DeGoogle Yourself

Ramblings about degoogle-ing, and going further for the fun of it.

cross-posted from: https://lemmy.ml/post/26343625

Recently I had to go through a almost one year process of Degoogling and canceling a lot of my data from the Internet. Unfortunately, I noticed that a lot of specific information are not available in only one source and I had to do separate researches for each problem that I had. So, I decided to write this guide to share my experience hoping that it will make this process easier for who will read it. You are absolutely free to share this guide here, on other sites, with your friends and family. Feel free to comment and add a feedback.

I want to start with a very immediate list of FOSS applications that I’m using on my Degoogled Android phone. The most important thing here is to never login with Google on your phone and also never use it to login to internet services such as forums or news websites.

System administration *MicroG suite : This provides minimal libraries for applications that uses Google Play Services. *F-droid : Is an alternative store that can be used in place of Google Play. *Aurora Store : A Open Source front-end for Google Play. However, downloading applications from it does not guarantee that you will not be tracked. *App Manager – Android package manager : This gives you a lot of control on applications that are installed in your phone. It shows also the trackers and eventual vulnerabilities. *Shelter : This is one of the most useful apps on F-droid, it permits you to clone preparatory apps such as Instagram in a sandboxed environment on the work profile. *Logcat Reader *PCAPdroid : A network monitor *Irregular Expressions : A Keyboard to write with different styles *Simple Keyboard : This is very important, a keyboard on your phone should be as lightest as possible. *Termux : This is more than a terminal emulator. It comes with a almost complete GNU/Linux environment and lets you to install many CLI applications used on these machines.

Generic *Organic Maps : An alternative to Google Maps. It uses OpenStreetMaps and works quite well. It is also true that it relies a lot on user’s contributions. So if you will visit a place which is not on the map, remember to add it. *Fossify Calendar, gallery, voice recorder, contacts, messages, phone, ecc : This suite is a FOSS fork of the old “simple mobile tools” suite that was acquired by a Israeli company. *OpenCalc : A calculator app *VLC : A well known audio/video player which supports a lot of different formats. *Librera Reader : A pdf and document reader *Open Camera *ObscuraCam : Use it to blur faces *Scrambled Exif : Remove metadata from pictures. (use it before publishing a photo on social medias) *PixelKnot : Embed a secret message in a picture *QR Scanner (PFA) *Collabora Office : (Not directly present on F-Droid but they have their own repository, check on their website) *Nextcloud : A very good alternative to Google Drive. *Call Recorder *Firefox and Thunderbird : Be careful, even if Firefox browser is generally more privacy friendly than others, it cannot avoid fingerprinting. The only way to avoid it is to use the Tor Browser. *Tor Browser for Android : This is a modified version of Firefox that uses Tor to connect to the Internet in order to protect your anonymity. *Print *Signal

Security *Aegis : A 2FA app (two-factors authentication) *Bitarden: A password manager (Not directly present on F-Droid but they have their own repository, check on their website) *AFWall+ : A firewall for Android *Hypatia : An Antivirus *DroidFS : It permits you to crypt files in vaults that are not readable by other apps. *Orbot : A proxy to route app activities through Tor- *LocationPrivacy *Ripple : A panic button that will trigger apps with a panic responder. *I2P : An alternative to Tor *InviZible Pro : An app that permits you to enhance your privacy on the Internet by using DNSCrypt, Tor or I2P. Be careful, this is an all-in one application and should not be used if you are already connected to tor. *Léon – The URL Cleaner : Remove trackers from URLs *PersonalDNSfilter : Use it to block unwanted ads *PilferShush Jammer : Block the microphone usage by other apps.

Not on F-Droid *Prey : An Anti-thief app. The free version is GPL licensed

But this list is not enough in my opinion. It is important also to know how to protect our privacy with actions that are not directly involved in setting up applications and filters. If we are going to think that our privacy will be protected just by pushing a button, we are doing a mistake. Using DuckDuckGo and Searx as search engines its a good thing but not enough.

Important mistake to avoid : If you have your Google account as a login for some websites wait before closing it, you may lose access to them. Your Google account should be the last thing that you are going to delete. Make sure that you have deleted all relevant information from the Internet before closing it.

Today corporations and repressive governments are using a variety of methods to profile users and some of them are very subtile.

Fingerprinting This is a way to identify a user by looking at unique characteristics of his browser. When we connect to a website, our browser must exchange some basic information in order to load a page. Some of these information can be the type of device, screen size, browser settings, language settings, operating system, ecc. With all these information together it is possible to recognize a specific user in the middle of many others. This is unfortunately very difficult to avoid but Tor Browser can be a solution while a VPN cannot really help here.

Firefox also permits to activate a resist fingerprint setting but this solution will break some websites and probably is not effective as Tor Browser. Instructions to activate it can be found here: https://support.mozilla.org/en-US/kb/resist-fingerprinting

Open Source Intelligence (OSINT) It has little to do with free software. This is a method of data collection that looks for information about something or someone through public available sources. The problem is that today these sources are much more difficult to control for an average user than 20 years ago.

A classic example: You are a very careful person about your social medias, you don’t post anything controversial and maybe you don’t even have a real name on Instagram. But You may have some relatives that likes to share a of lot pictures and for your birthday you have been tagged by them and they wrote your name in a post. If they have a very loose privacy settings (which is likely), this information will be publicly available on the Internet.

Another example : You are a exchange student in a foreign university and of course you want to meet new people. You may take a group photo during a party with some people that you don’t really know. This photo gets shared many times and maybe becomes also a post. After a lot of years one of the persons in the photo gets convicted for a serious crime. This photo will continue to be available on the internet and a insurance company that you asked for a service may increase the price or not provide it since you “are a person with criminal contacts”

Last example (and this is what really happened to me) : You are a 18-19 old teen writing dumb comments and posts on Facebook or Instagram. This gets cached by search engines and external websites. Many years after, you are just searching your name and surname on the internet and you find out that a search engine has cached a very dumb comment from many years ago that you have even deleted.

All these examples shows how its easy to lose control over our data. Many companies uses automated software to see websites on which you are registered just by putting the email on your CV in a box.

You must also be aware of data breaches. You can be registered on a website with your email set as private. If a data breach happens, your address is going to be disclosed and become publicly available. You can check this on: https://haveibeenpwned.com/ If you don’t use a site for years, delete your account.

Another tool that is frequently used to see where a user is registered is: https://epieos.com/ This website searches where your email address is set as public. It can also search for a phone number.

So the problem here is not only to DeGoogle but also to remove our personal information for all other places. Removing a content from Google is a little thing today.

Fortunately, there are some ways to remove our contents from the Internet but they must be planned well. The first thing to do is always to remove the content from the original site, in this way the content on search engines becomes outdated and easier to delete even if you don’t live in the EU.

Social medias First thing: Never publish photos of your children on the Internet, in the future they may hate you for that. We are going to live in times where nontransparent AI will scrap for all possible content.

Now, even if you have a private profile on Instagram, your likes and comments are going to be visible on public pages and reels. Delete them all. Why someone should be able to find what you liked 6-7 years ago? Does the discussion that you had on a Facebook page of your local newspaper still matter? You may need months to delete all these stuff but it is worth. Remember to do a regular follow up on the deletion page to see if some buggy content still reappears after some weeks.

Use different usernames for every social media and never put your real name.

Power move : If you have your real name on Instagram and you want to delete it from search engines : first modify your real name, then change your username. By doing this, you will modify the link of your profile and it will be cached by search engines without your name. Change also a photo in order to avoid the possibility of reverse photo lookup.

Other sites In some cases you will have to contact the webmaster of a specific site in order to cancel your data. It happened to me with a local news page.

Search engines Here we are, this is the magic moment. Remember that if you are going to just remove something from a search engine without actually deleting the original content, this will continue to be available and someone may find it even without Google.

So, I can speak for what I know : These solutions refers for content removal in the EU. If its not relevant to you, skip to “How to use email addresses”

Google This is the page for content removal in the European Union: https://support.google.com/websearch/answer/9673730?hl=en#zippy=%2Cwhich-removal-option-do-i-choose Note that if you are living in the EU and ask to remove results about you, it will usually remove these results only for all EU versions of Google. This means that if someone has a VPN he can actually see them by connecting to a United States server. The best strategy is to remove the original contents from sites also by contacting the owners. Then the results on Google will become outdated and most of them will disappear. In some cases like Facebook comments, they can remain in the search results even if they are already removed because they were cached by the search engine. In this case, this tool should be used once the content is removed: https://support.google.com/webmasters/answer/7041154?hl=en If you are from a EU country and you already removed it so it continues to exist in external Google versions, make this request with a VPN connected to a foreign server.

Bing

Bing (EU citizens):https://www.bing.com/webmaster/tools/eu-privacy-request Bing (Non-EU citizens):https://www.microsoft.com/en-us/concern/bing

For cached pages : https://www.bing.com/webmasters/help/bing-content-removal-tool-cb6c294d

Many search engines (also DuckDuckGo) are partnered with Bing and removing content from it will also remove content from them most of the time.

DuckDuckGo For who lives in the EU, this is this page: https://duckduckgo.com/duckduckgo-help-pages/r-legal/privacy-rights/

Internet archive Be careful: some of your content was maybe cached by the Wayback Machine. Always check if this is the case. This is a very useful internet museum but sometimes it may be problematic since a lot of people does not even know about its existence while it takes data from a lot of sites. This is the removal page: https://help.archive.org/help/how-do-i-request-to-remove-something-from-archive-org/

How to use email addresses My advice is to have as many addresses as possible and split the websites login between them. You can write a .txt file with lists of services attached to every address. Like this :

Logins: Mail xxxxx1 Instagram, Facebook, Tinder

Mail xxxxxx2 Bank 1, bank 2

Mail xxxxxx3 Local news1, other site2, ecc

I would suggest you to have at least: One email with a fake name and surname One email with a completely invented username in a foreign language (Tutanota is great for this)

Personally, I would recommend Protonmail and Tutanota for communications with real people. Then, one email should be left only for banking and government accounts.

Use fake emails to register to websites that you will not use often but they are pushing you to create an account. Of course, this applies only to sites that are not related with shopping. An online transaction will reveal your identity.

A normal email provider such as Yahoo is ok for professional life, so no one will make too much questions. Eventually, your Linkedin account should be linked only to this address. Use it with Thunderbird so you can avoid proprietary JavaScript. I would also recommend to use a separate phone number for work.

Bonus: Other Alternatives to Google and AI If you are pushed to use Google Maps because the place that you are looking for is still not on OpenStreetMaps, remember to add it so other people will not have to use Google to find it. Remember that public transport information that you find on Google Maps is always available on local transports websites. Its just 2-3 minutes of research.

Remember that it is possible to use fair and open source AI models on your computer with: https://gpt4all.io/index.html?ref=top-ai-list Download a model that will not send your data to corporations, there are plenty of them.

This is more or less everything that I learned during this year, remember that human factor makes always the difference. Think about your personal situation. What do you want to show? To who ? And what do you what to hide? From who? And how? Think in a way to protect your privacy according to your personal situation.

I hope that this guide will be useful for average users that wants to regain control of their private life and that at the same time, it will be a impoverishment factor for evil corporations and their supporters.

for English i use heliboard. but i type in other languages also, and there are no practical choices in foss keyboards for those specific languages which also have the mainstream IME/key layout for my language (not qwerty).

fcitx provides some hope for the future but for now, it also doesn't have the IME/key layout for my language (only has qwerty). hopefully it can also have handwriting in the future somehow (if only via user-installed model/blob similar to heliboard glide typing).

anyway, I'm on Graphene OS. so i wondered if revoking network permission and setting gboard permanently to incognito (is permanent possible?) would suffice to cut off data collection?

edit: FYI the languages/key layouts i need are Japanese via 12-key flick and Cantonese via traditional Chinese handwriting input

Hello. I have been trying to DeGoogle for about one month, migrating from Google to other services. But the biggest obstacle is Android, which is deeply embedded with Google services and, of course, trackers. It's really, really hard to replace it with alternatives. There are no alternatives I know that are compatible with my phone. Maybe I will have to buy a new phone, or look for even more alternatives, or code my own operating system (OS) (but I can't code!). I don't know whether I can De- this Android. Hmmm...

Is there any good way to De- this Android? If I can't, is there any way to improve privacy and minimize the ability and impact of Google on this "failed to DeGoogle" phone? Thanks for any advice.

I'm using Redmi Note 13.

I decided I want to ditch my cell plan and rely primarily on a VoIP service for calling. To anybody here have any experience with VoIP: what providers would you recommend?

So far the two that I see recommended the most online are JMP and VoIP.ms. I setup an account with VoIP.ms, but am hesitant to pull the trigger until I have done a little more research. Any insight and info would be most welcome.

Looking to start the process, and want to host my own domain for email so I don't have to repeat this when changing email providers in the future again. Does anyone have any recommendations of solid ones with a focus on privacy and are reliable? I've heard Namecheap is good, but would love other recommendations.

I'm looking to finally get my spouse and I both onto a non-G email service with a custom domain. Having storage and calendars to replace Drive is the deal-maker with the spouse.

I've been using Proton as my alt email for years, but all the new crypto bells and whistles just seems sus from a business management perspective. I get it, they're Swiss, but still.

But looking at Mailbox.org, their 2FA situation seems bonkers. That's the dealbreaker for me.

All I really need is IMAP, webmail, and actual security without feeling like I'm going to be doing this all again in 5 years to get out from under another crypto bro.

Basically are there any decent de-googled phone OS that is good/decent for a folding phone?

Edit: Added my 'Solution' at the bottom

Does anyone know how I can unlock oneplus 7 Pros bootloader. I want to switch to lineageOs but am failing at that step during the install

Edit from lineage os 22.1:

What ended up working was downgrading to android 11 using the afformentioned unbrick tool. The issues I had with installing the driver originated in an incomplete unpack of the driver file by the windows explorer. After that worked, I was able to downgrade to oos 11. That's where the next issue came up: I had to upgrade to 12 again to continue the lineage install process but the first update (from an the flashed oos 11 to the latest oos 11) git stuck at 80% with an unlocked bootloader. For me it worked to update 11 as far as possible, only then unlocking the bootloader and lastly updating to oos12. After that you can continue with the lineage install as officially documented. I tried some stuff with twrp as well (wanted to dualboot postmarket OS) but that didn't work either so I just gave up.

Hello, I am considering de-googling my mobile experience. It seems like Samsung has bad security on their phones, which is why GrapheneOS is not available on Samsung phones, I guess. Ironically, google pixel phone is supposed to be the best fit for GrapheneOS.

So anyway, should I switch ? Ideally, I want to keep my phone. But my phone is quite old at this point, so I can consider buying a new phone. If I buy one, which one should I get?

Also, I heard call and mobile data does not work well on GrapheneOS and the like. How bad is it?

I think it can help people who want to get off Google search results

I have been curious about degoogled android operating system options but my phone is galaxy a54. Through the options I could find they do not mention any support for this model. Any advice on this?

I know the CEO dug himself a pretty deep hole recently.

I had been meaning to switch all the services I currently use over to proton - but his remarks gave me pause.

Is it still worth considering?

De-Google-Ify campaign by Framasoft launched in 2014 (non profit association behind the creation of peertube).

They are proposing alternatives to replace any major online tools.

To avoid the creation of a new centralised instance: Their CHATON (kitten) initiative, a collective to regroup local small hosters and promote their creation, follows several principles (only Foss tools, no tracking , no data transfer...)

https://www.chatons.org/en

If duplicated , I will edit.

If you do not understand or want to translate the article, use the translator in the sidebar.

Hello guys! A few days ago my current phone fell flat on its screen and it cracked. It's still usable, but its already quite old, and I've been wanting to switch to Fairphone because I like what they are doing as a company, and I like that I can get a device with a degoogled OS directly from them.

However, currently only the 128GB/6GB storage/ram version of the /e/os Fairphone 5 is in stock.

I mainly use my device for media (youtube -> free alternative, stremio, ebooks, etc), calls/texts, and texting through internet messenger apps.

Finally, my question: do you guys think I should wait for the 256GB/8GB version to be back in stock, or just get the currently available one. I don't play mobile games so I dont need anything fancy in that regard.

It is worth it to note that my current device has 128GB storage but 8GB ram, which is more what I am wondering about whether it will be enough. I don't want it to be unusably laggy a few years down the line, I plan on having my next device for at least 8 years, more if possible.

Anyway, thanks for all the help in advance!

Edit: will wait for the 256GB/8GB version to be back in stock. Thanks for all the advice!

Looking to switch my photos over to immich hosted on my PC. I want to be able to:

• send photos from my phone to PC
• delete them off of my phone and have them safe on my PC
• I don't need to do this all the time, so I figured immich on my local network is fine. Then I don't have to figure out wireguard.

However, right now I have free VPN on my phone. I can't access immich, but I suppose this is why. I also believe that if I have VPN features that allow me to select which apps use VPN and which do not, I could route immich to ignore the VPN, and I would be able to see it on my local network.

Am I on the right track?

So Google decided to swap out batteries for free on Pixel 4a phones. I have two of them running LineageOS without Google, but I'd really like some fresh batteries. But I don't know if Google will accept my phone. Did anyone already try to get the free replacement? How did you do it and how did it work?

Of course I prefer to use #Fdroid but for some apps I would love to be able to access a few apps that for silly reasons have been restricted to Google Account in other regions. (I Travel often)
Is it possible to use #aurorastore to access these apps? If so - how?