• General
  • How does GOS stand against device fingerprinting?

avidgrapher Will uninstalling an app and reinstalling it again remove the app saved "cookies"?

Yes

The question we should be asking is - how might we make the wallpaper fingerprinting less useful for a potential tracker?

Could we change the wallpaper from a set of images from predefined folder, pref. automatically - either periodically at random intervals or whenever an app is launched, so that a diff ID is observed by the tracking app each time.

How many images would be needed and how often should it be changed to sufficiently randomise the ID, may need to be worked out.

Just a thought.

    Have you tried this website?
    https://coveryourtracks.eff.org/
    I think fingerprinting is hard to get away from. Tonight I tried my Librewolf browser (linux desktop) at it, and I get a unique fingerprint. Sometimes I get a nearly unique with it. The thing is, Librewolf has all those things to reduce fingerprinting and yet I still get a unique fingerprint. My Grapheneos phone used to score even worst, even with the stock wallpaper. I did notice that playing with the timezone and time offset, the uniqueness went down noticeably. Of course, who's gonna change their time and time zone every time they want to use the internet. Maybe it only worked for that one night I was playing with it.

    Just my opinion of course.

      joyful

      I think browser fingerprinting is a very complex topic. Things like timezone/date, screen resolution, and any settings you've touched and changed from the default state make you stand out of the masses. From a quick glance I guess Vanadiums hardening features make it stand out as opposed to standard Chrome on Stock Android (also other GOS security features may be important here). But if I recall correctly, and please correct me if I'm wrong, Vanadium was designed with security as a top priority and not privacy. Ironically enough, the best privacy is achieved when you do not touch your browser at all and be like all the other mindless sheep in the herd.

        Phead
        Actually, I would say privacy is not the main problem with fingerprinting. It's your anonymity with web use that goes down, but that might work against your privacy. I don't hide my IP address, so it's not a big concern for me. It's the invasive spying that get me. You know, the listening to all your conversations, watching you every seconds of the day, monitoring your body functions, geotracking. I think Grapheneos helps for this. Vanadium does its part by preventing unwanted access through vulnerabilities. However, I was just amazed at what they can do with fingerprinting.

          Unhelpful comment but I think anti-fingerprinting is a losing battle unfortunately. Even if it wasn't, the sacrifice of restricting everyone to the same hardware, software and usage pattern is too much.

          joyful You know, the listening to all your conversations, watching you every seconds of the day, monitoring your body functions, geotracking.

          Depending on who you are and how the information a third party gathers about you can be used against you or somebody else, I feel sorry for the poor soul that has to dig through my daily, boring data dump.

          But seriously, knowing about it empowers you to change your behavior. I too was baffled when I first read about all the information that is freely available to any website and how that can be used to identify me. On the other hand, on a daily basis I am not that important, really, so I choose convenience over privacy and use adblockers. But the good thing is knowing about fingerprinting empowers me to chose my browser depending on the tasks ahead. Others change their watches or cars, we change browsers.

          tastazardo

          For me I'm still sticking with the stock wallpaper.

          Why would an app have access to something like a wallpaper any way? The best thing is to completely disable access or having GOS spoof it randomly instead of changing wallpapers.

          joyful
          I think this misses the point of my post. I'm asking about what apps can know about my device (Device fingerprinting) not what websites can know about my browser (Browser fingerprinting). Which is a separate issue and depends on the browser used.

          Does your Librewolf browser have strict fingerprinting block enabled? If so, then websites shows you having unique fingerprint because Librewolf randomizes it per website.

            avidgrapher
            My apologies. I misunderstood. I know little about device fingerprinting by your apps. It sounds like Grapheneos does limit what apps can access, so I'd say it's better than most.

            I did enable the Librewolf features. I've been making hardware changes , including my drive. I might have changed the settings.

            avidgrapher

            Wallpaper fingerprinting

            At the moment GOS ships with a total black wallpaper and has removed other wallpapers from AOSP when it ships to enforce "similarness" between devices so that the wallpaper fingerprinting becomes moot. It is recommended by GOS that you keep the back wallpaper image and not change the color scheme to benefit from not being finger printed this way. A fix is in the works such that the system would always report the wallpaper colors as "black" no matter what the wallpaper color is, so that the use of wallpapers would no longer pose a privacy issue for GOS users.

            On your other 2 questions I can't comment.