Your smartphone tracks your location, listens to your conversations, and sells your intimate moments to data brokers.
The law pretends to regulate this, but lobbyists write the rules and enforcement is a joke.
Encryption apps aren’t enough when the hardware itself is designed to betray you.
The phone is a spy device marketed as a lifestyle accessory.
We need radical technical solutions, not incremental privacy policies that change nothing.
The surveillance economy depends on your ignorance and inaction.
Break the chain: use open hardware, de-Googled Android, or build your own tools.
#privacy #surveillance #digitalrights #antitrust
How much of your life are you willing to sell for a slightly more convenient map app?
we are all moths and the internet is the flame
i dream about a phone with hw switch, which would be used to lock the screen and at the same moment it would physically disconnect microphone, camera, and gps module.
not saying it is complete solution to the privacy problem, but it would be good start.
Would need to disable the cell radios, wifi and bluetooth too since those are also used to track device location.
you can’t really disconnect yourself from the cell network, that would beat the purpose of having the mobile phone ;)
Would it?
yes.
but i can still watch netflix
that is cool, but primary purpose of a phone is to make and receive phone calls. there are better tools for watching netflix.
yeah but dropping a PC on my face while laying on my bed takes too much work
If you have a need for high levels of privacy it’s the only way to do it, or just leave your phone at home.
It doesn’t really defeat the purpose of having a mobile phone either IMO, most stuff I do on my phone is already offline (maps, notes, taking photos, etc).
well, the primary purpose of a PHONE is to be able to make and receive PHONE CALLS. anything else is just a matter of convenience.you can use maps, make photos and take notes without a phone, the same can’t be said for phone calls.
Fairphone 6 with e/OS can use its physical switch to disable camera & microphone. Its only SW disabling but it forces app that want to use it request it. There’s also privacy setting that gives apps fake geo data.
Its not perfect but any improvement is good.
the pinephone does that, its not built into the lock screen button but, it has a switch for most the privacy central features.
did not know that. but from the image, that seems like something that is inside of the phone? not really something you casually flip on the street.
my idea is that anytime you would flip the switch and lock the screen to put the phone in the pocket, its spying capabilities would be physically disabled.
Yea you are right, the privacy switches are under the battery cover, so it requires taking the cover off flipping the switch and sliding it back on again.
I actually have one I’m not using at the moment. The switches at within the back cover but that’s easily able to be reached within 5 seconds or so with no tools. It’s not exactly something you would be flipping on and off regularly though unless you had a very specific use case.
Anything that isn’t a hardware switch potentially leads itself to being bypassed, so the switches are your best bet for being sure it’s disabled.
Edit: there’s also this (I linked the case which shows the switches) phone which has switches on the outside for this purpose. I don’t know anyone who has used this one however.
deleted by creator
It depends on what kind of devices you’re using.
It’s my understanding that SIM cards in phones are just to tie an account and identity to your phone, for purposes of enforcing people to be paying customers for the phone/data services, and tracking your usage based on what level service you’re paying for and what you should receive (5GB of data monthly, unlimited texts, etc)
But if your phone doesn’t have a SIM card in it, its still connecting to cell towers for purposes of emergency dialing, and the phone itself can continue to be tracked by cell carriers based on what physical cell towers its connecting to, as you travel around. The cell phone modem itself can control and connect to networks independently of what the OS running on the phone tell it to do, its a self contained black box.
If you have something like a desktop or laptop, both Intel and AMD have “management engines” embedded in the CPU’s themselves that can take control of the device for purposes of shutting down, wiping, etc a company machine that has sensitive information or access on it, and has been reported stolen, not returned by an ex employee, etc. These management engines have direct access to the network stack and can phone home whenever a network connections is present, either from a WiFi network, physical Ethernet cable, or 4G/5G WWAN card.
https://en.wikipedia.org/wiki/Intel_Management_Engine
If you have a device that is basically air gapped, no WiFi, no cellphone chip, than it’s still possible to exfiltrate information off the device, but the software running on the device would have to be programming to be searching for methods to do that. Your average device, unless it’s running malicious software, probably won’t be doing that.
Can this be true if you use a device without any connection to the internet and no SIM card?
You’ve got the idea. There’s a bunch to unpack here:
- If the device is truly offline, your privacy is okay.
- But there’s lots of ugly ways vendors work around “being offline”
- Denying the device a SIM card means the device is not authorized to get online, but certain emergency services that require a network will work anyway. The SIM is to make sure we’re paying to be online, and is otherwise not actually needed to connect.
I mean could a hardware connect to some kind of network to send private information?
If you’re asking if it is possible to hide a secret antennae in an officially offline device, yes, absolutely.
I’ve heard privacy nerds theorize that these will become common in smart TVs, so the TV can phone the vendor with screenshots, even (especially) when playing pirated local media.
Because the basic thing is, it won’t expose your data if doesn’t leave your phone, right?
Exactly. And you’ve also caught the tricky bit - it’s hard to be 100% sure a device isn’t phoning home if the device is a closed proprietary (secret) design, running closed proprietary (secret) software.
deleted by creator
Let’s assume it can read wireless network even with wifi turned off, it still needs to find a network and a password to connect to it.
rather than hacking wifi, it connect to mobile internet even without sim card. that is much simpler, the mobile internet is basically anywhere and it is free as part of some spying cartel with the mobile network operators.
any new car also spy on you and you don’t need to provide sim card for that.
sorry for linking to youtube but it’s related and from NaomiBrockwell ☞ https://www.youtube.com/watch?v=RyirQOCUUK8
deleted by creator
How much of your life are you willing to sell for a slightly more convenient map app?
30% max
However much is earned by time saved by that app.
I stopped using openstreetmap because it wasn’t reliable enough for me. I found myself going the wrong direction, or not finding what I wanted to find and having to swap back anyway.
I liked the goal but, it just wasn’t a valid tool for me.
deleted by creator
I firmly agree. It’s a give and take, I don’t have the time or energy to spend a couple hours mapping the local area on OSM that way it can be properly used. I did that for my home town, and then realized that outside of big corporate entities, it wasn’t done at all for any of the surrounding towns or even cities. To me having an accurate map with ability to give directions and traffic reports is worth more than my location data.
To be clear, most businesses are in specific locations, not like a general area.
deleted by creator
Not having a map when going to a new location is one of the most anxiety triggering things for me. They have been lifesavers in helping me get out more.
deleted by creator
You said precise maps apps and ‘an app to fit your life’, not closed source corpo map sources.
I’m fine with using open source if it’s capable of navigating me around without issue, I’m not fine with not having an app too fit my life or be precise.
deleted by creator
Yes but I replied to your post, not a top level comment in response to the thread.
It often gives incorrect maps simply because of update schedule and them encouraging not reporting construction <3 months or whatever.
We have construction all over in Belgium and tons of detours such that it makes open street map pretty much unusable as it will just incessantly reroute you to a blocked path even after you are well on a different route.
Preaching to the choir here buddy
Can someone explain what data Samsung would be harvesting If you disable google play store and only use f droid apps? How can I see what data ia being keamed from my phone?
Of course, we know for a fact if you install the Facebook app it records you night and day. But none of us use that garbage.
I have to stay in this phone for a couple years still until i get a graphene pixel. Ive disabled everything I can on it and never update it.
You can turn off their tracking in Settings > Security and privacy > More privacy settings.
I would love to think its just a hardware and software issue, it is a habit issue too - i am keen to get away from my phone. I am starting to detest it.
But we do still need things that genuinely aid us. People do need maps. and bank apps on the go. I am trying to break my habits. I have been tempted to go back to a nokia flip but i need a map. I miss the days of flips, that satisfying clip closed. The actual physical act of opening it.
I will be moving to graphene pretty soon but its still a touchscreen, and even if i buy second hand it bumps google prices, i begrudge that. Jolla is too far away and a tad on the pricey side. Motorola is still another big brand just producing touch screen smart phones that lean towards bad habits. I would love a physical switch too.
Google gets nothing from you if you purchase second hand.
It still keeps their hardware in demand and pricier.
lineageOS on 1 of the hundreds of nonBoogle phones?
I’ll take a look. Thanks. I am just at the start and learning.
last week i posted these links under another comment:
☞ https://wiki.lineageos.org/devices/
https://github.com/zenfyrdev/bootloader-unlock-wall-of-shame/tree/main/brands
make sure to choose a phone with an unlockable bootloader and you will be fine.
Is this a post just tilting the blame and impetus for escaping closed hardware on the user and nothing else? Because I’ll buy a Jolla or a Fairphone when my current phone dies, maybe, if I can afford it. All your post does is position true privacy as a hobbyists niche.
exactly right. positioning the solution as "buy different hardware and swap OSs’ is short term thinking that solves the problem for the individual and exactly nobody else.
privacy should not be niche, it should be standard. go to city council meetings and make your voice known during flock safety hearings. write your legislators to make your stance known on OS DOB registry. its not nearly as cool as a de-googled phone you can show your friends. its not technical. but we’re sliding backwards because we’re distracted from tried and true solutions.
Me reading this on Pixel 9a running GrapheneOS:
graphene is pretty good, but be careful with cell network triangulation. also careful with what apps you run on it.
I don’t like smartphones and im kinda paranoid so turned off and in an rfid blocking bag. Even with dumbphones because who knows what is hidden away active without me knowing. I would have laughed at such paranoia 15 years ago.
This is a legal/poltical issue more than a technology one. The good guys are the EFF, OpenRightsGroup, EDRi and others in the same side. Increasingly phone apps are forced on us to do things at all, and those apps are not only closed but only run on locked down OSs. It’s anti competitive, anti-freedom, authoritarian, etc etc.
We need to get better at convincing non-nerds. We need to stop fighting political fights by burying ourselves ever deeper in tech. Which I’m guilty of too!
💯 support EFF
I’ve donated monthly to OpenRightGroup well over a decade now. I make sure it is always more than my wife’s Netflix (DRM pusher) to maintain a net positive!
Very well said. Everything you said I agree about 100%.
We need to get better at convincing non-nerds.
I’m doing my best. It’s hard tho. They just… don’t care. They don’t understand why it is important. Important for their future, and for all of our future. They don’t seem to grasp why it matters so much, and what price we have to pay when we get it wrong.
I try to find concrete examples for them. But when people are invested already in some big tech ecosytem, it’s easy to discount the examples. “That wouldn’t apply to me”.
I’m trying so hard, but it is an up hill fight :(.
Yeah, it’s hard. People don’t want to see the problems because they don’t want to change. Law makers are the ones we really can’t fail to convince.
Best friend is stuck on his iPhone. Does anybody have any quick and easy links that show how bad Apple is at privacy? I’ve been trying to get a few together to show him and hopefully break the cycle.
The site says user privacy is a concern on iPhone but doesn’t actually list any incidents. Is this correct?
He needs to enable lockdown mode, then go into the privacy settings and turn off “allow apps to request to track”, disable the system services in location settings which aren’t needed, turn off personalised ads under Apple advertising, then he well be good.
Sweet! Love seeing actionable things I can send him.
I think Lockdown might be too much for the average person, since it imposes limitations to reduce the attack surface (breaks some websites, some apps dont work properly)
I would just recommend he enables Advance Data Protection on his iPhone, disables analytics, and switches to privacy-focused apps. Apple has decent privacy, even by default compared to Android
Lockdown mode for websites and apps isn’t terrible to manage/configure on the fly, bonus is it makes you (re)consider if you should.
deleted by creator
It’s not as bad as Google but still pretty terrible. I too would like to see a comprehensive list on Apple issues.
Apple devices aren’t the best but theyre definitely not the worst. If the leaked Cellebrite documentation is to be believed then the newest devices running the latest iOS builds are well protected against hacking tools, second only to GrapheneOS. The iOS permissions system is relatively robust, lockdown mode is a good bit of extra protection too. And iirc full-disk encryption is enabled by default on iOS these days. Advanced Data Protection lets you E2E encrypt (most) cloud storage too. These are all good things
For the most part, you can set up an Apple Account without using genuine information (though the age verification thing might change this, but Google is implementing that too). For both iOS and GrapheneOS you need to either trust Apple or Google with your phone number to set up an account.
I’d be interested to hear people’s criticisms so long as they’re not just random claims with no elaboration or evidence
Google does NOT need your phone number on GrapheneOS. I’m on Graphene and Google doesn’t have shit.
I stand corrected, but do you need a Google account at any point for activation etc.? I’ve had increasing difficulty creating a Google account at all without a phone number
GrapheneOS can be used just fine without any Google Services. This is one of the core features.
This is a fair assessment but Apple is getting worse as well.
i mean this with sincerity, and not as a means to further the Android vs Apple bullshit. please stop drinking cyanide.
But where is the data? I’m genuinely curious since I want to get my friend off the platform but if there is nothing to show them then I don’t really know if I can (or even should tbh).
friend is stuck on his iPhone
my honest opinion is that it’s a lost cause. people superficial enough to be on an iphone in the first place probably aren’t gonna think through the deeper ramifications of privacy and information security practices at all.
We all know the title is right. Graphene OS is the answer, from what I read.
Cell phones started to become popular while I was in college. I still have not used one. I have a dumb phone for businesses and institutions that absolutely must call for whatever reason. Everything else can be easily handled on my computer.
How do you get around 2FA? I was able to stay off of phones for so long, but the standard 2FA implementation has made it impossible.
I’ve never been forced to use 2FA except on GitHub. I just ditched it and went to Codeberg.
Ah, lucky. All the banks around me seem to require it now. My kingdom for an independent authenticator they’d accept!
Lyft/uber, airlines, hotels? Its nearly impossible to use any of those without a smartphone. Or its a huge hinderance.
I’m convinced most of the people on this instance don’t leave their basements !
Everyone has cars where I live. I’ve never needed a smartphone for a hotel. That sounds like utter nonsense.
And you’re right, I haven’t flown in decades, nor do I have any desire to, since it sounds like a nightmare.
Huh? I’ve flown and booked hotels recently and you absolutely do not need a smart phone for that.
Sure, but youll be the one gramps running through the airport with your paper ticket because you didnt see your gate change on the airport TV and you’re late. On the phone app, the gate changes alert you immediately.
There’s also no way they’ll have printed tickets anymore in ~5 years . i havent seen someone use a paper ticket in a very long time, and if I do, they’re 85 year olds who can barely walk. (Related note, my younger friend was absolutely baffled I still write checks. They’re 26 and never wrote a check in their life).
The normies dictate the market. There’s zero way I’d convince my SO or any family member to get a phone that doesnt support flight apps and hotel check in apps. Especially because hotel check in apps can remotely unlock your door with no key, so you dont have to talk to anyone at 3 am when you get there (a lot of people like that).
Except phones get dropped and break. Paper tickets aren’t going anywhere.
Is there any hard evidence that supports the claim that an Android/Apple phone listens in on conversations?
Would take a whistleblower to expose these things, and usually its done many years after.
Also its not that there’s some person currently listening. Its that they’re storing and probably transcribing all communications for all time, so that at any moment in the future, they can target a person and look up that history.
Also we know google and apple have been forwarding all these to the US goverment also, since at least ~2011, via the prism program, and thanks to Snowden and Manning’s leaks.
Would take a whistleblower to expose these things, and usually its done many years after.
So no, and also no, I disagree. If phones did this, especially to custom-tailor ads, like I’ve seen claimed countless times, then security researchers would be perfectly capable of uncovering this behavior without someone on the inside.
Its that they’re storing and probably transcribing all communications for all time, so that at any moment in the future, they can target a person and look up that history.
Is this just more speculation?
If phones did this, especially to custom-tailor ads, like I’ve seen claimed countless times, then security researchers would be perfectly capable of uncovering this behavior without someone on the inside.
When you make calls via these services, the entirety of that data is being routed through their service. What you’re asking is if google/apple actually stores that data. You should always assume they do, for a threat analysis.
I suggest reading about the Crypto AG honeypot scandal, which was a secure service that ran for over 60 years before it was revealed to be an CIA honeypot. Leaks in the future will likely reveal the same for US surveillance capital services.
I think this can be misconstrued a little bit. “Listening to conversations” could mean listening to phone calls, texts, etc, but it could also mean listening to conversations with people in real life.
yup. That’s really it.
There’s hard evidence everything transmitted is logged and that any phone capable of connecting to the cell network can be listened in on at any time. I would be very surprised to learn monitoring/logging like that was not the default at this point given the infrastructure we’ve publicly built for that purpose and just how easy to implement it’s become. You think an on device assistant can help schedule and summarize your day but the NSA is going to opt out of those capabilities on principle and let that big ol Utah data center sit idle?
No, it is trivial to verify it by checking your data usage. We have these AI devices (one of them is called friend) that actually do listen to you the whole time and even they do a terrible job of transcription. That’s when people wear them like pendants.
Now imagine using a phone instead that’s sometimes in the pockets, in the bag or just on the table. Speech recognition errors would be terrible. Even worse when the speech isn’t english. Use recommendation engines on this crap data and it’ll be an advertising disaster!
Snowden showed us ages ago that all phone conversations are recorded. This is fact.
Do phones record what we say outside of phone calls? If you have voice control enabled, yes.
Do phones listen even if that isn’t enabled? Probably sometimes, but I don’t know that for sure.
To add to what others are saying, there’s been hard evidence of apps doing this, notably Meta apps.
