7 minutes reading time (1466 words)

Privacy Cookbook - Chapter 5.2 - Cellphone Security - Samsung

sammy

 After covering iOS in our last entry, we are focusing on Android and most specifically on Samsung devices...which could be a little tricky!

Let us start by stating that we think that Samsung is awesome! if you have a top of the line device like the Note 10 or the S10 series, then you have not only a great camera but many excellent tools and features. That said, some of these appear a whole lot less sexy after you discover that they routinely 'phone home!' and unlike E.T this is not to be rescued but to send data, meta info and images/pictures to servers potentially in...China! It also probably goes to Facebook as well so the NSA and Mark have a copy too...if that sounded sarcastic then yes that was the point I wanted to make. 

Luckily, if have a Samsung or are planning on buying one there are, as always (courtesy of the Privacy Cookbook), a few things you can do to address this. 

First step:
Enable Developer options on the device. Open Settings> About phone > Software information (on a Galaxy S10 for instance) and tap ‘Build number‘ 7 times. Upon reaching the 'Developer mode has been enabled” message, go back and tap 'Developer options'.

Scroll down and turn on ‘USB debugging‘,  tap ‘Allow‘ once prompted.

Since you have enabled USB debugging on your Galaxy S10,  Note 10 or probably most other Samsung devices which work in the same way, your phone is now ready to accept commands via ADB directly from your computer.

Second step:
You might need to install the Android SDK platform tools for Windows, Mac, Linux

https://www.droidviews.com/download-latest-adb-and-fastboot-sdk-platform-tools-win-mac-linux/

Now you are ready to 'Debloat' the 'shit' Samsung kindly provided for your 'convenience' :)

Start the terminal and type:

adb shell 

Then remove the Facebook 'phone homes'...

function hello() pm uninstall -k --user 0 com.facebook.katana
pm uninstall -k --user 0 com.facebook.system
pm uninstall -k --user 0 com.facebook.appmanager
pm uninstall -k --user 0 com.facebook.services 

BIXBY:

pm uninstall -k --user 0 com.samsung.android.bixby.wakeup
pm uninstall -k --user 0 com.samsung.android.app.spage
pm uninstall -k --user 0 com.samsung.android.app.routines
pm uninstall -k --user 0 com.samsung.android.bixby.service
pm uninstall -k --user 0 com.samsung.android.visionintelligence
pm uninstall -k --user 0 com.samsung.android.bixby.agent
pm uninstall -k --user 0 com.samsung.android.bixby.agent.dummy
pm uninstall -k --user 0 com.samsung.android.bixbyvision.framework
pm uninstall -k --user 0 com.samsung.systemui.bixby2 

Followed by the other crap:

Flipboard
pm uninstall -k --user 0 flipboard.boxer.app

TTS engine
pm uninstall -k --user 0 com.samsung.SMT

Global Goals
pm uninstall -k --user 0 com.samsung.sree

Voicemail
pm uninstall -k --user 0 com.samsung.vvm.se

Samsung Tips
pm uninstall -k --user 0 com.samsung.android.app.tips

FM/AM Radio
pm uninstall -k --user 0 com.dsi.ant.sample.acquirechannels
pm uninstall -k --user 0 com.dsi.ant.service.socket
pm uninstall -k --user 0 com.dsi.ant.server
pm uninstall -k --user 0 com.dsi.ant.plugins.antplus

General stuff
pm uninstall -k --user 0 com.android.egg
pm uninstall -k --user 0 com.android.dreams.phototable
pm uninstall -k --user 0 com.sec.android.easyonehand
pm uninstall -k --user 0 com.sec.android.widgetapp.samsungapps
pm uninstall -k --user 0 com.samsung.android.mateagent
pm uninstall -k --user 0 com.sec.android.easyMover.Agent
pm uninstall -k --user 0 com.android.dreams.basic
pm uninstall -k --user 0 com.samsung.android.app.watchmanagerstub
pm uninstall -k --user 0 com.sec.android.daemonapp
pm uninstall -k --user 0 com.samsung.android.app.social
pm uninstall -k --user 0 com.samsung.android.messaging
pm uninstall -k --user 0 com.samsung.vvm

Secure WiFi
pm uninstall -k --user 0 com.samsung.android.fast

Samsung DEX (leave if you use it)
pm uninstall -k --user 0 com.sec.android.desktopmode.uiservice
pm uninstall -k --user 0 com.samsung.desktopsystemui
pm uninstall -k --user 0 com..sec.android.app.desktoplauncher
pm uninstall -k --user 0 com.sec.android.desktopcommunity

Microsoft
pm uninstall -k --user 0 com.microsoft.skydrive

Google (there is also the play store and framework etc, but we advice doing this via disable as a lot of things are connected, but this is safe to remove)

pm uninstall -k --user 0 com.google.android.gm
pm uninstall -k --user 0 com.google.android.videos
pm uninstall -k --user 0 com.google.ar.core

Samsung PASS / PAY
pm uninstall -k --user 0 com.samsung.android.samsungpassautofill
pm uninstall -k --user 0 com.samsung.android.authfw
pm uninstall -k --user 0 com.samsung.android.samsungpass
pm uninstall -k --user 0 com.samsung.android.spay
pm uninstall -k --user 0 com.samsung.android.spayfw

More Apps
pm uninstall -k --user 0 com.samsung.android.wellbeing
pm uninstall -k --user 0 com.samsung.android.da.daagent
pm uninstall -k --user 0 com.samsung.android.service.livedrawing

AR Emoji
pm uninstall -k --user 0 com.samsung.android.aremoji
pm uninstall -k --user 0 com.sec.android.mimage.avatarstickers
pm uninstall -k --user 0 com.samsung.android.emojiupdater

Sticker Center
pm uninstall -k --user 0 com.samsung.android.app.camera.sticker.stamp.preload
pm uninstall -k --user 0 com.samsung.android.stickercenter
pm uninstall -k --user 0 com.samsung.android.app.camera.sticker.facearframe.preload
pm uninstall -k --user 0 com.samsung.android.app.camera.sticker.facearexpression.preload
pm uninstall -k --user 0 com.samsung.android.app.camera.sticker.facear.preload

Car mode
pm uninstall -k --user 0 com.samsung.android.drivelink.stub

Printing
pm uninstall -k --user 0 com.android.bips
pm uninstall -k --user 0 com.google.android.printservice.recommendation
pm uninstall -k --user 0 com.android.printspooler

Samsung email
pm uninstall -k --user 0 com.samsung.android.email.provider
pm uninstall -k --user 0 com.wsomacp

Samsung Game Launcher (might reappear after restart)
pm uninstall -k --user 0 com.samsung.android.game.gamehome
pm uninstall -k --user 0 com.enhance.gameservice
pm uninstall -k --user 0 com.samsung.android.game.gametools
pm uninstall -k --user 0 com.samsung.android.game.gos
pm uninstall -k --user 0 com.samsung.android.gametuner.thin

Samsung Browser (install first another one)
pm uninstall -k --user 0 com.sec.android.app.sbrowser
pm uninstall -k --user 0 com.samsung.android.app.sbrowseredge

Gear VR
pm uninstall -k --user 0 com.samsung.android.hmt.vrsvc
pm uninstall -k --user 0 com.samsung.android.app.vrsetupwizardstub
pm uninstall -k --user 0 com.samsung.android.hmt.vrshell
pm uninstall -k --user 0 com.google.vr.vrcore

Samsung Kids
pm uninstall -k --user 0 com.samsung.android.kidsinstaller
pm uninstall -k --user 0 com.samsung.android.app.camera.sticker.facearavatar.preload
pm uninstall -k --user 0 com.sec.android.app.kidshome

Samsung LED Cover (if you use it, leave it)
pm uninstall -k --user 0 com.samsung.android.app.ledbackcover
pm uninstall -k --user 0 com.sec.android.cover.ledcover

EDGE
pm uninstall -k --user 0 com.samsung.android.service.peoplestripe

Samsung DEX (if you use it leave it)
pm uninstall -k --user 0 com.sec.android.app.dexonpc
pm uninstall -k --user 0 com.sec.android.app.desktoplauncher

Air command - com.samsung.android.service.aircommand
(Removes entry in settings. Allows button to be used as an eraser in drawing apps)
- com.samsung.android.aircommandmanager

AOD (Removes charging status from lock scree ) - com.samsung.android.app.aodservice

DeX on PC
pm uninstall -k --user 0 com.sec.android.app.dexonpc

AR Doodle
pm uninstall -k --user 0 com.samsung.android.ardrawing

If you have a different launcher installed! And only then or you can’t launch any apps anymore!
pm uninstall -k --user 0 com.sec.android.app.launcher 
You can also use an app called package disable, which can disable this apps, but bear in mind that it is still there! Even with ADB you have just moved them from the user's account! With the package disable app, which you can purchase with bitcoin, you can also safely disable all other Google apps including Chrome, Google framework etc, The beauty of this is that if you need them for a software update or for any other reason, you can just re-enable them in the app.


Sadly, you are not done yet! 

We highly recommend one of these two apps! 

1) Netguard

​https://www.netguard.me/

With Netguard, get the one from GitHub, pay in bitcoin and set it up with a total lockdown on apps then only allow apps that you totally trust! You can even allow some apps that only work when the screen is on!

or 

2) AdGuard
https://adguard.com/en/welcome.html

We've tested both apps and both really well. Netguard is open source, super easy to use and setup in lockdown mode but then so is AdGuard, However, it has a few great, additional features: 

Personalized DNS services via DNS-over-HTTPS and DNS-over-TLS which are two great, first steps to privacy, as you can read here

There is more though, for example, the Blocklist feature which both blocks an already impressive, pre-offered list but which also allows you to add your own suggestions or lists!

We have a big list here

You can even block directly at a DNS level

Click on AdGuard -> Settings -> DNS Filter 

Select the DNS server you like, or add your own

Click on DNS request blocking and add any of your recommended lists, however, we strongly recommend:

CHEFKOCH - NSA Blocklist
CHEFKOCH - Canvas font fingerprinting
CHEFKOCH - Audio fingerprinting
CHEFKOCH - Canvas fingerprinting
CHEFKOCH - Trackers
CHEFKOCH - Facebook
Samsung - Snooping
GoodByeAds - Great list of Ads blocked
Yhosts - Great list!
Crimeflare - Cloudflare domains
Android - Android Ads and Tracking

Use the same lists on AdGuard -> Settings -> Content Blocking -> Filters -> Custom Filters

Go to Settings -> Content Blocking -> Filters -> User rules and enter

||samsung.com.cn^
||dnsdelegation.io^
||crashlytics.com^
||samsungapps.com^
||baidu.com^
||360safe.com^
||360.cn^
||qq.com^
||samsungdm.com^
||samsungcloud.com^
||samsungimagine.com^
||secb2b.com^
||samsung.com^
||fbcdn.com^
||fasty.net^
||taobao.tw^
||taobao.com^
||localytics.com^
||medialytics.com^
||samqaicongen.com^

Now this all sounded exciting, right? Nope! It ain't...for a 'business phone', well, now comes the real reason why we want you to install Netguard or AdGuard! 

Again using the example of AdGuard:

AdGuard -> Settings -> Apps Management

Go over every app and choose if you want that app to go online on WiFi, Cellphone or not when screen off! This is an incredible feature to have and it is also a super spy saver as Samsung routinely connects in apps like Camera and Gallery to var.samsungapps.com or samsung.com.cn

We see no reason for this and can't think of any. Sure, Samsung might claim they are checking to see if you need an update but shouldn't that be done in the storeor via regular updates? So why, when you taking a picture or recording a video or looking through existing pictures does this need to happen....again we can't see why! So just take this off the table and block internet access to the Camera and Gallery apps!

Lastly, but not least, we love to recommend use of the f-droid store as a Google alternative/replacement, it's all open-source and that's the way it should be! End of...

In the f-droid store, we suggest Fennec as a good browser option, Tor-Browser, if you're even more privacy orientated, Fedilab as your mastodon app, Feeder for your RSS reader, Green as a Bitcoin wallet, Scrambled Exif for metadata removal on pictures and OsmAnd+ as your Google Maps replacement.

Enjoy your better, safer, more battery efficient and, best of all, less spying Samsung device. 

In the next Privacy Cookbook entry we'll focus more on Android, so check back in, even as a Samsung user ;)



 

Comments (0)

Rated 0 out of 5 based on 0 voters
There are no comments posted here yet

Leave your comments

  1. Posting comment as a guest. Sign up or login to your account.
Rate this post:
Attachments (0 / 3)
Share Your Location