[hilbert42]

I'm sorry if I didn't explain the firewall VPN stuff well. Android lets one set up VPNs so firewalls exploit the concept to divert traffic from apps to a nul-VPN, apps think they've access to the internet but their traffic doesn't go anywhere.

This satisfies apps that demand such access, they'll still work on the premise that they have internet access, it's just that it's down all the time.

One such firewall app is Karma FW, it's available on Google's app store - and if you think you'd be violating your privacy even further by going there then use the Aurora Store app to spoof the download. As it violates Google's terms of service you have to get it from F-Droid's repository.

[zen_1]

I haven't run into apps like that before. I've always just denied the network permission or used AFWall+ (when rooted) to block network access from apps I don't want phoning home

[hilbert42]

The trouble with that (even on a rooted phone) is that the Google Play Services app collects info on everything, it's the most pernicious of any app. You only have to do the slightest thing on your phone and you can watch the size of its data file grow, thus routing its internet access to a VPN firewall is essential.

Unfortunately, Play Services uses the internet for various necessary functions. The only truly satisfactory solution is to remove it altogether and replace it with GApps which is a sort of 'clone' with the anti-privacy stuff removed.

[zen_1]

GrapheneOS supports installing Play services as a sandboxed unprivileged app [1] where you can revoke its network permissions and manually restore them if needed. I should know, it's what I do :).

If I could avoid using google software completely, I would, but this is the second best option IMO.

[1] https://grapheneos.org/faq#google-services

[propogandist]

is microG still a viable alternative to GApps or is there something else that’s taken its place?

The ROM community, especially those that cared about privacy, was quite small few years ago, especially for non-Pixel devices

[zen_1]

> is microG still a viable alternative to GApps or is there something else that’s taken its place?

microG is still viable afaik, but I prefer GrapheneOS's sandboxed google play approach since it's much more feature complete, and supports e.g. my 2fa hardware key, while that's currently missing from microG.

> The ROM community, especially those that cared about privacy, was quite small few years ago, especially for non-Pixel devices

Yeah Pixel devices are still the only ones you can expect to be supported by GrapheneOS and CalyxOS etc..., for anything else I think your best bet is to install LineageOS(formerly cyanogenmod) and microG if you can accept the current https://github.com/microg/GmsCore/wiki/Implementation-Status

[upupandup]

no worries think its pretty obvious what to do with here.

curious to know if some external firewall running on raspberry pi that sits between windows 10 desktop and the wifi exists. it would be ideal for inspecting network traffic