Safest way of using WeChat
I live in Canada. My girlfriend is Chinese (also living in Canada), and while we are able to communicate via SMS, her mobile carrier isn't the best, and so there have often been issues for us with regular texting. She expressed a strong preference to use WeChat, at least as a backup option for when texting fails us. While I have some pretty significant reservations, it's not the hill I want to die on. So my question is: what can be done to use WeChat without compromising my whole phone? I'm okay with it if our conversations aren't private, but I'd like to know that I'm not giving unfettered access to all of my phone's systems and data to the CCP. What can be done to limit the reach of this ubiquitous app on my device?
You can put it in a work profile and trust that Android is protective enough to keep your data safe and access limited. Otherwise buy a second phone just to put WeChat on it. Don't know how WeChat works, but if it's like Whatsapp then you don't need to bother with a secondary number.
To add to this: you can install an open-source app called Shelter which will let you quickly set up a Work Profile for apps you want to keep isolated.
Indeed. Or otherwise Island as an alternative. Don't know how those two compare on the security and privacy front.
It's basically the same, the isolation is done by Android's work profile. Shelter and Island are just frontends for this native Android API.
Indeed. The front ends could be less or more "secure"/private. And by that I mean that I don't know how the app themselves are with access and your data. So I don't know if they collect and share any data and how reliable the developers are.
Both are open-source and there's a fork of Island on F-Droid called Insular. These shouldn't collect any data, in fact, they can't include any proprietary tracking SDKs because these aren't allowed on F-Droid.
If you own a Samsung phone, I'd also recommend their Secure Folder, which is apparently pretty damn secure and isolated from the rest of the device.
Maybe meet in the middle? If she's willing to put up with SMS for you, I think she'll be fine with Signal.
Why not another app, such as one that offers end to end encryption?
Shelter?
Yup, that's what I've ended up doing. It wasn't on my radar before making this post, so I'm thankful for everyone who suggested it.
Basically 2 options: A work profile or a separate Android user profile. I'd definitely recommend the latter, as it has much stronger isolation. Some vendors like Samsung disable user profile support though. A work profile is still better than nothing.
Probably not the solution that you are looking for, but maybe try Signal? It's better than SMS, WeChat, WhatsApp and most other messengers. Unlike stuff like WhatsApp and SMS, Signal can even be used in China, because it has a built-in censorship circumvention system which uses special TLS proxies or can even be used over Tor.
I had no idea! I'll definitely talk to her about this.
This feature only exists, because the people behind Signal actually care about freedom and want to help their users. Unlike WeChat, Signal is not built by any government to spy on people, and unlike commercial messengers like WhatsApp and Facebook Messenger, it's not built by a corporation that wants to extract money from their users by selling their data. It's a non-profit organization, created by people who are dedicated to make the world more private and secure. Just keep that in mind when choosing a messaging app.
I'm well aware of what Signal is. I just didn't realize it could go through the Great Firewall.
If you are into self-hosting: You can use Matrix on your phone with a self hosted Matrix server and a WeChat Bridge.
Afaik there are two different bridges and both are in Alpha, though, so you might need to try what works for you.
For getting the account you might be able to use an Android VM so your main phone stays clean.
Phone apps are already fairly sandboxed.
Use your phone's permission system, look at the app's permissions, and set them as strict as the app will allow you to while continuing to function. I don't see any particularly scary permissions that aren't optional (looking in Google Play/the Android permissions set).
Pretty much anything beyond that you're wasting your time unless you want to carry two phones.
Edit: I see you went with Shelter; hadn't heard of that either. Probably overkill, but as long as it doesn't cause problems/the app works for you, go for it.
Well it means that if I do grant a permission to the app like for example file storage access to send my gf a funny meme I downloaded, it doesn't get access to all of the pictures and files on my device.
Not sure how wechat works. I vaguely recall being able to restrict apps to pick photos only through the gallery app on recent versions of Android.
It doesn't seem to use that interface weirdly. It just asks for file storage permission and then has its own explorer to select files.
Ah, then yeah probably best to do what you're doing ... it may very well scan for things or do who knows what.
Yeah exactly. I've had to take photos of various ID documents at different points for various reasons and so there are things like photos of my driver's license stored in my phone's filesystem. I'm glad Shelter gives a bit of insulation there. It lets me copy files in and out of the sandbox, but by default the sandbox has no files in it.
I'd recommend deleting those when you get the chance ... no real reason to tempt fate regardless of what apps are on your phone π
That's an oxymoron. Apart from having a dedicated device, you can't really sandbox the app since it requires basic permissions to function that give access to core phone functions. See https://reports.exodus-privacy.eu.org/en/reports/com.tencent.mm/latest/
You can try to limit permissions of some features that you don't intend to use.
Hard for me to take anything they say seriously when they say Facebook does not contain any trackers:
https://reports.exodus-privacy.eu.org/en/reports/com.facebook.katana/latest/
Edit: I'm not saying WeChat is clean, just that I don't exactly trust Exodus for tracker reporting.
Exodus does exactly what it's supposed to. It's your interpretation of the data that is flawed.
If you actually bothered to read, you would know that it shows 0 trackers because Facebook doesn't embed their trackers in the SDK, and inject them later once you grant them the permissions to the device, exactly the same way WeChat does.
I did read, and it changed nothing about what I said. Let's revisit: did it detect Facebook, which I think we can all agree is invasive, as having trackers? No? The "why" of it doesn't seem particularly relevant as we are just looking for trackers in apps.
https://discuss.grapheneos.org/d/9358-using-apps-with-known-trackers-with-no-google-play-services/6