Have you tried degoogling your Android?
In a pursuit of a more privacy-oriented mobile computing I've installed LineageOS ROM on my phone and decided to try living without Google Play Services, which usually provide aGPS (cell tower geopositioning), push notifications and lots of other frameworks like Google Maps that apps use as libraries.
My phone has 4 primary uses:
- Communicator - mostly Telegram, WhatsApp and Slack. Email of-course.
- Navigator - GPS and Maps are an irreplaceable tool if you're living in a modern metropolis
- Internet browser - obviously
- Music Player - music on the go
So let's see how you're supposed to tackle each of the uses, while using as much FOSS as possible.
- System functionality - both push notifications and aGPS can be solved by microG - fake Google Play Services library. Not sure how it implements push, but aGPS is checked against Mozilla's geolocation database.
- Communications - Telegram is available on F-Droid (OSS app store), but everything else is not. The solution here is to use Aurora (Play Store front-end to rip APKs) and install them manually. Push notifications might be broken even with microG (WhatsApp is missing notifications for me, sometimes). AOSP email is fine, K9-mail is ugly but works somewhat better.
- Maps and navigation: OpenStreetMap is the obvious choice here and OsmAnd delivers the frontend. It has enough metadata for businesses to get you around, but compared to Google Maps it's can be sometimes lacking and/or out-of-date. Navigation itself is decent, but it's missing timetables for public transportation compared to GMaps, which can be a problem, especially if trains are cancelled or delayed. Overall it's very usable, almost feature complete, but I've found myself falling back to Google Maps in my browser when it comes to using public transport.
- Internet browser - Firefox, with uBlock Origin installed (yes, it works on Android) it's really good.
- Music Player - there are tons of music players available on F-Droid, you can pick whichever suits your needs. Here I actually stepped away from the FOSS and bought myself a PowerAMP license on developer's website. One of the rare moments where paid Android software is available outside of Play Store.
Now that the primary use cases are solved, let's try some other useful apps:
- E-banking? Broken without Google Play, app refuses to even start properly.
- Bike sharing? Taxi app? Public transport app? Broken without Google Maps libraries for the obvious reason. You might or might not be able to use the browser version, depending on the app.
- Reddit Relay/any app that requires the license? Okay you've ripped the APK with Aurora, but you can't buy the license to remove the ads.
- Ebook reader? Nothing good on F-Droid, have to rip something off Aurora.
Basically you have to be prepared to use your mobile browser a lot. And for some of the sites, do it in a "desktop mode" with tiny text, since the mobile version will just nag you to download the app, that might be broken.
The takeaway is simple - you give up A LOT of convenience just to cut off Google analytics (which you still might get with apps like Slack). It's certainly usable, don't get me wrong, but I still feel kind of stupid fumbling with OsmAnd when I'm out with my friends and trying to look something up. I'll probably end up going back to the stock ROM, or just installing the Google Apps. For me it was an experiment and I think I've got a general feel on how much information and use I'm actually getting out of GApps.
So Tildes, have you tried degoogling your phone? How did it go? Are you still using it?
I have been there a while ago, and I can give you some tips.
I used a version of lineage with microg preinstalled that solved most problems with apps not working because of libraries. Maybe the banking app can run with that. If it doesn't you can try magisk. I used to be able to hide root and unlocked bootloader status, but I don't know if it still can. Push notifications work normally through google servers but identifying information is removed.
Now about the apps.
You can get the signal apk from their site directly.
FairEmail is a more visually pleasing email app available on f-droid that works as good as k-9.
For reddit you can get Slide on f-droid.
Librera Reader is the best reader I have used. Very customization, has dark mode you can apply on the pdfs and is available on f-droid.
I had OsmAnd installed but also google maps because sometimes is better. It worked fine even without play services. I limited the usage to the minimum so I was less concerned about analytics.
Regarding analytics you can used system wide adblocks like adaway (needs root), dns66/blokada (use vpns so consume more battery) or use the Nextdns service which you can add as a private dns in more recent versions of android.
I don't use lineage anymore because the phone that I had that was supported broke. I now have a phone with stock software and play services. I don't like it but I tolerate it for now. Unfortunately lineage support isn't guaranteed and the dev can at any time stop supporting the phone and official support is removed (which happened once or twice with my last phone). So it's mostly inertia and lack of time that keep me like this. Still I support your efforts to degoogle so if you have any more question let me know.
Yes but one of the requirements of official lineage support is an enforcing SELinux which is important to sandbox the applications. Many of the roms on xda don't enforce SELinux and because OP said he was using a banking app I recommend researching this topic to anyone that wants to install those roms.
Here are some recommendations I've pulled from this thread:
Thanks for all the comments, tildes!
I agree completely, as a matter of practicality a de-googled device will depend on the web browser for many things (Google Maps, banking, etc). Personally have been using completely degoogled devices for 4 years now, even without microG. A normal person probably wouldn't be able to do it.
Launcher - KISS launcher which is overly minimalistic but it's fast and never gets in my way.
Email - FairEmail over K-9, due to the UI (neither are pretty though)
Reddit - RedReader, no ads for this reddit client.
Browser - Bromite, a Chromium fork. Firefox is too niche and badly implemented on Android (hacky fixes, pathetic sandboxing, lack of security etc) to give a second thought.
Music - Basically I just stream audio:
Sync/backup - Nextcloud as the backend cloud storage and Seedvault baked into the ROM for encrypted app backups (certain apps may disallow backups)
Ebooks - As an ebook addict, there's no replacement for an e-ink device. If absolutely necessary then muPDF isn't too bad in a pinch.
Thanks, but I already had enabled the subsonic api feature on my profile. The problem with the nginx configuration is upstream with the Yunohost package. I applied the suggested fixes to the nginx config but the Android system webview still doesn't like whatever is enabled. Since Bromite can use the webapp I decided not to migrate to a fresh server with baremetal install. The only problem is my inability to cache new music with Ultrasonic (old songs still on device).
I agree with you on the state of our sandboxing. It’s literally my job to fix that.
Unfortunately the rest of those points read to me more like a bunch of FUD.
Some problems with Firefox on Android:
I have been meaning to reply to this, but I've been stressed out lately because of COVID-19 and other reasons, but anyway...
I'll have to ask around about this, but my understanding is that this is something that our front-end team can fix.
That's kind of FUD-ish in my personal opinion. Nothing is stopping anybody from writing a WebView wrapper for GeckoView and shipping it as part of their ROM. Obviously Google isn't going to do that, but there is not a technical reason why not. And FWIW, you could make that argument with many apps, not just ones that include web engines.
Fenix (aka Firefox Preview) now runs with one parent process and one content process. I personally am working on increasing that to full multiprocess. I do not disagree with Daniel Micay with respect to his concerns about hardening. As I mentioned in my previous comment, it is literally my job to get
isolatedProcessturned on, tighten sandboxing rules and such. But let me point out that these kinds of comments make it sound that we are negligent in the sense that we "just" have to flip a boolean flag to fix this. As somebody who is actually in the trenches, I can tell you that it is much harder to activate these settings in practice.Remember that Gecko was originally written as a single-process engine, so there is so much code that just expects to have full access to OS interfaces. The hard part is taking that code and splitting it into the parts that can run in a sandbox, the parts that cannot, and then setting up the IPC so that those parts may safely communicate with one another. We need to get all of those pieces out of content before we can flip the switch.
Again, teams are constantly working on it, for the same reasons as I described above.
That work is ongoing by a different and is also coming. [As an aside, keep in mind that Google had been working on site isolation for years; the emergence of Spectre was convenient timing for them to turn it on, but don't be misled that they built that in a week.]
I would also point out that sandboxing is defense-in-depth, and as important as it is (and please don't misterpret this comment as me suggesting otherwise), web engines also have their own internal security features that work to stop intrusions. Gecko is unique in that it contains an object-capability system [1] [2] [3] [Sorry, those first two links used to be publicly accessible, I'm not sure if they still are or not due to changes in our AV playback system] and has many components written in JavaScript and Rust, making those bits memory-safe. As important as sandboxing is, I don't think it's quite fair to suggest that the engine is completely naked without it, either.
Edit: Fixed layout
The best app I've found for public transit is Moovit. It uses OpenStreetMap maps and is very good at public transit, because that's all it does. It has the sort of transit routing features that other alternatives to Google Maps lack, and great integration with provider timetables in my area. It will remind you when to get off the bus, for example. I haven't tried it on microG, though.
I've degoogled my android phone with microG and have found that pretty much everything can be made to work. I'll go over the things that you've mentioned.
Everything you've mentioned works fine, never heard of any issues there
OSMAnd+ is ideal but not very good. Magic Earth is good, if closed source. Google Maps and Waze are best avoided but do work with microG fine.
So many options. I use Firefox Preview.
I download music from newpipe and play them through Retro Music, works very well. Spotify also works.
I think you rather misunderstand what microG is-- it isn't just fake google its a reimplementation of google apps. For push notifcations, if enabled, it contacts googles server pretending to be google play services and works just like the google apps would but stripping identifying / unnecessary information.
this is entirely dependent on your bank, my bank works fine
a lot of these work on Android versions before 10, however microG's maps implementation seems to be broken on 10 atm for a lot of things. Dev says be going to redo it soon so hopefully it'll be fixed soon...
You can get them, you just the patched play store from nanodroid / minmicrog. Installation can be a bit of a process but it works pretty well.
AdAway, Blokada, AdGuard or so many others can stop this.
To summarise: using microG can be a pain, especially of you're relient on closed source apps, but pretty everything can work. If youve got any issues with anything specific, ask me and I might be able to help; I've seen a lot of issues with microG and can probably tell a solution if it exists.
I tried degoogling my phone two years ago and still use it daily, degoogled.
Most of my apps come from f-droid, and some come from Aurora too.
For ebooks and PDFs, I use Librera (F-droid). My bank provides an app that doesn't require the GApps or the GPlayServices, and since I don't use any public transportation means, I don't need most "gmaps-bound" apps.
I use KOReader for ebooks, which is available on F-Droid and does everything I need it to and then some. The amount of options the interface presents you with may turn some people off, but I enjoy it.
I haven't tried degoogling my phone entirely yet (Lineage doesn't support my model at the moment), but when it gets older and support comes I've strongly considered it.
/e/OS ... https://e.foundation/
Oh shit /e/ supports my phone, I'll have to try this out.
I'd say that /e/ provides virtually nothing over other custom ROMs; its often out of date, slow to get security fixes and there own provided services seem like they're pretty awful and questionably secure.
I'd recommend Omni as my favourite ROM at the moment, it even provides builds with microG built in. Other like crDroid, AOSiP, Lineage4microG are also solid (may require an additional installation package).
I couldn't get /e/ installed so I installed LineageOS instead with only minor difficulty.
what device do you have? Normally if you take a look at XDA they'll be a good one with microG support for any popular device.
I've got an out of date build on LineageOS on my tablet and I've been meaning to install a build on my XA2 but I still haven't gotten around to it. I find the technical side of android devices to be a pain in the ass and needlessly complicated.
Have a look at Sailfish, if you want to try something other than Android. Yours is one of sadly very few officially supported devices. I've been using it on my daily driver Xperia X for more than two years now, and I love it.
The instructions for my phone say to sideload a zip file which I've done but it just leads to a boot loop.
I couldn't get /e/ installed so I installed LineageOS instead with only minor difficulty.
I ALWAYS de-google my android phones. It's basically step one if I have one - currently I was given an Iphone (I haven't bought a phone ... ever tbh but rely only on hand-me-downs) but always de-google hard. So currently I am stalked by Apple instead of Google, not that its an improvement. :)
I have one finnicky app and that is the Swedish ID "Bank-ID", its a moronic application as its not just critical here but also proprietary, owned by a third party company, not based in Sweden (not saying it HAS to be, but with critical apps it feels kinda relevant) - so I tend to have to use microG to spoof the existence of Google Apps. Even then it can be hit or miss.
Now for me a phone is not that great of a thing - I don't like notifications (if someone really wants to get a hold of me they have to text me or call me, I have other chat applications but can only see what someone writes if I actually open them as none are allowed the right to ping when not open). I don't bother too much with social media when outside etc. I also don't take photos of stuff that often, since I noticed that my memory of the thing was not as exact when I took photos of it.
I tend to dislike phone calls, or anything that demand my direct response without the option to save it for later (I sound grumpy and old AF)
I also tend to use Firefox for Android (which has been a pretty good experience for me, knock-on-wood)
So... yeah. Never use Google. I want to opt in to be spied on personally. That said as long as we all accept we have an option, no matter what choice we make based on our specific needs, that choice is ok.
break down of microG support here (no support for Auto)