What are the risks of third-party apps?

Third-party apps can track user data, including location, and may sell this information to data aggregators.

How can I protect my privacy when using apps?

Check app permissions regularly, disable location access when not needed, and consider using open-source apps from FDroid.

Are Google and Meta apps safe to use?

Google and Meta apps can track user activities and require login, making them riskier for privacy.

What is the benefit of using FDroid?

FDroid apps are open-source, meaning their source code is publicly available and can be audited for safety.

How can I counter location tracking threats?

Block location permissions for apps and use a VPN to protect your IP address.

What should I do if an app requires location access?

Disable location permissions when not using the app and close the app when not in use.

Are fitness apps a privacy risk?

Yes, fitness apps can track location and combine it with other data, posing a privacy risk.

SE Linux is a security model integrated into Linux that controls app permissions and access to device features.

Can firewall apps protect my data?

Firewall apps can help prevent data exfiltration, but they have limitations and may not catch all traffic.

What should I do with apps that I no longer use?

Uninstall apps that you are not using to minimize potential privacy risks.

How to Make Apps Safe (On De-Googled Phones)

00:25:05

https://www.youtube.com/watch?v=HI82bOlT4Is

摘要

TLDRThe video provides insights on how to safely install apps on smartphones, particularly focusing on third-party applications. It discusses the inherent risks associated with these apps, such as data tracking and location monitoring, and emphasizes the importance of managing app permissions. The video also highlights the advantages of using open-source apps from FDroid, which are considered safer due to their transparency. Additionally, it addresses the privacy concerns related to popular apps from Google and Meta, urging users to be cautious about their data and permissions. Overall, the video aims to educate viewers on maintaining privacy while using mobile applications.

心得

🔒 Always check app permissions before installation.
📍 Disable location access for apps when not in use.
🛡️ Use open-source apps from FDroid for better security.
🚫 Uninstall apps you no longer use to reduce risks.
📱 Be cautious with Google and Meta apps due to tracking.
🧭 Fitness apps can pose privacy risks with location data.
🔍 SE Linux helps manage app permissions effectively.
🛑 Firewall apps can help but have limitations.
📊 Data monetization is a key risk with free apps.
👥 Contact list permissions can lead to privacy breaches.

时间轴

00:00:00 - 00:05:00
用户在安装手机应用时应确保其安全性，许多人会检查隐藏的系统应用并禁用可疑的应用。使用防火墙应用程序（如Netguard）可以阻止互联网访问并跟踪应用流量。更安全的选择是使用来自FDroid的应用。手机操作系统本身（如iOS和Android）具有潜在的危险功能，包括24/7位置跟踪和身份监控。视频将重点讨论第三方应用的风险，尤其是对于普通用户的隐私问题。
00:05:00 - 00:10:00
视频将深入探讨Android架构，强调Android框架和Linux的关系。Android应用在一个独立的虚拟机中运行，无法直接访问设备驱动程序。每个应用都需要声明其使用的设备和功能，用户可以选择授予或拒绝这些权限。SE Linux安全模型确保应用无法秘密访问设备功能，用户的隐私得以保护。
00:10:00 - 00:15:00
一些应用程序可能会追踪用户的位置并出售收集的数据，尤其是免费应用程序。位置数据和广告ID的结合使得用户身份容易被识别。用户应定期检查应用权限，尤其是位置权限，以防止数据泄露。使用VPN可以保护IP地址，减少被追踪的风险。
00:15:00 - 00:25:05
用户应谨慎使用健身应用、Google应用和Meta应用，因为这些应用可能会收集大量个人数据。特别是Meta应用需要用户登录，导致更高的隐私风险。相对安全的选择是使用FDroid商店中的应用，因为这些应用经过审核，源代码公开，降低了数据收集的风险。总之，用户应尽量减少应用安装，定期检查权限，并关注应用的隐私政策。

显示更多

思维导图

视频问答

What are the risks of third-party apps?
Third-party apps can track user data, including location, and may sell this information to data aggregators.
How can I protect my privacy when using apps?
Check app permissions regularly, disable location access when not needed, and consider using open-source apps from FDroid.
Are Google and Meta apps safe to use?
Google and Meta apps can track user activities and require login, making them riskier for privacy.
What is the benefit of using FDroid?
FDroid apps are open-source, meaning their source code is publicly available and can be audited for safety.
How can I counter location tracking threats?
Block location permissions for apps and use a VPN to protect your IP address.
What should I do if an app requires location access?
Disable location permissions when not using the app and close the app when not in use.
Are fitness apps a privacy risk?
Yes, fitness apps can track location and combine it with other data, posing a privacy risk.
What is SE Linux?
SE Linux is a security model integrated into Linux that controls app permissions and access to device features.
Can firewall apps protect my data?
Firewall apps can help prevent data exfiltration, but they have limitations and may not catch all traffic.
What should I do with apps that I no longer use?
Uninstall apps that you are not using to minimize potential privacy risks.

查看更多视频摘要

即时访问由人工智能支持的免费 YouTube 视频摘要！

字幕

自动滚动:

00:00:00
A common question among my followers is
00:00:02
how to make sure that they only install
00:00:05
safe apps on their phone. Some more
00:00:08
industrious users actually examine even
00:00:10
hidden system apps and disable some if
00:00:13
the name sounds suspicious. At other
00:00:16
times, users will run protective
00:00:18
firewall apps like Netguard to actually
00:00:20
block internet access or track the
00:00:22
amount of traffic for all apps while
00:00:24
manually deciding which app should be
00:00:26
given access to the network. Another
00:00:29
approach taken by more serious
00:00:31
security-minded people is to use only
00:00:33
apps that come from FDroid. Now to make
00:00:36
it clear, the most dangerous features of
00:00:38
a phone are actually built into the
00:00:40
operating system itself, meaning iOS and
00:00:43
Google Android.
00:00:45
These do 24/7 location tracking, contact
00:00:48
tracing, even notification monitoring,
00:00:51
and the identity of the phone is plainly
00:00:53
attached to you. These OSS can track
00:00:56
everything you do on the internet. Today
00:00:59
though, we will isolate the problem only
00:01:02
to third-party apps. If you're one of
00:01:04
the smart few that use a degled Android
00:01:07
phone, then the only realistic risks on
00:01:10
your phone come from third-party apps.
00:01:13
By the way, there's also the risk of the
00:01:15
cell network side with the carriers
00:01:17
interacting secretly with the salebased
00:01:20
momentum or OEM supply chain attacks.
00:01:23
Unfortunately, this potential risk
00:01:24
applies to all phones, but typically
00:01:27
this is something that would be used
00:01:28
against high-V value targets like the
00:01:31
Edward Snowden types or International
00:01:33
Spycraft. So, we will skip that as well
00:01:36
for now, though I will cover that in a
00:01:38
separate video. We will talk about
00:01:41
things that apply to average everyday
00:01:43
people who just want privacy in their
00:01:45
lives and teach you about things you can
00:01:48
control. Stay right there.
00:01:57
Once again, I will remind you that the
00:01:59
focus of this video will be third-party
00:02:01
apps. We will assume that neither Google
00:02:05
nor Apple nor the OEM has directly
00:02:09
inserted malware, spyware, or trackers
00:02:12
on an open-source phone. Let's look at
00:02:15
this chart of the Android architecture.
00:02:18
And though iPhones are not really part
00:02:20
of this explanation, you will find that
00:02:22
the architecture of iOS is actually
00:02:24
similar just using different
00:02:26
nomenclature.
00:02:28
And the very interesting detail about
00:02:30
this architecture is that the actual
00:02:32
nuts and bolts that operate the devices
00:02:35
like displays, touchscreen, speakers,
00:02:37
microphones, sensors, cellbased band
00:02:39
modes, Bluetooth, Wi-Fi, GPS, and so on
00:02:42
are actually just running on Linux. By
00:02:46
the way, on iOS, the base OS is using
00:02:48
another Unix like OS. So, very similar
00:02:51
to Linux. Linux as used on Android
00:02:54
devices requires that the source code be
00:02:57
made public. This is why open-source
00:02:59
operating systems are deemed to be safer
00:03:01
because we can examine the code of both
00:03:03
the Android framework which gives you
00:03:05
the user interface and also the nuts and
00:03:07
bolts which are visible on Linux. In
00:03:10
this chart, you will see that the
00:03:12
Android code is in the layer called
00:03:14
Android framework in green and Linux is
00:03:18
the section colored in yellow. And
00:03:21
there's an intermediate translation
00:03:23
layer in purple which connects
00:03:24
communications between Android and Linux
00:03:28
called the hardware abstraction layer.
00:03:33
Android framework.
00:03:36
Now let's just focus on the Android
00:03:38
framework section which is grouped into
00:03:41
system apps and third-party apps. What
00:03:44
is interesting is that apps actually run
00:03:48
under a supervisory layer which in this
00:03:51
chart is called the Android runtime art.
00:03:54
The apps cannot run by themselves. They
00:03:56
cannot directly access any device
00:03:58
drivers. Only the art interacts with the
00:04:02
Linux side of things. The other
00:04:03
interesting detail is that each app
00:04:05
actually runs isolated in their own
00:04:07
individual virtual machine. So apps
00:04:10
cannot see other apps. Apps cannot
00:04:12
directly interact with other apps. They
00:04:14
do not share memory or resources outside
00:04:17
of what's provided to them in the
00:04:19
virtual machine. When things have to be
00:04:22
shared between apps, Android will be an
00:04:25
intermediary and provide a way to pass a
00:04:27
resource and Android will announce the
00:04:30
request so that any app can respond to
00:04:33
provide information
00:04:38
permissions.
00:04:40
Apps that you download from an app store
00:04:43
or are included with the OS cannot
00:04:45
perform functions outside of what's in
00:04:47
the Android open source project.
00:04:50
And as it is open source, it cannot be
00:04:53
hidden. So AOSP provides a limited set
00:04:57
of functions and this is further tied to
00:04:59
permissions that are built into Linux
00:05:01
itself.
00:05:03
There's a security model called SE Linux
00:05:06
which is integrated it into the access
00:05:08
of Linux functions and calls to device
00:05:11
drivers. Each app will declare publicly
00:05:14
what devices and features it will use on
00:05:16
the device and you the user will be able
00:05:20
to grant that permission or not. One
00:05:23
thing that is not possible is for an app
00:05:25
to secretly not declare that it needs to
00:05:27
use a device like a camera and then
00:05:30
without permission turn it on later. And
00:05:33
again this is locked down by the SE
00:05:36
Linux security policies and it is
00:05:39
available in open source so you can see
00:05:40
it. This design ensures that each app
00:05:44
cannot perform functions outside of what
00:05:46
is stated by the developer of the app
00:05:49
and again only if the user grants that
00:05:52
permission
00:05:55
location threat.
00:05:59
Some apps are very dangerous. As I've
00:06:02
already revealed in a recent video on
00:06:04
Fog Data Science and another on Anomaly
00:06:07
6, these companies actually track users
00:06:10
on their phones using apps you willingly
00:06:13
install. Just like you happily buying
00:06:15
your newest iPhone knowing that the
00:06:17
iPhone will know your activities and
00:06:19
locations 24/7.
00:06:21
But sticking to just apps, the main risk
00:06:24
of apps is that they sell the data they
00:06:26
collect. And this is important because
00:06:28
it is a monetization method.
00:06:31
The app may be free but you are the
00:06:34
product so they will take advantage of
00:06:35
that and make money with your data.
00:06:39
The primary piece of data tracked is
00:06:41
your location and some constant ID they
00:06:44
can use that could be created by the app
00:06:47
itself or use one allowed by the OS
00:06:50
which is typically the advertising ID.
00:06:53
Fortunately, open source phones do not
00:06:55
have an advertising ID. So this is one
00:06:58
of the biggest benefits. However, the
00:07:00
offending app can still create some
00:07:02
temporary ID and pass it with the
00:07:05
location data. Someone will always tell
00:07:08
me that the location data is anonymous
00:07:10
as these apps are not allowed to send
00:07:13
data like name of the user or a Google
00:07:15
ID.
00:07:17
But as fog data science has already
00:07:19
proven, this is not an issue. And this
00:07:22
particular service is used heavily by
00:07:24
law enforcement.
00:07:26
If you go to a protest and your location
00:07:28
is then registered by some app running
00:07:31
in the background, as long as all your
00:07:33
other locations are constantly being
00:07:35
captured by the app, then you are easily
00:07:38
identified just from seeing where you go
00:07:40
home to.
00:07:42
So, a series of location points
00:07:44
attributed to a particular user, even
00:07:47
anonymous ones, will yield the actual
00:07:49
identity. All that has to be done is to
00:07:51
match the home address to public
00:07:53
databases like driver's licenses, credit
00:07:55
reports, and property records, and
00:07:57
they've got you.
00:08:00
Location plus IP address threat.
00:08:04
There's a second layer of threats tied
00:08:06
to the location threat. This is when
00:08:08
data is captured in addition to
00:08:10
location. This is when the location is
00:08:12
sent together with an IP address to the
00:08:14
data aggregator company. This was a
00:08:16
technique used to create a very common
00:08:18
database called the reverse IP lookup.
00:08:21
What this does is attach a real fine
00:08:23
location to an IP address. Normally IP
00:08:26
addresses are only up to the level of
00:08:29
the ISB center in the area. In small
00:08:32
cities, this can be the entire city. In
00:08:34
larger areas like Los Angeles, the IP
00:08:36
address can be attributed to specific
00:08:38
neighborhoods.
00:08:39
At least this is what is publicly
00:08:41
available using free services like what
00:08:44
is my IP address.com.
00:08:46
But if you pay for access to the reverse
00:08:49
IP lookup database then you can possibly
00:08:52
get a precise location especially if you
00:08:55
are using your home network to within 6
00:08:57
ft. This is important data for financial
00:09:00
institutions for example. Often this
00:09:02
service is called verified location. and
00:09:05
they're able to get this more precise
00:09:07
location by creating a history of
00:09:09
location coordinates tied to an IP
00:09:11
address as captured by apps. This makes
00:09:15
the IP address a very dangerous piece of
00:09:17
data all of a sudden.
00:09:21
How to counter these location threats?
00:09:24
Currently, the surveillance in location
00:09:26
is a huge thing. Likely a big chunk of
00:09:29
the population shows up in these
00:09:30
location database if you're cavalier
00:09:33
about the use of apps. So, the first
00:09:35
thing to do is to go to your phone and
00:09:38
check app permissions. Depending on the
00:09:40
phone, you can even go to settings and
00:09:42
look specifically at those that you gave
00:09:45
location permissions too. This is the
00:09:48
easiest threat to counter since simply
00:09:50
blocking location permissions will stop
00:09:53
the exfiltration of your data. Without
00:09:56
location data, even the IP address could
00:09:58
prove meaningless on an open-source
00:10:01
phone. Now if you use a VPN you can
00:10:04
obviously protect your IP address from
00:10:06
being acquired. This is extremely
00:10:08
important when you are at home. It is
00:10:11
less important on sale data or Starlink
00:10:14
and the reason is that many people will
00:10:16
be sharing the IP address in these
00:10:17
cases. So these types of services will
00:10:20
not directly tie an IP address to a
00:10:23
particular individual. The harder
00:10:25
problem is that some apps will not run
00:10:28
without you giving them permissions for
00:10:30
location. An example here is Yelp,
00:10:33
Craigslist, Ways, and another one is the
00:10:36
Weather Channel app. And the average
00:10:38
person will give in. In my mind, these
00:10:41
are examples of ultra dangerous apps
00:10:44
that will exfiltrate your data to a
00:10:46
location database aggregator and will
00:10:49
end up on Fog Data Science and Anomaly
00:10:51
6. Can you still use these apps? If you
00:10:55
have to use them, I would always disable
00:10:57
location permissions when I'm not using
00:11:00
them. And for better peace of mind, I
00:11:02
would shut down the apps when not in use
00:11:04
so they're not running in the
00:11:06
background. Again, they force you to
00:11:09
give your permission. So, it is actually
00:11:11
your fault that you agree, but correct
00:11:14
it now by scanning through all the apps
00:11:16
with location permissions. So, mostly
00:11:19
they are all off. The clue is that the
00:11:22
apps are typically free and require
00:11:24
location.
00:11:27
Fitness apps.
00:11:30
Fitness apps are another kind of
00:11:32
location risk. Often they're tied to
00:11:35
locations as well because you're
00:11:36
recording things like 10,000 steps or
00:11:39
some such. But fitness apps have another
00:11:41
risk and that is to combine the location
00:11:43
history with gyro sensors. So as I said
00:11:47
earlier that knowing your gyro data like
00:11:49
every step will actually be enough to
00:11:51
roughly gauge your location even if you
00:11:54
turn your location data off. I recall
00:11:57
some Russian officer using fitness apps
00:11:59
extensively and of course this is common
00:12:02
for military personnel and then some
00:12:04
intelligence operatives were able to
00:12:06
track his jogging path and he was
00:12:08
assassinated on that route. I know so
00:12:11
many people using fitness apps. It's
00:12:13
likely better to use a Garmin watch that
00:12:16
has fitness data but not connected to
00:12:18
the internet and not connected to your
00:12:20
phone. I'm sure these watches can
00:12:22
connect to phone apps, but see if you
00:12:24
can use it without connecting to a
00:12:26
phone.
00:12:29
Google apps.
00:12:32
There's a category of apps primarily
00:12:34
those from Google that can monitor your
00:12:36
activities and IP addresses and connect
00:12:38
it to what you are doing on another
00:12:40
device like a desktop computer. This is
00:12:43
even with location off. The biggest
00:12:46
identifier here is the Google ID.
00:12:49
Examples of these apps are Gmail,
00:12:52
YouTube, Google Maps, Ways again, Google
00:12:55
Drive, Google Photos, and even Chrome.
00:12:58
These apps will send a constant
00:13:00
telemetry of your IP address and Google
00:13:03
ID to Google. Then this can be matched
00:13:05
to other devices you're logged onto.
00:13:08
This is called crossdevice tracking.
00:13:11
These apps can also store a cookie of
00:13:14
the Google ID on your mobile browser and
00:13:16
this is the instrument used to track
00:13:19
everything you do on any other platform.
00:13:22
Actually, the idea of having a Google ID
00:13:24
tracking your every move on the internet
00:13:26
is a big issue I frequently discussed
00:13:29
and is the main threat of big tech on
00:13:31
the internet. However, what is
00:13:33
interesting is that an open-source or
00:13:36
deoogle phone has no Google ID. Thus,
00:13:39
the risk comes only if you actually log
00:13:42
into a Google app and put in your
00:13:44
credentials.
00:13:46
Fortunately, it is not often necessary
00:13:48
to do that. I have a Bra 3 phone which
00:13:51
is open source running EOD OS and on
00:13:54
this I installed a Google app which has
00:13:55
search and voice search, YouTube, Google
00:13:58
Translate, Google Maps and Ways. Now, I
00:14:02
specifically chose these apps as
00:14:04
examples because none of these apps
00:14:07
require me to be logged into Google.
00:14:11
If you do the exact same steps of
00:14:13
denying location permissions and not
00:14:15
logging in, then these apps are not
00:14:17
really as dangerous as they sound. I
00:14:20
actually can't think of too many threats
00:14:22
with their use. Perhaps in this set, the
00:14:25
biggest threat potentially comes from
00:14:27
voice signatures or voice prints. And
00:14:30
when you use ways to take you home, it
00:14:32
will learn where home is and then sell
00:14:34
that data to Fog Data Science. But
00:14:37
otherwise, they're not that risky in
00:14:39
this particular use. And especially if
00:14:42
you use a VPN at home, this is even less
00:14:44
of an issue. Now, Google apps that
00:14:47
require you to log in are automatically
00:14:49
dangerous as they provide a constant
00:14:52
telemetry of IP addresses even if you
00:14:55
block location permission.
00:14:57
This include apps like Gmail, Google
00:15:00
Docs, Google Drive and so on since these
00:15:02
are impossible to run without logging
00:15:04
in. Just understand that their use opens
00:15:08
you up to tracking dangers.
00:15:13
Meta apps.
00:15:16
Meta apps meaning specifically Facebook,
00:15:18
Instagram and WhatsApp are very
00:15:21
dangerous apps. And that is because
00:15:23
unlike in other apps, Meta knows
00:15:25
precisely who you are. And this is
00:15:27
crowdverified by your friends. It also
00:15:30
knows all your location, retrieves your
00:15:32
contact list daily, and creates a
00:15:35
dynamic relationship map from this that
00:15:38
establishes who you know and who you
00:15:40
circulate with, including specific
00:15:42
activities you participate in. Meta does
00:15:46
not hide that it does this intense
00:15:49
collection of data. And unlike the
00:15:51
Google apps I mentioned earlier, it is
00:15:53
not possible to use meta without logging
00:15:55
in. Meta also clearly states that it
00:15:58
combines the information about you from
00:15:59
all its apps. So you cannot really use
00:16:02
WhatsApp anonymously.
00:16:04
And just like Google, the Facebook ID is
00:16:06
an internet identifier that is
00:16:08
recognized by any site that embeds a
00:16:11
Facebook login, Facebook ad or Facebook
00:16:14
like button. This means a lot of
00:16:16
websites can track you simply by using
00:16:18
Meta. This is a case where I can't
00:16:20
really find any safe solutions for. So
00:16:23
for privacy reasons, I cannot ever
00:16:25
recommend to anyone that you use any of
00:16:27
these apps. Once you join one, then
00:16:30
anyone you connect to is part of the
00:16:32
surveillance algorithm.
00:16:36
Contactless dangers.
00:16:39
While Facebook is number one when it
00:16:41
comes to taking contactless information
00:16:43
daily, others include Tik Tok, LinkedIn,
00:16:45
and many social media apps. Contact
00:16:48
lists collection allow the establishing
00:16:51
of these relationship maps and it can be
00:16:54
used to connect people by phone number.
00:16:57
Just in general, I always ban apps that
00:16:59
will send my contact list to some
00:17:01
external database like what most social
00:17:04
media apps do. However, some apps like
00:17:07
your contactless app or your phone app
00:17:10
does not connect to the internet per se
00:17:12
and thus there is no danger to giving it
00:17:15
contactless permissions. Remember that
00:17:18
contact list are downloaded daily. Once
00:17:20
I installed Tik Tok and did not give it
00:17:22
contactless permissions, but Tik Tok is
00:17:25
so suspiciously aggressive with contact
00:17:27
list that it asks you for permission
00:17:30
each time you launch it. One time I
00:17:32
accidentally accepted the permission and
00:17:35
it immediately uploaded my contact list.
00:17:38
At that moment I closed the account.
00:17:43
Foid apps.
00:17:46
For those of you with the Google phones,
00:17:48
you will find that you have the choice
00:17:50
of using the Froid store. I will tell
00:17:53
you now that these Foid apps are going
00:17:55
to be very safe and no secret data
00:17:58
collection can occur. The reason is that
00:18:00
to be listed in the Froid store, you
00:18:03
must submit your app source code to Foid
00:18:05
itself and Foid independently builds
00:18:08
your app from the source code and that's
00:18:10
what's made available in the store. And
00:18:11
these apps must not connect secretly to
00:18:13
Google. Foid can examine source code and
00:18:16
see if there's some hanky panky going on
00:18:18
with your data. So this is a case where
00:18:20
you can just automatically trust this
00:18:22
source. Foid apps may not have similar
00:18:26
versions on the Google Play Store, but
00:18:28
if they do, I would use the Foid version
00:18:31
as much as possible. For example, if you
00:18:33
want an ultra safe map app, instead of
00:18:36
using Google Maps or even Magic Earth,
00:18:38
you can find some app like Osmand on
00:18:41
Foid and it will be the safer option. An
00:18:45
example application of this is with
00:18:47
weather apps. Since location data is
00:18:49
frequently sold by weather apps, this is
00:18:51
a case where I would go to Foid itself
00:18:54
and find some app like Breezy weather.
00:18:59
Other possible threats.
00:19:02
Other potential threats that scare
00:19:04
people are apps that will just turn on
00:19:06
the camera or microphone. While these
00:19:08
are legitimate features when the app
00:19:10
captures photos and videos, these are
00:19:13
real possibilities. So, I would rarely
00:19:15
grant access to camera photos and
00:19:17
videos. But be careful here as these
00:19:20
permissions are often forgotten on the
00:19:22
browser. If you screw this part up, you
00:19:25
have to blame yourself since the cause
00:19:27
of this is bad permissions.
00:19:30
Another real threat is some thirdparty
00:19:33
app acquiring device identifiers like
00:19:35
MAC addresses, IMEI, MZ and so on. These
00:19:38
are identifiers that actually are unique
00:19:41
to your phone and thus can be used to
00:19:42
track particular users. These
00:19:45
identifiers reside in the Linux layer.
00:19:48
So a Linux executable code could read
00:19:50
these values. But this is no longer a
00:19:52
threat nowadays because for many years
00:19:54
now this information is now locked down
00:19:56
by permissions and not available to
00:19:59
thirdparty apps on a Google phone. No
00:20:02
Google system app can read it either
00:20:04
because they don't exist. A threat that
00:20:07
was recently identified was the
00:20:08
government starting monitoring
00:20:10
notifications. Notifications are not
00:20:12
encrypted and if your device can be
00:20:14
identified then it is possible that some
00:20:16
can read your notifications. My response
00:20:19
to this is to limit which apps can send
00:20:22
notifications. One particular conspiracy
00:20:25
theory is that apps will interact with
00:20:27
your body using WBAN WBAN using nanobots
00:20:32
injected via vaccine. This one I do not
00:20:35
bias risk. If such a radio transmission
00:20:37
exists, it should be easily detected
00:20:40
using common digital radio tools and
00:20:42
hidden communications should not be
00:20:44
possible on a third-party app. Not sure
00:20:47
why people worry about this when the
00:20:49
tracking of all your activities is done
00:20:50
in a more obvious manner using simpler
00:20:53
methods.
00:20:57
Firewalls.
00:20:59
Is it necessary to use an Android
00:21:01
firewall app like Netgard? And can this
00:21:04
even catch anything?
00:21:07
Unfortunately, I don't think firewall
00:21:09
apps are useful at tracking Linux level
00:21:11
traffic since that is beyond the control
00:21:14
of Android apps. So things happening at
00:21:17
the OS level in Linux may not be
00:21:19
visible. Meaning don't expect a
00:21:22
framework level app to record things
00:21:24
happening outside of the Android
00:21:26
framework. This is a big giant hole.
00:21:29
However, if you are experimenting with
00:21:31
some new app, you can make sure it will
00:21:34
not reach out with your data by
00:21:36
activating a firewall to stop it from
00:21:38
communicating.
00:21:39
Let me just warn you of limitations
00:21:42
though. While you may be able to stop
00:21:44
your data from being exfiltrated while
00:21:46
using the firewall, the problem is that
00:21:48
if you allow the app to transmit
00:21:50
eventually, there's always the risk that
00:21:52
the data has been accumulated and sent
00:21:55
in batch. So, it's okay to use these,
00:21:59
but they have limitations.
00:22:02
Summary.
00:22:05
In summary, although there are many
00:22:08
risky apps, you can control them so they
00:22:10
stay within their lane, but as a matter
00:22:13
of habit, I would recommend that you
00:22:14
install as few apps as possible. And if
00:22:18
you're not using an app, then delete it.
00:22:20
And be careful about login apps to
00:22:23
Google or Facebook.
00:22:25
On a privacy focused OS, I really
00:22:27
wouldn't worry about the system apps.
00:22:30
Those developers will have already
00:22:32
curated what can be found there. The
00:22:35
reality is that the biggest threats have
00:22:37
always been more inside Google and Apple
00:22:40
itself. Google, for example,
00:22:42
deliberately collects constant location
00:22:44
and other telemetry, and you cannot stop
00:22:46
it with permissions. They store it in
00:22:49
what is publicly called the Google
00:22:51
sensor vault. In case you think I made
00:22:53
this up, this is really an important
00:22:55
element. System apps installed by Google
00:22:58
itself can evade permission
00:23:00
requirements. They can talk to HQ and
00:23:02
hidden channels and have encrypted
00:23:04
traffic. And likely you will see more of
00:23:07
this with AI companion type apps. But
00:23:09
Google and Apple successfully limited
00:23:12
the risk of third-party apps and
00:23:15
open-source oss are immune from Google
00:23:18
and Apple's surveillance infrastructure.
00:23:20
So the risk left is often just at the
00:23:24
level of permissions. So, that's where
00:23:26
you need to raise your awareness,
00:23:28
granting permissions and making sure no
00:23:30
one has installed a Rogue app on your
00:23:33
device.
00:23:37
Folks, while other channels sustain
00:23:39
themselves via sponsorships, we are
00:23:42
actively sustained solely by this
00:23:44
community. Thank you to those who
00:23:46
provide financial support directly to us
00:23:49
through Patreon, locals, and YouTube
00:23:51
memberships. We have also taken the
00:23:53
approach of actually creating an
00:23:55
organization you can trust by creating
00:23:58
products that support your goal and ours
00:24:00
of achieving privacy and offering it
00:24:03
with the best possible service at a
00:24:05
reasonable price. And this is how we
00:24:07
chose to sustain this channel. For those
00:24:10
interested in the BRA 3 project that is
00:24:13
handled by the site bratec.net net and
00:24:16
you can see the current status of the
00:24:18
project there which currently started
00:24:20
shipping. We have other products that
00:24:23
you will find on our community area on
00:24:26
Braxme. There are over 120,000 users
00:24:29
that are part of our community that
00:24:32
discuss security and privacy issues in a
00:24:35
safe environment. Many of you believe in
00:24:37
us and so this community is growing.
00:24:39
Some of you have been involved for more
00:24:41
than 10 years. In our store, you will
00:24:44
find products like Pixel phones, Brax
00:24:47
virtual phone, Bra, and ViceVPN. These
00:24:50
are an essential base to build your
00:24:52
personal privacy and of course support
00:24:54
the creation of content on this channel.
00:24:57
Thank you for watching and see you next
00:24:59
time.

标签

privacy
apps
third-party
permissions
FDroid
location tracking
Google
Meta
security
open-source