• Off Topic
  • Privacy and Security Implications of AirGuard on GrapheneOS

AirGuard is an open-source app that tries to detect and warn the user about unknown AirTags and Tile trackers that may tracking them.

In order to do this passively in the background, it requires Bluetooth to be left on all the time, and for the app to have access to location all the time. This feels invasive, but it appears necessary to get the app to do what it's indented to do.

To keep the app from sending my location data somewhere, I disabled its Network permission. Being nervous about leaving Bluetooth on 24-7, I also verified that my device is not Bluetooth discoverable unless it's on the "Pair new device" screen in Settings.

By using AirGuard in this way, are there any privacy or security implications I'm overlooking?

    Fhggyy5767 I went to the "Pair new device" screen on my old phone, and my GrapheneOS phone only appeared in the list when it also was on the "Pair new device" screen.

    I just started using Bluetooth I'm the last couple months. I really want to know the best way to have secure connections and what not. Is there a way to create a password for devices to connect? I don't know much about Bluetooth but have been reading. Is there any extra things I can do with GOS to protect myself? To make a more secure Bluetooth environment on my device?

    I'm also new to Bluetooth security so I've been looking around the internet for tips.

    Looks like was at least one vulnerability in recent years that can execute arbitrary code on bluetooth devices, even when they aren't in discoverable mode. This was patched in Android, but I can see why general advice is to keep bluetooth turned off in public and when not in use.

    It also looks like it's possible to spoof devices that a phone has paired to previously, so I'm now telling my phone to forget any device it's connected to after I'm done using it.