masterofn001

Use a VPN for everything except looking up Bible quotes and searching for grannie porn.

And, for the love of god and all that is holy, change the DNS on their modem/routers and use a secure DNS provider on a different device.

And check that your DNS resolver does esni / ech properly.

https://www.cloudflare.com/en-ca/ssl/encrypted-sni

Your results should look like this:

Addendum:

If you can, or if you know someone, or if you care enough to learn (I went from zero knowledge of DNS to "zero trust" in a modest amount of time), set up your own DNS resolvers or DNS proxies. Learn about things like DNS rebinding (bad), and how to prevent leaks using a VPN.

Personally, I use dnscrypt-proxy on Linux and android. It can be configured to use a local DoH server, quic/http3, DoT, and of course, dnscrypt.

Dnscrypt-proxy can use IP and domain block lists - no more ads, sypware, malware, tracking, porn - whatever category you want. It is compatible with adblock, unlock, and any other block list syntax. It also has the ability to forward certain domains to specific IPs. Eg someone looks up Facebook? They get redirected to 0.0.0.0 or why not lemonparty dot org.

The dnscrypt protocol both encrypts and anonymizes your DNS queries by relaying them through a series of relays (your_ choice of which and how many).

I wouldn't recommend anything.

This is only what I know.

There is much much much more I don't know.

This might be useful to use temporarily when you add an app that you know will read these values on install.

You may be able to use an app like geto to have this option toggled so that it only uses the developer settings option when the app is launched and returns to hardware when it closes.

Keep in mind there are a host of other identifiers on your device that can also be used to track and identify the user and device.

I like privacy and security.

Iron fox is great.

Was my first impression.

However, it is maybe a bit excessively prohibitive in it's attempts to provide privacy/security.

And there are a few issues that leave some privacy options wide open for some reason.

To the 1st point, they use a couple dozen different blocklists, using uBlock. Those default lists block sites that can test your browser for security and privacy vulnerability. Eg one of the most used and ubiquitous sites: browserleaks.org is blocked.

Which brings me to 2nd point.

I always check webrtc for leaks. In Mozilla/Firefox builds that is media.peerconnection.enabled in about:config.
In the plethora of blocklists used by ironfox two are conspicuously left unchecked: block webrtc and unbreak webrtc.
And, for whatever reasoning, in about config, yep, peerconnection is enabled. As is webgl.

Maybe I don't get out much, but I have never experienced an issue with any website that required webrtc, webgl, or wrbgpu be enabled. (They are each significant attack surfaces and each leak data you didn't know was being leaked)

I'm not using iron fox to use teams or make a video call. There is zero reason for it.

And blocking sites that check these has me maybe a little cautious on it really being the thing it says it is.

While continuing to use their own proxies to send your data to google.

And prion diseases.

If you think you're on a list - you are.

If you think you aren't - you are.

Doge+Palantir - You are Already On "The List"

To the mods, regarding my removed post above:

I am not advocating violence (yet).

I am advocating preparedness, knowledge, and the hypothetical necessity of self defense against a massive advanced military complex.

Reading is fundamental.

Just because I read the Bible doesn't make me a Christian, and just because I suggest people understand how to know how to do something does not make that knowledge an action or invocation or inciting or advocating.

Boy scouts motto: be prepared.

How can we be prepared if any suggestion of being prepared for / defending againat worst case scenario is actively deemed a call to violence?

Shall we all lay down and die?

We are well past the point of denying the future under the current regime.

Denying it will not slow it down or make it end. Denying it will not save you, or your loved ones. Denying it only works in their favor.

So, the media DRM toggle switches from the hardcoded hardware ID to a software DRM. Creating a new DRM key.

https://developer.android.com/reference/android/media/MediaDrm

Geto uses shizuku (an app that allows for adb/shell functionality) to change settings that are usually hiddden or inaccessible, or to give/deny apps permissions or features, or, as in the screenshot to change certain keys values. This allows you to change the environment and settings of the app on launch, and revert them on app close.

You can see all the current settings by using adb:

adb shell settings list [ global | secure | system ]

Or in termux with shizuku:

settings list [ global | secure | system ]

In the following screenshot I enter the shell using shizuku (rish) list global settings and find keys with adb. I change the value of adb_wifi_enabled (wirelese debugging) from 0 to 1 and set {1} as the default value. Then I list again to show the change.

This is what geto is doing. But it assigns it to the action of launching/closing an app. While doing it manually via terminal set those values system wide.

Sometimes, though, you may want a system wide change (like if you want to change the accent colors or theme from RAINBOW to VIBRANT).

(There are other configs and properties you can viewed and modify using other commands. (in shell try

cmd -l 

For a list of services. Some have user modable options. Be careful. If you don't know, don't touch. Every setting can be searched . there are hundreds or thousands .)

Was able to get a different result using the media DRM toggle in developer settings

Verified results using TrustDevice

https://apt.izzysoft.de/fdroid/index/apk/com.trustdevice.android

https://www.trustdecision.com/

The other identifiers remained.

No appops or permissions change or prevent the exposure of other information.

Actually... Geto, can apply appop settings/values per app launch. And you can change the android_id value.

Remember when phones had that insane super advanced tech that could guide anyone anywhere, even offline?

Seriously, why doesn't the compass exist anymore?

I have never turned on location anything on grapheme.

On my other phone I have also uninstalled google location services/history, WiFi scanning, Bluetooth unknown tracker, etc.

If I get lost in a building... I ask someone.

Thing is ... they smell it. They love it. They eat that shit up.

Coprophilia is the very essence of the GOP.

It is the beginning of the end.

Something something reset.