Does anyone know how or if Google associates your identity with your Google Map navigation activities?

[Arlen Holder]

Does anyone know FACTS of how or if Google associates your identity with
your Google Map navigation activities when you take basic privacy
precautions such as I do (of not ever logging into anything or using my
real IP address)?

There is a ton of bullshit around this, where you need to assume _basic_
normal common everyday standard privacy precautions are taken, which I do
myself, such as:
a. I don't even _have_ a Google Account on my Android phone
b. I don't ever log into a Google Account on my Android phone
c. I'm always on VPN whenever I use the phone on the Internet

And yet, I navigate quite well using Google Maps on my phone.

Marketing bullshit aside, we adults should be able to separate the facts
from the bullshit, where I am asking for facts related to this question:

Q: Does anyone know FACTS of how or if Google associates your identity with
your Google Map navigation activities when you employ basic privacy
precautions?

--
Usenet is a public potluck where purposefully helpful users add value.

[JJ]

Google services are web servers. They generate and assign a unique ID to
unregistered users. Whether it's via cookie, or URL parameters.

Anything you do using their services, are associated with that unique ID.
Search for something or location, watch something, visit a site from a
search result, etc. Little by little they receive part of an information
which would make a profile of that user which may lead to user's location,
preferences, and habit.

Even though they don't know your user name, or personal information, they'll
know your activities as long as it uses their services.

And know that, Google is so popular that almost every websites uses Google
services on their web pages to gather statistics for their website, and the
visitors are the one who provide that information directly to Google. The
unique ID is not used here, but the IP address can be associated to the
unique ID. The IP address alone doesn't server as an ID, but as a link to
the ID.

[Arlen Holder]

On Sun, 2 Feb 2020 20:33:01 +0700, JJ wrote:

> Anything you do using their services, are associated with that unique ID.

Hi JJ,

Thanks for that useful and apropos information.
o It seems the "unique ID" is what we need to throw off track.

It seems, based on what you wrote, that the IP address is key.

While I get that the "unique ID" tracks activities, if you use VPN, and if
that VPN is the same IP address as many others, how "unique" is that id if
a key component is the IP address?

That is, does VPN help with making that "unique ID" less unique?

--
Usenet is a public exchange of useful information with helpful people.

[David Wade]

On 02/02/2020 17:22, Arlen Holder wrote:
> On Sun, 2 Feb 2020 20:33:01 +0700, JJ wrote:
>
>> Anything you do using their services, are associated with that unique ID.
>
> Hi JJ,
>
> Thanks for that useful and apropos information.
> o It seems the "unique ID" is what we need to throw off track.
>
> It seems, based on what you wrote, that the IP address is key.
>
> While I get that the "unique ID" tracks activities, if you use VPN, and if
> that VPN is the same IP address as many others, how "unique" is that id if
> a key component is the IP address?
>
> That is, does VPN help with making that "unique ID" less unique?
>

NO! The whole point of the Unique ID is that it uniquely identifies the
device. It allows the devices internet access to be tracked regardless
of the way its connected to the internet. A VPN hides things from the
ISP and the end server but not from the device.

So if you use a VPN the web server can't see which IP you are connecting
from, but if the google maps application generates a devices unique ID
which it passes to the server along with the location, then google maps
can track physically where the device has been, but it can't associate
that with any other devices you own unless , probably ..

... in theory if you sign into some other app on both the phone and a
desktop then itts possible for google to say the same person is using
both.....


Dave

[JJ]

On Sun, 2 Feb 2020 17:22:32 -0000 (UTC), Arlen Holder wrote:
>
> That is, does VPN help with making that "unique ID" less unique?

Yes, but only if the device never access the services without VPN. Chances
that this is true, is IMO, unlikely. Because devices have to pass QC tests
by their manufacturers. Things like bluetooth, GPS, WiFi, (GSM) radio, etc.
(basically everything) were tested. Even though the devices are reset
afterward, the information has already been sent to Google.

Moreover, there are legit but naughty applications which tries to access the
internet through whatever network devices are available where it can bypass
the VPN's (virtual) network device.

When VPN is used, although the IP address would be the same for all of the
VPN service's customers, the user agent is not. And mind you that the user
agent involves not just the web browser or HTTP client application, but also
the device and its OS. If the client uses web browser to access the
services, additional information will be used.

There are applications which changes or even remove the user agent
information (i.e. a hack). That helps making the ID less unique, but because
such applications require rooted device, it's not a common and well known
solution. So, only a handful of people use it. Clients without user agent
information would be a minority in comparison with those with the user agent
information. Moreover that solution (so far) is applicable only for
applications which uses Android's built in embedded browser component. It's
not applicable for application which uses their own.

[Arlen Holder]

On Mon, 3 Feb 2020 19:41:40 +0700, JJ wrote:

> Yes, but only if the device never access the services without VPN.
> Chances that this is true, is IMO, unlikely.

Thanks for that information where I _agree_ with you wholeheartedly.
o You're not likely to be on VPN all the time.

Personally, I have my Android set to never be on location mode or data mode
and to turn off the wifi after a period of non-use and stay off until
manually invoked again, which "limits" the amount of non-VPN time, but
doesn't eliminate it.

> Because devices have to pass QC tests by their manufacturers.
> Things like bluetooth, GPS, WiFi, (GSM) radio, etc.
> (basically everything) were tested. Even though the devices are reset
> afterward, the information has already been sent to Google.

Wow. I had never thought of that. Interesting. Very interesting.
Thank you JJ for bringing that up, as it didn't even occur to me that stuff
was transmitted to Google _before_ I took ownership.

In my specific case, my Moto G7 was purchased from Google under a Google Fi
deal where they gave me the Moto G7 for $100 if I "activated" Google Fi on
a Black Friday deal late last November, so I activated Fi, canceled Fi a
couple days later, and then wiped out the phone; but to your point, the
phone itself has hard-coded information which Google may have nonetheless,
even though I don't have a "google account" on the phone.

> Moreover, there are legit but naughty applications which tries to
> access the internet through whatever network devices are available
> where it can bypass the VPN's (virtual) network device.

Are you sure, other than mistakes like DNS leaks and such, that an app can
bypass the existing network?

I don't see _how_ that would be possible, as the VPN _is_ the network,
isn't it? (when it's running of course)

> When VPN is used, although the IP address would be the same for
> all of the VPN service's customers, the user agent is not.

I agree.

I almost never use a "web browser" on a phone (it's just too tiny for my
tired old eyes, even as my phone is a "phablet" $100 Moto G7) and, even so,
I generally use "tor enabled" browsers when I need to look up things while
I'm on the road, so I'm not so much worried about the referrer ID.
<https://i.postimg.cc/KvCjV41k/browser01.jpg>

> And mind you that the user
> agent involves not just the web browser or HTTP client application,
> but also the device and its OS. If the client uses web browser to
> access the services, additional information will be used.

I'm well aware of browser fingerprinting, e.g.,
<https://groups.google.com/d/msg/alt.comp.freeware/Lb-AxIw3q4M/q0G41YG2AAAJ>

> There are applications which changes or even remove the user agent
> information (i.e. a hack). That helps making the ID less unique,
> but because such applications require rooted device, it's not a common
> and well known solution. So, only a handful of people use it.
> Clients without user agent information would be a minority in comparison
> with those with the user agent
> information. Moreover that solution (so far) is applicable only for
> applications which uses Android's built in embedded browser component.
> It's not applicable for application which uses their own.

I'm not rooted, and I don't use a browser all that often on a phone (maybe
once a month, if that, to look something up on the road).

What I'm mostly worried about, to put it bluntly, is the Google Maps app:
a. I _never_ log into the Google Maps app
b. I don't even have a google account on my phone anyway
c. But I _do_ use Google maps for navigation & traffic & directions.

Do you have information about how to keep Google Maps from saving stuff
under those non-login circumstances?
--
What's the best way to keep Google Maps from knowing who I am?

[JJ]

On Mon, 3 Feb 2020 19:42:57 -0000 (UTC), Arlen Holder wrote:
>
> Are you sure, other than mistakes like DNS leaks and such, that an app can
> bypass the existing network?
>
> I don't see _how_ that would be possible, as the VPN _is_ the network,
> isn't it? (when it's running of course)

Network clients normally only need one gateway (network node) to access the
internet, so each network device's network node has a priority for use by
network clients. The priorities are defined and assigned by the network
routing in the system.

On mobile phone, the mobile network would have the lowest priority. The next
higher one is the WiFi. And then the VPN. Any addon LAN device such as OTG
LAN, I believe would have lower priority than the mobile network, because
it's a more permanent type of network device.

That network routing priority is a rule which applies to all network
clients, but only as a default. Any software can choose which network node
it uses to connect to other network. It's a similar to e.g. a web server
software where it can choose which network node it listens for incoming
client connections.

For client side, the common application would be for combining multiple
network devices to achive higher network speed. e.g. combine two 3G networks
on a dual SIM card phone, to achieve twice the speed of a single 3G network.
While this requires a special driver or network service program, it's only
required because it needs to work for all network client programs. It's not
needed if it's just for the program itself.

Network softwares that use multiple network devices (either at the same
time, or alternatively) are not common, but it's not impossible.

> What I'm mostly worried about, to put it bluntly, is the Google Maps app:
> a. I _never_ log into the Google Maps app
> b. I don't even have a google account on my phone anyway
> c. But I _do_ use Google maps for navigation & traffic & directions.
>
> Do you have information about how to keep Google Maps from saving stuff
> under those non-login circumstances?

Unfortunately, no. It's simply not possible.

There's no way we can manage or even delete our data in Google's server
without a Google account. Even if we do, we can't actually know and
guarantee that the data has actually been deleted from the server, rather
than simply not displayed on the account page. For me, I highly doubt Google
actually delete our data when we told them to.

As for the app... Google Maps app save some data as application's data in
the phone. We can delete that after each app usage. We can revoke the app's
storage permission (if iOS has such thing), but the app would likely to keep
asking for the storage permission and would refuse to proceed until the
permission is granted. And although with rooted phone, we can make its app
data directory not writable to make the app not able to save anything, the
app would likely to crash when it saves data into its app data directory.

[Arlen Holder]

On Tue, 4 Feb 2020 22:04:02 +0700, JJ wrote:

>> Do you have information about how to keep Google Maps from saving stuff
>> under those non-login circumstances?
>
> Unfortunately, no. It's simply not possible.

Hi JJ,

Thanks for your astute technical information, some of which is over my
head, but I will try to look up the details where I'm lacking in them.

Hence, I'll dig deeper into your network part separately, where this post
is only about how to best avoid Google tracking when using Google Maps.

> There's no way we can manage or even delete our data in Google's server
> without a Google account.

I agree that the information that a search from your current GPS location
(which could very well be your own home under your own WiFi and IP address)
to a given destination would be saved on the Google servers.

> Even if we do, we can't actually know and
> guarantee that the data has actually been deleted from the server, rather
> than simply not displayed on the account page. For me, I highly doubt Google
> actually delete our data when we told them to.

They have backups.

> As for the app... Google Maps app save some data as application's data in
> the phone. We can delete that after each app usage.

We can?
o I didn't know that we could delete Google Map data after each use.

Ah, found it:
<https://i.postimg.cc/9Q2jtfGt/gmap01.jpg>

Do we have a good distinction between "user data" & "cache"?
o (I can run a few experiments, 'cuz I download maps to cache.)

> We can revoke the app's
> storage permission (if iOS has such thing), but the app would likely to keep
> asking for the storage permission and would refuse to proceed until the
> permission is granted.

On Android Pie (Android 9), Google Maps has a bunch of application-specific
"app data usage" sliders, such as:
o Background data (Enable usage of mobile data in the background) = on/off
o Unrestricted data usage (Allow unrestricted data access when Data Saver
is on) = yes/no

Google Maps also has the basic permission stuff:
o Camera = on/off (I leave it off, why would it need a camera?)
o Contacts = on/off (I leave it off, why would it need contacts?)
o Location = on/off (this seems to be the only setting that needs to be on)
o Microphone = on/off (no need for this to be on unless you talk to it)
o Storage = on/off (I just turned mine off & rebooted)

> And although with rooted phone, we can make its app
> data directory not writable to make the app not able to save anything, the
> app would likely to crash when it saves data into its app data directory.

That's a nice idea, for rooted phones.

For non-rooted phones, it seems the privacy procedure may include...
o No Google account on the phone
o Even so, never log into any Google Account with Google Maps
o Cache your maps while on VPN & WiFi of areas you travel
o Turn off all app permissions except perhaps "location"
o Clear the cache and/or data after each use

What else?

[David Wade]

Create dummy account, sign in on many phones, put in hand cart, walk
round with cart...

https://www.wired.com/story/99-phones-fake-google-maps-traffic-jam/

Dave

[Mayayana]

"David Wade" <g4...@dave.invalid> wrote

| > What else?
| >
| Create dummy account, sign in on many phones, put in hand cart, walk
| round with cart...

And don't forget, "Learn how to read maps so that
you don't need Google to tell you where you are".

Trying to figure out privacy with Google is like
asking, "How do I make sure my sieve doesn't leak?"

[Carlos E.R.]

Yes :-D

Just for curiosity, Google does not seem to track the location if you
connect the phone via WiFi. That would need a second phone giving
connectivity, though, which may be done without Android, apparently.
Maybe. Like using the hotspot of the car, if it has one.

--
Cheers, Carlos.

[Arlen Holder]

On Wed, 5 Feb 2020 08:18:04 -0500, Mayayana wrote:

> And don't forget, "Learn how to read maps so that
> you don't need Google to tell you where you are".
>
> Trying to figure out privacy with Google is like
> asking, "How do I make sure my sieve doesn't leak?"

Hi Mayayana,

There is much merit to your suggestion of "never use Google", where, Lord
knows, I strive to eliminate all Google possible from my non-rooted Android
phone.

Offhand...
o I don't have a Google Account set up on the phone in the OS
o I never allow Google to upload my neighbors' WiFi information
o I never use Google Play (I use Aurora thru their anonymous login)
o I never use YouTube (I use NewPipe thru their anonymous subscription)
o I never use Chrome (I use Tor-based or at least proxy-based browsers)
o I never use the GMail app (there are plenty of replacement MUAs)
o I never use the Google calendar/alarm app (I use an F-Droid replacement)
o I never use Google Phone/Contacts apps (both have F-droid replacements
o I uninstall _all_ Google apps listed above (down to their base version)
o I don't log into anything from the phone but if I must, I use keepass
o I back up my apps, photos, documents, etc., to the sdcard & not the net
(and other stuff I've forgotten)

NUANCED DETAILS:

The astute reader will note that having a google account is different than
having the OS set up to a google account (two completely different things).

The astute reader will note that certain apps _force_ a Google Account and
also _force_ your data to be uploaded, e.g., if you use GMail, it will
FORCE an OS Google account, whereas if you use, oh, say, K-9, it will not
force a Google account in the OS. Also if you use the GMail app, it will
force a sync of your contacts, but, of course, if you don't use the Google
contacts/phone setup, there are no "official" contacts to "sync" (they're
saved in both vcard.vcf files and in a privacy based contacts/phone app).

The astute reader will note there are chromium-based browsers which are
privacy based (such as SRWare Iron and Epic, for example).

The astute reader will note that there are no calendars on the net; no
contacts on the net; and no passwords on the net (at least not stored in
any database on the net); and any personal data (there's not much) is
stored in encrypted file containers which are portable across platforms.

PROBLEM SET:

The problem is that Google Map address lookup & traffic & navigation is
damn good.

For address lookup, I used to use the "addresstogps" app, which worked fine
for a long time to anonymously scrape the Google Map database for what I'll
call "GPS coordinates" (but which are really just 'coordinates').
o https://f-droid.org/wiki/page/me.danielbarnett.addresstogps

Once you have the GPS coordinates, you can use almost _any_ free offline
map app such as MapFactor Navigator or OSMAnd~ (and others):
o <https://play.google.com/store/apps/details?id=com.mapfactor.navigator>
o <https://f-droid.org/packages/net.osmand.plus/>

While they have spoken directions and spoken streets, they still don't have
traffic & the lane-by-lane navigation that Google excels at doing.

The astute reader will note that Google no longer allows you to "download"
maps if you don't log into their Google account, but you can still "cache"
maps without logging into an account.

Given you can still cache maps without logging into a google account,
another trick to get what I call "GPS Coordinates" is to "cache" a Google
Map of the area you're interested in (it could be an entire state), and
then you can pick any spot on the map as your destination where it will
provide the GPS coordinates, which you can then route to in any map app.

Still, Google Maps does the best traffic and address lookup and
lane-by-lane directions of any map app I can find for free on Android.

Hence, the simplest way to preserve anonymity using Google Maps is, AFAIK
o Do not log into Google Maps ever
o Do not use Google Maps whenever you are near your home
o Keep data & wifi off unless and until you're actually navigating
o If navigating home, stop navigation when you're a dozen miles away
(and a few things I've forgotten)

An astute reader will note you can live perfectly fine without the
excellent lane-by-lane instructions, and if you know the GPS coordinates of
the destination, you don't need the Google Address Lookup functionality.

So all you _really_ need from Google Maps, is the traffic feature.

Hence, the privacy question becomes:
o Is there a freeware traffic app that is non-Google based?
<https://groups.google.com/forum/#!topic/uk.telecom.mobile/J8YTvKvVgKQ>
--
Usenet allows us to combine our tricks & knowledge to help more people!

[Arlen Holder]

On Wed, 5 Feb 2020 18:48:56 +0100, Carlos E.R. wrote:

> Just for curiosity, Google does not seem to track the location if you
> connect the phone via WiFi. That would need a second phone giving
> connectivity, though, which may be done without Android, apparently.
> Maybe. Like using the hotspot of the car, if it has one.

That's potentially useful information, where I'm not sure what you mean by
"track the location", and where Google _stores_ that tracked location?
<https://i.postimg.cc/9Q2jtfGt/gmap01.jpg>

How do we know what Google saves on their servers when using "data" versus
when using "Wi-Fi", and whether it's stored on the phone or on servers?

In my humblest of opinions, the _best_ way to prevent Google from saving
our data is to not give Google that data in the first place, e.g., to not
give Google a login, and to not give Google any indication of what we're
doing when we're navigating.

For example, surprisingly, yesterday at JJ's suggestion, I turned off the
Google Maps app's access to anything other than to location.
<https://i.postimg.cc/G2f5MrSQ/gmap02.jpg>

After turning off Google Map access to 'storage', I turned off the Wi-Fi &
made sure data was also turned off, and then I rebooted, and then, after
checking that data and Wi-Fi were still off, I zoomed into the San
Francisco Bay Area from the Golden Gate Bridge to Gilroy, zooming down to
the street and house level, and then I rebooted the phone.

After checking that both data & Wi-Fi remained off, I then zoomed into
random areas to see that the street level was still there, but not the
actual house outlines (which is fine).
<https://i.postimg.cc/RVXs1QbT/gmap03.jpg>

Notice all this map data is "cached" somehow, _WITHOUT_ me enabling
"storage" for the Google Maps app!

The map itself knows stuff, for example, I can press on a location to get
the GPS coordinates
<https://i.postimg.cc/dtH6ZQLH/gmap04.jpg>

And, I can easily _copy_ those coordinates to the clipboard, which the
astute reader will note is critical for using them in another map app!
<https://i.postimg.cc/xdrKLXYR/gmap05.jpg>

But it won't route without the Internet; and there isn't traffic.

Routing is easy on any map app once you have the address coordinates.

Any advice on how to _improve_ the traffic without Google though?
--
Usenet potlucks are fantastic to publicly share ideas of general value.

[JJ]

On Wed, 5 Feb 2020 03:03:29 -0000 (UTC), Arlen Holder wrote:
>
> Do we have a good distinction between "user data" & "cache"?
> o (I can run a few experiments, 'cuz I download maps to cache.)

User data are applications settings and data as well as, users' inputted
data. Cache is application code/program data for increasing application
performance.

> o Background data (Enable usage of mobile data in the background) = on/off

This is only really needed when assisted GPS is enabled. Assisted GPS uses
GSM network as well as internet to fine tune the retrieved GPS coordinates
from GPS satellites.

> o Unrestricted data usage (Allow unrestricted data access when Data Saver
> is on) = yes/no

Basically it says: allow bypassing the network bandwidth limiter when data
saver is active?

> o Camera = on/off (I leave it off, why would it need a camera?)

It's required when we want to contribute a photo of a place directly from
the Google Maps app.

> o Contacts = on/off (I leave it off, why would it need contacts?)

User data mining. Only communication apps would need it, but many other
irrelevant apps abuse the permission. This, and the location permission.

> o Location = on/off (this seems to be the only setting that needs to be on)

Not always. It's only needed when we want to know where we are now. It's not
need for e.g. finding a place, navigating the Street Maps, etc.

> o Storage = on/off (I just turned mine off & rebooted)

LOL. Just like that. No need to reboot, though. Force close the app, then
turn off the permission, is enough.

> o Even so, never log into any Google Account with Google Maps

It would be nice if there's a good offline capable map app alternative. Good
enough to replace Google Maps.

> o Turn off all app permissions except perhaps "location"

I'd suggest turning on GPS only when you need it. The reason is because apps
can have service components which run in the background. Google Maps app
included. Moreover, it'll conserve battery.

> What else?

Beware of apps which use Google Map service. Access to the service can be
blocked using a firewall app. It uses VPN to provide firewall functionality,
but it doesn't get along with existing VPN. Don't know if it's a problem on
that app, or is it that there can only be one active VPN.

[Brian Gregory]

On 05/02/2020 17:48, Carlos E.R. wrote:
> Just for curiosity, Google does not seem to track the location if you
> connect the phone via WiFi. That would need a second phone giving
> connectivity, though, which may be done without Android, apparently.
> Maybe. Like using the hotspot of the car, if it has one.

What?

My mothers Android tablet is Wi-Fi only. It always knows roughly where
it is. I think devices with both GPS and Wi-Fi report back to Google the
rough locations of all Wi-Fi access points and Google has built a
database so that when a device can see signals from ,say, access points
X, Y and Z (presumably identified by the BSSID and SSID) they can say
roughly where it is.


--
Brian Gregory (in England).

[Brian Gregory]

On 05/02/2020 18:14, Arlen Holder wrote:
> On Wed, 5 Feb 2020 08:18:04 -0500, Mayayana wrote:
>
>> And don't forget, "Learn how to read maps so that
>> you don't need Google to tell you where you are".
>>
>> Trying to figure out privacy with Google is like
>> asking, "How do I make sure my sieve doesn't leak?"
>
> Hi Mayayana,
>
> There is much merit to your suggestion of "never use Google", where, Lord
> knows, I strive to eliminate all Google possible from my non-rooted Android
> phone.
>
> Offhand...
> o I don't have a Google Account set up on the phone in the OS
> o I never allow Google to upload my neighbors' WiFi information

How do you think you do that?

I'm afraid switching off Wi-Fi does not necessarily stop the device
listening for nearby Wi-Fi access points. This is a standard feature on
Android after, if I remember correctly, Android Marshmallow.

> o If navigating home, stop navigation when you're a dozen miles away
> (and a few things I've forgotten)
>
> An astute reader will note you can live perfectly fine without the
> excellent lane-by-lane instructions, and if you know the GPS coordinates of
> the destination, you don't need the Google Address Lookup functionality.
>
> So all you _really_ need from Google Maps, is the traffic feature.
>
> Hence, the privacy question becomes:
> o Is there a freeware traffic app that is non-Google based?
> <https://groups.google.com/forum/#!topic/uk.telecom.mobile/J8YTvKvVgKQ>
>


--

Brian Gregory (in England).

[Arlen Holder]

On Wed, 5 Feb 2020 23:57:16 +0000, Brian Gregory wrote:

> My mothers Android tablet is Wi-Fi only. It always knows roughly where
> it is. I think devices with both GPS and Wi-Fi report back to Google the
> rough locations of all Wi-Fi access points and Google has built a
> database so that when a device can see signals from ,say, access points
> X, Y and Z (presumably identified by the BSSID and SSID) they can say
> roughly where it is.

Hi Brian Gregory,

You're only partially correct, as I understand it, where we had a thread
long ago which showed how to use that Google database to find where you
are, if you knew a bit of information about that phone.

First off, you're correct that the Google database is a public database
which is constantly updated by all Android owners who are rude enough to
not turn off the default settings, which upload four bits of information to
the Google public database multiple times a day:
1. All the SSIDs of all the WiFi access points in range
2. All the associated BSSIDs of those access points (aka the MAC address)
3. The signal strength of each of those SSID/BSSID pairs, and
4. The GPS Coordinates of the phone that is so rude to upload that data

Bear in mind _most_ Android users are (a) stupid, and (b) rude, in that
they allow Google to have this data, which I've characterized many times as
spying on your neighbors, needlessly.

My phone, for example, does NOT spy on my neighbors, but that's because (a)
I'm not stupid, and (b) I'm not rude, but that's a social aside.

There is a way to ask Google to _REMOVE_ your BSSID/SSID/dBm/GPS
information, which is to set "_nomap" at the end of your SSID, but that
still doesn't prevent your neighbors from rudely uploading your SSID
information to the Google servers; it just asks Google to remove you when
they do.

Anyone who wants to can ask the Google database if your phone is, oh, say,
near your ex girlfriend's home, at any given time of the day or night,
since you only need two sets of data, both of which can be known, and you
need a key which Google provides to you which is unique to you.

For example, if I knew that your phone had an access point of SSID A, BSSID
of DEADBEEFCAFE, and if I knew that your ex girlfriend's home was at GPS
location 38,-125, and if I drove by your ex girlfriend's house just once to
ascertain what her SSID/BSSID is (using, oh, say, wigle or WiFi Analyzer,
or whatever), THEN I could ask Google all I want if you're at your ex
girlfriend's house.

I would simply ask Google for the location of these two concurrent points:
a. Your SSID, BSSID, a bogus signal strength, and your ex girlfriend's GPS
b. Her SSID, BSSID, a bogus signal strength, and your ex girlfriend's GPS

Then Google would tell me if you're at your ex's house, or not; for free.
--
People who are rude and stupid have their Android phones set up to spy on
their neighbors by sending Google their neighbor's SSID/BSSID/dBm/GPS.

[Brian Gregory]

On 06/02/2020 03:20, Arlen Holder wrote:
> For example, if I knew that your phone had an access point of SSID A, BSSID
> of DEADBEEFCAFE, and if I knew that your ex girlfriend's home was at GPS
> location 38,-125, and if I drove by your ex girlfriend's house just once to
> ascertain what her SSID/BSSID is (using, oh, say, wigle or WiFi Analyzer,
> or whatever), THEN I could ask Google all I want if you're at your ex
> girlfriend's house.

You'll need to explain that better.

For a start what on earth do you mean by "if I knew that your phone had

an access point of SSID A, BSSID of DEADBEEFCAFE"

No phone normally has an access point. It's something some people switch
on when they need it to give a different device internet access.

> I would simply ask Google for the location of these two concurrent points:
> a. Your SSID, BSSID, a bogus signal strength, and your ex girlfriend's GPS
> b. Her SSID, BSSID, a bogus signal strength, and your ex girlfriend's GPS
>
> Then Google would tell me if you're at your ex's house, or not; for free.

I think you mean it might possibly do so, sometimes.

Judging by how long it can typically take Google to realise when
somebody moves home and takes their old WiFi access point with them I
think it unlikely that it would be at all effective at quickly spotting
when a movable access point has moved.

[Arlen Holder]

On Thu, 6 Feb 2020 00:05:10 +0000, Brian Gregory wrote:

>> o I never allow Google to upload my neighbors' WiFi information
>
> How do you think you do that?

Hi Brian Gregory,

That's a good question which everyone on Android should know the answer to!
o Why don't we all work together to definitively ANSWER that question!

In my humbler opinions, I think most people just give up on thinking when
it comes to setting up their Android (or iOS) device for privacy.

In other words, unfortunately, I humbly state most people are stupid.
o Worse than being stupid though, is that most people are downright rude!

In my humblest of opinions, it's _rude_ to have the wrong settings.
o So I will lay bare _my_ settings to open them to public inspection.

Please let me know what you think I should CHANGE in my settings below!

This is for my Android Pie (Android 9) $100 Moto G7:
o Settings > Security & location > Location = off
<https://i.postimg.cc/dtJjM8dT/gmap06.jpg>

o Settings > Security & location > Location > Advanced
Wi-Fi scanning = on/off
Bluetooth scanning = on/off
<https://i.postimg.cc/Hkx0nd6Y/gmap07.jpg>

And yet, there's more (much more) to be turned off so as not to be rude:
o Settings > Security & location > Location > Advanced > Location services
Emergency Location Service = on/off
<https://i.postimg.cc/sXp7qXgc/gmap08.jpg>

Google Location Accuracy =
<https://i.postimg.cc/jd8NGBtG/gmap09.jpg>

Google Location History =
<https://i.postimg.cc/SQdzMH2J/gmap10.jpg>

Google Location Sharing =
<https://i.postimg.cc/KYt1vWhc/gmap11.jpg>

Please let me know what _else_ I should change in the location settings!

>> o Keep data & wifi off unless and until you're actually navigating
>
> I'm afraid switching off Wi-Fi does not necessarily stop the device
> listening for nearby Wi-Fi access points. This is a standard feature on
> Android after, if I remember correctly, Android Marshmallow.

You have to turn off is "wi fi scanning", which, I think, is on by default.
o See above for where the settings are on my Android Pie Moto G7 phone.

This is dated 2015:
o How to Disable Google Location Wi-Fi Scanning on Android
<https://www.howtogeek.com/211186/how-to-disable-google-location-wi-fi-scanning-on-android/>

"The purpose of Wi-Fi scanning is to help Google locate your phone
or tablet more accurately than if it were simply going by
cellular networks."

"When enabled, Wi-Fi scanning means that location and other apps
will be able to scan for Wi-Fi networks even when your device's
Wi-Fi radio is off."

But there's more (much more), where this is dated 2017:
o Google's Location History is Still Recording Your Every Move
<https://www.howtogeek.com/195647/googles-location-history-is-still-recording-your-every-move/>

"The thing about the Google Location service is that while the
standard Android setup routine asks you if you want to enable it,
it doesn't inform you of the Location history option, let alone
any way to opt-out of it."

"Unfortunately, Google Location history is another matter altogether."

"The problem though are the words 'anonymous' and 'collected.'
As you will see, it is not really anonymous because it is tied
to your account, and that it is collected, means that your
movements are being recorded."

"First, you have the option to turn off Location Reporting completely.
This will stop reporting location data to Google's servers and
render Location History a moot point, almost. Alternatively,
you can leave location reporting enabled (recommended)
and turn off Location History (preferred)."

"The point is that there's no clear indication by Google when
you set up your device that it's compiling all this history,
and it doesn't let you specifically opt-out of it, so users
who don't know otherwise are potentially storing a lot of
personally (read: not exactly anonymous) sensitive data with Google."

See also this dated 2019:
o Your Phone Logs Everywhere You Go. Here's How to Turn It Off
<https://lifehacker.com/psa-your-phone-logs-everywhere-you-go-heres-how-to-t-1486085759>

See also this, from 2013
o Google's Location History Browser Is A Minute-By-Minute Map Of Your Life
<https://techcrunch.com/2013/12/18/google-location-history/>
--
Together we can have more privacy than we can figure out on our own.

[Arlen Holder]

On Thu, 6 Feb 2020 04:26:32 +0000, Brian Gregory wrote:

> You'll need to explain that better.

Hi Brian Gregory,

Actually, I think you understood perfectly, based on what you wrote below,
which is good because that means you're (a) smart, and (b) attentive.

That's good. I can learn from you. I love when someone is smart on Usenet,
which, as you are well aware, is not the norm (at least not on Apple
newsgroups it's not).

Given you're smart, I would _love_ for you to check out my privacy settings
<https://groups.google.com/d/msg/alt.satellite.gps/IFVVdG5jac4/m-rzWoITAwAJ>

But to answer your point that "I need to explain that better", I was mostly
simply giving you an example, which proved that you were correct that most
people are (a) stupid and (b) rude, such that they upload their neighbor's
wifi access points to a public Google database.

That agreement with you was my _main_ point in providing the example I gave
you, where a _better_ example of how dangerous this stuff is, is that there
are _other_ databases (e.g., wigle) which, I believe, will geolocate with a
single query, i.e., without the minor protections the Google public
database has implemented by requiring _two_ concurrent datapoints.

> For a start what on earth do you mean by "if I knew that your phone had
> an access point of SSID A, BSSID of DEADBEEFCAFE"
>
> No phone normally has an access point. It's something some people switch
> on when they need it to give a different device internet access.

Yes. I agree. I was using it as an example, where you understood what I
said, which is you need two access points, and which the phone has to be
set up for that access point.

It was an example of the use of the Google public database, which you
correctly understood, although my _main_ point, is (always) that:
a. People are stupid (by not setting up their phone properly), and,
b. People are rude (by uploading my home WiFi SSID information to Google.

I'm not an expert; I just look at _all_ the settings I can find to turn
off, and I readily admit Google spread them all over Timbuktu on Android.

Please do take a look at my settings, which I laid bare for you here:
<https://groups.google.com/d/msg/uk.telecom.mobile/qHy3tVLR3hg/uKIz0ju7FAAJ>

I'd be _happy_ if you (or anyone else) can find privacy flaws in my setup
as what I want is as much privacy as we, all of us, together, can figure
out.

Rest assured, I _love_ facts. And I love privacy.
o So if you can find flaws in my privacy setup - please let me know!

The last thing I want to be is:
a. Stupid (like most people seem to be), nor do I want to be
b. Rude (which I feel most people seem to be given their Android setup).

Please note that I say this bluntly, not only because I believe it, but
because I want to underscore the point that only the stupid and rude people
spy on their neighbors for Google's benefit.

We aficionados do not want to be (a) stupid, nor (b) rude; so it behooves
us to figure out the proper settings on our Android phones so as not to spy
on our neighbors' wifi (and so as not to upload our own location data).

>> I would simply ask Google for the location of these two concurrent points:
>> a. Your SSID, BSSID, a bogus signal strength, and your ex girlfriend's GPS
>> b. Her SSID, BSSID, a bogus signal strength, and your ex girlfriend's GPS
>>
>> Then Google would tell me if you're at your ex's house, or not; for free.
>
> I think you mean it might possibly do so, sometimes.

Yes. You understood. To put it most bluntly, all you need are two things,
but you can guess at most of these two datapoints:
1. The SSID, BSSID, GPS, & signal strength of access point #1.
2. The SSID, BSSID, GPS, & signal strength of access point #2.

As far as I know, you don't even need the _second_ access point for other
databases not Google's, but I haven't tested them (e.g., Wigle WiFi).
o <http://wigle.net>

My main point was to agree with you that many people are (a) stupid and (b)
rude, such that they don't bother to set up Android properly so as to not
spy on their neighbors (& every house they pass as they drive the roads).

My main message is (a) don't be stupid, and (b) don't be rude.
o Set up the phone properly.

> Judging by how long it can typically take Google to realise when
> somebody moves home and takes their old WiFi access point with them I
> think it unlikely that it would be at all effective at quickly spotting
> when a movable access point has moved.

I'm not at all sure about that as your SSID is reported to Google by
_every_ idiot out there who doesn't know how to set up their phone
properly.

To that end, I would _love_ a critique of my phone's setup over here:
<https://groups.google.com/d/msg/comp.mobile.android/um2niVH0oYU/rnyRj9piBAAJ>

In the end, I can't fix that most people are (a) stupid, and most people
are (b) rude; but what I can fix is that I can learn how to better set up
my Android phone so that I am not.

[Arlen Holder]

On Thu, 6 Feb 2020 04:46:10 +0700, JJ wrote:

> On Wed, 5 Feb 2020 03:03:29 -0000 (UTC), Arlen Holder wrote:
>>
>> Do we have a good distinction between "user data" & "cache"?
>> o (I can run a few experiments, 'cuz I download maps to cache.)
>
> User data are applications settings and data as well as, users' inputted
> data. Cache is application code/program data for increasing application
> performance.

Hi JJ,

Thanks for your input, where you're one in 10,000 who (a) has the
background, and (b) volunteers that information for we, the hoi polloi.

I think I'll periodically blow away the "user data" and then I'll keep the
"cache", which, I think, contains the cached static map areas that I've
previously zoomed down into while on WiFi (or cellular data).

Now that the Google Map app seems to newly require a login for both traffic
and for downloading maps, the only maps that are useful are these cached
maps anyway (IMHO).

>> o Background data (Enable usage of mobile data in the background) = on/off
>
> This is only really needed when assisted GPS is enabled. Assisted GPS uses
> GSM network as well as internet to fine tune the retrieved GPS coordinates
> from GPS satellites.

Thanks. For privacy, I never use anything except GPS for location, and even
then, my GPS is off unless I'm actively navigating (for obvious reasons).

Likewise, my cellular data is off unless I'm sending MMS messages, or if I
need the Internet (which is rare) or if I'm in an area where I don't have a
cached map in the Google Map app (which is also rare).

>> o Storage = on/off (I just turned mine off & rebooted)
>
> LOL. Just like that. No need to reboot, though. Force close the app, then
> turn off the permission, is enough.

Thanks for this information where I have storage off and I can _still_ use
the cached Google maps (so they must not be in "storage").

>> o Even so, never log into any Google Account with Google Maps
>
> It would be nice if there's a good offline capable map app alternative. Good
> enough to replace Google Maps.

I agree the Google Maps are accurate.

In the future, the Apple Maps might catch up (probably not since Google is
a moving target and Apple never made a best in class app as far as I can
tell).

There are offline map apps, such as the following, which I discuss here:
<https://groups.google.com/d/msg/comp.mobile.android/-MvKdMBMCpk/KvSUkTjXEAAJ>
1. MapFactor GPS Navigation Maps, by MapFactor
<https://play.google.com/store/apps/details?id=com.mapfactor.navigator>
2. OSMAnd~
<https://f-droid.org/packages/net.osmand.plus/>
3. CoPilot GPS - Navigation, by ALK Technologies
<https://play.google.com/store/apps/details?id=com.alk.copilot.mapviewer>
4. Sygic, by Sygic maps navigation
<https://play.google.com/store/apps/details?id=com.sygic.aura>
5. Navmii GPS USA (Navfree), by Navmii
<https://play.google.com/store/apps/details?id=com.navfree.android.OSM.USA>

However, what Google Maps excels in, IMHO, that is unique, is:
a. Address lookup
b. Traffic

While Google maps also excels in other things, they're less important
simply because what's in the other maps apps is "good enough", such as:
c. Lane-by-lane turn-by-turn spoken directions with road names
d. Accuracy (e.g., Google fixes errors in an average of 1.5 months)

I opened a separate thread on traffic, where it appears we only have 3
options, and all of those options now seem to require logins:
a. Google Maps Traffic (now seems to require a login)
b. Waze (always required a login)
c. CoPilot Traffic (always required a login plus cc information)

That thread is here:
o Is there a non Google freeware traffic app
<https://groups.google.com/forum/#!topic/uk.telecom.mobile/J8YTvKvVgKQ>

For address lookup, there are two important options:
1. "addresstogps" apps on Google Play & F-Droid to obtain GPS coordinates
<http://www.bild.me/bild.php?file=5217118lookup02.jpg>
2. Using Google Maps in a web browser to obtain the address GPS coordinates

Both require the Internet for the minute or so that it takes to run the
lookup outside of the Google Maps app, where the addresstogps apps have a
_fantastic_ interface to _any_ offline map app that you have installed.
o How to perform a free (super) accurate world address lookup & then
seamlessly integrate into any offline free map routing app on iOS or
Android
<https://groups.google.com/d/msg/comp.mobile.android/-MvKdMBMCpk/KvSUkTjXEAAJ>

Here is an example of how seamless it was when I last tested it:
<http://www.bild.me/bild.php?file=7012818lookup01.jpg>

>> o Turn off all app permissions except perhaps "location"
>
> I'd suggest turning on GPS only when you need it. The reason is because apps
> can have service components which run in the background. Google Maps app
> included. Moreover, it'll conserve battery.

Yup. I turn off everything, unless I need it.
o Mobile data
o WiFi
o GPS
o Bluetooth
o NFC (if exists)

I consider all that stuff just like the "flashlight".
o It should only be turned on when you need it; otherwise it's off.

>
>> What else?
>
> Beware of apps which use Google Map service. Access to the service can be
> blocked using a firewall app. It uses VPN to provide firewall functionality,
> but it doesn't get along with existing VPN. Don't know if it's a problem on
> that app, or is it that there can only be one active VPN.

Good advice!

BTW, can you do me (and all of us) a favor and _look_ at my settings?
<https://groups.google.com/d/msg/uk.telecom.mobile/qHy3tVLR3hg/XL29C_28FAAJ>

I consider it rude of me to upload other peoples' SSID information to
Google, so I have my Android phone specifically set up to _not_ do that.

However, Brian Gregory alluded to the chance that it's impossible on a
non-rooted phone to _not_ upload other peoples' SSID information to Google,
so, I just want to make sure that I've done all that I can to not be rude
to other people by uploading their SSID information to Google.

Thanks if you can get a chance at looking at the settings.
You can be brutally blunt with me, as long as you're purposefully helpful,
you can say anything you think, with me (you can't hurt my feelings).

I love facts, where I just want to be correct when I claim that my phone is
set up to _not_ rudely spy on my neighbors by uploading their SSID
information to Google.

Thanks.

[JJ]

On Thu, 6 Feb 2020 06:54:23 -0000 (UTC), Arlen Holder wrote:
>
> BTW, can you do me (and all of us) a favor and _look_ at my settings?
> <https://groups.google.com/d/msg/uk.telecom.mobile/qHy3tVLR3hg/XL29C_28FAAJ>

Those already cover the major parts.

Things I should also mention...

When Bluetooth is active, there used to be a Device Visibility setting, at
least in Marshmallow. But in my Samsung's Oreo, there's no such setting
anymore (maybe it's Samsung specific? I don't know). If your has it, it
should only be activated when the device is being paired by other device.

Considering that the Location permission is not exclusive to just Google
Maps app, you might want to make sure that all other apps have their
Location permission (if any) revoked. Might also want to revoke any Contacts
permission on non communication apps too.

Similar to the Emergency Location Service, there's "Find My Mobile" system
app where it may retrieve location information. If you don't need such
feature, you should disable it. Although the feature requires Google
account, IMO it's safer to not even give it any access at all.

[Carlos E.R.]

I'm not sure of this, but some people mention "behaviour" by the phone
that might indicate that it doesn't track when on WiFi - meaning, it
does not go to the timeline.

For example, I have 4 active android devices on the same Google account,
and the timeline only tracks the phone with a data connection. Not the
tablets (that have GPS) not the second phone (that doesn't have data).

Another person said that when he moved on the garden near the house,
with WiFi, that is not tracked (meaning, does not figure on the timeline).


--
Cheers, Carlos.

[Carlos E.R.]

Ah, and google always asks me to confirm in the timeline that I am or
was at home. Apparently, it seldom knows for certain, which I find curious.


--
Cheers, Carlos.

[Arlen Holder]

On Thu, 6 Feb 2020 19:34:54 +0700, JJ wrote:

> Those already cover the major parts.

Thanks for checking out the Google privacy setings.
o To help others, I'll write an extensive summary later.

> Things I should also mention...

Yes. Please do. We learn from each other here on Usenet.

> When Bluetooth is active, there used to be a Device Visibility setting, at
> least in Marshmallow. But in my Samsung's Oreo, there's no such setting
> anymore (maybe it's Samsung specific? I don't know). If your has it, it
> should only be activated when the device is being paired by other device.

Thanks for that suggestion, where on my $100 Moto G7, I can't find any way
to make the Bluetooth _not_ visible except to simply turn it off.

*Bluetooth Device Visibility*
o Settings > Connected devices > Bluetooth > Connection preferences >
Manage your connection preferences as you wish
<https://i.postimg.cc/rFh44TX4/gmap13.jpg>

I could also change the phone name, but I left it at the default.

> Considering that the Location permission is not exclusive to just Google
> Maps app, you might want to make sure that all other apps have their
> Location permission (if any) revoked.

Thanks for that location suggestion, where I'm running an experiment with
_all_ location permissions turned off. Google Play Services complained like
hell, so time will tell which location services _must_ be turned back on.
<https://i.postimg.cc/3x7RSbXB/gmap15.jpg>

Note: I play with my settings so much that often I have to factory reset.

> Might also want to revoke any Contacts
> permission on non communication apps too.

Since I don't have a Google Account and since I don't use the default
contacts storage location anyway, I don't think _any_ app needs contacts,
as far as I can tell; so I turned them _all_ off and will see what happens
over time.
<https://i.postimg.cc/WzGV0THP/gmap16.jpg>

Note: I use SimpleMobileTools Contacts & PulseSMS for phone/contacts & SMS.
o <https://www.simplemobiletools.com>
o <https://messenger.klinkerapps.com/overview/>
Neither of which seems to require the default contacts location.

Note: AFAIK, my _default_ SQLite3 contacts storage location is empty so as
to keep Google out of my contacts as much as is possible:
o </data/data/com.android.providers.contacts/databases/contacts.db>
o </data/data/com.motorola.blur.providers.contacts/databases/contacts2.db>

> Similar to the Emergency Location Service...

I'm not sure whether this switch even works:

*Emergency Location Service*
o Settings > Security & location > Location > Advanced > ...
o > Location services
*Emergency Location Service* = on/off (up to you)
<https://i.postimg.cc/sXp7qXgc/gmap08.jpg>

> there's "Find My Mobile" system
> app where it may retrieve location information. If you don't need such
> feature, you should disable it. Although the feature requires Google
> account, IMO it's safer to not even give it any access at all.

Hmmm... I don't need to find my device but I'm curious about that app.

Nowhere do I have "Find My Mobile" in the app drawer.
It doesn't seem to be in the list of apps asking for location info.

Is it hidden?
Where would I find that application?

--
Together we can learn more by public discussion than we can learn alone.

[Arlen Holder]

UPDATE:

Here's a summary with all the input from this thread added so far!

On Fri, 07 Feb 2020 12:47:29 GMT, AnthonyL wrote:

> Google knows where many people are at any time, almost everyone with
> an Android phone. Even when you switch location services off they
> know.

Here are, for your purview, _my_ settings, where I ask questions of all:
Q: Is _my_ phone constantly uploading to Google my location information?
Q: Is my phone spying on my neighbors' WiFi APs, uploading them to Google?
<https://groups.google.com/forum/#!msg/uk.telecom.mobile/qHy3tVLR3hg/uKIz0ju7FAAJ>

Here are settings that (a) smart & (b) polite people "should" use, IMHO:

This is for my Android Pie (Android 9) $100 Moto G7:

1. *Location* (treated exactly like your flashlight is treated):
o Settings > Security & location > Location = off
<https://i.postimg.cc/dtJjM8dT/gmap06.jpg>

2. *Scanning* (disables scanning even when the radio is turned off!):

o Settings > Security & location > Location > Advanced ...

Wi-Fi scanning = off
Bluetooth scanning = off
<https://i.postimg.cc/Hkx0nd6Y/gmap07.jpg>

3. *Google Location Accuracy* (disables upload of WiFi APs to Google???):

o Settings > Security & location > Location > Advanced > ...

o > Location services > Google Location Accuracy = off
<https://i.postimg.cc/jd8NGBtG/gmap09.jpg>

That might be all any intelligent non-rude person needs.
o In addition, not having a Google Account disables these:

4. *Google Location History* = (doesn't exist with no Google Account???)
<https://i.postimg.cc/SQdzMH2J/gmap10.jpg>

5. *Google Location Sharing* = (doesn't exist with no Google Account???)
<https://i.postimg.cc/KYt1vWhc/gmap11.jpg>

Up to you on how much you trust the ELS services button, where it likely
doesn't even work (and says so) but here it is for completeness:

6. *Emergency Location Service*

o Settings > Security & location > Location > Advanced > ...
o > Location services
*Emergency Location Service* = on/off (up to you)
<https://i.postimg.cc/sXp7qXgc/gmap08.jpg>

7. *Location Permission* (treat location like you treat the flashlight):

o Settings > Security & location > Location > Advanced > ...

o > See all
And... <https://i.postimg.cc/25vK1VZ2/gmap12.jpg>

o Settings > Security & location > Location > Advanced > ...

o > App-level permissions > (this will list all apps requesting location)
For each app that does not need location, simply turn it off.

Aw, heck.
Let's just turn off _all_ location permissions, and see what happens.

<https://i.postimg.cc/3x7RSbXB/gmap15.jpg>

Note: I play with my settings so much that often I have to factory reset.

8. *Bluetooth Device Visibility*

o Settings > Connected devices > Bluetooth > Connection preferences >
Manage your connection preferences as you wish
<https://i.postimg.cc/rFh44TX4/gmap13.jpg>

9. *App Permissions* specifically for the Google Map app:
Specifically for the Google Maps App, you can long press on the icon to get
to the app settings, where, it seems to work fine even if you don't have a
Google Account set up in the Android operating system, and it seems to work
fine if you just log into it as you would Facebook or other server; but
it's important to note for the non-lazy that Google Maps still works well
with almost all access turned off, for example:
<https://i.postimg.cc/G2f5MrSQ/gmap02.jpg>

10. *Clear cache & data* specifically for the Google Map app:
It's also important to note the Google Maps App data & cache can be cleared
simply by long pressing on the icon and pressing the button to clear them:
<https://i.postimg.cc/9Q2jtfGt/gmap01.jpg>

11. Similar to ELS, there may be "find my phone" functionality, which I
can't seem to find on my phone, but which is reputed to exist on Android
phones. (If you know where to find the app on the phone, let me know.)

12. *Contacts" permission (use it like a flashlight)
o Settings > Apps & notifications > Advanced > App permissions > Contacts
<https://i.postimg.cc/SxcbYyHQ/gmap14.jpg>

Aw heck.

Since I don't have a Google Account set up on the phone anyway, and since I

don't use the default contacts storage location anyway, I don't think _any_
app needs contacts, as far as I can tell; so I turned them _all_ off and
will see what happens over time.
<https://i.postimg.cc/WzGV0THP/gmap16.jpg>

Note: I use SimpleMobileTools Contacts & PulseSMS for phone/contacts & SMS.
o <https://www.simplemobiletools.com>
o <https://messenger.klinkerapps.com/overview/>

Neither of which seems to require the default contacts location to work.

Note: AFAIK, my _default_ SQLite3 contacts storage location is empty so as
to keep Google out of my contacts as much as is possible:
o </data/data/com.android.providers.contacts/databases/contacts.db>
o </data/data/com.motorola.blur.providers.contacts/databases/contacts2.db>

What else of the basic privacy settings did we miss?
--
Note: If people set up their phone for privacy, IMHO, they're not only
stupid but worse, they're _rude_ since they're constantly uploading their
neighbors' wifi information to Google, needlessly (just because they're too
stupid to turn off wifi scanning, for example).

[Arlen Holder]

On Fri, 7 Feb 2020 20:19:24 -0000 (UTC), Arlen Holder wrote:

> Aw, heck.
> Let's just turn off _all_ location permissions, and see what happens.
> <https://i.postimg.cc/3x7RSbXB/gmap15.jpg>

UPDATE:
Against all odds, turning off _all_ location permissions has worked
surprisingly well for me in the past day or so.

A couple of apps have asked me to turn location permission back on, which
is understandable (e.g., OSMAnd~, MapFactor Navigator, etc.), but most work
just fine without location permission.

Fancy that.
o The phone works well even if I turn off EVERY call for location services!

I do get a notification of:
o Google Play services error; Please complete action required by Carrier
Services (whatever that's trying to tell me).

But, the phone seems to work just fine with that error, where, we should
note, a whole bunch of things I have no idea what they are had been asking
for "location services", such as:
o com.quicinc.cne.CNEService.CNEServiceApp
o Motorola Modem Service
o Google Play services

Those are apps which requested location services, and which were denied due
to my setting all apps a couple of days ago to not allow location services.

There are other apps which I denied location services which I have no idea
why they seem to want location services, such as:
o Android Setup (this only shows up when I hit the "show system" option)
o Carrier Services
o Google Connectivity Service
o Moto
o VzwDM (this only shows up when I hit the "show system" option")
o Wireless Emergency (this only shows up when I hit "show system")

Does anyone know what those services are?
o Particularly what's a "Carrier Service" or a "Motorola Modem Service"?
o Or a system "Android Setup" or "VzwDM"? (It's a T-Mobile phone.)

[Arlen Holder]

UPDATE:

On 17 Feb 2020 16:18:20 GMT, Frank Slootweg wrote:

> While Sygic has a free version, I think it does not satisfy your
> other requirements:

Thanks Frank Slootweg for that advice and for understanding the freeware,
no login, privacy, offline, and traffic requirements, where, after testing,
as you predicted, I was forced to delete the Sygic, Maverick Lite, Aponia,
HereWeGo, CoPilot, GeoLife, Navmii, Locus Maps, MapDroyd, Rout 66, & ZANavi
freeware Android offline map applications, where this was the short list
tested this week:
<https://i.postimg.cc/dtBmLFGp/directions01.jpg>

Given addresstogps doesn't seem to work anymore...
<http://s1.bild.me/bilder/110417/5217118lookup02.jpg>
<http://s1.bild.me/bilder/110417/7012818lookup01.jpg>

There are only 3 free offline map applications, IMHO, that fit privacy
requirements (where the Google trick below is used only because of Google's
fantastic traffic capability, set to the best privacy mode possible):
<http://www.bild.me/bild.php?file=2528509lookup00.jpg>

a. A desktop shortcut to the google maps web page
<https://google.com/maps/@37,-122,12z/data=!5m1!1e1>
<https://i.postimg.cc/25VWFLD8/traffic01.jpg>
<https://i.postimg.cc/fRbSDSkj/traffic02.jpg>
b. OSMAnd~ (mine is from F-Droid)
<https://f-droid.org/packages/net.osmand.plus/>
c. MapFactor Navigator (with the special American English voice, Carly)
<https://play.google.com/store/apps/details?id=com.mapfactor.navigator>
<https://i.postimg.cc/XJd936V2/directions02.jpg>

These failed the basic privacy tests (now or in the past):
1. CoPilot GPS - Navigation, by ALK Technologies
<https://play.google.com/store/apps/details?id=com.alk.copilot.mapviewer>
2. Sygic, by Sygic maps navigation
<https://play.google.com/store/apps/details?id=com.sygic.aura>
3. Navmii GPS USA (Navfree), by Navmii
<https://play.google.com/store/apps/details?id=com.navfree.android.OSM.USA>
4. Maverick Lite
<https://play.google.com/store/apps/details?id=com.codesector.maverick.lite>
5. Route 66
<https://play.google.com/store/apps/details?id=com.route66navigation>
6. Offline Maps
<https://play.google.com/store/apps/details?id=com.navigation.offlinemaps.gps>
7. Maps.Me
<https://play.google.com/store/apps/details?id=com.mapswithme.maps.pro>
8. City Maps 2Go
<https://play.google.com/store/apps/details?id=com.ulmon.android.citymaps2go>

Did we miss testing any free offline road maps for Android?
<https://play.google.com/store/search?q=offline%20maps&c=apps>
--
Usenet enables purposefully helpful adults around the world to share ideas!

[Arlen Holder]

UPDATE:

> Incognito in Google Maps
> Another thing to note when you compare Android 9 and 10 is that Google
> Maps will operate in incognito mode. The users will now be able to look
> for and navigate places privately without having the data linked back
> to their accounts.

I recently updated Android 9 to Android 10 on my $100 Moto G7
o Where one change, supposedly, is a new Google Maps "incognito mode"

o Those on Android 10... is it worth upgrading from 9 to 10?
What are the pitfalls you've experienced & the benefits?
<https://groups.google.com/forum/#!topic/comp.mobile.android/X65cMyzAn-g>

The new Google Maps "incognito mode"
<https://support.google.com/maps/thread/18141335>
Seems to be the default for Android 10.

I only tested it for a few minutes, where I don't have my phone set to a
Google Account (so I'm always in incognito mode, so to speak, anyway).

Given I have no login to Google Maps, there seems to be more functionality
in Google Maps in Android 10 than there was in Android 9 so maybe they
updated the map app too? Dunno. But the functionality is back, sort of, to
what it was in Android 7 without a login in that you can get DIRECTIONS
again (even without a Google login).

So now we're back to (what I remember as the functionality of) Nougat,
where, without any login to Google on the phone, the Google Map app now
does DIRECTIONS and ROUTING (which it didn't do in Android 9).

This is good because I had to circumvent Google Maps in Android 9 by using
the world-wide address-search best-in-class feature of Google Maps on a
privacy-aware browser (http://maps.google.com), and then capture the
coordinates of the given address, and then paste those so-called GPS
coordinates into an offline map app, which then routed me to my
destination.

The two things Google Maps does best was available, without a login, using
the privacy-aware web browser, which is:
a. Traffic
b. Address lookup

Now I can do both those things _without_ needing to use a privacy-based web
browser URL shortcut on the homescreen since Google Maps seems to allow
both now, even when you don't have a login to Google set up on your Android
phone.

I haven't tested this on the road though, so consider this preliminary good
news for user privacy in that the average person, on Android 10, now has
the privacy I had to set up with those workarounds on Android 9.

See also:
o Does anyone know how or if Google associates your identity
with your Google Map navigation activities?
<https://groups.google.com/forum/#!topic/comp.mobile.android/um2niVH0oYU>

o Is there a non Google freeware traffic app

<https://groups.google.com/forum/#!topic/comp.mobile.android//Ve_2cgliiGk>

o What decent free offline no-login privacy-enabled road map apps
exist for Android users to enjoy?
<https://groups.google.com/forum/#!topic/comp.mobile.android/YadPNimUcu8>