From: mariasophia@comprehension.com
Of the million things to know about privacy, most people know 4 of them.
This is likely around number 5, which most people don't seem to know yet.
Privacy isn't just about protecting yourself.
It's about not leaking other people's phone numbers to corporations too.
Any app with the READ_CONTACTS permission can copy our entire address book.
This leaks other people's phone numbers without asking their permission.
That's downright rude.
Even if you disable Google Contacts sync, Google Play Services or OEM sync
layers may re-enable it after updates. Android stores call logs separately
from contacts. Even if you delete your contacts, your call history still
exposes your social graph.
VCF is the only universal, future-proof format for contacts.
i. It's human-readable, cross-platform, and not tied to any vendor.
ii. If your contacts exist only inside an app's private database
or only in the cloud, you don't truly control them.
iii. Hence, you need to back up your contacts periodically to VCF.
With respect to privacy:
A. If your contacts app can't export to VCF, it's useless.
B. If it can't import from VCF, it's even worse.
C. If it requires the Internet to back up, it's atrocious.
Google Contacts does all three above, but, Google Contacts stores
contacts in the system contacts sqlite database, which:
a. Other apps can read
b. Other apps can modify
c. Google Play Services may try to sync unless disabled
d. Is not isolated or private
Note that Google Contacts can't directly export to the external sd card
(but that's not really a problem. It's just stupid of the program.)
You can use this FOSS contact program for private backup and restore.
*DOpen Contacts* (Dialer + Open Contacts)
debug APK available
Verbatim:
"Even though we are not having any problem sharing our mobile number
with all third parties, people in our phone book might have.
We should not be sharing their contact information online.
This app saves contacts in its own database separate from android
contacts. This way no other app would be able to access contacts.
Can be used in place of your default phone(dialer) app.
It can import contacts from vCard files.
So we can export Android contacts and import into this app.
Maintains call log as well.
Also shows the person's name upon receiving call"
DOpen Contacts has two separate data sources:
I. Its own private contacts database
II. The system call log
That means if you want to import the Android contacts sqlite entries you
need to first export using a contact manager that reads default contacts.
Then you import *that* VCard file into DOpen Contacts, and if desired, you
can then delete the default Android contacts sqlite database forever.
Here's that flow in itemized format:
1. Export system contacts to VCF (preferably to external sd card)
2. Import VCF into DOpen Contacts (preferably from external sd card)
3. Verify contacts inside DOpen Contacts
4. Copy to safe non-phone storage (e.g., your home personal PC).
If desired, use Veracrypt to encrypt the contacts database.
4. Delete system contacts (optional)
5. Disable Google sync (optional)
If contacts change frequently, then back up DOpen Contacts' VCF regularly.
C:\> move *.apk 20260204_fdroid_opencontacts.open.com.opencontacts_31.apk
Name: 20260204_fdroid_opencontacts.open.com.opencontacts_31.apk
Size: 4500060 bytes (4394 KiB)
SHA256: E18A2AC8C241B0007FAA5551BE991F072DADCE48229979C1DDEE5DEE28E23217
C:\> move app-debug.apk 20260204_gitlab_opencontacts_app-debug.apk
Name: 20260204_gitlab_opencontacts_app-debug.apk
Size: 9552383 bytes (9328 KiB)
SHA256: 95F8CEA6AFBA897F9547A1E38E1F6CA0B3E6B7E4F96C7BD3557706EAFA0B8A11
--
The interesting part about privacy is that most people know about a half
dozen of the million things you need to know to do to maintain privacy.
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
