Your smartphone tracks your location, listens to your conversations, and sells your intimate moments to data brokers.
The law pretends to regulate this, but lobbyists write the rules and enforcement is a joke.
Encryption apps aren’t enough when the hardware itself is designed to betray you.
The phone is a spy device marketed as a lifestyle accessory.
We need radical technical solutions, not incremental privacy policies that change nothing.
The surveillance economy depends on your ignorance and inaction.
Break the chain: use open hardware, de-Googled Android, or build your own tools.
#privacy #surveillance #digitalrights #antitrust
How much of your life are you willing to sell for a slightly more convenient map app?
This is a legal/poltical issue more than a technology one. The good guys are the EFF, OpenRightsGroup, EDRi and others in the same side. Increasingly phone apps are forced on us to do things at all, and those apps are not only closed but only run on locked down OSs. It’s anti competitive, anti-freedom, authoritarian, etc etc.
We need to get better at convincing non-nerds. We need to stop fighting political fights by burying ourselves ever deeper in tech. Which I’m guilty of too!
💯 support EFF
I’ve donated monthly to OpenRightGroup well over a decade now. I make sure it is always more than my wife’s Netflix (DRM pusher) to maintain a net positive!
Very well said. Everything you said I agree about 100%.
We need to get better at convincing non-nerds.
I’m doing my best. It’s hard tho. They just… don’t care. They don’t understand why it is important. Important for their future, and for all of our future. They don’t seem to grasp why it matters so much, and what price we have to pay when we get it wrong.
I try to find concrete examples for them. But when people are invested already in some big tech ecosytem, it’s easy to discount the examples. “That wouldn’t apply to me”.
I’m trying so hard, but it is an up hill fight :(.
Yeah, it’s hard. People don’t want to see the problems because they don’t want to change. Law makers are the ones we really can’t fail to convince.
we are all moths and the internet is the flame
i dream about a phone with hw switch, which would be used to lock the screen and at the same moment it would physically disconnect microphone, camera, and gps module.
not saying it is complete solution to the privacy problem, but it would be good start.
the pinephone does that, its not built into the lock screen button but, it has a switch for most the privacy central features.
did not know that. but from the image, that seems like something that is inside of the phone? not really something you casually flip on the street.
my idea is that anytime you would flip the switch and lock the screen to put the phone in the pocket, its spying capabilities would be physically disabled.
Yea you are right, the privacy switches are under the battery cover, so it requires taking the cover off flipping the switch and putting it back on again.
The cover is made similar to how the Acatels are if you have ever used them, so its a pry instead of a slide which is annoying, but at least its there, in my opinion its a design defect, I think the switch would have worked better if the cover was a slide like how the old Samsungs were prior to going to the non-removable battery layout
I actually have one I’m not using at the moment. The switches at within the back cover but that’s easily able to be reached within 5 seconds or so with no tools. It’s not exactly something you would be flipping on and off regularly though unless you had a very specific use case.
Anything that isn’t a hardware switch potentially leads itself to being bypassed, so the switches are your best bet for being sure it’s disabled.
Edit: there’s also this (I linked the case which shows the switches) phone which has switches on the outside for this purpose. I don’t know anyone who has used this one however.
If my phone had an accessible hardware switch I would absolutely be using it 100% of the time I wasn’t actively on my phone.
Fairphone 6 with e/OS can use its physical switch to disable camera & microphone. Its only SW disabling but it forces app that want to use it request it. There’s also privacy setting that gives apps fake geo data.
Its not perfect but any improvement is good.
What’s the point of a hardware switch if it only disables it via software? GrapheneOS has a software switch too.
Would need to disable the cell radios, wifi and bluetooth too since those are also used to track device location.
you can’t really disconnect yourself from the cell network, that would beat the purpose of having the mobile phone ;)
Would it?
yes.
but i can still watch netflix
that is cool, but primary purpose of a phone is to make and receive phone calls. there are better tools for watching netflix.
yeah but dropping a PC on my face while laying on my bed takes too much work
If you have a need for high levels of privacy it’s the only way to do it, or just leave your phone at home.
It doesn’t really defeat the purpose of having a mobile phone either IMO, most stuff I do on my phone is already offline (maps, notes, taking photos, etc).
well, the primary purpose of a PHONE is to be able to make and receive PHONE CALLS. anything else is just a matter of convenience.you can use maps, make photos and take notes without a phone, the same can’t be said for phone calls.
We need bots, automations… I don’t know… we need a new category called “telemetry jammers.” If the tools existed, I’m almost certain people would not mind running them. Spam the hell out of telemetry sensors of all kinds, with random data… destroy the usefulness altogether. The more spam, the fewer people we actually need to participate. The more transparent to the actual user, the better.
At some pint the extra data being sent to the trackers might start to consume more battery power and heat from CPU usage.
Pokemon GO did something similar to this and those were the side effects
Could be done on another device though, a computer could pretend to be your phone and start sending tons of useless data maybe? I don’t know how feasible it is.
You’d have to automate the retrieval of IDs for each data harvesting platform (including web based cookies to be feature complete) and manage to send the properly formatted data on each platform.
Funnily enough though, the kind of fuzzy data generation that just looks plausible enough could be a great usecase for LLMs
So like what, just Faraday cage bags?
Faraday pants.
Nah, a reverse faraday cage, something that would make telemetry useless by flooding it with trash. We can try all we can not to be spied on, but it’s an uphill battle. If we start being so noisy that they’d have to sift through tons of crap to maybe perhaps get a tiny speck of useful data, it won’t economically make sense to continue harvesting the data.
It’s one of the things I do with a combo of trackmenot + adnauseam, spam web search & click websites and all their ads automatically while I use my computer. Good luck profiling me correctly
How much of your life are you willing to sell for a slightly more convenient map app?
30% max
However much is earned by time saved by that app.
I stopped using openstreetmap because it wasn’t reliable enough for me. I found myself going the wrong direction, or not finding what I wanted to find and having to swap back anyway.
I liked the goal but, it just wasn’t a valid tool for me.
The thing is changing your life to not need a precise maps app, instead of looking an app to fit your life.
To be clear, most businesses are in specific locations, not like a general area.
There’s a bullet proof old tech called communication, you reach someone in the street, or any business around there and ask questions about where the specific location you’re looking for is located.
Yeah, but that would require talking to people. Fuck that.
Not having a map when going to a new location is one of the most anxiety triggering things for me. They have been lifesavers in helping me get out more.
But OSM provides a map. What exactly are you talking about?
I thought the problem was people depending too much on Google Maps because its privacy invasive data harvesting.
It often gives incorrect maps simply because of update schedule and them encouraging not reporting construction <3 months or whatever.
We have construction all over in Belgium and tons of detours such that it makes open street map pretty much unusable as it will just incessantly reroute you to a blocked path even after you are well on a different route.
You said precise maps apps and ‘an app to fit your life’, not closed source corpo map sources.
I’m fine with using open source if it’s capable of navigating me around without issue, I’m not fine with not having an app too fit my life or be precise.
Yea but the main thread of this comment is talking about:
How much of your life are you willing to sell for a slightly more convenient map app?
Usually when people say that on a privacy perspective it refers to how impossible is to ditch Google Maps because of its live traffic things and other things like Android Auto.
So I replied saying you should change your life to not depend on such apps, not your apps to fit in your lifestyle.
Yes but I replied to your post, not a top level comment in response to the thread.
I firmly agree. It’s a give and take, I don’t have the time or energy to spend a couple hours mapping the local area on OSM that way it can be properly used. I did that for my home town, and then realized that outside of big corporate entities, it wasn’t done at all for any of the surrounding towns or even cities. To me having an accurate map with ability to give directions and traffic reports is worth more than my location data.
I’m not selling my life, every 3 months I’m very literally buying another year and eight weeks of life, more or less. The smartphone makes it a hell of a lot easier.
Me reading this on Pixel 9a running GrapheneOS:
graphene is pretty good, but be careful with cell network triangulation. also careful with what apps you run on it.
Some stuff that you can use are
-
AdNauseam, visually blocks ads but under the hood clicks on them, nuking the usefulness of ad trackers
-
TrackMeNot, spams queries on search engines, clicks some links here and there, all in the background. Works perfectly with AdNauseam, nuking both ad & search profiling
Then there is this experimental (HARPO: Learning to Subvert Online Behavioral Advertising) paper on using ML to obfuscate online tracking, it’s a research paper so my understanding is limited to the excerpt 😅 https://arxiv.org/pdf/2111.05792
TrackMeNot is dead
Not updated but it still works fine
Running outdated software can open security vulnerabilities however.
visually blocks ads but under the hood clicks on them
I get where they’re coming from on the idea. But the problem I have… it would still run all the fingerprnting scripts and other shit. Sure it makes some bad data added to the good… but still plugs me into huge adware ecosystems. It leaves such a bad taste in my mouth, if any of their shit hits my comp.
I really mostly want to not be part of any of that shit. 🤮 Just leave me alone, surveilance companies, thank you.
-
Is this a post just tilting the blame and impetus for escaping closed hardware on the user and nothing else? Because I’ll buy a Jolla or a Fairphone when my current phone dies, maybe, if I can afford it. All your post does is position true privacy as a hobbyists niche.
exactly right. positioning the solution as "buy different hardware and swap OSs’ is short term thinking that solves the problem for the individual and exactly nobody else.
privacy should not be niche, it should be standard. go to city council meetings and make your voice known during flock safety hearings. write your legislators to make your stance known on OS DOB registry. its not nearly as cool as a de-googled phone you can show your friends. its not technical. but we’re sliding backwards because we’re distracted from tried and true solutions.
We all know the title is right. Graphene OS is the answer, from what I read.
I use Graphene OS and mostly/exclusively only open source applications.
+1 for GrapheneOS. I wasn’t particularly privacy conscious when I installed it; I was just super bothered by the Google/Apple duopoly in mobile OSes and wanted literally anything else. Came across GrapheneOS and a few others, but Graphene looked the easiest to install (and it was!) so I went with that. Barely a year later, Google’s out here trying to lock Android down and harvest literally every piece of personal data they can find, and I feel like I dodged a bullet.
I don’t like smartphones and im kinda paranoid so turned off and in an rfid blocking bag. Even with dumbphones because who knows what is hidden away active without me knowing. I would have laughed at such paranoia 15 years ago.
Is there any hard evidence that supports the claim that an Android/Apple phone listens in on conversations?
Would take a whistleblower to expose these things, and usually its done many years after.
Also its not that there’s some person currently listening. Its that they’re storing and probably transcribing all communications for all time, so that at any moment in the future, they can target a person and look up that history.
Also we know google and apple have been forwarding all these to the US goverment also, since at least ~2011, via the prism program, and thanks to Snowden and Manning’s leaks.
Would take a whistleblower to expose these things, and usually its done many years after.
So no, and also no, I disagree. If phones did this, especially to custom-tailor ads, like I’ve seen claimed countless times, then security researchers would be perfectly capable of uncovering this behavior without someone on the inside.
Its that they’re storing and probably transcribing all communications for all time, so that at any moment in the future, they can target a person and look up that history.
Is this just more speculation? EDIT: I’m bringing this up because it weakens the argument for privacy. This is a huge claim and if it can be dismissed like this then people might dismiss everything else with it.
If phones did this, especially to custom-tailor ads, like I’ve seen claimed countless times, then security researchers would be perfectly capable of uncovering this behavior without someone on the inside.
When you make calls via these services, the entirety of that data is being routed through their service. What you’re asking is if google/apple actually stores that data. You should always assume they do, for a threat analysis.
I suggest reading about the Crypto AG honeypot scandal, which was a secure service that ran for over 60 years before it was revealed to be an CIA honeypot. Leaks in the future will likely reveal the same for US surveillance capital services.
I think this can be misconstrued a little bit. “Listening to conversations” could mean listening to phone calls, texts, etc, but it could also mean listening to conversations with people in real life.
yup. That’s really it.
There’s hard evidence everything transmitted is logged and that any phone capable of connecting to the cell network can be listened in on at any time. I would be very surprised to learn monitoring/logging like that was not the default at this point given the infrastructure we’ve publicly built for that purpose and just how easy to implement it’s become. You think an on device assistant can help schedule and summarize your day but the NSA is going to opt out of those capabilities on principle and let that big ol Utah data center sit idle?
No, it is trivial to verify it by checking your data usage. We have these AI devices (one of them is called friend) that actually do listen to you the whole time and even they do a terrible job of transcription. That’s when people wear them like pendants.
Now imagine using a phone instead that’s sometimes in the pockets, in the bag or just on the table. Speech recognition errors would be terrible. Even worse when the speech isn’t english. Use recommendation engines on this crap data and it’ll be an advertising disaster!
Lolz. Close your mouth you’re gonna catch a fly
Snowden showed us ages ago that all phone conversations are recorded. This is fact.
Do phones record what we say outside of phone calls? If you have voice control enabled, yes.
Do phones listen even if that isn’t enabled? Probably sometimes, but I don’t know that for sure.
To add to what others are saying, there’s been hard evidence of apps doing this, notably Meta apps.
Best friend is stuck on his iPhone. Does anybody have any quick and easy links that show how bad Apple is at privacy? I’ve been trying to get a few together to show him and hopefully break the cycle.
Apple is pretty decent actually. If I couldn’t use GrapheneOS, I’d go for iOS.
This is a fair assessment but Apple is getting worse as well.
It’s not as bad as Google but still pretty terrible. I too would like to see a comprehensive list on Apple issues.
Apple devices aren’t the best but theyre definitely not the worst. If the leaked Cellebrite documentation is to be believed then the newest devices running the latest iOS builds are well protected against hacking tools, second only to GrapheneOS. The iOS permissions system is relatively robust, lockdown mode is a good bit of extra protection too. And iirc full-disk encryption is enabled by default on iOS these days. Advanced Data Protection lets you E2E encrypt (most) cloud storage too. These are all good things
For the most part, you can set up an Apple Account without using genuine information (though the age verification thing might change this, but Google is implementing that too). For both iOS and GrapheneOS you need to either trust Apple or Google with your phone number to set up an account.
I’d be interested to hear people’s criticisms so long as they’re not just random claims with no elaboration or evidence
GrapheneOS can be used just fine without any Google Services. This is one of the core features.
Google does NOT need your phone number on GrapheneOS. I’m on Graphene and Google doesn’t have shit.
I stand corrected, but do you need a Google account at any point for activation etc.? I’ve had increasing difficulty creating a Google account at all without a phone number
Nope. I just upgraded my phone not too long ago, and apart from it being a (secondhand) Pixel, Google never entered the process.
i mean this with sincerity, and not as a means to further the Android vs Apple bullshit. please stop drinking cyanide.
But where is the data? I’m genuinely curious since I want to get my friend off the platform but if there is nothing to show them then I don’t really know if I can (or even should tbh).
He needs to enable lockdown mode, then go into the privacy settings and turn off “allow apps to request to track”, disable the system services in location settings which aren’t needed, turn off personalised ads under Apple advertising, then he well be good.
Sweet! Love seeing actionable things I can send him.
I think Lockdown might be too much for the average person, since it imposes limitations to reduce the attack surface (breaks some websites, some apps dont work properly)
I would just recommend he enables Advance Data Protection on his iPhone, disables analytics, and switches to privacy-focused apps. Apple has decent privacy, even by default compared to Android
Lockdown mode for websites and apps isn’t terrible to manage/configure on the fly, bonus is it makes you (re)consider if you should.
friend is stuck on his iPhone
my honest opinion is that it’s a lost cause. people superficial enough to be on an iphone in the first place probably aren’t gonna think through the deeper ramifications of privacy and information security practices at all.
That’s a dumb take. IPhone are incredibly popular. Painting every iPhone user as shallow is completely baseless.
The site says user privacy is a concern on iPhone but doesn’t actually list any incidents. Is this correct?
Is this poster an AI bot or am i tripping
Edit: it definitely is (the random hashtags should’ve been enough of a giveaway)
Thanks for pointing this out, I just used an LLM detector and it said it was likely 100% AI generated.
We need radical technical solutions, not incremental privacy policies that change nothing.
This overused: “It’s not x, but y” giveaway is one of the most annoying AI ticks for me. I give them credit for actually using a colon instead of the em dash. Buy yeah, that’s just about the only step they took to obfuscate their AI text
Cell phones started to become popular while I was in college. I still have not used one. I have a dumb phone for businesses and institutions that absolutely must call for whatever reason. Everything else can be easily handled on my computer.
Lyft/uber, airlines, hotels? Its nearly impossible to use any of those without a smartphone. Or its a huge hinderance.
I’m convinced most of the people on this instance don’t leave their basements !
Huh? I’ve flown and booked hotels recently and you absolutely do not need a smart phone for that.
Sure, but youll be the one gramps running through the airport with your paper ticket because you didnt see your gate change on the airport TV and you’re late. On the phone app, the gate changes alert you immediately.
There’s also no way they’ll have printed tickets anymore in ~5 years . i havent seen someone use a paper ticket in a very long time, and if I do, they’re 85 year olds who can barely walk. (Related note, my younger friend was absolutely baffled I still write checks. They’re 26 and never wrote a check in their life).
The normies dictate the market. There’s zero way I’d convince my SO or any family member to get a phone that doesnt support flight apps and hotel check in apps. Especially because hotel check in apps can remotely unlock your door with no key, so you dont have to talk to anyone at 3 am when you get there (a lot of people like that).
Except phones get dropped and break. Paper tickets aren’t going anywhere.
Until the bean counters realize ticket machines cost too much to upkeep. Its the way the world works.
Same reason there’s almost no malls/3rd spaces, or arcades (and the arcades that are left dont use tokens any more) left. Profit above all else. Enjoyment of things and privacy is not profitable.
Everyone has cars where I live. I’ve never needed a smartphone for a hotel. That sounds like utter nonsense.
And you’re right, I haven’t flown in decades, nor do I have any desire to, since it sounds like a nightmare.
deleted by creator
How do you get around 2FA? I was able to stay off of phones for so long, but the standard 2FA implementation has made it impossible.
I’ve never been forced to use 2FA except on GitHub. I just ditched it and went to Codeberg.
Ah, lucky. All the banks around me seem to require it now. My kingdom for an independent authenticator they’d accept!
