Private and secure usage of smart watch / fitnesstracker

Anon6095

I want to buy a smart watch / hybrid smart watch or a fitness tracker to track some health statistics, especially my sleep.
Because I am very privacy conscious I only want to use either use gadget bridge or the native app but without network permission, besides maybe an initial firmware update.

I tend to buy a Huawei GT 4 because its matches the features I want (especially the sleep tracking), the price is ok (around 110€) and I like the design.
But I am not sure about installing a chinese app, and I am not sure if the app really doesn't need any permission that would allow it to extract data.

Can anyone here give me some suggestions?

W1zardK1ng

Anon6095 Im not into this stuff just bcz of the data they collect and share with their manufacturer, maybe try some Open Source Smartwatch or medical devices thats designed for sleep and other health conditions tracker.

I dont know anything about these devices just found on the internet. Do your research.
https://www.medicalexpo.com/prod/shanghai-berry-electronic-tech-co-ltd/product-122578-1175058.html

23Sha-ger

Anon6095 Because I am very privacy conscious

Anon6095 I tend to buy a Huawei

Let it sink in. Privacy and CCP owned Huawei in the same post.
Step 1) Put alarm at a specific time
Step 2) Wake up at a specific time no earlier than 6 hours from step 1
Step 3) Donate the 110€ to GOS

Reference from past, can be found on your favorite search engine:
In May 2019 a Huawei Mediapad M5 belonging to a Canadian IT engineer living in Taiwan was found to be sending data to servers in China despite never being authorized to do so. The apps could not be disabled and continued to send sensitive data even after appearing to be deleted.

basedFOSS

Anon6095 Has Anyone used an eSIM with a gadgetbridge supported watch?

02673853

Anon6095 I tend to buy a Huawei GT 4 because its matches the features I want (especially the sleep tracking), the price is ok (around 110€) and I like the design.

Don't buy a chinese spy device if you care anything about ürivacy and security

gehesor882

Check out https://gadgetbridge.org/gadgets/wearables/huawei-honor/#device__huawei_watch_gt_4

I currently use a Gramin Forerunner with no issues.

Anon6095

gehesor882 Check out https://gadgetbridge.org/gadgets/wearables/huawei-honor/#device__huawei_watch_gt_4

The site states "Mostly supportedMissing a few features, but it should be enough to cover essential daily tasks." I think this is very vague without a list of actual features.
But I could order one and just return it, if it doesn't work.

Anon6095

W1zardK1ng Im not into this stuff just bcz of the data they collect and share with their manufacturer, maybe try some Open Source Smartwatch or medical devices thats designed for sleep and other health conditions tracker.

I heard much good about Garmin, but their watches are to expensive for me.

I should have mentioned that I want something between 50-250€ (1€ = 1.16$)

Anon6095

W1zardK1ng Im not into this stuff just bcz of the data they collect and share with their manufacturer, maybe try some Open Source Smartwatch or medical devices thats designed for sleep and other health conditions tracker.

I think I can avoid tracking just by either using gadget bridge, or by using the native app but without newtork permission

02673853

W1zardK1ng I dont know anything about these devices just found on the internet. Do your research.
https://www.medicalexpo.com/prod/shanghai-berry-electronic-tech-co-ltd/product-122578-1175058.html

When its "price on request" its mostly very expensive

GrouchyGrape

Anon6095 I've bought several Garmin Fenix series watches for less than $300 USD in new or like new condition. As long as you're ok with one a generation or two old, there are great deals out there. Look on eBay.

W1zardK1ng

Anon6095 Yah but the problem is most these devices ask to create an account on their app on the initial login, the app keeps collecting data and when we enable internet for the apps to update the firmware of the device it send that data to the parent company, gadget bridge is a good option but if it can update the firmware.

Anon6095

W1zardK1ng Anon6095 Yah but the problem is most these devices ask to create an account on their app on the initial login, the app keeps collecting data and when we enable internet for the apps to update the firmware of the device it send that data to the parent company, gadget bridge is a good option but if it can update the firmware.

23Sha-ger Let it sink in. Privacy and CCP owned Huawei in the same post.

23Sha-ger Reference from past, can be found on your favorite search engine:
In May 2019 a Huawei Mediapad M5 belonging to a Canadian IT engineer living in Taiwan was found to be sending data to servers in China despite never being authorized to do so. The apps could not be disabled and continued to send sensitive data even after appearing to be deleted.

I am totally aware of this.
My initial plan was to set up the Watch and update the firmware (in my proprietary profile) on time, then uninstall the app, and reinstall it inside my main profile without network permission and never give it to the app at any time.
Because I don't have any proprietary apps inside my main profile that have network permission, IPC exfiltration would also not be an option.

But we don't need to talk about Huawei anymore, because I found out that their app always require network permission, which undermines my plan.
Therefore I will NOT by a Huawei watch.

naibed

Amazfit watches are another option that are feature-heavy, inexpensive and solid compatiblity w/ GadgetBridge. I'd recommend looking for reviews on YT to get a feel for devices too

W1zardK1ng

Anon6095 I still didn't understood how that's gonna work. Updating firmware is not a one time only task, you will have to check at least monthly once to see if there is an update available. And these apps needs you to login to your account for the initial setup whether you are creating a new account or login to an existing one. so you cant use the app without network permission at least for the initial setup time. Then the issue is with how you will check for firmware update.

Anon6095

W1zardK1ng so you cant use the app without network permission at least for the initial setup time

The initial setup isn't a problem, because at the time of the settup, the watch hasn't any data to steal.

W1zardK1ng Updating firmware is not a one time only task, you will have to check at least monthly once to see if there is an update available.

W1zardK1ng Then the issue is with how you will check for firmware update.

If the update isn't available over Gadgetbridge, then I will ignore it.

slb

Get a Garmin without wifi built-in and disable network settings for the Garmin Connect app.

You get tap payments as a bonus, and can keep the app offline indefinitely. Been running this for over a year now with no issues.

Anon6095

slb Get a Garmin without wifi built-in and disable network settings for the Garmin Connect app.

You get tap payments as a bonus, and can keep the app offline indefinitely. Been running this for over a year now with no issues.

GrouchyGrape Anon6095 I've bought several Garmin Fenix series watches for less than $300 USD in new or like new condition. As long as you're ok with one a generation or two old, there are great deals out there. Look on eBay.

Can you guys recommend a particular Garmin?
I want sleep tracking, but I don't have so much money to pay.

MisterX

slb Get a Garmin without wifi built-in and disable network settings for the Garmin Connect app.

How does this work? Garmin Connect doesn't even start properly because of "no internet connection" on my phone.
I'm using this app instead https://martin-ueding.github.io/geo-activity-playground
(Only for activitys)

N1b

The Pine Time is cheap, completely open source and compatible with Gadgetbridge (they even advertise it). Might not have the features you need though (e.g. vibration is really weak).

I'm also currently looking at Amazfit and Garmin devices (with the "highly supported" Gadgetbridge Tag). The idea from @naibed is solid, do some YT research and see what's best fitting your needs.

Anon6095

N1b The Pine Time is cheap, completely open source and compatible with Gadgetbridge (they even advertise it). Might not have the features you need though (e.g. vibration is really weak).

I like such projects but it seems that their lack the features I need:

Health Tracking Step Counting (with Accelerometer)
Heart rate detection

MisterX

Anon6095 Can you guys recommend a particular Garmin?
I want sleep tracking, but I don't have so much money to pay.

Instinct 2

GrouchyGrape

Anon6095 anything from the Fenix / Epix line are my preferences, but I'm fine buying them a couple generations old to save money. They're like phones. Generally speaking, a one or two year old flagship device will still be much nicer than a current gen budget or mid device. If you buy used, I recommend getting a sapphire display to avoid scratches and such.

Look around for models in your price range, then watch reviews on YouTube.

slb

Anon6095 I'm using the forerunner 165 which has Garmin pay and sleep tracking among other nice features. Check some reviews if it fits your bill.

LeslieFH

MisterX Instinct 2

This seems a particularly bad fit to GrapheneOS because it has no Garmin Pay (unless you splurge for Instinct 2 Solar), and Garmin Pay is a way to get around the "no Google Wallet" limitation :-)

Anon6095

MisterX Anon6095 Can you guys recommend a particular Garmin?
I want sleep tracking, but I don't have so much money to pay.

Instinct 2

I researched it and it seems ti have great sleep tracking:
https://www.androidauthority.com/garmin-sleep-tracking-3174562/

Can you confirm that the watch's sleep tracking also works with Gadgetbridge and/or that the official companion app doesn't require network permission?
The main thing I want to do is sleep and health tracking

slb

MisterX pair it up with networking enabled and then disable it, you'll have no issues.