Dismissing privacy projects because the website pulls from google fonts or analytics is a recent favorite behavior here. It’s become a sort of inspector fueled “first!”.
When someone shows me an: open sourced, graphical, log based, spam ip filtering, self hosted, server alternative to GA that I can set up in < 10x the time I will happily switch to it. In the meantime, if I want to know how my website performs I don’t know of privacy-forward competitive options.
> When someone shows me an: open sourced, graphical, log based, spam ip filtering, self hosted, server alternative to GA that I can set up in < 10x the time I will happily switch to it.
If privacy is your core business you make compromises, and you should be prepared to spend some time to set up something like a self hosted piwik instead of using GA.
This should be obvious.
Of course if your site is about your new facebook app, just go ahead and use GA, nobody will bother you about it.
> When someone shows me an: open sourced, graphical, log based, spam ip filtering, self hosted, server alternative to GA that I can set up in < 10x the time I will happily switch to it.
Don't know if the above is meant seriously or not (the reason people don't switch from a piece of software is lack of familiarity, never ignorance), but I've had luck installing Piwik (which has now changed name to Matomo) for a few clients.
It works very much like Google Analytics and is not log based but should otherwise tick all your boxes. Installation is very straightforward but the using the dashboard, reporting etc. has a bit of a learning curve.
Nothing can ever compete with Google if you need statistics for "single middle aged mothers in a major city" simply because few others can profile users at that level but although it looks impressive it's not always correct and can be hard to use correctly. Piwik has great reporting tools and is easy to integrate with other systems.
It's also less likely to be blocked by adblock lists.
I understand where they are coming as often it's convenient to know from where visitors come from - that's how you can find threads in here, Reddit and elsewhere, and then contribute to the discussion. There aren't good alternatives to GA for this unfortunately, even paid options aren't as convenient. As a user though you can choose to block GA using various extensions so that's always an option.
Every once in a while I see someone talk about how a page loading loads a bunch of tracking elements from various known tracing sites and things like scripts. I don't suppose you could head me in the right direction as to where I could read a bit on how to do this myself? Thanks for any help
My Google pay was recently locked, probably as a result of moving countries and using VPNs. To make matters worse, with a locked account I can't change play store countries and access the local play store, so I can't get the app from my accounting firm (Which would seriously make my life easier). It finally hit me that I don't own my phone.
I have (own is the wrong word) a pixel 2 and used to pay Google ~$400/year for YouTube, domains, gsuite, hangouts dailer...
My next phone will be a librem, though I'm going to wait until my pixel dies. I'll probably also buy a cheap iPhone for apps I can't get on the librem.
Could you not download the APK for that apps and installed directly?
Don't get me wrong, I had not realised google was locking the play store and totally agree that it is an issue, but wondering if that could have helped you at the time.
Also, I run lineageOS to be able to update old phones with recent Android version, and tend to get better battery life and faster boot!
I have a "workaround" for you:
On another phone, download the apps, and you can transfer the APK to your phone to install the app without the play store.
You can also download alternative to google play store.
Why not just use the contactless card your bank gives you? Or, if you don't want to pay directly out of your checking account, get a credit/pre-paid card? They are all contactless these days, and even the small tea shop that processes card payments through an Android tablet and a small Bluetooth reader is able to accept the contactless cards.
I am, although being Gnome 3 based it won't be the snappy experience one would expect. I can understand their choice though: having to liberate a tablet recently (Asus T101) I tried at first to use XFCE as I do on all my other hardware, but though it ran really fast that was a usability nightmare: absolutely no way to have a reliable screen rotation and trackpad management without patching here and editing there with the risk that it would lose the functionality at the first upgrade. I also tried lxde, mate and other light desktops with results from bad to very bad (wrt screen rotation, all hardware except camera runs fine) then just before giving up I threw Gnome3 at it which worked immediately, but it's definitely a resource hog.
It's "GNOME 3 based" in that they're working within the GNOME project and using their apps, but it doesn't use GNOME-Shell which is the resource-hog part of GNOME 3.
According to them the only proprietary component is their map app (https://gitlab.e.foundation/e/wiki/en/wikis/maps). It would great if they could expand on the reasons why OpenStreetMap (which is available in F-Droid) is not a good option for them.
I also doubt they are completely free of proprietary components beyond this app, and that they managed to get rid of all the proprietary blobs to support the devices they currently support.
In summary, I'm not convinced this brings anything compared with https://lineage.microg.org/ but I'd love to be proven wrong.
OSM is not a good option because it doesn't do transit. Oeffi is a FLOSS alternative that does do transit but is not a good option because the developer doesn't answer calls to update backends when they change (in the case of Poland's switchover, for example).
So... If I use plain AOSP without the Play Store and the likes (this is even an officially provided image by my phone's manufacturer) - what tracking would still be left? Until now I was under the impression that there was none.
By default it still uses google dns I think.
But other than that, not much.
What you describe is what this project is about though, i don't think they are saying that alternatives like lineageos are tracking you, they just compare to stock operating systems
Heh, interesting. Out of curiosity, where did you get the ROM you are using? I just bought a Sony phone and I compiled the AOSP image myself. Maybe the difference is based on where you got it.
Thanks, I'm quite curious if it would be the same for you. Since it didn't use the server DNS I had set on my router, I assumed it was always using google DNS, I didn't look further.
I have a tablet that has vanilla LineageOS, and it is also using the DNS server that my router provided.
Out of curiosity, are you using DHCP? If you are then maybe the router you have is just forwarding the DNS setting it was given, and that is Google's DNS server.
Yes indeed, I'll double check. I have one router (my ISP one) that is definitely using google DNS. My other router is supposed to provide DNS and forward it to my own sever, but I'll have to double check my setup then...
I was wondering that as well. I think they mean things lime AOSP still connects to Google's 204 page to see if your online.
My thought is, if I was Google, why would I embed any tracking in AOSP? It's right in the source code for people to see and remove (not to mention the PR headache it would cause if offending code was found). It's far easier to embed in Googly Play Services, where its far harder to find, nearly impossible to remove, and any phone that wants to use Google services has to use.
"We've implemented several /e/ online services, with a single /e/ user identity (user@e.email). This infrastructure will be offered as docker images for self hosting: drive, email, calendar... to those who prefer self-hosting."
This reminds me CyanogenMod which after they shutdown and shutdown their services, the phone became unuseable, I assume because they kept trying to sync to dead services.
Underwhelming and doomed to fail. Questionable, if any, value over standard AOSP. Microg, while technically an interesting solution, is a violation of google's ToS, and cannot really make it into any sort of a real product. And microg itself seems to have slowed down/stalled anyway.
Edit: I should add some context since their site doesn't have much. Per their faq (https://gitlab.e.foundation/e/wiki/en/wikis/faq), it's a fork of lineage without any clearly stated benefits other than bundling of microg, which is arguably a worse stance to take for privacy (their goal) than lineage since microg implements a subset of google play services, is not exactly legal in its use of google apis, and opens up other security issues.
I'm curious to know why one has to fork Android instead of fixing it to provide privacy out of the box?
AOSP is a respectable open-source project, yes? If patches were submitted to make google tracking optional and improve privacy for privacy minded folks, would they not accept those patches?
It doesn't. Replicant is a much more ambitious project. They (replicant) received $200k recently in donations. Hopefully, they can get one reasonably new device up and running in good shape. The galaxy s3 is close, but it's really old at this point.
https://news.ycombinator.com/item?id=17529703