The spy in your trouser pocket

The unregulated data broker industry poses a significant threat to individual privacy and security, as evidenced by the recent discovery (german) of a dataset containing 380 million location data points from 137 countries. All in a single day!

One of the most alarming aspects of this discovery is the sheer size of the data collection. The dataset contains location data from millions of people, including those from vulnerable groups. These data can be used to create detailed profiles of individuals, including their daily routines, interests, and even their sexual orientation. The potential for misuse of these data is enormous!

The question arises: How can one protect themselves?

A few months ago, I bought a new smartphone, a Pixel 8 from Google, and installed the custom ROM GrapheneOS. GrapheneOS is a privacy and security-focused mobile operating system with Android app compatibility, developed as a non-profit open-source project. It focuses on researching and developing privacy and security technologies, including significant improvements in sandboxing, exploit mitigation, and the permission model.

There are no Google services pre-installed, not even the Google App Store. I get most of my apps from the F-Droid Store, which only offers open-source apps. By making the source code publicly available and generating APK files directly from the F-Droid server, the integrity of the apps can be better ensured.

I have only installed a handful of apps from the Aurora Store that are not open-source. The Aurora Store is another alternative app store platform. It offers a vast collection of apps that can be downloaded for free and without a Google account. For example, I have installed the non-open-source app SwiftKey from Microsoft, a gesture-based keyboard. Here, I use the feature of GrapheneOS to deny an app network access, preventing data from leaking out in the first place.

Other apps that I use sporadically, such as my mobile provider’s app, I terminate after use by “Force Stop”, which permanently terminates them until I manually restart them. Even a device restart does not change this. At least, I can prevent these apps from collecting data in the background unnoticed.

Across apps, I reliably prevent the loading of ads by using the DNS server from adminForge (german), which has an integrated ad blocker. And of course, I have not set a mobile advertising ID (MAID). This advertising ID makes us uniquely identifiable to the advertising industry.

Web links

• How to stop location tracking on your phone (german)
• GrapheneOS: The gold standard among Android ROMs (german)