Android Tips

Android is a very secure and robust operating system out of the box. This post will be less of a “hardening guide”, but more of a non-exhaustive list of tips when it comes to buying and using Android phones. Android Devices Recommended Phones Google Pixel phones are the only devices I would recommend for purchase. Pixel phones have stronger hardware security than any other Android devices currently on the market, due to proper AVB support for third-party operating systems and Google’s custom Titan security chips acting as the Secure Element....

July 22, 2022 · 18 min · 3660 words · Tommy

Android VPN Leakage with Secondary User Profiles

Before We Start… I have been aware of this issue for awhile now (since at least Android 11), though I have not done enough testing to see what actually causes the leak nor do I have any workaround at the moment. My guess is that applications which launch early when you log into a secondary profile can bypass the VPN killswitch. I have reported it on Google’s issue tracker. The Leak You can reproduce the leak by doing the following:...

October 10, 2022 · 2 min · 311 words · Tommy

Banking Applications Compatibility with GrapheneOS

A maintained compatibility list of working international banking apps that are tested, submitted, reviewed and published below. View list | Submit report | Update report Introduction This is a crowd-sourced project dataset for GrapheneOS’s users that are on currently supported devices. First time visitors here should read the official usage guide on banking apps for detailed information explaining how banking apps work on GrapheneOS. Important: SafetyNet is being replaced by Play Integrity API and may cause your banking app to suddenly stop working after an update....

January 26, 2022 · 7 min · 1291 words · akc3n, Tommy

Choosing Your Android-Based Operating System

Android is a secure operating system that has strong app sandboxing, Verified Boot (AVB), and a robust permission control system. When you buy an Android phone, the device’s default operating system often comes with invasive integration with apps and services that are not part of the Android Open-Source Project. An example of such is Google Play Services, which has irrevocable privileges to access your files, contacts storage, call logs, SMS messages, location, camera, microphone, hardware identifiers, and so on....

July 18, 2022 · 8 min · 1699 words · Tommy

F-Droid Security Issues

F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider. Before we start, a few things to keep in mind: The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else’s work....

January 2, 2022 · 27 min · 5689 words · PrivSec.dev Contributors