XPost: comp.mobile.android, uk.telecom.mobile   
   From: marion@facts.com   
      
   On Sun, 9 Mar 2025 17:56:39 +0100, David Wade wrote :   
      
      
   >> Thanks for helping me understand why people set up a Google Account on the   
   >> phone, where the loss in privacy from that one act, unfortunately, is huge.   
   >   
   > Is it really that huge?   
      
   You're making a keen observation, & I don't necessarily disagree with you.   
      
   However... in the *context* of this thread, it's huge in that the DSID   
   cookie is active as soon as the user logs into their Google Account.   
      
   My beef is people complaining that they "can't" have privacy when they   
   really mean they don't bother to do anything about having privacy.   
      
   > What on earth is google going to do with my personal info?   
      
   Again, you bring up an astute point about what's the real threat here.   
      
   Unfortunately, the answer to that question could fill a book even if we   
   only look at lawsuits which Google lost, so I won't even try to answer.   
      
   But I get your point that you're not worried about Google getting your   
   data, and let's be clear, I have plenty of Google Accounts myself.   
      
   I even have Google Voice (but I use it only on the iPad for privacy   
   reasons), so I get your point that Google can have "some" of your data.   
      
   I weigh the threat against the benefit, which, for example, is why I won't   
   ever use Google Voice on Android but I'm happy to use Google Voice on iOS.   
      
   > Lets take my contacts. Because everyone else does not   
   > hide their contacts from google, pretty sure google can work out who my   
   > contacts are by cross tabulating info from every one else.   
      
   I'm always in amazement at how many apps want access to our contacts.   
      
   I get it that it's a phone, and phones contact people, and nobody remembers   
   everyone by their phone number, so we all maintain a contacts database.   
      
   Where I take umbrage is everyone who has "my contact information" is   
   uploading it to the whole world without asking my permission to do that.   
      
   Alas, those same people are uploading my Wi-Fi unique BSSID & GPS location   
   (although I hide my broadcast & I add "_nomap" to the end of the SSID & I   
   set my phone to not seek out my hidden SSID for automatic connection, and I   
   have the MAC on every connection randomized etc., so I do my part for   
   privacy - but the vast majority of people wouldn't even understand a single   
   clause in that sentence above - because they know nothing about privacy.   
      
   All I can do is try to keep as little of that information available to them   
   since the vast majority of people do EXACTLY what marketing tells them to.   
      
   My main beef is people claim they "can't" have privacy from Google.   
   And yet, they can.   
      
   They just have to stop doing EXACTLY what marketing people tell them to do.   
   They need to think.   
      
   > Take my location, well my car tracks that any way. Usually I am with one   
   > of my contacts, I bet their phone allows tracking. So again google can   
   > figure out where I am without access to my GPS...   
      
   I again agree with you that even if YOU don't allow Google to track you,   
   all the people around you are so incredibly stupid, that THEY are letting   
   Google track you (see my example above of the Wi-Fi access point data).   
      
   I don't disagree that the vast majority of people are so unfathomably   
   stupid, that they are really the direct threat to your privacy - not Google   
   directly.   
      
   As an example, if you don't hide your SSID broadcast, then those stupid   
   people are sending Google your unique BSSID & GPS location every time they   
   drive by your house. You can't fix stupid people. All you can do is ensure   
   that the information they get is of no use to Google & that takes work.   
      
   1. Set your SSID to a unique name (for butterfly hash obfuscation)   
   2. Set your SSID to end with "_nomap" in case it gets uploaded   
   3. Set your SSID to be "hidden" (as in not automatically broadcast)   
   4. Randomize the MAC for every access point (which is now the default)   
   5. Randomize your MAC upon every connection (which is NOT the default)   
   6. Set your phone to NOT automatically reconnect (again, not the default)   
   etc.   
      
   Since stupid people outnumber you a million to one, the onus is on you to   
   prevent your unique information from being uploaded to the google servers.   
      
   > .. I think the real reason people just sign into a google account is   
   > because they don't see a need to maintain privacy. They have paid for   
   > functionality, and they want it all too work without having to research   
   > other options, which are likely to be less secure than google...   
      
   Here's where I agree and disagree with you.   
   a. I agree that signing into Google is the *easy* way to get functionality   
   b. But I disagree that it's the more secure way of doing things   
      
   For every Google app, there's a FOSS privacy-aware replacement, which is   
   *more secure*, so I must take umbrage at your claim that it's less secure.   
      
   But I do agree with you that the easy way out is to just log into a Google   
   Account; however, I wonder if people realize their phone actually works   
   better without it?   
      
   --- SoupGate-DOS v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)