Andrew <andrew@spam.net> wrote:

> It's really that simple, so it was odd that a person said it was too
> hard for him because all he needed to do was use good apps instead of
> bad ones.

Yeah, I get simple. I understand why many users want convenience.
Security and convenience are the anti-thesis of each other: get more of
one, lose more of the other.

>> Sounds like you employ sneakernet: toting around a USB drive from
>> computer to computer expecting each computer to have USB ports (and they
>> are enabled in BIOS rather than locked out, like at schools, libraries,
>> cafes, etc) where you can then import a .vsc file into some non-web
>> centric contacts app.
>
> Are you crazy?

Nope. Apparently you've never left home to do e-mail, even when on
vacation. Maybe you tote along a laptop or netbook, and I have also,
but sometimes they don't work when on vacation. I've also lost my
smartphone both literally and via damage. When those personal devices
aren't available, I have to use someone else's host, so I use the
webmail clients to my accounts, and I need my contacts there (unless I'm
only replying to e-mails and not originating them).

> What do you think a LAN does?

That only works on your intranet hosts. You never need to do e-mail
away from home?

> Have you never heard of Wi-Fi? Routers? APs? NAS?

Yeah, still all part of your LAN. Unavailable when away from home.

> What century are you living in anyway when you speak of sneakernet?

Because I wanted to find out how *you* were transporting your contact
records from host to host.

> I'm not forcing you to set up your Android phone using only good apps.
> If you want to use lousy apps that steal all your privacy, have fun at it.

So me asking what you use that is privacy oriented is me being rude,
crazy, or whatever insult you wish to apply to me. Didn't know
defending your stance, and telling us how would be so strenuous.

I'll look at your suggestions, but I suspect they'll be onerous when
away from home. At home, I use an e-mail client on my desktop, and it
doesn't sync contacts anywhere. I hate using my phone for anything
regarding docs, e-mail, or anything I have to read with my old eyes, but
that may be the device I'm stuck using when away from home. So knowing
what would be more private on the smartphone is interesting.

> Just remember everyone in your contacts list also loses their privacy.

Just where is this privacy being intruded? Not on my phone. Would have
to be with the e-mail service. Any hacking into my account, or data
breach, or employee data theft would render availability of all my
e-mails with all those e-mail addresses in From, To, and CC headers (and
others, too, like Sender). Even if my online account had no contact
records, all my e-mails do.

>> Why do you even need to import anywhere? The .vcs file is a text file.
>> You could open it with a text editor, copy an e-mail address for a
>> contact, and then paste in a new compose window when sending e-mail.
>
> The guy who said his brain hurt, I think, complained that some apps require
> you to manually enter the contacts, one by one, which is a valid concern.

If I was using text files to carry contact records, I'd probably have
them on encrypt-protected USB drives (hoping that USB ports were
available at other hosts). Yes, I'd have to copy e-mail addresses, but
I don't originate that many e-mails. Most of e-mails are replies, and
the sender's e-mail address gets used for the reply.

> Based on your questions, the amount that you do not know about this topic
> is so huge that there's no way I'm going to teach you what you can't learn.

Ah, so I ask must mean I am stupid. You don't know me very well. I
won't bother reciting my resume here. Your lambaste makes you stupid.
Also remember that we do not learn by agreeing. We learn by contrast.

> You can either accept the point that the safest way to keep your contacts
> out of the hands of the harvesters is to not store them in the default db.

I wanted to see how *you* do it. Apparently, to you, that makes me
stupid. Uh huh. I was not rejecting your premise, but I was contending
its level of privacy, especially since all your e-mails stored in your
online account have addresses to which you sent, and addresses from
received e-mails. You also don't keep any e-mails on the server? I
quit using POP decades ago, because IMAP lets me keep multiple local
e-mail clients in sync with each other.

> If you're the type of person like that other guy who said his brain hurt
> when he had to think, then you're going to reject privacy every time.
>
> Why do you think all the default Google apps don't respect your privacy?
> Why do you think the good apps respect you privacy and the bad apps don't?

Well, I'm really not going to get into philosophical or logistical
arguments over what is good versus what is bad. Bad for you is good for
someone else. Just reflect on how you protect your privacy without
condemning others doing it differently.

> If that concept is too difficult for you, then I can't fix that problem.

Besides your intranet hosts at home using a LAN to pass around a text
file with contact records, how do you use those contact records
elsewhere? You mention using a .vcf file, but not how that keep its
content private when importing into apps. Your generic advice is don't
import into an e-mail app that syncs online. Okay, I'll look at some of
those, but still how am I going to get all e-mail clients I use on
different hosts all sync'ed on contacts? For my own mobile devices,
that's doable although perhaps not desirable.

When I'm not using hosts under my control to configure how I want, how
do I get my contacts for use there? You have limited access to specify
hosts under your control. Not everyone does e-mail that way.

VanguardLH wrote on Wed, 24 Jan 2024 22:41:26 -0600 :

>> It's really that simple, so it was odd that a person said it was too
>> hard for him because all he needed to do was use good apps instead of
>> bad ones.
>
> Yeah, I get simple. I understand why many users want convenience.
> Security and convenience are the anti-thesis of each other: get more of
> one, lose more of the other.

I agree with you, and I think everyone would agree with what you said.

People who don't want to think because it hurts their brain to think will
always use whatever apps Google and the carrier or phone maker give them.

Not only will those (bad) apps store all your contacts in the default
Android database, but they'll also upload your contacts to their servers.

The good apps won't do either of those two things.
>> Are you crazy?
>
> Nope. Apparently you've never left home to do e-mail, even when on
> vacation. Maybe you tote along a laptop or netbook, and I have also,
> but sometimes they don't work when on vacation. I've also lost my
> smartphone both literally and via damage. When those personal devices
> aren't available, I have to use someone else's host, so I use the
> webmail clients to my accounts, and I need my contacts there (unless I'm
> only replying to e-mails and not originating them).

Let's agree to stop talking about sneakerneet and USB sticks, OK?

The only difference between the privacy aware setup I had patiently
explained to you & your setup is I use good apps that don't expect contacts
to be in the default contacts database and you use bad apps that do.

>> What do you think a LAN does?
>
> That only works on your intranet hosts. You never need to do e-mail
> away from home?

With the setup I explained, I can do email from the middle of Antarctica.
Why would you think just because your contacts are private that you can't?

>> Have you never heard of Wi-Fi? Routers? APs? NAS?
>
> Yeah, still all part of your LAN. Unavailable when away from home.

My contacts are on my phone just like yours are on your phone.
They're just not in the default contacts database. Yours are.

>> What century are you living in anyway when you speak of sneakernet?
>
> Because I wanted to find out how *you* were transporting your contact
> records from host to host.

The only difference between what you do and what I do is you upload your
contacts to servers and you use bad apps which expect the contacts to be in
the default database - whereas I don't do either of those two things.

You update your contacts any time you want to update your contacts.
So do I.

I just don't put them in the default Android database, and I don't upload
them to the Google or WhatsApp servers, that's all.

If I wanted to, don't you think I could access my NAS drive on my router?

> I'll look at your suggestions, but I suspect they'll be onerous when
> away from home. At home, I use an e-mail client on my desktop, and it
> doesn't sync contacts anywhere. I hate using my phone for anything
> regarding docs, e-mail, or anything I have to read with my old eyes, but
> that may be the device I'm stuck using when away from home. So knowing
> what would be more private on the smartphone is interesting.

There really isn't any difference in use between what you do & what I do.
For both of us, our contacts are on our phone 100% of the time.
No matter where we travel.

The difference is you upload contacts to Google servers. I don't.
And you store contacts in the default contacts database. I don't.

>> Just remember everyone in your contacts list also loses their privacy.
>
> Just where is this privacy being intruded? Not on my phone. Would have
> to be with the e-mail service. Any hacking into my account, or data
> breach, or employee data theft would render availability of all my
> e-mails with all those e-mail addresses in From, To, and CC headers (and
> others, too, like Sender). Even if my online account had no contact
> records, all my e-mails do.

Did you hear about the huge privacy breach that was reported just today?
https://9to5mac.com/2024/01/23/trello-data-breach/

That breach isn't important other than to point out that EVERYTHING you
upload to the Internet WILL BE HACKED INTO bar none. Accept that concept.

If you upload all your contacts, they will be obtained by the hackers.
The solution to that problem is not to upload your contacts at all.

The best (easiest, simplest, most secure) way to do that, is to make sure
that your default contacts database is empty & then use privacy aware apps.

>>> Why do you even need to import anywhere? The .vcs file is a text file.
>>> You could open it with a text editor, copy an e-mail address for a
>>> contact, and then paste in a new compose window when sending e-mail.
>>
>> The guy who said his brain hurt, I think, complained that some apps require
>> you to manually enter the contacts, one by one, which is a valid concern.
>
> If I was using text files to carry contact records, I'd probably have
> them on encrypt-protected USB drives (hoping that USB ports were
> available at other hosts). Yes, I'd have to copy e-mail addresses, but
> I don't originate that many e-mails. Most of e-mails are replies, and
> the sender's e-mail address gets used for the reply.

You have a valid concern that the VCARD *.vcf files are, essentially, text.

But they're already imported/exported into/outof your privacy aware dialer,
so they act exactly the same as they do in the non-privacy aware dialers.

Do you even know where your contacts are stored on your Android phone?
Likely you don't. I know where they're stored but most people do not.

It's magic to most people.
They're "somewhere" but most people have no idea where they are.

So what's the difference if you put them inside the apps that need them?
>> You can either accept the point that the safest way to keep your contacts
>> out of the hands of the harvesters is to not store them in the default db.
>
> I wanted to see how *you* do it.

It's simple. Elegant. Private.

I do not store any contacts in the Android default contacts database
(actually I do, but they're all fake contacts for spoofing purposes).

And I use apps that import/export from/to a VCARD contacts.vcf file.
I maintain the master on Windows in Excel but that is a minor detail.

> I was not rejecting your premise, but I was contending
> its level of privacy, especially since all your e-mails stored in your
> online account have addresses to which you sent, and addresses from
> received e-mails. You also don't keep any e-mails on the server? I
> quit using POP decades ago, because IMAP lets me keep multiple local
> e-mail clients in sync with each other.

The only difference between the method you use and the method I use is that
you store the contacts in the default location and I don't - and - you
upload those contacts to a Google server and I don't - where you use the
apps that Google or the carrier or manufacturer gave you and I don't.

Everything else is the same.

> Besides your intranet hosts at home using a LAN to pass around a text
> file with contact records, how do you use those contact records
> elsewhere? You mention using a .vcf file, but not how that keep its
> content private when importing into apps.

You have the same problem since your apps have your contacts too.
The main difference is you upload them to Google servers & I don't.

My contacts don't change every minute of the day so I don't need to put
them on my flash drive stuck into the back of my router which is available
anywhere in the world over a static IP address - but I could if I want.

In that case, I'd put the contacts.vcf in an encrypted container file.

> Your generic advice is don't
> import into an e-mail app that syncs online. Okay, I'll look at some of
> those, but still how am I going to get all e-mail clients I use on
> different hosts all sync'ed on contacts? For my own mobile devices,
> that's doable although perhaps not desirable.

How often do your contacts change so drastically that this matters to you?

> When I'm not using hosts under my control to configure how I want, how
> do I get my contacts for use there? You have limited access to specify
> hosts under your control. Not everyone does e-mail that way.

I do not understand what you mean by "hosts not under your control" because
the all the machines in the world are "hosts not under your control" except
for whatever is in your house and in your hand.

You seem to think your system is drastically different from mine.
It's not.

The difference is only three things but the use model is exactly the same.
1. You store contacts in the default Android database. I don't.
2. You upload contacts to the Google servers. I don't.
3. You use bad apps that can't import/export from a VCARD file. I don't.

VanguardLH <V@nguard.lh> wrote:
> Andrew <andrew@spam.net> wrote:
[...]

> However, which Android contacts apps are you using that don't
> use an online account?

The default Contacts apps I've used sofar, always had an option to
store each individual contact on the phone (and - with less capability -
on the SIM). Of course this isn't good enough for 'Arlen', but probably
good enough for most people.

[...]

VanguardLH <V@nguard.lh> wrote:
> Andrew <andrew@spam.net> wrote:
[...]
> > Are you crazy?
>
> Nope. Apparently you've never left home to do e-mail, even when on
> vacation. Maybe you tote along a laptop or netbook, and I have also,
> but sometimes they don't work when on vacation. I've also lost my
> smartphone both literally and via damage. When those personal devices
> aren't available, I have to use someone else's host, so I use the
> webmail clients to my accounts, and I need my contacts there (unless I'm
> only replying to e-mails and not originating them).

I've never needed to use "someone else's host", but if I needed that
contingency plan, I would store my contacts in encrypted form in 'the
cloud' (which I do anyway for some important files).

But if "someone else's host" only gives you web access, you probably
have no way to decrypt the contacts (or use some on-line decrypting
service, which needs you to trust that service).

If you have a mail provider which you trust, you could store your
contacts there, not neccessarily in their contacts facility, but just in
a file.

[...]

Frank Slootweg wrote on 25 Jan 2024 15:17:28 GMT :

> I've never needed to use "someone else's host", but if I needed that
> contingency plan, I would store my contacts in encrypted form in 'the
> cloud' (which I do anyway for some important files).

It's not hard to store contacts in a plain file in an encrypted container.
https://play.google.com/store/apps/details?id=com.sovworks.edslite

> But if "someone else's host" only gives you web access, you probably
> have no way to decrypt the contacts (or use some on-line decrypting
> service, which needs you to trust that service).

If they're in an encrypted container, you decrypt on the Android device.

> If you have a mail provider which you trust, you could store your
> contacts there, not neccessarily in their contacts facility, but just in
> a file.

You could store master contacts in an encrypted container on your LAN.
https://www.howtogeek.com/108501/the-how-to-geek-guide-to-getting-started-with-truecrypt/

If you have a static IP address, you can access a USB stick in your router
from the middle of Antarctica if you lose your phone & suddenly need them.

Andrew <andrew@spam.net> wrote:

> VanguardLH wrote on Wed, 24 Jan 2024 22:41:26 -0600 :
>
>>> It's really that simple, so it was odd that a person said it was too
>>> hard for him because all he needed to do was use good apps instead of
>>> bad ones.
>>
>> Yeah, I get simple. I understand why many users want convenience.
>> Security and convenience are the anti-thesis of each other: get more of
>> one, lose more of the other.
>
> I agree with you, and I think everyone would agree with what you said.
>
> People who don't want to think because it hurts their brain to think will
> always use whatever apps Google and the carrier or phone maker give them.
>
> Not only will those (bad) apps store all your contacts in the default
> Android database, but they'll also upload your contacts to their servers.
>
> The good apps won't do either of those two things.
>
>>> Are you crazy?
>>
>> Nope. Apparently you've never left home to do e-mail, even when on
>> vacation. Maybe you tote along a laptop or netbook, and I have also,
>> but sometimes they don't work when on vacation. I've also lost my
>> smartphone both literally and via damage. When those personal devices
>> aren't available, I have to use someone else's host, so I use the
>> webmail clients to my accounts, and I need my contacts there (unless I'm
>> only replying to e-mails and not originating them).
>
> Let's agree to stop talking about sneakerneet and USB sticks, OK?
>
> The only difference between the privacy aware setup I had patiently
> explained to you & your setup is I use good apps that don't expect contacts
> to be in the default contacts database and you use bad apps that do.

Oh, you carefully explained before what you next mention about using a
NAS drive back in your intranet which means granting external access to
your home network? Your NAS drive operates within a DMZ, right?
Explain, without tossing insults, how you access your NAS drive when
away from home which makes all of its content secure. Is the NAS drive
itself constrained with a DMZ, and mandates strong login credentials to
access from outside your home network?

> I just don't put them in the default Android database, and I don't upload
> them to the Google or WhatsApp servers, that's all.

Please explain, and actually explain rather than imply, and without
insult, how you get your contact records synchronized across multiple
smartphones, tablets, desktops, etc.

> The difference is you upload contacts to Google servers. I don't.
> And you store contacts in the default contacts database. I don't.

No, the real difference is between using apps that employ cloud sync
versus having to setup local resources that are securely accessed from
outside your home network. That latter is possible, but how many
smartphone users would go through all that setup, and make it secure?

> Did you hear about the huge privacy breach that was reported just today?
> https://9to5mac.com/2024/01/23/trello-data-breach/

Just recently my ISP got hacked, and their customer records stolen. I
use e-mail with them although they are not my primary e-mail service.
ANY e-mail provider I use can breached. Please explain how a hacker
with access to all my e-mails with their From, To, CC, Sender, and other
headers with e-mail addresses as value are not just as accessible as my
contact records at the same e-mail provider? A contacts list would be
easier to steal, but a hacker can still harvest e-mail addresses from
e-mails. Once your online account has been compromised, ALL your online
data is in peril.

Yes, I could register my own domain, setup my own nameserver, add all
the SPF, DKIM, and MX records in the DNS table, get the site
certificates, and run my own IMAP and SMTP server hoping the other
servers will cooperate with mine in order to ensure that e-mail
providers that get breached won't have either my contact records nor my
e-mails from which to harvest e-mail addresses. Um, no thanks. Way too
much work just to do e-mail.

> That breach isn't important other than to point out that EVERYTHING you
> upload to the Internet WILL BE HACKED INTO bar none. Accept that concept.

Will is different than can. Your statement is saying that I will be
infected by every malware rather than it is vulnerable *if* attacked.
You've protected your contacts. How are you protecting your e-mails?

> If you upload all your contacts, they will be obtained by the hackers.
> The solution to that problem is not to upload your contacts at all.

And have all my e-mails both encrypted in-transit and in-situ. The
first is easy. All e-mail clients and webmail clients can use encrypted
traffic between client and server. The second depends on your e-mail
provider. Not many provide in-site encryption of your e-mails.

>>> You can either accept the point that the safest way to keep your contacts
>>> out of the hands of the harvesters is to not store them in the default db.
>>
>> I wanted to see how *you* do it.
>
> It's simple. Elegant. Private.

Child asks "Why is the sky blue." Your response is because God made it
that way. Expect resistance to anything you claim when you don't speak
to them as adults.

It's clear that you consider secrecy a primary method for security. At
this point, I'm no longer interested in how you do it, and I don't think
you're going to divulge the details for others to actually know how to
implement. Somehow you managed to secure your contact records while
still providing access to multiple hosts and doing it all securely, but
it seems you closed the barn door but left open the hay loft door.

> My contacts don't change every minute of the day so I don't need to put
> them on my flash drive stuck into the back of my router which is available
> anywhere in the world over a static IP address - but I could if I want.

Since, as you claim, everything in Internet is hackable, why can't a
hacker get at your contact records residing in your home network that
you opened to the Internet? If you can access your files from outside
your network, why can't someone else? Regardless of all the security
you put in accessing that device in your intranetwork, so did all the
ISPs, e-mail providers, and companies that attempted to secure their
data, but they got breached, so there is no perfect security. Nothing
you do cannot be impossible to hack. You opened access to your contact
records to the outside, so you can access them from the outside.

> In that case, I'd put the contacts.vcf in an encrypted container file.

Won't protect against keyloggers to get the password. The point is you
can try to increase security, but it will never be absolute.

> You seem to think your system is drastically different from mine.
> It's not.
>
> The difference is only three things but the use model is exactly the same.
> 1. You store contacts in the default Android database. I don't.
> 2. You upload contacts to the Google servers. I don't.
> 3. You use bad apps that can't import/export from a VCARD file. I don't.

Understood. But how is access to the .vcf file obtained to each host
(phone, tablet, laptop, desktop, netbook, and even hosts you don't own
but have to use when travelling) while ensuring the records are secure?
You could encrypt the file, but failing that just how do you get the
data to each host to share that data? And how is whatever method you
used completely unhackable or non-breachable?

You raised the bar to make hackers hurdle higher, so less of them can
make it over the bar. Understood. Security is about finding a
comfortable medium between protection and usability.

No, I'm not wasting time, money, and resources on setting up a NAS drive
within a DMZ that I have to punch holes in the router's firewall which I
can access via a DNS lookup on a hostname that I can remember using a
service that provides the lookup to convert from name to IP address nor
pay extra to get a static IP address from my ISP where the .vcf file is
encrypted, so I can transfer the file to multiple hosts to sync my
contact records. What I might do, however, is use an encrypted .vcf
that is stored in a folder sync'ed by OneDrive or Google Drive which
lets me access the .vcf file on each host where the OneDrive or Google
Drive clients are installed, but I'd still need the decrypter on each
host to use the contents of the .vcf file. I can figure out easier
machinations on providing remote access to files that are encrypted and
the means to decrypt on each host. But none of that is going to stop
theft of e-mail addresses from e-mails I receive and send that are up on
the mail server that a hacker could get at. I cannot further secure my
e-mail provider's service.

Google offers encryption in-transit and in-situ, but requires using
their Workspace accounts which means you pay for those. Proton Mail
does in-transit and in-situ encryption, but its quotas might be too
small on their free accounts for some users. Their quotas are fine for
my personal use, but it seems most users have far more e-mail volume
than do I, and a company would have even more e-mail volume. You can
protect your contact records up the wazoo, but all that effort is wasted
if your e-mails are unprotected.

Frank Slootweg <this@ddress.is.invalid> wrote:

> VanguardLH <V@nguard.lh> wrote:
>
>> However, which Android contacts apps are you using that don't use an
>> online account?
>
> The default Contacts apps I've used sofar, always had an option to
> store each individual contact on the phone (and - with less
> capability - on the SIM). Of course this isn't good enough for
> 'Arlen', but probably good enough for most people.

Thanks for the reminder. The default Contacts app that came bundled on
my phone is the same. I can store contacts in the app which may sync
with contact lists at e-mail providers *if* so configured, or store my
contacts on local storage (main or SD card). I don't even need to
bother with import. The problem with local storage, though, is getting
those contacts to another device/host. I'm not the norm in that I do
most e-mail, or wait to do e-mail, on my desktop PC. I use the phone
when I have to, not because I feel compelled to. I'm too old to be a
user that has their phone grafted to their ear, or feels nude if they
discover their phone isn't with them. That's where storing an encrypted
file in a folder included in sync for OneDrive or Google Drive might
work, but I'd need a decrypter on each host. I could use cloud file
storage for transfer between hosts, but I'd want sensitive data
encrypted which also means it's of no value if there is no means to
decrypt.

I like using TrueCrypt on my home desktop for encrypted containers.
There is no TrueCrypt app for mobile (Android or iOS), so I'd have to
invest time to research, test, and use a different encryptor for which
there is a matching app on my mobile devices.

I have Peazip (a fork of 7-zip) on my home desktop which can encrypt,
too (and NOT use the vulnerable PKZIP encryption scheme). Again, no
mobile app version of either Peazip or 7-zip, so I'd have to invest in
using a different compressible archiver with encryption.

Probably the easiest cloud sync setup I can think of is using
Microsoft's OneNote (which uses storage in OneDrive). The desktop
client is free as are the Android and iOS versions. You can encrypt
sections in a notebook (although I would prefer an additional option of
encrypting an entire notebook), so the data is encrypted locally,
encrypted in-transit, and encrypted in-situ. Someone could hack my MS
account login, but they still would have to hack past the different
password used in OneNote which is /not/ the same password for account
login. Instead of using cloud file sync service and having encrypter
and decrypter apps on each end, I just have OneNote on each end. I've
never had hacked my strong password on my MS account which is unique to
just that domain, but if it was hacked then the hacker would have
another hurdle of hacking the encrypted sections in my OneNote up on the
server under the OneDrive cloud storage.

However, if the OP is thinking the e-mail provider is stealing contact
data (I've not seen any reports on this; else, there would be very
expensive lawsuits to settle), or a hacker gaining access to an account
(usually the fault of the user in not using strong passwords that are
unique to every domain) could steal contact data, or a data breach at
the e-mail provider that grants access to contact data, that doesn't
preclude the same abused/hacked/breached access to the e-mails on the
server which have contact data in the From, To, CC, Sender, and other
headers. All the effort on protecting contacts is wasted if the e-mails
are unprotected.

In-transit encryption is easy. Not many e-mail providers have in-situ
encryption aka end-to-end encryption unless you pay for the feature.
Google has it with Workspace accounts, but those accounts aren't free.
ProtonMail has it, and the quota on free accounts is enough to satisfy
my e-mail volume, but many users have much higher e-mail volume than I,
and they would have to pay to get more quota. Those are the 2 I can
think of right now that provide in-situ or end-to-end encryption where
not even the e-mail provider can see your data on their server for your
account. There might be other e-mail providers with similar user data
protections, but paid solutions would be ignored by all those
freeloading users of free services, like me.

VanguardLH wrote on Thu, 25 Jan 2024 11:26:42 -0600 :

>> The only difference between the privacy aware setup I had patiently
>> explained to you & your setup is I use good apps that don't expect contacts
>> to be in the default contacts database and you use bad apps that do.
>
> Oh, you carefully explained before what you next mention about using a
> NAS drive back in your intranet which means granting external access to
> your home network?

What started this wasn't an attempt by me to explain how networking works,
but simply to state the best place to keep your contacts is NOT in the
default contacts database (because bad apps will upload that to servers).

> Your NAS drive operates within a DMZ, right?
> Explain, without tossing insults, how you access your NAS drive when
> away from home which makes all of its content secure. Is the NAS drive
> itself constrained with a DMZ, and mandates strong login credentials to
> access from outside your home network?

You misunderstood me because I didn't say that I bother to access my master
contacts.vcf file when I'm in Antarctica. I simply said that you could.

>> I just don't put them in the default Android database, and I don't upload
>> them to the Google or WhatsApp servers, that's all.
>
> Please explain, and actually explain rather than imply, and without
> insult, how you get your contact records synchronized across multiple
> smartphones, tablets, desktops, etc.

It's easy. Simple. Elegant. Private.

Generally I add contacts on the Windows PC via Thunderbird (actually
Betterbird) export to the VCARD format and then import into Excel.

Same with Android. I export to a contacts.vcf VCARD format file.
Excel has the ability to handle duplicates & merging for the master db.

Then I import back into the Android apps that need to use contacts.
I don't need to do it often. Generally only about once a year or so.
It's not like your contacts change every second of the day.

But you could do it every moment of every day if that's what you want.
How often do your contacts change anyway?

>> The difference is you upload contacts to Google servers. I don't.
>> And you store contacts in the default contacts database. I don't.
>
> No, the real difference is between using apps that employ cloud sync
> versus having to setup local resources that are securely accessed from
> outside your home network. That latter is possible, but how many
> smartphone users would go through all that setup, and make it secure?

In one breath you say you're constantly sending all your contacts to
someone else's server, and in the next breath you ask for security?

Who does that?

I get it you're trying to justify your use model, but you don't have to.
I know what your use model is. It's the one Google told you to use.

It's the same use model everyone who knows nothing about privacy uses.
So you don't need to explain to me why you use it. I know all about it.

Every company would love to have all your contacts.
And every contact of every contact in your contacts.
Even Google Maps asks for all your contacts nowadays.

Don't you think Google has a reason for wanting you to upload contacts?

If you want security, just put the contacts into an encrypted container.
https://sovworks.com/eds/

>> Did you hear about the huge privacy breach that was reported just today?
>> https://9to5mac.com/2024/01/23/trello-data-breach/
>
> Just recently my ISP got hacked, and their customer records stolen.

Good. Now you know why I say EVERYTHING you put on the Internet will be
hacked into, so that's one reason for not putting anything on the net.

> I use e-mail with them although they are not my primary e-mail service.
> ANY e-mail provider I use can breached. Please explain how a hacker
> with access to all my e-mails with their From, To, CC, Sender, and other
> headers with e-mail addresses as value are not just as accessible as my
> contact records at the same e-mail provider? A contacts list would be
> easier to steal, but a hacker can still harvest e-mail addresses from
> e-mails. Once your online account has been compromised, ALL your online
> data is in peril.

When you look at what you're doing & what I am doing, our use model is not
much different from mine except in two critical ways that I've told you.

1. You store contacts in the default Android contacts database. I don't.
2. You use (bad) apps which upload those contacts to servers. I don't.

Other than those two things, what happens to you happens to me.
Well, not really.

As I already stated, I periodically seed my Android default contacts
database with spoofed contacts, which is a minor tweak and not important.
https://f-droid.org/en/packages/me.billdietrich.fake_contacts/

And I use encrypted email, which is far less likely to succumb to attacks.
But I didn't intend for this thread to be an Android User Guide to Privacy.

My only point was that the best place (for privacy) to store your contacts
on your phone is NOT in the default contacts sqlite database. That's all.

> Yes, I could register my own domain, setup my own nameserver, add all
> the SPF, DKIM, and MX records in the DNS table, get the site
> certificates, and run my own IMAP and SMTP server hoping the other
> servers will cooperate with mine in order to ensure that e-mail
> providers that get breached won't have either my contact records nor my
> e-mails from which to harvest e-mail addresses. Um, no thanks. Way too
> much work just to do e-mail.

I am being nice when I say I think you're in the wrong century because
nowadays you stick a drive on your router and it's "on" the Internet.
>> That breach isn't important other than to point out that EVERYTHING you
>> upload to the Internet WILL BE HACKED INTO bar none. Accept that concept.
>
> Will is different than can. Your statement is saying that I will be
> infected by every malware rather than it is vulnerable *if* attacked.
> You've protected your contacts. How are you protecting your e-mails?

I already said how I'm protecting sensitive emails but the topic of overall
Internet security is a different topic than keeping Android contacts local.

>> If you upload all your contacts, they will be obtained by the hackers.
>> The solution to that problem is not to upload your contacts at all.
>
> And have all my e-mails both encrypted in-transit and in-situ. The
> first is easy. All e-mail clients and webmail clients can use encrypted
> traffic between client and server. The second depends on your e-mail
> provider. Not many provide in-site encryption of your e-mails.

Proton Mail: Encrypted Email
https://play.google.com/store/apps/details?id=ch.protonmail.android
> Somehow you managed to secure your contact records while
> still providing access to multiple hosts and doing it all securely, but
> it seems you closed the barn door but left open the hay loft door.

It's not rocket science.
1. Don't put anything in your default contacts database that you care about
2. Choose good apps which will import/export the master VCARD contacts.vcf
3. Maintain that master in Excel (because it merges and removes dups good)

What's so hard about understanding that?

>> My contacts don't change every minute of the day so I don't need to put
>> them on my flash drive stuck into the back of my router which is available
>> anywhere in the world over a static IP address - but I could if I want.
>
> Since, as you claim, everything in Internet is hackable, why can't a
> hacker get at your contact records residing in your home network that
> you opened to the Internet?

All they're going to get is an encrypted file container, that's why.
https://veracrypt.eu/en/Beginner%27s%20Tutorial.html

> If you can access your files from outside
> your network, why can't someone else?

I could leave my encrypted file container in the middle of Grand Central
Station and it would still be secure. That's what encrypted containers do.
https://www.herts.ac.uk/__data/assets/pdf_file/0020/55460/truecrypt-guide-v7-1a.pdf

> Regardless of all the security
> you put in accessing that device in your intranetwork, so did all the
> ISPs, e-mail providers, and companies that attempted to secure their
> data, but they got breached, so there is no perfect security. Nothing
> you do cannot be impossible to hack.

Did I say it was?

The only thing I really said was that it's dumb to use the default Android
contacts database if what you care about is the privacy of your contacts.

> You opened access to your contact
> records to the outside, so you can access them from the outside.

I didn't say I put my contacts on the "outside." You made that up.

I only said if you must force me to put the contacts on the Internet, I'd
only do it inside of an encrypted file container on a NAS drive hanging off
the router (which is how everyone would do it so that's no big thing).

On 25/1/2024, Andrew wrote:

>> Understood. But how is access to the .vcf file obtained to each host
>> (phone, tablet, laptop, desktop, netbook, and even hosts you don't own
>> but have to use when travelling) while ensuring the records are secure?
>
> It's simple. I said it already but you seem to want me to repeat it.
> a. You put contacts.vcf inside an encrypted file container
> b. You put that encrypted file container on a USB drive
> c. You stick that USB drive into your router's USB port made for that

I think you're doing a great job answering the inane questions he's asking
but I think VanguardLH doesn't realize that all your contacts are always on
the Android phone all of the time already so there's no need for the
Internet. VanguardLH thinks there are no contacts on the phone. I think
VanguardLH doesn't want to understand you when you say you don't put
contacts in the *default* location. He thinks not putting them in the
default location means they're not anywhere, when they're clearly there.

He doesn't understand what "default" means.

Frankie <frankie@nospam.usa> wrote:

> On 25/1/2024, Andrew wrote:
>
>>> Understood. But how is access to the .vcf file obtained to each host
>>> (phone, tablet, laptop, desktop, netbook, and even hosts you don't own
>>> but have to use when travelling) while ensuring the records are secure?
>>
>> It's simple. I said it already but you seem to want me to repeat it.
>> a. You put contacts.vcf inside an encrypted file container
>> b. You put that encrypted file container on a USB drive
>> c. You stick that USB drive into your router's USB port made for that
>
> I think you're doing a great job answering the inane questions he's asking
> but I think VanguardLH doesn't realize that all your contacts are always on
> the Android phone all of the time already so there's no need for the
> Internet. VanguardLH thinks there are no contacts on the phone. I think
> VanguardLH doesn't want to understand you when you say you don't put
> contacts in the *default* location. He thinks not putting them in the
> default location means they're not anywhere, when they're clearly there.
>
> He doesn't understand what "default" means.

Thanks for clarifying what I assumed ... but did not.

On 25/1/2024, VanguardLH wrote:

>> He doesn't understand what "default" means.
>
> Thanks for clarifying what I assumed ... but did not.

Then why do you need the net to use contacts already on the phone?

Frankie <frankie@nospam.usa> wrote:

> On 25/1/2024, VanguardLH wrote:
>
>>> He doesn't understand what "default" means.
>>
>> Thanks for clarifying what I assumed ... but did not.
>
> Then why do you need the net to use contacts already on the phone?

Guess you completely missed synchronizing contacts between devices, and
why I wondered how Andrew did it. Here we go again.

On 26/1/2024, VanguardLH wrote:

>> Then why do you need the net to use contacts already on the phone?
>
> Guess you completely missed synchronizing contacts between devices, and
> why I wondered how Andrew did it. Here we go again.

You're making this about a million times harder than it really is.
Have you never used Microsoft Office not even once in your life?
How much trouble can you have synchronizing a simple MS Office file?

VanguardLH <V@nguard.lh> wrote:
> Frank Slootweg <this@ddress.is.invalid> wrote:
[...]
> That's where storing an encrypted
> file in a folder included in sync for OneDrive or Google Drive might
> work, but I'd need a decrypter on each host. I could use cloud file
> storage for transfer between hosts, but I'd want sensitive data
> encrypted which also means it's of no value if there is no means to
> decrypt.
>
> I like using TrueCrypt on my home desktop for encrypted containers.
> There is no TrueCrypt app for mobile (Android or iOS), so I'd have to
> invest time to research, test, and use a different encryptor for which
> there is a matching app on my mobile devices.
>
> I have Peazip (a fork of 7-zip) on my home desktop which can encrypt,
> too (and NOT use the vulnerable PKZIP encryption scheme). Again, no
> mobile app version of either Peazip or 7-zip, so I'd have to invest in
> using a different compressible archiver with encryption.

I indeed also had to do quite some searching to find a decryptor on
Android. My need was/is for unpacking/decrypting archives, possibly only
one file from that archive, but possibly more, so my needs are more than
for a single (contacts) file.

That said: I use 7-Zip on the Windows side. On the Android side, the
standard Samsung 'My Files' can extract an encrypted .zip file (I just
use plain zip archive with ZipCrypto encryption), but it can only
extract the whole archive, not individual files/folders.

So I searched Google Play for something better, amongst them
'SecureZIP Reader' (by PKWARE!) [1] and 'RAR' [2], but ended up with 'FX
File Explorer' [3]. For decrypting single files, FX is probably over the
top and probably not very handy, but since I needed a 'better'/other
file manager anyway, that's what I ended up with.

Hope this is of use to you (or someone else in the audience).

[1] <https://play.google.com/store/apps/details?id=com.pkware.android>

[2] <https://play.google.com/store/apps/details?id=com.rarlab.rar>

[3] <https://play.google.com/store/apps/details?id=nextapp.fx>

Andrew <andrew@spam.net> wrote:
> Frank Slootweg wrote on 25 Jan 2024 15:17:28 GMT :
>
> > I've never needed to use "someone else's host", but if I needed that
> > contingency plan, I would store my contacts in encrypted form in 'the
> > cloud' (which I do anyway for some important files).
>
> It's not hard to store contacts in a plain file in an encrypted container.
> https://play.google.com/store/apps/details?id=com.sovworks.edslite
>
> > But if "someone else's host" only gives you web access, you probably
> > have no way to decrypt the contacts (or use some on-line decrypting
> > service, which needs you to trust that service).
>
> If they're in an encrypted container, you decrypt on the Android device.

Please read the context before snipping it.

In VanguardLH's scenario there is no Android device, because he's on
vacation and he lost it, "both literally and via damage".

> > If you have a mail provider which you trust, you could store your
> > contacts there, not neccessarily in their contacts facility, but just in
> > a file.
>
> You could store master contacts in an encrypted container on your LAN.
> https://www.howtogeek.com/108501/the-how-to-geek-guide-to-getting-started-with-truecrypt/
>
> If you have a static IP address, you can access a USB stick in your router
> from the middle of Antarctica if you lose your phone & suddenly need them.

On vacation, hence no LAN.

Frank Slootweg <this@ddress.is.invalid> wrote:

> [1] <https://play.google.com/store/apps/details?id=com.pkware.android>
"Updated on Jul 28, 2015". Tis possible nothing needs changing in the
last 8 years over 9 Android versions. Went to:

https://www.pkware.com/products/securezip

Where it mentions "Try It Free", but also mentions having to buy it. It
is 30-day trialware, so it might cripple itself therafter.

> [2] <https://play.google.com/store/apps/details?id=com.rarlab.rar>

"Updated on Oct 5, 2023", so better maintained. As I recall, RARlabs
allowed you to extract for free, but you had to buy it to create .rar
files. That's why other archivers can read/extract from .rar files, but
they can't write/create .rar archive files. Despite the app page shows
a RAR app for Android, https://www.rarlab.com/shoprarlab.php does not.
I did find a link on their home page (https://www.rarlab.com/) to their
Android app, but no info at their own site about it.

> [3] <https://play.google.com/store/apps/details?id=nextapp.fx>

Created a shortcut to the app page to look at this one later.

Frank Slootweg <this@ddress.is.invalid> wrote:

> Andrew <andrew@spam.net> wrote:
>> Frank Slootweg wrote on 25 Jan 2024 15:17:28 GMT :
>>
>>> I've never needed to use "someone else's host", but if I needed that
>>> contingency plan, I would store my contacts in encrypted form in 'the
>>> cloud' (which I do anyway for some important files).
>>
>> It's not hard to store contacts in a plain file in an encrypted container.
>> https://play.google.com/store/apps/details?id=com.sovworks.edslite
>>
>>> But if "someone else's host" only gives you web access, you probably
>>> have no way to decrypt the contacts (or use some on-line decrypting
>>> service, which needs you to trust that service).
>>
>> If they're in an encrypted container, you decrypt on the Android device.
>
> Please read the context before snipping it.
>
> In VanguardLH's scenario there is no Android device, because he's on
> vacation and he lost it, "both literally and via damage".
>
>>> If you have a mail provider which you trust, you could store your
>>> contacts there, not neccessarily in their contacts facility, but just in
>>> a file.
>>
>> You could store master contacts in an encrypted container on your LAN.
>> https://www.howtogeek.com/108501/the-how-to-geek-guide-to-getting-started-with-truecrypt/
>>
>> If you have a static IP address, you can access a USB stick in your router
>> from the middle of Antarctica if you lose your phone & suddenly need them.
>
> On vacation, hence no LAN.

Sounds like he is toting or transferring a .vcf file. Until I mentioned
it, encrypting the file wasn't indicated. He mentions using a NAS drive
in his intranet, but he'd have to punch a hole in his router's firewall
(point to which host a connected goes without blocking), put the NAS in
a DMZ, setup up something to do the file transfer, like FTPS, and either
pay for a static IP address, or use a DNS lookup service, like OpenDNS,
where you run a dynamic IP updater client on a host inside your intranet
that reports back to the service what is your current WAN-side IP
address of your router (since most users get dynamically assigned IP
addresses). You use the hostname that points at OpenDNS which redirects
to whatever is your current WAN-side IP address with the router
redirecting the traffic to the appropriate intranet host. Another
method would be to replace FTPS with VNC for remote access to his
intranet to get at the file on his NAS drive. I used the above setup
with the OpenDNS client to access my home computer from home via VNC (I
forget which variant since I have up on that long ago to do newsgroups
from home while on vacation). Another possibility is using TeamViewer,
but you have to run their server on one of your intranet hosts.

He gave generalities and possibilities when asked how he did it (get all
his hosts/devices using the same contact records). Then it was he only
updates his contacts maybe once per year as though that is typical of
other users. I probably change (edit, delete, create) contacts about 3
to 4 times per month, but I recognize that my e-mail volume is very low.
With such infrequent updates, I mentioned Sneakernet (toting around a
locked USB drive with the .vcf file) whereupon I was lambasted for the
old method that still works today, but geez I must be ancient or stupid
to think of that. I gave up on what might be done versus solid
instructions on how he did it. There was some description, but nothing
anyone could replicate except at the client end regarding which apps to
use where contacts got imported (but no mention of which contact apps he
uses).

All his focus is on keeping his contacts private. Okay, that's part of
securing his contacts. The other part is securing his e-mails, so
contacts cannot get harvested from there. Even if forcing encryption of
your e-mails (you always send encrypted, and you don't accept
non-encrypted) using x.509 or PGP certs, that doesn't secure the headers
where contacts are defined. Google Workspaces (paid service) makes
claims about securing your e-mails, but I don't see they are in-situ
encrypted to prevent theft from breach or employees. ProtonMail claims
in-situ encryption, but not sure how they handle IMAP clients since I
don't want to use their webmail client every time I want to do e-mail,
plus I like getting notifications with a local client of new mails. You
have to pay ProtonMail to get IMAP access along with using their local
proxy (bridge) to handle decrypting the retrieved e-mails to view in an
IMAP client. So, they have a means of keeping e-mails encrypted on
their server, so even they cannot look at them, and no breach is going
to expose your contacts specified in e-mails, but IMAP access and the
bridge costs $4/mo or $48/yr. Too much to pay for peace of mind on a
nebulous attack vector for personal use with low e-mail volume.

I'm not wasting my time, effort, and experimentation on various setups
to protect my contacts when my e-mails remain unprotected. My needs
would differ for business contacts and e-mails, not for my personal use
contacts and e-mail services. I could also enclose my home in a
100-foot reinforced concrete enclose trying to survive a meteor hit.

VanguardLH wrote on Fri, 26 Jan 2024 13:30:46 -0600 :

>>> If you have a static IP address, you can access a USB stick in your router
>>> from the middle of Antarctica if you lose your phone & suddenly need them.
>>
>> On vacation, hence no LAN.
>
> Sounds like he is toting or transferring a .vcf file.

If you think that, then you didn't understand a single word I had said.

This all started when I stated what is a defensible point of view that the
safest place to keep your contacts private is NOT in the default Android
contacts database. You're making that into an insurrection against God.

> Until I mentioned it, encrypting the file wasn't indicated.

Encryption is trivial. So trivial it isn't worth being discussed further.

> He mentions using a NAS drive
> in his intranet, but he'd have to punch a hole in his router's firewall
> (point to which host a connected goes without blocking), put the NAS in
> a DMZ, setup up something to do the file transfer, like FTPS, and either
> pay for a static IP address, or use a DNS lookup service, like OpenDNS,
> where you run a dynamic IP updater client on a host inside your intranet
> that reports back to the service what is your current WAN-side IP
> address of your router (since most users get dynamically assigned IP
> addresses). You use the hostname that points at OpenDNS which redirects
> to whatever is your current WAN-side IP address with the router
> redirecting the traffic to the appropriate intranet host. Another
> method would be to replace FTPS with VNC for remote access to his
> intranet to get at the file on his NAS drive. I used the above setup
> with the OpenDNS client to access my home computer from home via VNC (I
> forget which variant since I have up on that long ago to do newsgroups
> from home while on vacation). Another possibility is using TeamViewer,
> but you have to run their server on one of your intranet hosts.

It's so simple that the two tasks are copying the file & making it
available to all devices that you want it to be available to.

How complex are you trying to make copying a file anyway?
Hanging a NAS drive on the router is a simple & secure "this century" task.

> He gave generalities and possibilities when asked how he did it (get all
> his hosts/devices using the same contact records).

I gave you specifics. Even down to the programs used.
Even down to the name of the file and the encryption tools used.
I gave you everything but my email login/password & encryption passphrase.

For you to say I gave you generalities means you didn't understand a single
word I said. Let's give up. You are living in the wrong technology century.

The solution is as simple as copying a file is.

> Then it was he only
> updates his contacts maybe once per year as though that is typical of
> other users. I probably change (edit, delete, create) contacts about 3
> to 4 times per month, but I recognize that my e-mail volume is very low.
> With such infrequent updates, I mentioned Sneakernet (toting around a
> locked USB drive with the .vcf file) whereupon I was lambasted for the
> old method that still works today, but geez I must be ancient or stupid
> to think of that. I gave up on what might be done versus solid
> instructions on how he did it. There was some description, but nothing
> anyone could replicate except at the client end regarding which apps to
> use where contacts got imported (but no mention of which contact apps he
> uses).

Every time you mention sneakernet I have to respond that you are living in
the wrong century. It's so simple, it's just copying a single file.

Have you never copied a file before?
> All his focus is on keeping his contacts private. Okay, that's part of
> securing his contacts. The other part is securing his e-mails, so
> contacts cannot get harvested from there. Even if forcing encryption of
> your e-mails (you always send encrypted, and you don't accept
> non-encrypted) using x.509 or PGP certs, that doesn't secure the headers
> where contacts are defined. Google Workspaces (paid service) makes
> claims about securing your e-mails, but I don't see they are in-situ
> encrypted to prevent theft from breach or employees. ProtonMail claims
> in-situ encryption, but not sure how they handle IMAP clients since I
> don't want to use their webmail client every time I want to do e-mail,
> plus I like getting notifications with a local client of new mails. You
> have to pay ProtonMail to get IMAP access along with using their local
> proxy (bridge) to handle decrypting the retrieved e-mails to view in an
> IMAP client. So, they have a means of keeping e-mails encrypted on
> their server, so even they cannot look at them, and no breach is going
> to expose your contacts specified in e-mails, but IMAP access and the
> bridge costs $4/mo or $48/yr. Too much to pay for peace of mind on a
> nebulous attack vector for personal use with low e-mail volume.

You're making a simple problem & simple solution harder than it is.
1. The problem is storing contacts in the default Android location
2. And using bad software that uploads them to someone else's servers

The solution is as simple as not doing that - and copying a file.

> I'm not wasting my time, effort, and experimentation on various setups
> to protect my contacts when my e-mails remain unprotected. My needs
> would differ for business contacts and e-mails, not for my personal use
> contacts and e-mail services. I could also enclose my home in a
> 100-foot reinforced concrete enclose trying to survive a meteor hit.

This all started when I stated what is a defensible point of view that the
safest place to keep your contacts private is NOT in the default Android
contacts database. And the solution is as simple as copying a file.

If you can't understand those 2 statements, then let's stop this now.
You're not capable of comprehending either the problem, nor the solution.

Frank Slootweg wrote on 26 Jan 2024 15:48:39 GMT :

>> If they're in an encrypted container, you decrypt on the Android device.
>
> Please read the context before snipping it.
>
> In VanguardLH's scenario there is no Android device, because he's on
> vacation and he lost it, "both literally and via damage".

I understand VanguardLH's use model because that's the default use model.

Most Android users keep their master contacts on Google servers.
And most Android users store their local copy in the default Android db.

Why do you think Google makes that use model so easy?

Frank Slootweg wrote on 26 Jan 2024 15:46:43 GMT :

>> There is no TrueCrypt app for mobile (Android or iOS), so I'd have to
>> invest time to research, test, and use a different encryptor for which
>> there is a matching app on my mobile devices.
> I indeed also had to do quite some searching to find a decryptor on
> Android. My need was/is for unpacking/decrypting archives, possibly only
> one file from that archive, but possibly more, so my needs are more than
> for a single (contacts) file.

This has been discussed something like a thousand times on this newsgroup
so I'll just say that Truecrypt/Veracrypt containers decrypt just fine on
Android. It has already been stated in this thread which free app to use.

VanguardLH wrote on Fri, 26 Jan 2024 12:55:13 -0600 :

>> [1] <https://play.google.com/store/apps/details?id=com.pkware.android>
> "Updated on Jul 28, 2015".
> https://www.pkware.com/products/securezip
> Where it mentions "Try It Free", but also mentions having to buy it.
>> [2] <https://play.google.com/store/apps/details?id=com.rarlab.rar>
> "Updated on Oct 5, 2023", so better maintained.

a. Encryption/decryption
b. Comes with 10GB free cloud storage
c. Updated a month ago
d. Free
e. Ad free

Since you seem to like storing things encrypted "on the cloud" and yet you
want updated free software, what do you think about this encrypted storage?

"Syndoc supports cloud management and also has its own storage space
as "My drive" providing 10 GB free space."
https://play.google.com/store/apps/details?id=com.syndoc.merlin

Syndoc Cloud File Manager
Easy and intuitive UI for accessing files and folders across multiple cloud
storage providers. Many useful features such as multi-account support,
*encrypt and decrypt files*, compress multiple files and folders and
extract functionality and many more new features are included.

And the best part is it is 100% free (and No Ads)!

With Syndoc, you can:
1.Upload/download files to Google Drive, OneDrive, Amazon S3 and DropBox
2.Copy and move files quickly between multiple accounts and providers
3.Rename and export files and documents, preview and edit files
4.Compress and extract folders on the go with quick & easy zipping.
5.Designed to protect your data whenever you transfer, store, or access it.
6.Change access permissions for files & folders whenever you need.
7. Access all the functionality through website : https://syndoc.com.

SUPPORT:
1.Refer User's Guide (https://syndoc.com/html/help.html)
2.Read the FAQ (https://syndoc.com/html/faq.html)
3.Support forum (http://forum.syndoc.com)
4.For any other support email us at support@syndoc.com
Version1.206 Updated on Dec 27, 2023
Requires Android4.4 and up
Downloads 10,000+ downloads
Released on Dec 23, 2019 Offered by Vedist Systems

Andrew wrote on Sat, 27 Jan 2024 01:46:45 -0000 (UTC) :

> "Syndoc supports cloud management and also has its own storage space
> as "My drive" providing 10 GB free space."
> https://play.google.com/store/apps/details?id=com.syndoc.merlin

Now that you have an updated free archiver for any cloud storage (for those
who do that) you might want a powerful archiver for your LOCAL storage.

What do you think about this free app for encrypting/decrypting archives?
https://play.google.com/store/apps/details?id=ru.zdevs.zarchiver

It has been discussed many times on this newsgroup for about a decade.
Of course it is free and has no ads and it was updated only two days ago.

ZArchiver is a program for archive management
(including managing of application backups in archives).

It has a simple and functional interface.
The app doesn't have permission to access the internet, so cannot transmit
any information to other services or persons.

ZArchiver lets you:
Create the following archive types: 7z (7zip), zip, bzip2 (bz2), gzip
(gz), XZ, lz4, tar, zst (zstd);
Decompress the following archive types: 7z (7zip), zip, rar, rar5, bzip2,
gzip, XZ, iso, tar, arj, cab, lzh, lha, lzma, xar, tgz, tbz, Z, deb, rpm,
zipx, mtz, chm, dmg, cpio, cramfs, img (fat, ntfs, ubf), wim, ecm, lzip,
zst (zstd), egg, alz;
View archive contents: 7z (7zip), zip, rar, rar5, bzip2, gzip, XZ, iso,
tar, arj, cab, lzh, lha, lzma, xar, tgz, tbz, Z, deb, rpm, zipx, mtz, chm,
dmg, cpio, cramfs, img (fat, ntfs, ubf), wim, ecm, lzip, zst (zstd), egg,
alz;
Create and decompress password-protected archives;
Edit archives: add/remove files to/from the archive (zip, 7zip, tar, apk,
mtz);
Create and decompress multi-part archives: 7z, rar (decompress only);
Install APK and OBB file from backup (archive);
Partial archive decompression;
Open compressed files;
Open an archive file from mail applications;
Extract split archives: 7z, zip and rar (7z.001, zip.001, part1.rar, z01);

Particular properties:
Start with Android 9 for small files (<10MB). If possible, use direct
opening without extracting to a temporary folder;
Multithreading support (useful for multicore processors);
UTF-8/UTF-16 support for filenames allows you to use national symbols in
filenames.

Updated on Jan 17, 2024
Downloads 100,000,000+ downloads
Released on Jan 24, 2012
Offered by ZDevs

Andrew <andrew@spam.net> wrote:

> "Syndoc supports cloud management and also has its own storage space
> as "My drive" providing 10 GB free space."
> https://play.google.com/store/apps/details?id=com.syndoc.merlin

Will manage files on OneDrive, Google Drive, and Dropbox. I have those
clients on my phones, laptop, netbook, and home desktop. So, here's a
file manager to help manage all those cloud-sync'ed files. But I have
to wonder if I need yet another file manager to do that. The OneDrive
client, for example, will sync files in designated folders. All I have
to do is put a file in one of those, and it syncs to my MS OneDrive
cloud storage. Any file manager can look at the folders monitored by
OneDrive, Google Drive, and Dropbox, so this file manager needs to do
more. It supports encrypt/decrypt, so that would eliminate needing one
on my Android phone. I would prefer variations of the same app on
Windows (and later Linux), Android, iOS, and elsewhere instead of using
multiple separate apps, but that's somewhat the nature of the beast for
cross-platform use.

I'd probably look more into Syndoc if I needed more cloud space. I
already have 15 GB with MS OneDrive (only 1.1 GB used, so far), 15 GB
with Google Drive (only 11 MB used), and 2GB with Dropbox (which I only
use to transfer files to a development collaborator since we can share
Dropbox spaces). From what I can tell from the app's description,
perhaps I wouldn't need all those cloud clients on my phone assuming
Syndoc utilizes the API to each cloud service.

https://play.google.com/store/apps/details?id=com.syndoc.gem&pli=1
$29.99
"Syndoc Lifetime is a paid app and offers all features unlimited for
lifetime."

The page for the free version doesn't mention the 10 GB cloud quota.
The paid version mentions getting 10X more cloud storage, so the free
version gives you 10 GB, and the paid version gives you 100 GB. No
subscription thereafter to maintain the 100 GB quota. I wouldn't need
anywhere that much. Even the 10 GB free quota would be enough, but I've
already got 15 GB OneDrive + 15 GB Google Drive + 2 GB Dropbox, and I'm
using only a small partial amount overall.

I've seen these cloud storage consolidator apps before. Interesting,
but not enough to make me test them. Adds some convenient aggregate
management of multiple cloud storage services, but that's more glitz to
me than required. Didn't see anything about encrypt/decrypt in their
app pages. Did find mention of encrypt/decrypt at
https://syndoc.com/html/help.html, but that me using their web client.

Thanks for the info on Syndoc. Don't yet need nor want a cloud storage
consolidator. Encrypt/decrypt looks to be through their web UI. Only
AES-256 is supported, but that's still pretty good. I'd look more into
Syndoc if I need another 10 GB of cloud storage to add to my existing
mix.

Andrew <andrew@spam.net> wrote:

> Frank Slootweg wrote on 26 Jan 2024 15:46:43 GMT :
>
>>> There is no TrueCrypt app for mobile (Android or iOS), so I'd have to
>>> invest time to research, test, and use a different encryptor for which
>>> there is a matching app on my mobile devices.
>
>> I indeed also had to do quite some searching to find a decryptor on
>> Android. My need was/is for unpacking/decrypting archives, possibly only
>> one file from that archive, but possibly more, so my needs are more than
>> for a single (contacts) file.
>
> This has been discussed something like a thousand times on this
> newsgroup so I'll just say that Truecrypt/Veracrypt containers
> decrypt just fine on Android. It has already been stated in this
> thread which free app to use.

Must be in those thousands of other discussions where a TrueCrypt-
compatible Android app was mentioned. Wasn't mentioned in this thread.

While TrueCrypt was mentioned (by me), it has been dead for a while.
Once they published their yellow canary web page alluding to them
getting an NSL (National Security Letter), they disappeared with their
last version only reading from TC containers, not writing to them
anymore. VeraCrypt replaced TrueCrypt. VeraCrypt (and TrueCrypt)
support not only one hash scheme (SHA-256), but 5 of them, and you can
use them alone, or combine them to further increase security.

In those thousands of discussions, was an encrypter/decrypter app
mentioned that supports .tc files? Do those apps support both regular
containers, and protected containers? There's a fake partition at the
beginning holding dummy data that you dole out its password when
threatened, and a hidden partition using a different password for where
you really store your sensitive data; see
https://www.veracrypt.fr/en/Plausible%20Deniability.html. Do they
support variable sized (dynamic) TC containers, or just fixed ones?

For these apps that have been so repeatedly discussed regarding support
of Veracrypt/TrueCrypt containers, do they support:

- No filetype extension (.tc is not specified) in filename?
- Support all 5 hash algorithms, and 1 to 3 combinations of them?
- Support hidden partitions within the TC container file?
- Support variable sized aka dynamic partition(s) in the TC container?
- Are passwords and keyfiles both supported? Or just passwords?
- Do the apps only read TC files, or can they create them, too?

Considering the robust feature set of VeraCrypt, I doubt any Android app
will support more than a fixed partition using SHA-256 with no hidden
partition inside and password only (no keyfiles). That's the simple
use-case, and likely the one used by most Veracrypt users. For
everything that VeraCrypt can do, I suspect only a crippled version
would show up supporting the simple use-case if they ever made an
Android, iOS, or MS UWP version of their Win32 program. Apps that can
read TC files have limited use as I would also want to create TC files.

I haven't participated in those thousands of discussions on Android apps
that support TrueCrypt/Veracrypt containers. I remember looking at
AxCrypt a long time ago, but it only supports the AES-256 hash, not the
others supported by Veracrypt nor combinations of them.

https://play.google.com/store/apps/details?id=net.axcrypt.axcrypt2x

It covers the simple use-case for VeraCrypt, so I'll create a shortcut
to again look into this one a bit more. There are Windows (installed
and portable), Android, and iOS(*) versions, so I could become
accustomed to its use on multiple platforms.

(*) Local storage encryption is only available on Android, not on iOS.
Should have no problem under Windows.

VanguardLH wrote on Fri, 26 Jan 2024 20:37:50 -0600 :

> The page for the free version doesn't mention the 10 GB cloud quota.

Yes. I noticed that too. But I read their literature before telling you
about it as I spend time on an app before I tell you anything about it.

But the free storage was confusing to me too, as it says different things
about it depending on where you look, but nothing on the main page.

Here it mentions only 5GB of free storage.
https://syndoc.com/html/help.html (How to add a Cloud drive to Syndoc?)
"Syndoc supports cloud management and also has its own storage drive "My
drive" - providing 5GB free space. "

And yet in another spot they mention 10GB free storage.
https://syndoc.com/html/faq.html (Is Syndoc a cloud storage service?)
"Syndoc supports cloud management and also has its own storage space as
"My drive" providing 10 GB free space."

We'd have to test it out for real to find out which it is, 5GB or 10GB.

> Thanks for the info on Syndoc. Don't yet need nor want a cloud storage
> consolidator. Encrypt/decrypt looks to be through their web UI. Only
> AES-256 is supported, but that's still pretty good. I'd look more into
> Syndoc if I need another 10 GB of cloud storage to add to my existing
> mix.

Thanks for looking at it as the reason I pointed it out is because if you
really wanted to store your contacts encrypted on the cloud, that app would
do it easily for you with more control than you would have otherwise.

I found it because I use the best Google Play Store search engine in the
world (which has been discussed many times on this newsgroup in the past).

If it's out there, it will find it. Since you wanted freeware without ads
that had been updated recently, I set the search filters on that, plus I
noticed you wanted recent updates, so I had it sort by recent updates.

That's where ZArchive showed up on top of the list for the encryption and
decryption of 7-zip archives that Frank Slootweg was discussing with you.

There were 70 other apps which showed up in my search of a free archiver
without ads and without any in-app purchases so there are too many of them.

Some were special purpose archivers, such as this one which shares files.
https://play.google.com/store/apps/details?id=shareit.lite

Others were file managers, such as this one which handles encrypted zips.
https://play.google.com/store/apps/details?id=com.lenovo.FileBrowser2

There were quite a few zip decryptors/encryptors but with only a few
downloads, and sensing you are risk adverse, I didn't mention them, such as
https://play.google.com/store/apps/details?id=com.extractor.easyextractfile.zipper.filezipper

But that app hasn't been updated in a while, and it isn't downloaded much.
That's why I had suggested the ZArchiver as the one you might want to test.

That app does what I think Frank Slootweg had asked it to do, which is:
"Easy Unzipper enables archived content display without decompression."

But I'm just trying to help you, so here's what it says about it.

KGApps Unzipper is good and an all-in-one free, simple, easy and quick
compression application, archiver, backup tool, extractor and even a basic
file manager for easy to use.

Unzipper can create rar and zip and unpack RAR, ZIP, TAR, GZ, BZ2, XZ, 7z,
ISO, ARJ archives easily and professionally. List of functions include
repairs command for damaged ZIP and RAR files, Unzip is a program for
archive management tool Application.

It has a simple and functional interface and very easy to operate.
The app doesn't have permission to access the internet it is an offline
application you can easily access it without internet.

Easy Unzipper, Unzip & Zip allows you to extract rar and zip files easily.
It has its own browser to view files on your phone and zip files.

Supporting different versions of rar files, archives protected by a
password and multi-part archives.

*Get simple zip compression, multi-part compression and AES encryption.*
*Easy Unzipper enables archived content display without decompression.*

Save time by selecting files and extracting them on your phone storage.
Then open the files directly in your app.

Unzipper Master is an app to manage files and extract and compressed, it
creates archives in ZIP or 7Z file formats. Unpack numerous archive file
formats unZIP (extract ZIP files).

Unzipper lets you:
it Converts the following archive types: 7z (7zip), zip, bzip2 (bz2), gzip
(gz), XZ, lz4, tar, zst (zstd),Decompress the following archive types: 7z
(7zip), zip, rar, rar5, bzip2, gzip, XZ, iso, tar, arj, cab, lzh, lha,
lzma, xar, tgz, tbz, Z, deb, rpm, zipx, mtz, chm, dmg, cpio, cramfs, img
(fat, ntfs, ubf), wim, ecm, lzip, zst (zstd), egg, alz. You can view
archive contents: 7z (7zip), zip, rar, rar5, bzip2, gzip, XZ, iso, tar,
arj, cab, lzh, lha, lzma, xar, tgz, tbz, Z, deb, rpm, zipx, mtz, chm, dmg,
cpio, cramfs, img (fat, ntfs, ubf), wim, ecm, lzip, zst (zstd), egg, alz;

*Create and decompress password-protected archives;*
Edit archives: add/remove files to/from the archive (zip, 7zip, tar, apk,
mtz);
Create and decompress multi-part archives: 7z, rar(decompress only);
Partial archive decompression;
Open compressed files;
Open an archive file from mail applications;

Extract split archives: 7z, zip and rar (7z.001, zip.001, part1.rar, z01);
Easily and efficient fast Zip and Unzip File Extractor File Opener is a Zip
file opener & Compressor Application. Reduce your all kind of Files Size
Like Doc,Images, and extract all your Zipped files & Compress them.
Zip-Unzip-File Extractor-File Opener allows you to protect your files
before with best encryption. You can Browse your Album and select multiple
zip and share photo collections. You can compress files and shrink them
easily. Unzip and view your files. You can Zip Photos & Videos from your
device and share them Easily.

Version 1.4
Updated on May 30, 2022
Requires Android 5.0 and up
Downloads 500+ downloads
Released on May 8, 2022
Offered by Prep Apps