As announced in January, we looked at the /e/ Android ROM, provided by the /e/ Foundation:

– it isn't completely "ungoogled" as promised
– some traffic of preinstalled apps is unencrypted and contains personal data
– the security of their website is in great need of improvement

@infosechandbook Might be a good idea to tag @gael, so he can comment on findings.

@infosechandbook Is it possible to prevent data leakage by disabling or just not using the weather and map apps?

@blurakkun @infosechandbook Did you have a look at LineageOS, too? What I learned, there are some issues: Reverse lookup of phone number, captive portal checks,
Until now, I did not find an article covering all of the above. My impression is, that LineageOS team is more about fighting planned obsolescence than caring about user privacy.

@infosechandbook @gael
My 2 cents

"OpenWeatherMaps (this is not Google byt* the way)."

*Without `t`


Nice to read and see evolution since Anduze last year Gael.

Nice to see Infosec people interested on it.

Sign in to participate in the conversation
Mastodon is a microblogging site that federates with most instances on the Fediverse.