More secure smartphone(and pc - at the bottom), clearing all smartphone rubbish
certificates, for selling 'what you do on the phone' data..
All smartphones comes with certificates that are potentionally 'gather information'
rubbish - meaning almost any idiot could see what someone does on the phone(especially for t.i.-s).
By the way, enabling or disabling these have affect only on your network connections(when you are connected on the internet),
it does not affect smartphone itself, meaning that you can disable all and phone by itself will work just fine.
Affected are just apps that use internet(and you allowed them to use internet connection),
which is a lot nowadays(eg PlayStore, ApkPure, of course browsers, if you have mobile bank account app, etc).
How this works?
There are trusted certificates on all smartphones.
This means that some that are enabled(they all are by default) have access to all apps
that you grant any permission - eg for camera, phone calls, user info, phonebrosers - surfing the internet, etc.
What the hell does 'Lux Trust' or 'GoDaddy' and other doing amongs them?
Well - potential easy data selling. Altough this is said to be renewed with new smartphones.
So, if for example you give permission to 'Lux trust' as system trusted certificate and go
to PlayStore(or bank account app or browser site), all those info could be also sent to 'Lux trust'.|
It's called 'the man in the middle attack'(stealing personal data) - and some believe all trusted certificates
are there for 'security reasons' - which is plain simply rubbish.
Corrupted old "intelligence agencies guys/girls" just like to think they are above others,
'Lux trust' company could potentionally not even know that - since camuflagged certificats could be
rewriten with new fake ones that is more appropriate to "selling data" clients.
Since t.i.-s usually don't have a lot of money(for obvious reasons) - some buy refurbished/open-box/used,
in which case putting selling data software on the phone is quite easy before it get into hands of a t.i.
If for example you give an label 'your head is secured' to a serial killer - would you trust it?
This is how some camuflage with 'security' label - in fact mostly for Targeted Individuals business.
So, what to do?
There are certificates that are usually not camuflaged and should be there for smartphone to work properly.
I for example have disabled all but a few - 6 of them(amongs arround 100).
To check them go to Setting and search for certificate(and go to 'view security certificates' or something like that).
How to make commercial selling data rubbish go away?
you can simply disable or enable any of these any time.
For my phone i disabled all but 6 ones: DigiCert(5 of them) and Google trust services LLC.
But you'll have to experiment for your phone.
If you have for example Mobile banking - upper mentioned DigiCert should be enabled,
if not - you can experiment turning them off. If you use google PlayStore, that Google trust service should be probably enabled for app to work properly.
In general: you can disable all and test if all network apps that you use work fine.
If not - you should reenable a few(or half of them) and test again.
Something similar but perhaps more needed can be done on computer,
since some dns(internet) providers sell data. I for example use manually configured firewall on both Linux and Windows,
which is there to protect from "abusive bought hackers"(these days mostly automated "good" guys/girls mindTech ai services) to
sniff/sell your data or even configure your pc remotelly.
Having a small anti-spam software is also a good idea for t.i.-s to check pc eg once a month.