Summary: My father, who has over 30 compromised accounts, tells me not to install Ironfox (aka one of the most secure browsers for Android) and F-Droid.
Background: I discovered that my father has a phone with LineageOS and asked if I could use it. He said yes because he no longer used it.
Today I started using it, saw what it was like, and it wasn’t much different from Android.
I was having some trouble putting some songs on that phone, so I asked him for help.
He went to the Google Play Store and installed Files by Google after logging into my account.
My account has parental controls, so that phone had parental controls too.
I was supposed to use that phone maybe to use once or twice a month and see what a phone without Google services was like (which I couldn’t disable now because it had parental controls).
So, after finding out what that phone had become, I tried to do a factory reset, but I couldn’t.
Then (somehow) I managed to convince my parents to remove the parental controls, but my dad started saying, “Don’t be surprised if your information ends up in strange places because you installed browsers from outside the Play Store (in this case, it was Cromite and Ironfox) and for running FTP servers (which I was only using to transfer some music I had on another site).”
Sorry for the long text 😅
Ugh… sorry to say but if your goal is “what a phone without Google services” then your father did not understand that. He might be able to help you but he might not. The point though is that have to clarify with him WHY you want to try that. Only then can he help with the how.
Anyway for music I recommend
VLC, it even has an option to become a Web server to receive file. If you do exchange files often with your Linux desktop I also recommendKDE Connectwhich helps for SMSes too and more, you can even define custom commands. I recommend removing thePlayStoreentirely and relying solely onF-Droidand on a case by case basis potentially on.apkfrom sources you trust, e.g.SignalWebsite.KDE Connect seems to send identifying broadcast packets constantly (just like gapps), not the best for privacy on public bing chilling router WiFi. Android itself technically does too, but you can just change your device name to " " (space).
AFAIK the packets are for discovery of other devices relying on mDNS / DNS-SD which is used by plenty of other services.
More importantly though, does it matter? What are you actually broadcasting while doing so? That you are using KDE Connect? Also the typical use case for it are on trusted networked, e.g. home WiFi but if it’s problematic on public networks then do not use KDE Connect on other networks?
Edit: what alternative device discovery solution could be used by KDE Connect to make it more private on untrusted ntetworks?
That + device name which is probably pretty unique. Chinese routers scrape all of that. IIRC mDNS is actually disabled on Linux for now because it was conflicting with Avahi which broke some more stuff.
Last time I used it, I don’t recall a toggle for that in either the Linux or the Android clients.
Exactly as it is right now but on a whitelist.
Offtopic but I am really annoyed by how many custom ROMs (especially LineageOS) disable MAC randomization at build time and make zero mention of it on the wiki/forum/whatever page. That’s just as important.
Cool, I’ll try VLC