I’ve started missing out on events just because I am not in the group chats my friends are having on there. That is where I draw my limit. I need to start using Messenger.
However I still wish to use Messenger with as much privacy as possible. I am looking for any advice that might improve my experience and lessen any privacy impact.
I will be creating a fresh account that will just have a picture of me and my first name.
I am running iodeOS (Google-free Android ROM with built in ad-block) on my phone and I am very happy with it so far. I will be blocking messengers outgoing requests as much as possible while still retaining base functionality, but I’m not sure how much that will help.
How do I best use Messenger on Android from a privacy perspective?
Short answer: you don’t. It’s either privacy or a facebook app, not both.
Longer answer: Don’t use the facebook app https://github.com/mautrix/facebook (requires your own Matrix homeserver)
It is much more complicated to host a Matrix homeserver and Facebook Messenger bridge, however, it allows you to use a FOSS chat app on your Android phone. With notifications and if needed, fully outside google infrastructure, or even fully selfhosted, with ntfy.sh for example. Without running any proprietary Facebook code, and without directly connecting to Facebook servers on your Android device.
It is of course unavoidable to have complete privacy, as your messages will still be sent to Facebook, but you avoid almost all telemetry (and all on-device telemetry) by using a Matrix bridge rather than the official website/app.
Another option is Beeper, although privacy with them is questionable, since you’re fully trusting them with your account, and any incoming/outgoing messages. It does avoid Facebook telemetry on device, and is much easier than hosting a Matrix homeserver.
I’ve had this “problem” before, and I did not want to use the full Messenger app for privacy reasons as well. I had installed Messenger Lite, but it was discontinued a few weeks ago. I now have Facebook Lite, which also has Messenger, and you get notifications as well. It’s not perfect, but don’t give it too many permissions and you should be mostly fine. Using it in the browser is absolutely terrible, and you would not get push notifications.
A long time ago I used an app called Tinfoil Facebook that created a sandbox web browser style situation in the app. Gave it a nice UI and did not leave a trace. Switched to iPhone at some point. I wonder if it’s still around…
Seems to still be available on F-Droid, but the last update was in 2017. I’ve installed it, but ended up not logging in since it’s targeting an SDK version so old that Android is giving me a bunch of warnings (and it doesn’t even scale to my entire screen, there’s a big black space at the bottom)
Wild! Thanks for checking up and following up.
If you end up taking the browser route, take a look at WebApps
New app I didn’t even know I wanted.
It’s not free, but check out Hermit. It’s the best sandbox app I’ve used and I use it daily. It creates “applets” that are basically icons on your desktop that launch the sandbox instance. So I’ve got several I use daily: wordle (and variations), a forum I frequent often, different web comics, etc. No need for an actual app installed for each of those when I just have a single app that creates small instances
@U2VuZCBudWRlcyA6KSAK
ahhh… the network effect…I wouldn’t use it on anything, but if you have to… i’d start by looking if it’s possible to use it from a web browser instead of using an app. This way, the browser app will isolate it from having access to your entire device.
I get the idea with running it in a browser, but that will give a really bad experience with no notifications and loosing the app among all 100 other tabs I might have open at the same time.
How naive am I if I just install it and deny it access to camera, microphone, contacts, location and all that? It should not be able to bypass the OS permissions system.
What I guess I’m asking is what isolation by browser will really do for me. I am trading off a lot of features that will be handy, but what have I won in privacy? I am still using the service.
I don’t know what an app with only notification permissions can really do, but I guess the answer is “more than it should”…
If it were me, I’d use that browser solely for FB. Firefox allows one to have multiple instances. Harden it as much as you can whilst still able to use the bits of FB you’re interested in.
even if you deny all those permissions, they’ll still be able to track everything what you do in the app, which is enough to build a profile on you including interests, social graph, and even personality traits.
Work profile, or a PWA I think would be the best way to
What good will a work profile do me? As mentioned in the other reply, what privacy gain am I really looking at in return for the tradeoff?
You tell us.
Using PWA you’ll retain all the features and nice-to-haves of the app, while also preventing it from doing any weird magic to your files in the background. Sharing files from your main profile to your private profile is also as easy as opening the file in your main profiles file browser and clicking “share”.
What is your threat/privacy level? How far are you willing to go, and what/how much is it that you want to keep private?I’m clearly too tired to make any sense. Please have a nice evening.
Limits data access, right?
isn’t cross-app communication from fecesbook messenger available yet?
deleted by creator
@U2VuZCBudWRlcyA6KSAK There’s also Beeper for pretty much all the most popular services. Should be more private than using the 1st party Facebook apps.