I am in need of a separate degoogled phone for some things that require high level of privacy (nothing illegal).

I have 2 phones that I can use. One of them is my business phone (it has my business number, apps, data and that sort of stuff) which is now running an OS with all the Google spyware because it’s necessary for the apps to work. I can reinstall everything on the second phone and use the first one as the secure device since it supports everything I need. The problem is that it has some issues on vanilla ROMs that I don’t really want to deal with and the reinstalling will take a lot of time.

The issue with the second phone is that it is rocking an old MTK chip and rooting instructions are let’s say a bit beyond my ability to understand. I still want to use it without Google if possible though. So can I degoogle its stock ROM with ADB or something? And is it worth trying or there will still be some vulnerabilities?

EDIT: to clear some possible misunderstandings, the reason of why I need a separate secure phone is that I am forced to use a very invasive proprietary app that I’d prefer just keeping on a separate device instead of trying to limit its spyware abilities with firewalls and that kind of stuff. I don’t trust the last solution much. Also I can’t use it in a VM because I need it to always be accessible wherever I am and yk carrying a PC is not an option

  • MentalEdge
    link
    fedilink
    15
    edit-2
    8 months ago

    Android has built in support for VPNs. If there was a way for the OS to leak traffic, that would be a massive security vulnerability that would have corporations dumping all android company phones within a week.

    Non root ad blockers work by creating a vpn within the phone that all network activity goes through, which then doesn’t allowed ad traffic.

      • MentalEdge
        link
        fedilink
        38 months ago

        ew

        But also benign. This isn’t a system app sending telemetry to google outside the VPN connection while it’s active. It’s the device checking whether a wifi access point provides internet to begin with, which if it does, the VPN connection will need to work, too.

        The article is pointing out that the device doesn’t strictly need to do this, and that it is being done in a way the gives the wifi AP metadata. The device could instead just assume there is an internet connection on the wifi, and as such an option to disable this behaviour is warranted.