Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
This is a legal/poltical issue more than a technology one. The good guys are the EFF, OpenRightsGroup, EDRi and others in the same side. Increasingly phone apps are forced on us to do things at all, and those apps are not only closed but only run on locked down OSs. It's anti competitive, anti-freedom, authoritarian, etc etc.
We need to get better at convincing non-nerds. We need to stop fighting political fights by burying ourselves ever deeper in tech. Which I'm guilty of too!
π― support EFF
I've donated monthly to OpenRightGroup well over a decade now. I make sure it is always more than my wife's Netflix (DRM pusher) to maintain a net positive!
we are all moths and the internet is the flame
We need bots, automationsβ¦ I donβt knowβ¦ we need a new category called βtelemetry jammers.β If the tools existed, Iβm almost certain people would not mind running them. Spam the hell out of telemetry sensors of all kinds, with random dataβ¦ destroy the usefulness altogether. The more spam, the fewer people we actually need to participate. The more transparent to the actual user, the better.
Atbsome pint the extra data being sent to the trackers might start to consume more battery power and heat from CPU usage.
Pokemon GO did something similar to this and those were the side effects
Could be done on another device though, a computer could pretend to be your phone and start sending tons of useless data maybe? I don't know how feasible it is.
You'd have to automate the retrieval of IDs for each data harvesting platform (including web based cookies to be feature complete) and manage to send the properly formatted data on each platform.
Funnily enough though, the kind of fuzzy data generation that just looks plausible enough could be a great usecase for LLMs
i dream about a phone with hw switch, which would be used to lock the screen and at the same moment it would physically disconnect microphone, camera, and gps module.
not saying it is complete solution to the privacy problem, but it would be good start.
the pinephone does that, its not built into the lock screen button but, it has a switch for most the privacy central features.
did not know that. but from the image, that seems like something that is inside of the phone? not really something you casually flip on the street.
my idea is that anytime you would flip the switch and lock the screen to put the phone in the pocket, its spying capabilities would be physically disabled.
Yea you are right, the privacy switches are under the battery cover, so it requires taking the cover off flipping the switch and putting it back on again.
The cover is made similar to how the Acatels are if you have ever used them, so its a pry instead of a slide which is annoying, but at least its there
I actually have one I'm not using at the moment. The switches at within the back cover but that's easily able to be reached within 5 seconds or so with no tools. It's not exactly something you would be flipping on and off regularly though unless you had a very specific use case.
Anything that isn't a hardware switch potentially leads itself to being bypassed, so the switches are your best bet for being sure it's disabled.
Edit: there's also this (I linked the case which shows the switches) phone which has switches on the outside for this purpose. I don't know anyone who has used this one however.
Fairphone 6 with e/OS can use its physical switch to disable camera & microphone. Its only SW disabling but it forces app that want to use it request it. There's also privacy setting that gives apps fake geo data.
Its not perfect but any improvement is good.
Would need to disable the cell radios, wifi and bluetooth too since those are also used to track device location.
Some stuff that you can use are
Then there is this experimental (HARPO: Learning to Subvert Online Behavioral Advertising) paper on using ML to obfuscate online tracking, it's a research paper so my understanding is limited to the excerpt π https://arxiv.org/pdf/2111.05792
Is this poster an AI bot or am i tripping
Edit: it definitely is (the random hashtags should've been enough of a giveaway)
We need radical technical solutions, not incremental privacy policies that change nothing.
This overused: "It's not x, but y" giveaway is one of the most annoying AI ticks for me. I give them credit for actually using a colon instead of the em dash. Buy yeah, that's just about the only step they took to obfuscate their AI text
I use Graphene OS and mostly/exclusively only open source applications.
Is there any hard evidence that supports the claim that an Android/Apple phone listens in on conversations?
Would take a whistleblower to expose these things, and usually its done many years after.
Also its not that there's some person currently listening. Its that they're storing and probably transcribing all communications for all time, so that at any moment in the future, they can target a person and look up that history.
Also we know google and apple have been forwarding all these to the US goverment also, since at least ~2011, via the prism program, and thanks to Snowden and Manning's leaks.
Would take a whistleblower to expose these things, and usually its done many years after.
So no, and also no, I disagree. If phones did this, especially to custom-tailor ads, like I've seen claimed countless times, then security researchers would be perfectly capable of uncovering this behavior without someone on the inside.
Its that theyβre storing and probably transcribing all communications for all time, so that at any moment in the future, they can target a person and look up that history.
Is this just more speculation? EDIT: I'm bringing this up because it weakens the argument for privacy. This is a huge claim and if it can be dismissed like this then people might dismiss everything else with it.
If phones did this, especially to custom-tailor ads, like I've seen claimed countless times, then security researchers would be perfectly capable of uncovering this behavior without someone on the inside.
When you make calls via these services, the entirety of that data is being routed through their service. What you're asking is if google/apple actually stores that data. You should always assume they do, for a threat analysis.
I suggest reading about the Crypto AG honeypot scandal, which was a secure service that ran for over 60 years before it was revealed to be an CIA honeypot. Leaks in the future will likely reveal the same for US surveillance capital services.
I think this can be misconstrued a little bit. "Listening to conversations" could mean listening to phone calls, texts, etc, but it could also mean listening to conversations with people in real life.
There's hard evidence everything transmitted is logged and that any phone capable of connecting to the cell network can be listened in on at any time. I would be very surprised to learn monitoring/logging like that was not the default at this point given the infrastructure we've publicly built for that purpose and just how easy to implement it's become. You think an on device assistant can help schedule and summarize your day but the NSA is going to opt out of those capabilities on principle and let that big ol Utah data center sit idle?
Me reading this on Pixel 9a running GrapheneOS:
graphene is pretty good, but be careful with cell network triangulation. also careful with what apps you run on it.
Is this a post just tilting the blame and impetus for escaping closed hardware on the user and nothing else? Because I'll buy a Jolla or a Fairphone when my current phone dies, maybe, if I can afford it. All your post does is position true privacy as a hobbyists niche.
I don't like smartphones and im kinda paranoid so turned off and in an rfid blocking bag. Even with dumbphones because who knows what is hidden away active without me knowing. I would have laughed at such paranoia 15 years ago.
We all know the title is right. Graphene OS is the answer, from what I read.
How much of your life are you willing to sell for a slightly more convenient map app?
30% max
However much is earned by time saved by that app.
I stopped using openstreetmap because it wasn't reliable enough for me. I found myself going the wrong direction, or not finding what I wanted to find and having to swap back anyway.
I liked the goal but, it just wasn't a valid tool for me.
The thing is changing your life to not need a precise maps app, instead of looking an app to fit your life.
Best friend is stuck on his iPhone. Does anybody have any quick and easy links that show how bad Apple is at privacy? Iβve been trying to get a few together to show him and hopefully break the cycle.
Apple is pretty decent actually. If I couldn't use GrapheneOS, I'd go for iOS.
Itβs not as bad as Google but still pretty terrible. I too would like to see a comprehensive list on Apple issues.
This is a fair assessment but Apple is getting worse as well.
Apple devices aren't the best but theyre definitely not the worst. If the leaked Cellebrite documentation is to be believed then the newest devices running the latest iOS builds are well protected against hacking tools, second only to GrapheneOS. The iOS permissions system is relatively robust, lockdown mode is a good bit of extra protection too. And iirc full-disk encryption is enabled by default on iOS these days. Advanced Data Protection lets you E2E encrypt (most) cloud storage too. These are all good things
For the most part, you can set up an Apple Account without using genuine information (though the age verification thing might change this, but Google is implementing that too). For both iOS and GrapheneOS you need to either trust Apple or Google with your phone number to set up an account.
I'd be interested to hear people's criticisms so long as they're not just random claims with no elaboration or evidence
GrapheneOS can be used just fine without any Google Services. This is one of the core features.
Cell phones started to become popular while I was in college. I still have not used one. I have a dumb phone for businesses and institutions that absolutely must call for whatever reason. Everything else can be easily handled on my computer.