A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
much thanks to @gary_host_laptop for the logo design :)
- 1 user online
- 17 users / day
- 110 users / week
- 168 users / month
- 320 users / 6 months
- 23 subscribers
- 639 Posts
- 2.07K Comments
Defeats the purpose of a mobile phone
Well yeah. In theory you could just not use the internet, not carry ID, never send letters and live your life but then you lose out on the benefits
Yeah but I have to like… function in society and go to work and whatnot.
I mean if I didn’t, sure.
Who are you hiding from? “Increasing privacy” means nothing without context.
My adversaries (well, when I’m not at a protest) are not likely to be tracking my phones location, and my phone is set up that no app or website can, so to me personally it’s a large sacrifice for no benefit.
But for someone else, it could be good advice!
@comfy @thursday_j Indeed you need context, but let’s limit the concept of “full privacy and security” to things that are in your control. E.g you might control the physical safety of your device but you can’t control how many man-in-the-middle are between your phone and the rest of the internet. As a regular technology user my threat actors are big-tech and establishments.
It sounds like you’re suggesting Linux phones are more private and secure than GrapheneOS. Given their current state and limitations, it is extremely unlikely that any of them are more secure than GrapheneOS against a typical hacker or malicious app.
In terms of security, this is also a benefit. It means they aren’t trying to aim at fifty different targets which may behave different or even unexpectedly. The software developers have far far far more confidence that their security features will work on your device if they test it on theirs.
Again, there is no such thing as “full privacy and security”. It is unpragmatic idealism. Not only does it misinterpret privacy and security as concepts, it is an unconstructive attitude for creating an effective security model, and just encourages burnout for no benefit. We don’t limit “full”. There is no full. There is no perfect answer. It’s an undefined and unachievable idea.
Now, I’m not saying you can’t effectively secure your device adequately against big-tech and corporate capitalism. I say you can! It’s achievable. But it’s unconstructive to hold the illusion that there is some absolute “full privacy” against them.
@comfy in terms of software linux phones still have a long way to catch android. Even when taking the desktop flavors, against windows, linux is still not a match. Thanks for sharing that article. Is good to know exactly which are the areas where linux must improve.
No problem :)
Linux is obviously the choice for my desktop, especially since I’m not defending against organized crime or a government, but like you said it’s important to understand its strengths and weaknesses.
@comfy The hardware approach has already surpassed most of androids due to their open firmware nature. In my scenario, let’s say I’m going to a protest and enforce my human rights upon the establishment. I turn off cellular, WiFi, Bluetooth, BLE, NFC, UWB and just use my phone as a pocket computer to take video footage. Later I read a security article that the cellular modem in my phone is able to transmit data outside phone’s operating system.
@comfy Same like Intel ME is able to take full ownership of your computer without your approval or awareness. This can only happen due to the closed source firmware these devices are using. If I could electrically kill these components, or the possibility of having them removed, I would consider myself fully protected. Again, this approach might not be good for everyone. Maybe “full” is not the correct wording. I guess “ideal security and privacy” is what I was looking for.
@comfy @thursday_j GrapheneOS is the best flavour of Android that you can get with the downside that is limited to one single phone brand. But Android itself is far from being perfect. That’s when Linux phones step in. Currently they are just in development stage and not really intended as daily drivers. But that changes with adoption.
As a quick introduction to the idea of Linux phones vs. Android ROMs, this post (updated about a year ago) gives an introduction from a security perspective. Depending on your adversary’s capability, security can be an important dependency of privacy.
The simplest way is to not own one. Get a land line and an answering machine instead. It’s ok to not be reachable every minute of every day.
Is it really that much safer vs running Graphene? I’m sincerely curious as I don’t know the specific benefits of a landline vs a secure ROM.
Adding on to what Grouchy already said (good post) :
@shreddy_scientist @Grouchy Any device connected to a wireless technology lacks full security and privacy.
You might carry on your mobile phone with you as there are lots of other functions you can do on it. But, in order to benefit from full privacy and security you should disable: cellular modem, wifi, bluetooth, nfc, uwb. And you must run an operating system that is entirely open source to be sure that these components stay off after you disabled them.
There is no such thing as “full security and privacy”. It doesn’t exist and it’s not a useful goal.
Security and privacy don’t exist as absolute values. Things are not universally more or less secure than other things. You need to understand things like the needs of a situation (e.g. you correctly pointing out a modern phone has more use-cases than a landline), who the threats are, and what their capabilities are. Putting a decent password on an iPhone makes it adequately private and secure against my parents. Using a landline is not adequately secure against a government agency. Know Your Enemy!
As for your advice, a quick counter:
@comfy Indeed you need context, but let’s limit the concept “full security and privacy” to aspects that are under your control. E.g you might control the physical security of your phone, but you might not control how many men-in-the-middle are between you and the rest of the internet. Like any regular technology user my threat actors are big-tech and establishments.
@shreddy_scientist @Grouchy You might also have a look at mobile phones that offer electrically kill switches or can even have these components physically removed. E.g: Pinephone PRO, Librem 5, Fairphone 4
It depends on what you mean by safer.
Active cellular devices are location tracked. That information is correlated and sold. There’s nothing GraphenOS, or any other on device software can do to stop that.
When you carry a connected cellular device, you’re not only reporting your own location, you’re being tracked in reference to other people that are also carrying a cellular device. Between the two, it’s a detailed map of your lifestyle and people you know or may know.
A land line reduces the tracking to a single location, and the people you communicate with on it. Personally I avoid the land line too unless there’s no other good option.
For private communication, there is Jabber (XMPP), Matrix, and other self hosted services that avoid the entire issue.
If you really need communication on the road, then there are a couple of services that provide cellular connectivity without personal information. It’s not ideal, but better than nothing.
I’m writing all this from the perspective of the US. Other jurisdictions may be different, but location tracking is ubiquitous as far as I know.
There’s not really that much you can do about it if you’re on a cell phone. Your phone is connecting to the cell tower, and at that point all bets are off on how metadata gets used.
@thursday_j airplane mode and use mesh network for communication.
Yeah, but what if you get a call?