I want to keep a list of my contacts on my phone so I can call them, but I never want the list of contacts to leave the device, through contact sync or similar. I’m using the Android built-in Contacts app.

On my old phone I used an F-droid app called ‘local contacts’ or ‘offline contacts’, but I can’t find it with my new phone. It would create a new account, separate from your gmail account, to associate the contacts with. Something like that might be nice to have, although I don’t know how effective it is.

I see in my settings under “Google Contacts sync” that “Sync is off” and “Also sync device contacts” is off. “Device contacts” sounds like maybe some Android built-in version of the offline contacts app I mentioned before. Does anyone know if this is the case?

I’m worrying that if I use a builtin features, Google will ask me about backup for photos or something at a later point, I’ll reflexively click ‘proceed’ without realizing what I’m doing, and this will activate all Google-related sync features, including contact sync, updating my Xkeyscore (NSA) profile with my social graph before I know what’s happening.

Perhaps it’s best to assume my social graph is already known by Google? Then maybe I should focus on limiting others from getting access to it? I believe apps have to ask before accessing any contacts so I guess I could just deny access for apps I don’t trust.

There are few questions above, but I’m really mostly looking for a discussion about what good security practices are when it comes to phone contacts. It seems like one of the more sensitive sets of information on a phone.

  • @jet@hackertalks.com
    link
    fedilink
    English
    3
    edit-2
    14 days ago

    If you want your contacts to be available across apps, you will want an operating system that allows you to do contact scopes. When an app went access to your contacts, you can select specifically which contacts the app can see. And if you deny access, the app see zero contacts, it doesn’t see a denial

    https://eylenburg.github.io/android_comparison.htm

    Currently, the only operating system I’m aware of that does contact scopes is graphene OS

    https://grapheneos.org/usage#contact-scopes

    • @simonOP
      link
      214 days ago

      Yes, that seems like a great feature to have! I know the Pixel Android allows me to select individual photos that apps get access to. Maybe worth switching to Graphene OS to get the contact scopes also.

      I used to think that Graphene OS is useless in my case since I need Google Play Services anyway, and if I install all that, I figured I’m basically going back to default Android. But if they have this sandboxing stuff also, it could be worth it.