If you're new to mobile privacy, I just put together a “getting started” guide on my website that should help you find relevant videos and information - sideofburritos.com/docs/setup-guides/mobile-privacy/
For me, I usually prefer the following :- ~ F-Droid client --> Droid-ify. 1. Custom F-Droid repo (IzzyOnDroid especially) 2. Google repo (Aurora Store) 3- Main F-Droid repo ** I may do the RSS reader method once it notifies for "Stable" releases only, but until now, I'll wait. Thanks Burritos 👍
Someone recently mentioned to me how the IzzyOnDroid repo works with apps in it. I like how the builds are pulled directly from Github (+ other source code repos). Thanks for sharing!
The only issue I can see with that is that IzzyOnDroid will drop apps that make it to the official F-Droid store. So, according to privacyguides, you'll have apps that don't receive updates for months until you finally realise the apps moved to F-Droid. What are your thoughts on Obtanium (an app that pulls app updates directly from source)?
F-droid clients also have the option to add repositories other than the their main fdroid repository. Newpipe offers their own fdroid repo, signed with their own keys that by adding the repo as source into the client, the app can be installed and updated like any other app on there. However, not every project provides an F-Droid compatible repository.
Absolutely, that is a great point. As you mentioned, the downside to that is that not all apps provide that. Unfortunately you're still susceptible to the other issues F-Droid has besides self signing apps. I also try to keep things as simple (which is a relative term) as possible as that's my preference, but I also think it helps with anyone who might be new to privacy. Communicating Google Play/Aurora Store + Custom repos + RSS feed might turn some people away even quicker.
Not sure if you have seen the update provided by F-Droid org under the "News" heading. "Posted on 2023-01-15" "Towards a Reproducible F-Droid" ". . . . .In response to some of those criticisms, we started encouraging new apps to enable reproducible builds." " . . . . maybe you haven’t noticed that there are many new apps signed with upstream developers’ keys. If you have some third-party repositories enabled, e.g. the IzzySoft one, you may find that sometimes you can update the app from the main repository even if you installed it from another one." I would really like to hear your opinions on this update and it's implications. Thanks for all your time. I would like you to know you are an inspiration and helped me in finally taking leap in making the transition from a typical consumer into the realm where I take action as it relates to my Data Privacy and its Security.
Do you mind to make an updated video about graphene os, covering all the latest changes they made on sandboxed play store, notifications etc? It looks like it’s not necessary to have a different profile anymore. thank you!
Furthermore, if one were to be really nitpicky, would it be worthwhile to re-flash my device with GrapheneOS in order to start from the beginning with Aurora & RSS instead of F-Droid whatsoever? (Due to the Trust-on-first-use model?)
I don't think there would be a need for that. When you install an app, it's sandboxed. So uninstalling it is more than enough. I think a re-flash would be overkill.
Hey mate, I just switched to GrapheneOS. I'm an old guy (from Australia!) and just want to say thank you for all of your videos and concise explanations. Very much appreciated. 🙌
Awesome. Thanks for all you do to make things clear. I'd love to see a video on how you define and execute different threat models. The term gets thrown around a lot and I'm wondering what standards and objective practices could be considered to make it less a fear-based, and more of a logic-based practice.
Your videos are truly precious to the privacy and security oriented community. We really appreciate it! Is it possible if you can make a short video of how to cast your GrapheneOS screen onto the Linux OS on PC? Will you be making Linux videos in the future? Thanks again.
Thank you! It's not something I've done before, but I'll keep it in mind and see what's available to do it. I'm going to be doing some self-hosted guides in the near future, and that base OS used for those will be Linux. Edit: added Linux part
I don't know what I'm doing wrong, but my updates are even faster than through Google. But the truth is Droid-ify is really a great app (I learned from the first part from you).
Thank you for all your nice content you continue to put out. - About downloads of apps, I noticed that a lot of apps have a lot of tracking in the free version, and the paid version has no tracking. Question: where is it best and secure place to buy the pro version, ( Play store, Aurora store or other stores ? ) having problem buying directly in Aurora.. Best regards from a fan from Scandinavia
This vid was very much needed for beginners with Graphene OS deGoogled OS"es, thx Josh for clarifying all of these approaches and for giving your opinion why u would one of the other way to get apps u need👍 Now I am interested in that RSS update Github approach, but I have a question u might know answer straight from security point of view. What about standalone APK downloads for example from the APK Pure or other similar APK sites. Would u consider even worse in regards to security than F-Droid repository?
What is the difference in privacy between GrapheneOS and CalyxOS? Assuming the installation of Google services on GrapheneOS and Aurora store on CalyxOS? It's my understanding that the Aurora Store is maintained by one guy playing a constant cat and mouse game with Google, so is the GrapheneOS sandboxing model a better long-term solution?
Seems like they're having issues with their anonymous accounts. Another option would be to log in with a Google account in the meantime while they resolve the issue - gitlab.com/AuroraOSS/AuroraStore/-/issues/813
I don't want to lose you I just watched a video. I love that guy. What was his name? Now I'm going to 😭. Can find the video. Just wondering if he has a newsletter? Did not get his name or the name of his company. Was interrupted while I was watching on UA-cam. 😕
Why should I use something like Aurora instead of Google Play? I just found this when I was searching for a way to Install the Play Store on Windows 11 using Windows Subsystem for Android so I don't know anything about these Apps (I Installed Aurora on my PC but still don't know why it is "better")
From a security perspective it's not better. From a privacy perspective, you're able to download apps from Aurora Store using one of their “anonymous” accounts, and you don't need to log in with a personal account.
If you're new to mobile privacy, I just put together a “getting started” guide on my website that should help you find relevant videos and information - sideofburritos.com/docs/setup-guides/mobile-privacy/
For me, I usually prefer the following :-
~ F-Droid client --> Droid-ify.
1. Custom F-Droid repo (IzzyOnDroid especially)
2. Google repo (Aurora Store)
3- Main F-Droid repo
** I may do the RSS reader method once it notifies for "Stable" releases only, but until now, I'll wait. Thanks Burritos 👍
Someone recently mentioned to me how the IzzyOnDroid repo works with apps in it. I like how the builds are pulled directly from Github (+ other source code repos).
Thanks for sharing!
The only issue I can see with that is that IzzyOnDroid will drop apps that make it to the official F-Droid store. So, according to privacyguides, you'll have apps that don't receive updates for months until you finally realise the apps moved to F-Droid.
What are your thoughts on Obtanium (an app that pulls app updates directly from source)?
You're the YTber we need.
F-droid clients also have the option to add repositories other than the their main fdroid repository. Newpipe offers their own fdroid repo, signed with their own keys that by adding the repo as source into the client, the app can be installed and updated like any other app on there.
However, not every project provides an F-Droid compatible repository.
Absolutely, that is a great point. As you mentioned, the downside to that is that not all apps provide that. Unfortunately you're still susceptible to the other issues F-Droid has besides self signing apps. I also try to keep things as simple (which is a relative term) as possible as that's my preference, but I also think it helps with anyone who might be new to privacy. Communicating Google Play/Aurora Store + Custom repos + RSS feed might turn some people away even quicker.
Not sure if you have seen the update provided by F-Droid org under the "News" heading.
"Posted on 2023-01-15"
"Towards a Reproducible F-Droid"
". . . . .In response to some of those criticisms, we started encouraging new apps to enable reproducible builds."
" . . . . maybe you haven’t noticed that there are many new apps signed with upstream developers’ keys. If you have some third-party repositories enabled, e.g. the IzzySoft one, you may find that sometimes you can update the app from the main repository even if you installed it from another one."
I would really like to hear your opinions on this update and it's implications.
Thanks for all your time. I would like you to know you are an inspiration and helped me in finally taking leap in making the transition from a typical consumer into the realm where I take action as it relates to my Data Privacy and its Security.
He didnt link any of the apps
they are mentioned in his article (which is linked in the description)
He didn’t want to sign the apps incorrectly. 😂
Hey dude, nice video. I noticed there isn’t a video on UA-cam yet comparing the F-Droid stores. I’d love to see that from you!
Do you mind to make an updated video about graphene os, covering all the latest changes they made on sandboxed play store, notifications etc? It looks like it’s not necessary to have a different profile anymore. thank you!
Furthermore, if one were to be really nitpicky, would it be worthwhile to re-flash my device with GrapheneOS in order to start from the beginning with Aurora & RSS instead of F-Droid whatsoever? (Due to the Trust-on-first-use model?)
Nice timing on your comment, that's the video I'll be releasing this coming Monday!
I don't think there would be a need for that. When you install an app, it's sandboxed. So uninstalling it is more than enough. I think a re-flash would be overkill.
@@sideofburritos is there a current update on the situation? Which one would be the best keeping the sandboxed playstore on mind
Hey mate, I just switched to GrapheneOS. I'm an old guy (from Australia!) and just want to say thank you for all of your videos and concise explanations. Very much appreciated. 🙌
Awesome. Thanks for all you do to make things clear. I'd love to see a video on how you define and execute different threat models. The term gets thrown around a lot and I'm wondering what standards and objective practices could be considered to make it less a fear-based, and more of a logic-based practice.
Your videos are truly precious to the privacy and security oriented community. We really appreciate it! Is it possible if you can make a short video of how to cast your GrapheneOS screen onto the Linux OS on PC? Will you be making Linux videos in the future? Thanks again.
Thank you! It's not something I've done before, but I'll keep it in mind and see what's available to do it. I'm going to be doing some self-hosted guides in the near future, and that base OS used for those will be Linux.
Edit: added Linux part
I don't know what I'm doing wrong, but my updates are even faster than through Google. But the truth is Droid-ify is really a great app (I learned from the first part from you).
Extremely useful content, thanks a lot! ❤
Good stuff as always sir.
Thank you!
Thank you for all your nice content you continue to put out. - About downloads of apps, I noticed that a lot of apps have a lot of tracking in the free version, and the paid version has no tracking. Question: where is it best and secure place to buy the pro version, ( Play store, Aurora store or other stores ? ) having problem buying directly in Aurora.. Best regards from a fan from Scandinavia
You're most welcome! If you're looking to purchase apps, the best way is using Play store.
Thank you for clarifying!
Glad it was helpful!
One question what's reproposotry
This vid was very much needed for beginners with Graphene OS deGoogled OS"es, thx Josh for clarifying all of these approaches and for giving your opinion why u would one of the other way to get apps u need👍 Now I am interested in that RSS update Github approach, but I have a question u might know answer straight from security point of view. What about standalone APK downloads for example from the APK Pure or other similar APK sites. Would u consider even worse in regards to security than F-Droid repository?
Sir! Will Google ban my Account if I log in to Aurora Store via Google Account ?
No
Great content thanks! In the process
Of switching to graphene os 👍🏼
Very nice, good luck!
Love your content ❤️
What is the difference in privacy between GrapheneOS and CalyxOS? Assuming the installation of Google services on GrapheneOS and Aurora store on CalyxOS? It's my understanding that the Aurora Store is maintained by one guy playing a constant cat and mouse game with Google, so is the GrapheneOS sandboxing model a better long-term solution?
In other words it's just better to install apps via their official website
Where can be Aurora downloaded from safely?
ok but which f draid based client has the better ui
Good Morning Sunshine posting early
You sound like his wife. I call my wife sunshine. 🙂🙂
@@ArtOfHealth LOL I wasn't trying to go down that road
Haha, thanks for the chuckle
If I buy an app from aurora store, does google get a fee for that? Or does it only get a fee when I buy it from google play?
Really helpful
I just have them both on my phone. Using calyx os.
Josh lately Aurora store is not available to get apps. Is there another alternative. I'm using GrapheneOs btw.
Seems like they're having issues with their anonymous accounts. Another option would be to log in with a Google account in the meantime while they resolve the issue - gitlab.com/AuroraOSS/AuroraStore/-/issues/813
I don't want to lose you
I just watched a video. I love that guy. What was his name? Now I'm going to 😭. Can find the video. Just wondering if he has a newsletter? Did not get his name or the name of his company. Was interrupted while I was watching on UA-cam. 😕
Thank You!
You're welcome!
Why should I use something like Aurora instead of Google Play?
I just found this when I was searching for a way to Install the Play Store on Windows 11 using Windows Subsystem for Android so I don't know anything about these Apps
(I Installed Aurora on my PC but still don't know why it is "better")
From a security perspective it's not better. From a privacy perspective, you're able to download apps from Aurora Store using one of their “anonymous” accounts, and you don't need to log in with a personal account.
Google play protect Is blocking f droid?
Just a short question:
What's the difference between "Read You" and "Feeder", is it ok to use Feeder?
You can use any RSS reader you like. I prefer the Read You interface, and the project is actively maintained.
@@sideofburritos Thank you!
What about Aurora OSS ?
Aurora OSS = Aurora Store