Mudsock Heights

Mudsock Heights

Here is a screenshot of Molly.im. You don't see anything because for security reasons Molly.im blocks screenshots. Smart. (Signal blocks them, too.) (Credit: Dennis E. Powell)

The Privacy Tablet -- from Google!

By Dennis E. Powell | Posted at 1:04 AM

Thanks, Google! You have struck a blow for privacy!

Okay, that overstates things slightly, but only slightly. And while the Google Pixel Tablet is anything but private as shipped, the enormous, generally evil company (who knows that you are looking at this article unless you did something to prevent tracking, which you probably didn’t) left the tablet open so people concerned with privacy and security can fix it.

When you get a phone or tablet computer from your phone company, it is “carrier locked.” This means there are only a limited number of changes you can make to it. That’s because the phone company wants to be first in line to harvest your data to sell to anyone who is willing to pay for it. What can it learn? Enough to make you want to smash the phone and never speak or write to anyone ever again. The phone company truly does want to reach out and touch someone: You, in places you do not care to be touched.

There is one, and only one, brand of cellular telephone and tablet that can be made largely secure, thereby confounding the data thieves. Those phones and that tablet are made by Google. There is a caveat: you must get it from Google or one of its affiliates, not from the phone company.

Today there are basically two cellular telephone and tablet operating systems. There is Apple’s IOS and its slight variant iPadOS, for iPhones and iPads respectively, tightly controlled by that increasingly authoritarian company. They work very well. When I replaced an iPad that had finally broken after seven years the changeover couldn’t have been easier. I went to an Apple site and was surprised to learn that Apple had a copy of all my data for me to download. Easy, yes. But private? Apple says yes, and some people believe it. I am not among them. Additionally, Apple likes to festoon its security updates with things you do not want. The latest iPadOS upgrade, for instance, changed the notification sounds for everything. Seems a small point, but I’d trained myself to recognize the tones worth waking up for and the ones I can ignore until morning. Now, after eight years, they were changed and the old ones could not be restored. Why? No reason except that Apple had decreed it and mere owners may not and can not defy Apple’s decrees.

Thinking people who choose iPhones (as opposed to those who choose them as fashion accessories) consider Apple to be the lesser of evils, and out-of-the-box they are right. The alternative is Android, after all, and Android was made by Google, the company that grew enormously wealthy and powerful by dreaming up and implementing new ways to gather data about you that you want to keep private, then selling those data to others.

But in most important respects, Android is open-source. It is free software, in that anyone may modify the source code in any way he or she likes. This has led to Android being the operating system on hundreds of brands of cellular telephones and tablet computers. In some ways it is analogous to the Sony Beta versus VHS video tape format of a generation ago, though there Sony wanted a lot for rights to its (superior) design, while Japan Victor Company, JVC, didn’t, and the Betamax was driven into extinction.

The grade-A, stock, definitional version of Android is developed and maintained by Google, who releases security updates and new versions to the community at large. Phone companies do their evil business to it before flashing it to their phones, and the good guys make it more private and secure, so non-idiots can put the good version on their phones (if they’re not carrier locked). It seems strange — it is strange — but it’s true.

People who are not Google inspect Google’s code, add security and privacy enhancements, and make it available to those who wish to “reflash” their phones with something safer than the stock operating system.

I have some experience with this; 11 months ago I got a Google Pixel 6a telephone and replaced all the software on it with a variant of Android called Graphene OS. It is written specifically with privacy and security as its goal. (Ironically, it was an Apple security upgrade that caused me to abandon my iPhone for the Pixel; that time, the upgrade drained my battery in minutes.)

Graphene OS is the state of the art. It is an excellent operating system put together by very serious people. It is available for installation only on Google Pixel devices, the most known of known quantities.

Image

Here is the booted up Pixel Tablet. I could put wallpaper or other adornments there, but for pure security it is best to leave it blank except for the icons in the quick-launch bar — here, omWeather, the MySudo phone application, Molly, ProtonMail, ex-Twitter, and the Vanadium web browser. (Credit: Dennis E. Powell)

When Google announced the Pixel Tablet in May, it caught my eye. My iPad, the cheapest model and purchased a year ago, had proved disappointing in many ways. In addition to software changes forced on me, the quality of the hardware had seemed to decline. It felt and behaved like the first version of something. So I decided to keep an eye on the new Google tablet — and on whether there would be a version of Graphene OS for it. I shouldn’t have worried. The earliest working version for the Pixel Tablet was available days after the tablet was released.

When I got my Pixel phone last year, it was during the Black Friday retail orgy, marked down from $500 to $350. (Strangely, the price later went back up.) I hoped there would be something similar this year, involving the Pixel Tablet. I was only slightly disappointed: it was marked down from $500 to $400.

A bit about the tablet itself. It’s a mid-range largish slab, thin but surprisingly rigid. Something that sets it apart is that it comes with a docking stump, to which it is attached by magnets. This is how it is charged (though you can use USB-C, too), but the dock has other features. It has a built-in speaker for those who want to listen to music but would like a bass-ier sound than is provided by the four tiny speakers built in to the tablet. It serves that function but neither alone nor docked is the sound better than mediocre, if that. The real marketing aspect of the stump is that connects the user to his “smart home,” better described as “spy home for stupid people.” If your refrigerator is connected to the internet, here is where you would presumably watch the contents on the refrigerator’s built-in camera. As would anyone else on the internet who paid to learn what’s in your refrigerator. Everything about your life can be learned, by people who do not have your best interests in mind, if you have a “smart” home.

After two full days of use, not without its adventures, I can say that the hardware — the part of interest to me, because I was going to blow away the software anyway — is solid and satisfying.

Under normal circumstances the installation of Graphene OS is a lot less terrifying than flashing a phone ought to be. It used to be a very tense time, with the real possibility of destroying the phone. The Graphene people have a web-based installation that is actually easy! Just do what it says and everything works just fine.

Unless . . .

What I am about to describe is a situation likely to happen to pretty much no one but me.

To flash the device one must attach it via USB cable to one’s computer. That’s how I flashed my phone, entirely uneventfully, a year ago. The tablet, like the phone, has a USB-C socket; my computer is all old-style USB.

And now I could not find the right cable! I know I have one, several, in fact. I also have some cheap ones that come with gadgets to charge them. Those do not have all the pins connected and won’t work, but I have some good ones, too. (Here’s a technical standards proposal: people who ship crippled cables should have one toe removed for every pin that isn’t connected.) I looked and looked and could not find the right cable. It was evening; a mature adult human would have waited until the next day, driven to town, and purchased the correct cable. There was no such person here.

I did have a good cable with USB-C at both ends. And I had the phone, which has its USB-C socket. What if I . . .

Yes, I reflashed the tablet over the phone. It restored excitement to the flashing process. It was forever asking permission to connect to the tablet, popping its message up in a place that kept me from seeing the graph meant to inform me of the installation’s progress. After a tense half hour . . . it didn’t work.

Well, actually, it did work, I just didn’t know it. After some jiggery-pokery, I was booted to the Graphene OS screen. Which was, and remains, blank but for the five application icons at the bottom.

So it is technically possible to flash a Pixel Tablet with Graphene OS via a Pixel phone running Graphene OS. I would not recommend it. Better to use the right cable and plug it into the computer.

Image

Because the other pictures are so sparse and I wanted to show something of the operating system, here is the Graphene OS pane that gives a sense of what’s going on and access to so features so they can be turned on or off quickly. (Credit: Dennis E. Powell)

My having escaped my irresponsibility and impatience yet again, it was time to install applications.

Several alternative Androids avoid the problems with Google’s framework for proprietary enhancements by replacing it with something else, usually not very well. Graphene OS doesn’t use this philosophy. Instead, it lets you run those Google things — but it puts them in a sandbox, a software cage, so while they think they are phoning home and doing other mischief, they actually aren’t. As a result, almost anything that runs on Google-provided Android, including applications from Google itself, runs just fine on Graphene OS without leaking your personal data. (The exception is the Google automobile applications. If your car requires a Google connection to operate, there are two questions to consider: What’s the matter with you? What were you thinking?)

Applications on Graphene OS are available via two excellent repositories, f-droid, offering open-source software, and the clever Aurora Store, which gives you access to the actual Google Play Store without you having to tell Google who and where you are. So the first thing to do is to install both of those. (You can also use the regular Google Play Store, with your Google account, which sort of defeats the purpose of the Graphene OS exercise.)

The second thing to do is install Gboard from the Aurora Store. This is the actual Google keyboard, and it is really good. As you install it you will see that it wants internet access. A keyboard that wants internet access? Hmmm. Uncheck that box and the GBoard is defanged. You can likewise get Google’s peculiar photo editing applications. Again, when installing it ban it from the internet as if it were a six-year-old at suppertime.

Then install applications according to taste. Essential to me, as it should be to you, is the entire Proton suite of security and privacy applications. Also essential is the superb Signal messaging application. Want to text in absolute privacy or make secure voice or video calls or hold video or voice meetings anywhere in the world for free? Get Signal.

Except . . .

An inability to use Signal would have ruined the whole project for me. As I said, it is essential. And it seemed I couldn’t use Signal.

Here’s the problem: A signal account must be tied to one device. Additional devices are then “linked” to that phone via alchemy that I don’t know and don’t want to know. Signal works fine on my Pixel phone running Graphene OS, and my iPad and desktop machines linked to it easily. It is easy to set up. My Cute Japanese Girlfriend, who is very smart but not a techie by trade, had it set up in minutes. (Okay, CJG-san is actually kind of brilliant in these things — she changes ex-Twitter accounts more easily than most people change their socks. The point is, she’s a business owner, not a geek.)

But now I could not link the new tablet. I could not even find a place to link the new tablet. I was utterly lost. So I turned to Reddit, a place that’s great for debugging computers but not so good for debugging plumbing. There I learned via a bit of cloak-and-dagger communication, caused not by the nature of the project but by the rules of Reddit, about something called Molly.im. It is a fork of Signal aimed at Android and both marginally more secure in some ways than the very secure Signal and capable of linking an Android gadget with a device that has a Signal account. It was downloaded and set up in about 10 minutes. The essentials were now installed and working.

Image

A swipe up reveals the installed applications. Here are some of them. Yes, there are two cameras, the Graphene OS one and the Google one. Each has its strengths. (Credit: Dennis E. Powell

Now it was simply a matter of configuring everything to my liking — GBoard has a sound that resembles a typewriter, for instance, which is wonderful if no one else is around to murder you when using it sends them over the edge. I found omWeather, the best weather application since Apple bought and destroyed Dark Sky. There are various YouTube viewers that are better than the one Google makes. Graphene OS comes with the excellent Vanadium browser, which I augmented with the Brave browser, because everybody ought to have at least two web browsers. I added some applications and will add more in the next days, weeks, and months, occasionally weeding out and uninstalling the ones I didn’t find as useful as I thought I would. I’m trying out the Collabora Office suite, which is an offshoot of the LibreOffice I’m using to write this. I’m not prepared to recommend it yet, but it shows promise. And so on.

I did not get a keyboard case for the new tablet, which may be a sign of incipient (if well hidden) wisdom. I have gotten keyboard cases for every tablet I’ve ever owned, and based on how often I used them I’d say they cost me about a dollar per word actually typed on them. However, the Bluetooth keyboards from my old BlackBerry Playbook case and even the one from my — don’t laugh — H-P Touchpad (which was offered for sale from July 1, 2011 to August 18, 2011 — if you snooze, you lose, but if you don’t snooze you lose even more) both work. The H-P keyboard is much nicer than the Touchpad hardware was.

Instead of a keyboard thing, I got a cheap rubber case (Poetic TurtleSkin) that fits on the Pixel Tablet in the fashion of rubber galoshes. I lucked out — it has grooves on the sides that make it far easier to hold the thing securely.

I’m not entirely used to it yet. For instance, the gesture that pulls up the list of running applications whence they can be closed and the one that opens the drawer containing all the installed applications are very similar. I’m invariably doing the latter when I want to do the former — it’s bad practice to keep open applications you’re not using right now. I think the thick lip of the case, there to protect the screen, might be the culprit. I may have to cut away a bit of that. (Putting it in the freezer — the case, not the tablet — should solidify it and make it easier to cut.)

But over all, I’m not just happy, I am delighted. The total cost, after tablet and case, was $0. All of the software was free. The free software movement has come a long way in the last 30 years!

And I love the irony that what might be the most secure and private tablet available outside government agencies has on its back a big Google “G.”

Dennis E. Powell is crackpot-at-large at Open for Business. Powell was a reporter in New York and elsewhere before moving to Ohio, where he has (mostly) recovered. You can reach him at dep@drippingwithirony.com.

Share on:
Follow On:

Start the Conversation

Be the first to comment!

You need to be logged in if you wish to comment on this article. Sign in or sign up here.