Sensible Android custom install
Recently I have gotten my hands into a Sony Xperia Z phone. Thanks to Sony, its bootloader can be unlocked, so it’s time for some Android flashing.
My objective is to get an Android terminal as full of FOSS as possible, free of Google’s eavesdropping, functional, and safeguarding my privacy. Why?
Right now they know your bank accounts, they read your mails, your chat conversations, log your messages and calls, your social interactions of any kind (and who is your friend); with the gps they know where do you sleep (ergo your home), where do you work, your daily paths; they know what do you like, dislike, you search for, etc.
In summary: they know things about you that you don’t even know.
Do you remember how it feels to have one of those 90’s telephones? the freedom, but at the same time the feel of being connected? It can be achieved within this modern times too!
Steps to follow
- Android ROM: CyanogenMod (10.1 in my case). Replicant is not supported for Sony devices so far.
- download CyanogenMod, flash bootloader: fastboot -i 0xfce flash boot boot.img fastboot -i 0xfce reboot
- install CyanogenMod from zip, with the bootloader. At this point there isn’t any Google apps installed on the terminal.
-
One can setup a CyanogenMod account, to be able to wipe and track the device.
-
Privacy protection from apps: CyanogenMod has a privacy setting, under security->security in applications, that allows you to protect access to contacts, messages and call registers. Active it now so every app you install from now on has it activated by default. Anyhow, this protection sounds scarce. Apps should not access without permission to IMEI, SIM serial and info, network, list of accounts… that’s what one would expect of a truly caged sandbox. This is achievable for example with pDroid. Also, CyanogenMod 10.2 will ship with Privacy Guard 2.0, which achieves some of those things.
-
Grant root rights to CyanogenMod File Manager so you can see the external SD card.
- Google play substitutes:
-
- add guardianProject repo: https://guardianproject.info/repo/
- Relevant apps:
- k9 Mail. With GPG support (but lacks PGP-mime). Works together with APG.
- 1mobile: for those (necessary) apps that aren’t open source. It’s a drop-in substitute of Google play, without the need of a Google Services account. Also, it allows you to install apps even if they aren’t “supported” on your device (e.g: apps for 7” devices on a 5” device). You can install the market app from https://www.1mobile.com/app/market/ .
-
-
If you are going to install an ad blocker such as AdFree (from 1mobile market) or AdAway (from F-Droid), install it on the first place. That way apps would not make a cache of ads to show. In case of AdAway, you can add more sources to the host file from here: https://github.com/dschuermann/ad-away/wiki/HostsSources.
- Google contacts/calendar sync substitutes:
synchronises your Android address book and calendar to CalDAV/CardDAV servers like ownCloud.
- The Funambol Sync client: uses SyncML to synchronize your calendar and address book with various applications.
- aaaaaaand my favourite!! ownCloud. You can set up your cloud easily and painless. You can synchronise your Android address book and calendar to your own CalDAV/CardDAV owncloud server, and chose from a lot of apps to connect to it. UPDATE: look at my blog post for setting it.
-
Now you can have all the Google aps from 1mobile, minus Google Now and Hangouts, which are tied to Google Services.
-
Install all the apps you want. If you are using CyanogenMod app privacity settings, don’t forget to allow your chosen apps to see your contacts!
-
Using the CWM recovery, make a restore file and save it in the external SD card. This is what was called Nandroid before (called liked that because it backups the content of the NAND memory of an Android device).
-
Since CyanogenMod includes Google Analytics, go to Settings->Telephone Info->CyanogenMod Statistics, and turn it off. If you don’t feel good anyways, add to the hosts file (with AdAway for example):
video-stats.video.google.com
google-analytics.com
analytics-api-samples.googlecode.com
wintricksbanner.googlepages.com
www.google-analytics.com
www-google-analytics.l.google.com
ssl.google-analytics.com
googletagservices.com
www.googletagservices.com
-
???
- Profit!
In the event that you feel the need of Google aps/services again, you can always install them from goo.im. Goo.im checks that the signing key of the Google aps matches the one from the Google Play Store. For obtaining your needed version you can look at rootzwiki, or install goo.im application from goo.im. If you prefer Gtalk instead of Hangouts you can download the Gtalk zip from here.
Lastly, a list of useful apps
From F-droid: (FOSS)
- barcode scanner
- Authenticator (2-factor auth)
- k9 mail
- apg (PGP keychain)
- orbot
- orweb v2
- gibberbot (chat client)
- Tigase Messenger (chat client)
- LilDebi (debian chroot)
- hacker’s keyboard (best keyboard ever! try it!)
- TTRSS-Reader (An RSS reader for Tiny Tiny RSS)
- osmAnd~ (maps substitute, based on OpenStreetMaps. there are many)
- ghost commander (file manager, with Samba and sftp plugins)
- AFWall+ (firewall)
- Bitcoin (try first Testnet3 if you don’t have bitcoins)
- ConnectBot (ssh client) (volume up or down to change resolution)
- VX ConnectBot (ssh client)
- Weechat (irc relay client)
- Tomdroid (port of Tomboy note taking desktop app)
- TextWarrior (text editor)
- Sky Map (sky browser)
- XBMC remote
- Sanity (phone call recording, anouncement, blocking)
- SatStat (GPS, sensor and network status)
- Ringdroid (edit ringtones)
- VLC
- Remote for VLC
- quake1 & 2
- Pushup Buddy
- PurpleDock (car dock)
- Network Log (monitors apps by iptables)
- K-9 Mail DashClock Extension
- Gmote
- faenza adw theme
- Diaspora Webclient
- Dalvik VM Explorer
- Network Discovery (hosts, scan ports, etc)
- OpenPGP Keychain
- OpenVPN Settings
- ownCloud
- DAVDroid (account manager for CardDAV and CalDAV, can connect with ownCloud)
From 1mobile: (privative mostly)
- firefox
- maps
- facebook messenger
- colordict + dictionaries (offline dictionary)
- goldendict (offline dictionary)
- gtasks
- realcalc
- pomodroido (pomodoro technique)
- endomondo
- wifi analyzer
- gstrings (guitar tunner)
- root uninstaller
- DuckDuckGo (adds that search to system)
- androirc (irc client)
Víctor Cuadrado Juan
I'm Víctor Cuadrado Juan, a developer and FOSS enthusiast, in love with Linux. Currently living in Nürnberg, Germany. Feel free to waste your precious time around here, or to contact me.