Is GSF-less android safe enough?

Isaiah Baker
Isaiah Baker

I use AOSP-based custom ROM, microG without google account and F-droid apps for stuff where possible.
I am aware Android still uses proprietary vendor drivers, but network monitoring didn't report any connection to google or other suspicious sites except for connectivitycheck.gstatic.com which can be blocked at dns level.
So is this solution relatively safe from data collection or do you know about something I don't know?

Attached: microg.png (35.65 KB, 772x282)

Other urls found in this thread:

github.com/jmdugan/blocklists/blob/master/corporations/google/non_localized

Chase Lopez
Chase Lopez

why are you even here

Attached: botnet.png (554.9 KB, 600x450)

Dominic Wilson
Dominic Wilson

Whenever you connect to a WiFi network all versions of Android (including Cyanogen et al) ping Google servers in order to determine whether or not it has internet access. In order to get rid of this you have to edit the URL out of the source and build the ROM yourself.

Alexander Cooper
Alexander Cooper

You are still being tracked by GSM towers.

Anthony Adams
Anthony Adams

That's dumb, why doesn't Cyanog, Lineag, Copprh, etc. run their own ping domains?
That's what most Linux distros do.

Even if AOSP has the option hidden away somewhere, how did they not bother to change it in all these years??

Kayden Miller
Kayden Miller

If you're gonna ping something that often, the phone should come with a list of top 1000 websites and ping a random 3 of them every time.

Grayson Fisher
Grayson Fisher

I guess pings aren't that big threat to privacy.
Google probably receives many of such pings every minute from same IP so they can hardly track you unless you have public IP.
Btw forget about copperhead, bad guys took over it and fired main dev, it is not safe anymore.

Nicholas Evans
Nicholas Evans

Android is fucking huge and infested with Google botnet, same shit as Chromium.

Oliver Morgan
Oliver Morgan

No, Android is fucked at the core, see permissions.
That is not a concern, pinging google is one of the best ways to check connectivity in fact.

Alexander Hall
Alexander Hall

why ping anything. its just a waste of resources and good way to spy the user because the latest ip and possibly other identifying data is always logged somewhere

Hunter Rogers
Hunter Rogers

You can block the host using hosts file and AdAway. LineageOS is also connecting to the time.android.com and even www.google.com, I think. I have 4 or 5 domains blocked which LineageOS tried to connect to in my first hour of using it, before installing any apps other than AdAway.

This. I've blocked the domain and my phone works just fine. It has an x and says "no internet" but I can live with that.

pinging google is one of the best ways to check connectivity in fact.
It would be better if you could change the domain you're pinging to in the developer settings and the domain of the time sync service.

Christopher Green
Christopher Green

cryptos.im

Or find any sim provider from one of the many countries where ID isn't required for activation that has favorable international/roaming rates.

Liam Butler
Liam Butler

why ping anything

Because it's part of the core Android network APIs. NetworkCapabilities#hasTransport

Caleb Kelly
Caleb Kelly

time.android.com

NTP config is located at /frameworks/base/core/res/res/values/config.xml

<string> element with name: config_ntpServer

Change it and recompile.

And just block Google in your host file

/system/core/rootdir/etc/hosts

Jaxon Morales
Jaxon Morales

It would be better if you could change the domain you're pinging to in the developer settings
The point of pinging google is that google has ridiculous uptime (so false negatives are rare), and that traffic to google is both enormous and spread out, so a few more pings don't make you stand out.
If you were to ping mydubmsite.com or something, you'd make yourself stand out by being one of the few people regularly pinging that site: the domain would still be visible over https too, to make things worse.

Being able to change the time sync is more reasonable.

Grayson Jones
Grayson Jones

What is a full list to add to the hosts file, besides google.com and gstatic.com

Michael Hughes
Michael Hughes

I can ping to my local site then. It's irrelevant, I'd rather ping something that isn't owned by a big and corrupted corporation.

Zachary Clark
Zachary Clark

Or just fucking ping whoever leased your device an address with DHCP or an address that you define.

Aiden White
Aiden White

leased your device
The fuck am I reading? How is it your device if it's leased? Why'd you have LineageOS installed on a company/3rd party device?

Landon Morris
Landon Morris

Yer a fuckin tard m8

Bentley Peterson
Bentley Peterson

I can ping to my local site then.
Local network might work while internet connection does not, so that's not acceptable.
It's irrelevant, I'd rather ping something that isn't owned by a big and corrupted corporation.
You're pinging them, not giving them pageviews or money.

What's the advantage of doing that?

Cameron Hughes
Cameron Hughes

Pinging is metadata of your activity. Can be used against you.
Local network might work
If you use a (((SIM))) card instead of WiFi then it's fine. If you host your site on a 2nd network or if you're away from home then it's fine. I don't see a disadvantage in picking a site to ping yourself.

doesn't buy his phones
calls other people tards

Carson Miller
Carson Miller

github.com/jmdugan/blocklists/blob/master/corporations/google/non_localized
You might want to comment out youtube.com, www.youtube.com and i.ytimg.com if you want newpipe to work

Austin Richardson
Austin Richardson

Pinging is metadata of your activity. Can be used against you.
That's why you ping google (lots of people do it) instead of pinging a smaller site (very few people do it).
The biggest issue I can see is that now one more third party can figure out when you have internet access and when you don't, but your ISP can already do that and they're easier to get logs from.
If you use a (((SIM))) card instead of WiFi then it's fine. If you host your site on a 2nd network or if you're away from home then it's fine.
Sure, you can work around it, but it's still a hacky solution that shouldn't go to production, and it also makes you a bit easier to track by anyone snooping on the path.

Jaxon Russell
Jaxon Russell

Ping cloudflare, you will connect to their servers eventually.

Leo Nelson
Leo Nelson

why would you even need to do that? i know when i have internet connectivity enabled and i can see it in the program if it cant connect to something. no need for tracking pings.

Zachary Hughes
Zachary Hughes

The default for the hosts editor I am using is /system/etc/hosts, which produces no result. Should I modify it to your path? I don't know. LineageOS

Owen Fisher
Owen Fisher

Adding that I am testing by attempting to access google.com in Icecat Mobile to see if it fails

Jaxon White
Jaxon White

HAPAS ARE SUPERIOR TO WHITES

Easton Rogers
Easton Rogers

HAPAS ARE SUPERIOR TO WHITES

Ryan Adams
Ryan Adams

HAPAS ARE SUPERIOR TO WHITES

Christian Hernandez
Christian Hernandez

HAPAS ARE SUPERIOR TO WHITES

Christian Taylor
Christian Taylor

HAPAS ARE SUPERIOR TO WHITES

Aiden Howard
Aiden Howard

HAPAS ARE SUPERIOR TO WHITES

Matthew Powell
Matthew Powell

HAPAS ARE SUPERIOR TO WHITES

Jack Howard
Jack Howard

These are our enemies. Why are we supporting them?

Brayden Butler
Brayden Butler

Mods are kikes. Why are they deleting my posts?

Liam Hughes
Liam Hughes

Good idea user, but don't you think that idea is a bit too Jewish?

Noah Martin
Noah Martin

Heil Israel

Nathaniel Robinson
Nathaniel Robinson

This isn't going to work. Try again.

Ryder King
Ryder King

This is a slide thread. SAGE AND REPORT