsite.com or something, you'd make yourself stand out by being one of the few people regularly pinging that site: the domain would still be visible over https too, to make things worse.

Being able to change the time sync is more reasonable.

What is a full list to add to the hosts file, besides google.com and gstatic.com

I can ping to my local site then. It's irrelevant, I'd rather ping something that isn't owned by a big and corrupted corporation.

Or just fucking ping whoever leased your device an address with DHCP or an address that you define.

The fuck am I reading? How is it your device if it's leased? Why'd you have LineageOS installed on a company/3rd party device?

Yer a fuckin tard m8

Local network might work while internet connection does not, so that's not acceptable.
You're pinging them, not giving them pageviews or money.


What's the advantage of doing that?

Pinging is metadata of your activity. Can be used against you.
If you use a (((SIM))) card instead of WiFi then it's fine. If you host your site on a 2nd network or if you're away from home then it's fine. I don't see a disadvantage in picking a site to ping yourself.

github.com/jmdugan/blocklists/blob/master/corporations/google/non_localized
You might want to comment out youtube.com, www.youtube.com and i.ytimg.com if you want newpipe to work

That's why you ping google (lots of people do it) instead of pinging a smaller site (very few people do it).
The biggest issue I can see is that now one more third party can figure out when you have internet access and when you don't, but your ISP can already do that and they're easier to get logs from.
>If you use a (((SIM))) card instead of WiFi then it's fine. If you host your site on a 2nd network or if you're away from home then it's fine.
Sure, you can work around it, but it's still a hacky solution that shouldn't go to production, and it also makes you a bit easier to track by anyone snooping on the path.

Ping cloudflare, you will connect to their servers eventually.

why would you even need to do that? i know when i have internet connectivity enabled and i can see it in the program if it cant connect to something. no need for tracking pings.

The default for the hosts editor I am using is /system/etc/hosts, which produces no result. Should I modify it to your path? I don't know. LineageOS

Adding that I am testing by attempting to access google.com in Icecat Mobile to see if it fails

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

These are our enemies. Why are we supporting them?

Mods are kikes. Why are they deleting my posts?

Good idea user, but don't you think that idea is a bit too Jewish?

Heil Israel

This isn't going to work. Try again.

This is a slide thread. SAGE AND REPORT