# Is there any way to purchase the android app anonymously?



## ourkansaw (Apr 16, 2012)

As a reasonably tech savvy attorney, I often see things in terms of evidence. I only acccess this site using Tor, and never allow anything growing-related to be linked to my real identity. Unfortunately, an android market purchase is directly intertwined with my name, bank info, address, etc. 

I'd gladly pay $5 even for the riu app, if I could do so anonymously and get the apk without having to use the android market. I'd then run it behind orbot on my rooted device and retain my anonymity. 

I assume this isn't currently possible?


----------



## The Cryptkeeper (Apr 16, 2012)

Get another member to upload the apk to an onion file hosting site such as Megaupload 2, you can access thru TOR? lmao


----------



## ourkansaw (Apr 16, 2012)

Haha, well I wanted to support RIU by paying for it! And I realize you're just making fun a bit, but I can access basically any site through Tor, so it would just need to be posted somewhere online.

I realize it seems overly paranoid, but I store my photos on a fully-encrypted drive (via TrueCrypt), strip all metadata from photos before uploading them, and created a Hushmail email account to use for growing-related online activities (which I only access through Tor, too). I prefer to leave no trail!


----------



## Corso312 (Apr 16, 2012)

get a phone from cricket under a fake name. cricket does not require a credit card or require an i.d. to buy a phone


----------



## ourkansaw (Apr 16, 2012)

Corso312 said:


> get a phone from cricket under a fake name. cricket does not require a credit card or require an i.d. to buy a phone


I think you might be misunderstanding my problem. I have a phone that I'm quite happy with, and I've rooted that phone, flashed a custom ROM, and installed "Orbot," which allows me to force apps to connect to the internet through Tor. So if I can install the RIU app without buying it through the Android Market (or I guess it's called the Play Store now), I will be comfortable using it on the phone I already have. I'm not going to buy a new phone just for RIU.


----------



## The Cryptkeeper (Apr 17, 2012)

LMAO Well Hushmail is a very susceptible Email for one. Try Safemail. lol


----------



## richinweed (Apr 17, 2012)

i dont think there is anything totally secure or private on any phone.


----------



## axionjaxson (Apr 17, 2012)

Corso312 said:


> get a phone from cricket under a fake name. cricket does not require a credit card or require an i.d. to buy a phone


and they may even let you pic an out of state area code if you ask.


----------



## researchkitty (Apr 17, 2012)

The RIU app doesnt tell us who bought it. It doesnt tell us your details. Google just deposits it into the sites "web development fund" (which is mostly empty, so help us out!). Requests and features take $$ to implement, the RIU app is a good first step.

So, buy it any way you see fit, we dont collect, record or use any information from you purchasing the app. Nada, zero, zilch.


----------



## The Cryptkeeper (Apr 17, 2012)

lmfao Nobody was talking about you collecting information Kitty.


----------



## researchkitty (Apr 17, 2012)

The Cryptkeeper said:


> lmfao Nobody was talking about you collecting information Kitty.


I read the first post in this thread and that sure seems to be the concern, not with me particularly, but with RIU in general. Either way, not me not anyone here.


----------



## The Cryptkeeper (Apr 17, 2012)

No, RIU wasn't mentioned but the android market.  Any time you purchase an App your anonymity goes out the window. Google is well known for collecting sensitive data. Nobody expects RIU to even be capable of processing sensitive data anyways.


----------



## researchkitty (Apr 17, 2012)

Considering that the customer has a cell phone, and thinks he's anonymous because his cell is rooted. Where's the bill go? To his house!


----------



## Rising Moon (Apr 17, 2012)

I think your being paranoid...

Grow some balls and live your life free from those thoughts. Just because you downloaded an app doesn't mean anything..

People are advertising selling drugs on craigslist...

Worrying about something like this seems trival.


----------



## researchkitty (Apr 17, 2012)

Rising Moon said:


> I think your being paranoid...
> 
> Grow some balls and live your life free from those thoughts. Just because you downloaded an app doesn't mean anything..
> 
> ...


Fixed.

But those who sell DRUGS online do get busted.

In fact, today.

http://consumerist.com/2012/04/feds-bust-veritable-online-farmers-market-of-drugs-in-sting.html

ToR anonymized site, aint so anonymous...........


----------



## The Cryptkeeper (Apr 17, 2012)

researchkitty said:


> Fixed.
> 
> But those who sell DRUGS online do get busted.
> 
> ...


Haha I heard about that before it got on the papers. I told them that would happen for years. Those bastards were GREEDY... They advertised the market right alongside kiddie porn sites. If your website is on the Hidden Wiki, it doesn't matter if you've got an Onion site with good encryption, you're fucked. It's just too public. Only a matter of time. Too bad really. Knew one of the guys pretty well, never bought from him but wanted to...


----------



## Rising Moon (Apr 17, 2012)

researchkitty said:


> Fixed.
> 
> But those who sell DRUGS online do get busted.
> 
> ...


Hmm, actually in most medical states, "selling" meds is a crime...


----------



## PJ Diaz (Apr 17, 2012)

If RIU would simply enable Tapatalk, this wouldn't be an issue. The Tapatalk app is way better too. I hate the RIU app personally. IMO it's a waste of money.


----------



## The Cryptkeeper (Apr 17, 2012)

PJ Diaz said:


> If RIU would simply enable Tapatalk, this wouldn't be an issue. The Tapatalk app is way better too. I hate the RIU app personally. IMO it's a waste of money.


Many people feel this way. But money is money. It's all about the Benjamin's.


----------



## researchkitty (Apr 17, 2012)

PJ Diaz said:


> If RIU would simply enable Tapatalk, this wouldn't be an issue. The Tapatalk app is way better too. I hate the RIU app personally. IMO it's a waste of money.



You might consider sending "rollitup" a private message with those details, or posting this in the suggestion area.


----------



## FranJan (Apr 17, 2012)

But remember kids and kitties, even if you buy, download and install the program from somewhere else, say AppBrain Market, once you go to Google Play with your device, it's going to be recorded on your list of apps by Google. So either use an Android tablet/phone that isn't compliant, i.e. can't use Google Play or get a compliant Android tablet and a disposable credit card. Personally I would never use the program. Sorry Kitty but that's just me. Peace.


----------



## The Cryptkeeper (Apr 18, 2012)

Isn't AppBrain just vehicle for Android Market? lmmfao Doesn't it just take you to the Android Market to download the apps??? You can't actually buy any apps off AppBrain.

It's all about supervising permissions.


----------



## ourkansaw (Apr 18, 2012)

Sorry, been busy for a few days, looks like my post has garnered quite a few responses. I will try to address a few points:

(1) Tor is incredibly secure, and I would be willing to guarantee that those people who were busted were busted based on "good old fashioned police work," such as tracing the payment methods or infiltrating the group. If Tor is properly configured, not even your ISP (or phone provider, if you're on a mobile network) has any way of knowing what sites you visit. All they can see (if they try hard enough) is that you are connecting to the Tor network.

(2) If you have a properly configured rooted phone with the right custom ROM on it and have installed and configured some of the "power user" types of apps, you can effectively ensure that your cell phone provider (or Google) will not know what apps you have installed or what websites you are visiting using your data connection. And what they don't know can't be subpoenaed. This isn't an Android security thread, so I won't go into great detail, but suffice it to say that it can be done if you know what you're doing and try hard enough. 

(3) I chose Hushmail because it allows you to create an account while you are connected through Tor. Most webmail providers filter for Tor exit nodes and refuse to allow you to create an account if you are using Tor, or give you "suspicious activity" warnings once you create the account and try to log in. Hushmail does not know who I am, so I don't care how trustworthy Hushmail is, since all they see is that someone originating from the Tor network logs into an "ourkansaw" account and gets a lot of emails from RIU forums alerts.

(4) The reason I am so digitally paranoid is because if I get busted for simple possession or something similar, I don't want the cops/prosecutors/etc. to be able to subpoena my ISP or mobile or Google records and discover that I'm regularly logging into a forum where I discuss growing pot, which might lead them to a much bigger crime and conviction. I also just generally try to hold true to the first rule for not getting busted: TELL NO ONE. If I'm not telling people who I know and trust, why should I turn around and tell my ISP, Google, or my mobile phone provider? That just seems dumb to me, so I take meticulous measures to avoid leaking this information to anyone who knows my true identity.

Obviously 99% of the time these measures are unnecessary, but the way I see it, if the tools are there and effective, why not use them?


----------



## researchkitty (Apr 18, 2012)

FranJan said:


> But remember kids and kitties, even if you buy, download and install the program from somewhere else, say AppBrain Market, once you go to Google Play with your device, it's going to be recorded on your list of apps by Google. So either use an Android tablet/phone that isn't compliant, i.e. can't use Google Play or get a compliant Android tablet and a disposable credit card. Personally I would never use the program. Sorry Kitty but that's just me. Peace.


Yup, this is extremely true. By the way, I couldnt tell by your words if you knew this or not, but the Android App and all that jazz is not me working on it. I'm just a messenger. Most of us didnt know the app was out until we saw it on the site.


----------



## FranJan (Apr 18, 2012)

ourkansaw said:


> Sorry, been busy for a few days, looks like my post has garnered quite a few responses. I will try to address a few points:
> 
> (1) Tor is incredibly secure, and I would be willing to guarantee that those people who were busted were busted based on "good old fashioned police work," such as tracing the payment methods or infiltrating the group. If Tor is properly configured, not even your ISP (or phone provider, if you're on a mobile network) has any way of knowing what sites you visit. All they can see (if they try hard enough) is that you are connecting to the Tor network.
> 
> (2) If you have a properly configured rooted phone with the right custom ROM on it and have installed and configured some of the "power user" types of apps, you can effectively ensure that your cell phone provider (or Google) will not know what apps you have installed or what websites you are visiting using your data connection. And what they don't know can't be subpoenaed. This isn't an Android security thread, so I won't go into great detail, but suffice it to say that it can be done if you know what you're doing and try hard enough.


You should not treat Tor as incredibly secure. And that is by their own admission. It should just be a tool in a set of strategies one should use IMHO. It will not keep you anonymous in all situations. Again that is their own admission on their site. Can you say Canadian VPN + TOR? Now that's the beginning of incredibly secure. And I have only owned Android tablets and mine is rooted with a custom ROM, but if you know about any program/rom that can hide paid programs from Google Play, I would surely be indebted to you ourkansaw. And I've got to deal with a moral clause and such concerns too but I still want to live my life so I'm with ya on the down low part . Stay Free!


----------



## The Cryptkeeper (Apr 18, 2012)

VPN's are shit.  

TOR, Remote WiFi, Virtual Machine, GPG, Partition Encryption with Dummy Partition, Jabber OTR, DBAN Data Erasure etc...

It's a combination of anonymity and data security. You definitely can't rely on one method such as TOR for complete security but as a set of tools working in harmony you can evade most pursuit. I always think of setting myself against the FBI in my security as the best aim. =)


----------



## ourkansaw (Apr 19, 2012)

I agree 100% that Tor is not a complete solution. For example, a malicious exit node might already have harvested my login credentials for this site (but not compromised my identity). Or, if your browser isn't properly configured, a malicious script or plugin can be tricked into revealing your real IP address (which is why you should only use the Tor Browser Bundle with zero additional browser add-ons). Or, if you send any personally identifiable information over Tor, you completely compromise your anonymity.

That being said, Tor is really good at keeping your IP address concealed from the server you're accessing, so long as your browser is properly configured, your communication is 100% funneled through Tor, and you do not send any personally identifiable information through that Tor connection. That is the piece in the puzzle that Tor should fill.

As far as keeping an app from appearing in the "Installed" list on Google Play, I don't see that problem on my phone when I install from an .apk file (rather than an installation link in an app or the Play Store). Maybe it's the ROM I have (pete alfonso's stock rooted Gingerbread), but I tested with a couple .apk files, and then fired up Google Play. The apps did not appear in that list.


----------



## PJ Diaz (Apr 19, 2012)

You can disassociate any application from Market/Play with Titanium Backup.


----------



## FranJan (Apr 19, 2012)

Thanx fellas. Gonna look into that. +Rep all around.


----------

