Work profile sandboxing. Quick, simple and sure way to be safe. Use Island or Shelter from F-Droid.
this post was submitted on 19 Apr 2024
4 points (100.0% liked)
Privacy
31182 readers
1812 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 4 years ago
MODERATORS
Ignore the dumbass "why dOn'T yOu jUsT uSe sOmEtHinG bEtTeR" replies. Anyone who has a partner knows that the onus is generally on the privacy-conscious one in the relationship to make these types of concessions, since the other person is usually incapable/unwilling to use something better.
And, let's be fair, for most people the real loss from this level of compromised privacy/security is far less than the real gain from helping your relationship.
Sometimes I look at products I use from dubious companies, take a step back, and think, this company is actually a blessing in my life even if there is a smaller curse attached. That said, I'm grateful for all the tremendous effort put in by many people to make the digital (and rest of) world a safer, more private, fairer and more honest place. And I try to do at least a little of my share!
Damn that's wholesome.
If they are actually totally unwilling to use an other messaging app that has fewer of said negatives, is the partner really interested in that relationship?
I mean, just look at the arguments.
Form OP's side, it's privacy, respect of the user by the service, human freedoms basically.
From the partners side, as I understand, it is pure convenience.
Please reread my first paragraph after reading this second one. It will now hopefully make sense, if it didn't at first.
But to be honest maybe I'm not qualified for this question or something because I have a different attitude to this problem.
To me it's not my primary purpose to find a partner, and everything else is secondary.
To me, getting to know that someone is neck deep in mass surveillance tech and is so comfortable with it that they are inseparable, instantly turns me off. I don't want to live with someone who is perfectly fine with the state messaging app constantly scanning my face with an app on my phone, because that means that our values are clearly very different.
If your willing to throw your multi-year relationship away over... software preferences, are you actually interested in the relationship at all?
We've only been dating for about 6 months, but I agree with the sentiment of what you're saying. In any case, we care for each other a lot and want to see the relationship last a long time.
In my experience, people tend to grow closer together throughout the course of a healthy relationship. While you may need to make these kinds of compromises at 6 months in the "dating" phase, it's entirely possible that she will move closer to your position in the future as a result of spending so much time with you.
What this other person replying to you fails to understand about relationships is that most of the time you don't start off as a perfect match for your partner. There is some spark or connection but also a lot of differences because you are two single people initially. You have to transition into becoming a couple with that deeper connection and that does require pragmatism and a willingness to see the world as others do.
It's not at all software preferences. It's not that I would tell "matrix or I don't want to see you again", it's "switch from that chinese spy tool or we better break up", as there will be a lot of other things we won't be able to agree on. Facebook is not even that bad as wechat.
See? It's not "software preferences". It's differences in personal values as big as a chasm. It's that I value my privacy, and am not willing to give it up, at least absolutely not that much of it. If our values are so very different, that's a good sign that you shouldn't ignore.
And then, I'm not sure where you read about a multi-year relationship. I don't think such a question as OP's would pop up after multiple years of being used to it.
switch from that chinese spy tool or we better break up
"Hey babe, you know that app which is your only way of communicating with your family and friends back home? Yeah well I'm breaking up with you if you don't ditch it."
Obviously I did not mean to delete the app, but instead to not force you to use it, but I guess it's just easier to read it in a malicious way.
Relationships (of all kinds) are about compromise. You have to recognize that outside of the echo chambers in communities like this one, literally nobody cares about digital privacy to the extent that us nerds do. So you can choose to be dogmatic in your approach and alienate yourself from the >99% of people in the world who don't care, or you can recognize that your own desires for digital privacy need to be weighed against your desires to form meaningful connections with other people.
Personally I prefer to be pragmatic in my approach. I do what I can to look after my privacy within the constraints of actually doing what I need to do to connect with other people. That's why I made this post. My mind is made up that I'm going to at least try to use WeChat, but within that constraint, I want to do everything in my control to limit the app's visibility into the rest of my system.
But to be honest maybe I'm not qualified for this question or something because I have a different attitude to this problem.
To me it's not my primary purpose to find a partner, and everything else is secondary.
It does strike me as quite strange that you would type up paragraphs and multiple comments accusing others of pursuing bad relationships when you appear to have very little experience yourself.
when you appear to have very little experience yourself.
I did not say neither mean that.
Brace yourself for a weird recommendation:
Don’t worry about it or switch to ios.
You’re on a different marketplace for phone apps than chinese nationals so you’re not getting the same wechat as they are. If you trust your platforms marketplace and your phones security and privacy tools then just don’t worry about it and use them like a normal person.
If you don’t trust your platforms marketplace or security and privacy tools, switch platforms.
It doesn’t seem from your responses in this thread that you’re in a good spot right now to learn everything required to root and run an alternative os securely and act as your own security auditor. Not a value judgement, I’m not in a position to act as my own diesel mechanic. That’s why I said maybe switch to ios if you feel exposed by stock android instead of saying you ought to try to navigate the alternate os/custom rom world.
It might seem like some people in the replies have given good walkthroughs, and they definitely have, but at some point you’re gonna have to make a decision about something that either isn’t documented on a wiki or no one responds to questions about.
Maybe the best choice is to either not worry about it or switch platforms and no matter what you choose, put the phones security and privacy tools to use and be more considered and self aware about how you use your phone.
E: Jesus Christ. Some of the responses you’ve gotten are astonishing. Maybe ask in hexbear or something just to get an alternative view.
Yeah I ended up installing it in an Android work profile using Shelter, and it is a disaster of an app. I expected a lot more of a professional looking app given how popular the WeChat service is and how big of a company Tencent is, but it's like a shittier WhatsApp. It's not even localized properly, a bunch of strings in the app (like error screens and stuff) are in Chinese, and the English is poorly translated. The mechanism to reply to someone's message is unclear (it's not just long pressing or dragging on a message like in other apps), and you can't send a reaction emoji to a message.
It’s always funny to me how people assume the most half-assed software the world has ever seen somehow carries incredibly advanced and impossible to detect tracking deep inside it.
Like we have t-1000 at home! T-1000 at home: that bucket robot that got murdered in Philly.
I just saw you’re from .ca, you may have to make an alt to ask but 100% ask on hexbear. There’s people on there who have dealt with wechat and phones going to and from china and won’t be near as overtly weird and racist as some of the responses here. Maybe differently overtly weird.
I'm in China and have to use that piece of crap. So here's how I locked it down:
- Root your phone with Magisk. There's no way around it.
- Install Storage Isolation (https://play.google.com/store/apps/details?id=moe.shizuku.redirectstorage) and deny access to all folders.
- Install ApOps (https://play.google.com/store/apps/details?id=rikka.appops) and set pretty much everything to deny or ignore (ignore means the app receives the information "permission granted", but no data is provided, in case some permissions are "mandatory"). If you intend to use wechat to exchange voice messages or make video calls/send photos, the "use microphone" and "use camera" functions would be required. In a similar fashion the location access if you intend to use the location sharing feature.
- Be acutely aware that wechat is not encrypting messages, neither end to end nor in the server communicaton. Everything you say can (and probably will) be read and archived. Don't say anything confidential or critical there.
And yeah really, try to convince your ~~wife~~ girlfriend to use signal instead. Or hell, even whatsapp is miles ahead.
My wife is Chinese as well, so even after we leave here she'll be using wechat to stay in touch with family, no way around it, but using messengers more commonplace in other countries is definitely better. Personally I will move wechat to another phone once we're out. For now that's not feasible as it's too much integrated into every function of life here.
- Install Shizuku -> Doesn't require root
- Install Island and use the built in work profile feature of your android device
- Install AppOps and block most of the app with garbage data
- Be happy without rooting your phone
Yeah I've played around with it in the past, but having to re-establish the wireless adb was quite annoying. Plus I need root for AdAway already, I don't think that can be achieved via Shizuku, but that might not apply to the OP. I've tried island back in the beta stage and it wouldn't work on my phone, but I guess things have change since. Might give it another try.
Can it be used without a smartphone, like in an Android VM?
Yeah I was considering Waydroid but then I lose the ability to connect outside of my PC
+1 for signal but i doubt whatsapp is ahead at all
Whatsapp uses end to end encryption and is far from as intrusive as wechat.
whatsapp is certainly backdoored, its closed source and unverifiable.
then so does your claim, unverifiable
my claim is completely open, unlike whatsapp
At least Whaysapp have the content encrypted
its certainly backdoored
And yeah really, try to convince your ~~wife~~ girlfriend to use signal instead. Or hell, even whatsapp is miles ahead.
It is interesting that you promote Facebook over WeChat in a privacy community, even though you have a Chinese wife. Just how far is racism embedded in your head to go through hoops saying things like this? Is it objective analysis to claim WeChat (China) is worse than Facebook (USA)? Or that Signal, something based in USA, using USA servers, promoted by Elon Musk and using a shady MobileCoin crypto system, is so great?
Encryption of messages is not a thing on WeChat, but then neither is WeChat being used to extract meta data and use it to commit genocides or bomb countries, like USA based messengers do.
Please go back to your tankie-sphere and leave me alone.
I am the moderator, just in case you forgot. Funny insult to double down on western nationalism, right?
You could sandbox it into a work profile that doesn't have access to your main profile. Storage is completely segregated, and the work profile can be easily disabled when you're not using it.
The best solution is obviously to choose another platform and convince your girlfriend to use that, explaining how this little extra effort on her part to use another app goes a long way with you in terms of appreciation and understanding of a partner's boundaries and comfort zone.
Shelter is an android app that helps making sandboxed apps
Yeah this is what I use to create and manage a work profile on my device to keep my personal and work data/apps separate.
use https://f-droid.org/packages/com.oasisfeng.island.fdroid/ (work profile) to isolate. and use a pay as you go number to register (rather than you commonly used one). do not grant any permission. set background restriction to strict. force stop it after every use. i think that would be enough
Maybe get a girlfriend that isn't a brain washed spy? \s
Just use a different app then? You don't need to come up with some high tech solution. She won't use that anyway. But something simple like signal should be sufficient.
Weird perspective for someone using Google services lmao.
Android does not mean Google necessarily.
To answer the question: GrapheneOS and a separate profile would be the safest but still...
If you are both outside of china there really is zero reason (other than preference) to use that piece of spyware.
To answer the question: GrapheneOS and a separate profile would be the safest
I appreciate the suggestion, but maybe I should add that I'd like to not have to change up my phone too much. It's a Fairphone 4 running the OEM Android and my preference would be to keep it that way. Are separate profiles like that a thing on stock Android?
If you are both outside of china there really is zero reason (other than preference) to use that piece of spyware.
She travels back to China sometimes, uses it to contact friends and family back home, and uses it to chat with lots of mainlanders here in Canada. For her it's not weird at all.
In fact, she expressed to me that she's perfectly comfortable with the fact that they use WeChat combined facial recognition technology in China for payment processing. When you get on public transit, you can have them scan your face and it will automatically charge you the bus fare. It really skeeves me out, but it's simply not the hill I want to die on in this relationship. I'm crazy about her in so many ways, it's okay with me if we don't see eye-to-eye on digital privacy.
If you're in the US and mostly worried about one app, you can probably devote a Work folder via an app like Shelter to a GF.
I'm not in the US, but what is this Shelter you speak of?
https://f-droid.org/packages/net.typeblog.shelter/
Shelter is an app that takes advantage of the work profile in android to install apps in that profile and makes shortcuts for the app in the normal profile. So it feels like you're just using an app as usual but the app is pretty much sandboxed away from all your info.
Thank you! This is exactly the sort of thing I was looking for!
Android 15 solves your issues -
https://www.androidauthority.com/android-15-private-space-hands-on-3432113/
Private Spaces when they come to Fairphone will be perfect for this.
Yes you can use work profiles on stock Android. Look at the shelter app in fdroid to get started