10
1

A phone which does not spy on you


 invite response                
2018 Aug 19, 10:49am   45,379 views  300 comments

by Patrick   ➕follow (60)   💰tip   ignore  

https://puri.sm/shop/librem-5/

Librem 5, the phone that focuses on security by design and privacy protection by default. Running Free/Libre and Open Source software and a GNU+Linux Operating System designed to create an open development utopia, rather than the walled gardens from all other phone providers.

A fully standards-based freedom-oriented system, based on Debian and many other upstream projects, has never been done before–we will be the first to seriously attempt this.

The Librem 5 phone will be the world’s first ever IP-native mobile handset, using end-to-end encrypted decentralized communication.


Many others have attempted Open Source phones and failed. I hope this one works, especially since I just discovered that you cannot turn off wifi or Bluetooth on Android or iOS. "Turning it off" in the controls on those phones merely disconnects you from current access points, but leaves them on so they can spy on your location with great precision and open you up to various exploits:

https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off

On iOS 11, pressing the wifi toggle immediately disconnects the iPhone or iPad from any wifi networks, but leaves the wireless radio available for use by location services, scanning for the names of nearby wifi access points. The Bluetooth toggle operates in a similar fashion. ...

A similar thing happens in Android smartphones, which use wifi as part of their location services. Switching wifi off prevents it from connecting to wifi access points, but allows it to continue periodically scanning for access point names to help pinpoint its location.




« First        Comments 41 - 80 of 300       Last »     Search these comments

41   Patrick   2021 Jul 18, 1:39pm  

https://www.haaretz.com/israel-news/tech-news/.premium-how-nso-s-pegasus-is-used-to-spy-on-journalists-1.10010560

How NSO's Pegasus Is Used to Spy on Journalists
Israeli firm NSO's Pegasus software is used to infect journalists phones in what is called 'zero clicks'. Here's how they did it and what we found out
42   Patrick   2021 Jul 18, 1:41pm  

https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus

Revealed: leak uncovers global abuse of cyber-surveillance weapon
Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests ...

Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.

The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.

Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.

The leak contains a list of more than 50,000 phone numbers that, it is believed, have been identified as those of people of interest by clients of NSO since 2016.
43   Patrick   2021 Jul 19, 9:35am  

https://www.theguardian.com/news/2021/jul/18/huge-data-leak-shatters-lie-innocent-need-not-fear-surveillance

Huge data leak shatters the lie that the innocent need not fear surveillance
44   mell   2021 Jul 19, 5:00pm  

Donald says
The Freedom Phone is made in Communist China and is nothing more than a $120 phone being sold for $500.

Yet another conservative con game

https://www.nydailynews.com/news/national/ny-freedom-phone-made-china-cheap-rebrand-20210716-ye2coq5r5nfthgt4vc4cw2ugby-story.html


Better than stealing elections and censorship. You probably have to run/buy a pine phone or similar to get privacy and low margins, but it can be done just with Android, which by itself is not spyware.
45   Patrick   2021 Jul 23, 1:21pm  

https://www.nytimes.com/2021/07/21/technology/phones-location-data.html

“Data privacy” is one of those terms that feels stripped of all emotion. It’s like a flat soda. At least until America’s failures to build even basic data privacy protections carry flesh-and-blood repercussions.

This week, a top official in the Roman Catholic Church’s American hierarchy resigned after a news site said that it had data from his cellphone that appeared to show the administrator using the L.G.B.T.Q. dating app Grindr and regularly going to gay bars. Journalists had access to data on the movements and digital trails of his mobile phone for parts of three years and were able to retrace where he went.


Another thing that political left and right should be able to agree on: We don't want our phones spying on us.

We can also be unified in our opposition to the Jeff Bezos' destruction of American retail and manufacturing.
46   SumatraBosch   2021 Jul 24, 4:36am  

Freedom Phone is SoakTheRubesPhone

Brave on the desktop? HEHEHEHEHEHEHEHEHE!

If your phone isn't running Symbian, you're being electronically skull fucked.

Get a pager and use disposable email accounts.

Learn to kill with your bare hands.

Teach your wives and kids to kill with their bare hands.

Biden is planning to control supplies of ammo.
47   Bd6r   2021 Jul 24, 11:14am  

Donald says
The Freedom Phone is made in Communist China and is nothing more than a $120 phone being sold for $500.

Yet another conservative con game

it is android, so probably you are right
google loaded with spyware and a few free speech apps to con people into buying it
48   Patrick   2021 Jul 24, 11:16am  

I also suspect this is true.
49   Patrick   2021 Jul 27, 9:46am  

https://edwardsnowden.substack.com/p/ns-oh-god-how-is-this-legal

In short, the phone in your hand exists in a state of perpetual insecurity, open to infection by anyone willing to put money in the hand of this new Insecurity Industry. The entirety of this Industry’s business involves cooking up new kinds of infections that will bypass the very latest digital vaccines—AKA security updates—and then selling them to countries that occupy the red-hot intersection of a Venn Diagram between “desperately craves the tools of oppression” and “sorely lacks the sophistication to produce them domestically.”

An Industry like this, whose sole purpose is the production of vulnerability, should be dismantled. ...

If you want to see change, you need to incentivize change. For example, if you want to see Microsoft have a heart attack, talk about the idea of defining legal liability for bad code in a commercial product. If you want to give Facebook nightmares, talk about the idea of making it legally liable for any and all leaks of our personal records that a jury can be persuaded were unnecessarily collected. Imagine how quickly Mark Zuckerberg would start smashing the delete key.
50   Patrick   2021 Aug 7, 2:54am  

Another possibility:

https://calyxos.org/
51   richwicks   2021 Aug 7, 3:54am  

If people want a phone that doesn't spy on them, they have to have a stripped down OS that they can understand, that will trivially monitor inbound and outbound connections.

It has to be simple enough so that that a typical coder can understand the OS (i.e. an embedded OS) and move the complexity up into libraries.

The problem with OSes is they are monolithic. Understanding Linux is a tremendous task, understanding Windows is an impossible task. This was done for efficiency reasons back in the day, but building an OS on top of a kernel, like MACH, that's still doable. This is a software abstraction of the hardware itself. The OS runs on top of another OS, a very simple OS. This was once called a Board Support Package.

Kernels allow you to run multiple operating systems on a single device, often simultaneously. NO hardware is directly accessible, and you can always detect access to the hardware through the interface. I think this will have to be done at some point to guarantee security.

If you had, for example, a virus running on your phone, you'd be able to detect the outbound data packets on it, and the incoming data packets on it. What files were modified, which parts of the storage were written or sent out, and what devices were activated. This was impractical 20 years ago because we were running on 200 Mhz machines, but it's entirely practical now at the cost of a bit of battery life - and my phone runs fine for weeks without a charge when its unused. I have a junk phone I use only for wifi access, and screwing around on (it's got damaged screen), I can leave that thing sitting on the counter for 2 weeks, and it goes from 100% charge to 90% charge over that time.

We can even further secure the devices, by using the kernel to require certified binaries only be run, and to expand the storage, to not only record things like date and time, but the applications that created them. This has already been figured out, but it's purposely not implemented. It's trivial to eliminate viruses, and to guarantee secure communication - the reason it's not done, is the government doesn't want it done.

I worked on the XBox project. One of the main concerns on developing that system was PREVENTING unauthorized code from running on it. Why? Because MS sold the machine for BELOW COST to gain marketshare. They make up the cost differential because for each game sold, they receive a cut of the sale. So, they might sell the first revision of their machine for $300, but it cost $500 to make, but they expected 10 games to be bought by a user on average, so they would initially break even. Then they cost reduce and the box to $400 to make, then $300, then $250, then $200 and so on. As they do this, they also reduce the cost of the game machine to gain market share.

What they were terrified of, is a company could run arbitrary software on it, and cut out MS from their fee, or even worse, making a machine that kicked ass, that was a full replacement for a desktop, that could act as a server. Game machines, are no longer toys, they are as powerful as servers. They do not want you to be able to use them as full machines, just toys - but games have to have a digital signature, this could be done with any machine, that would obliterate viruses - but they don't. Why do you think that is?

Machines are PURPOSELY built with backdoors, and phones, they are the worst. Nobody cares about desktops today, they care about your personal communication.
52   WookieMan   2021 Aug 7, 7:46am  

richwicks says
I worked on the XBox project.

Fuck that device. Fuck it hard. Apple can take all my shit for all I care, new devices are set up in minutes not hours. I don't game but my kids do, it's the worst platform I've ever encountered. So convoluted and retarded to be honest. I'm no techie, but I've build mediocre websites that worked well for real estate. Xbox (currently) is not intuitive and is a shit show. Maybe it was better when you worked on it, as again I don't play video games.

We've spent hours doing something to get the kids a game or whatever. The feedback is the exact same from other parents. My one buddy just rebuilt the JP Morgan investment site for trading. Even he said Xbox is a shit show. I've seen the dude work, his keyboard is on fire.
53   Patrick   2021 Aug 12, 10:54pm  

https://puri.sm/posts/internet-of-snitches/

Imagine an Internet of Snitches, each scanning whatever data they have access to for evidence of crime. Beyond the OS itself, individual phone apps could start looking for contraband. Personal computers would follow their lead. Home network file servers could pore through photos, videos and file backups for CSAM and maybe even evidence of copyright infringement. Home routers could scan any unencrypted network traffic. Your voice assistant could use machine learning to decide when yelling in a household crosses the line into abuse. Your printer could analyze the documents and photos you send it.
54   SumatraBosch   2021 Aug 13, 12:54am  

I want a phone that kicks larry and serge in the nuts and take a massive shit on their faces every time I make a call and hundreds of times a second when I don't/
56   Eric Holder   2021 Aug 20, 2:48pm  

Patrick says
Your printer could analyze the documents and photos you send it.


Already does to some extent.
57   richwicks   2021 Aug 20, 5:15pm  

WookieMan says
richwicks says
I worked on the XBox project.

Fuck that device. Fuck it hard. Apple can take all my shit for all I care, new devices are set up in minutes not hours. I don't game but my kids do, it's the worst platform I've ever encountered. So convoluted and retarded to be honest. I'm no techie, but I've build mediocre websites that worked well for real estate. Xbox (currently) is not intuitive and is a shit show. Maybe it was better when you worked on it, as again I don't play video games.


I am unoffended. I'm a contractor. Some people would call me a mercenary for hire, but I know what I really am. I'm a prostitute. I'm a whore.

If your kids like video games, look into the retroarcade. Maybe your kids need the "latest and greatest", but if they just want to play video games, I have a library of over 10,000 of them, not to play (my life isn't that long), but to preserve.

For < $100, you can have a raspberry pi, running retroarcade with more video games on it, than any one person can play in a lifetime. Also, it burns less than 10 watts.

https://retropie.org.uk/

The last time I tried to play a modern arcade game was 10 years ago. When I was a kid, a video game was a 10 minute distraction, that at worst could be a 2 hour struggle to win. Today, video games are just ordeals, that take WEEKS to get through. Want a blast from the past?

http://impossible-mission.krissz.hu/

That's one of the toughest video games I conquered as a kid. I can still beat it, and I recently have, but there's no enjoyment in it.
58   AmericanKulak   2021 Aug 20, 5:38pm  

Stay awhile, Stay Forever!!!
59   Patrick   2021 Aug 20, 5:39pm  

richwicks says
I worked on the XBox project.


That's interesting.

One fun thing about tech is that your work is often used by millions of people.

I worked on a phone (the Nextel phone) that was used by millions. And many well-known websites. Not that I did a huge part of any of them.
60   richwicks   2021 Aug 20, 6:27pm  

Patrick says
richwicks says
I worked on the XBox project.


That's interesting.

One fun thing about tech is that your work is often used by millions of people.

I worked on a phone (the Nextel phone) that was used by millions. And many well-known websites. Not that I did a huge part of any of them.


It's a feather in your cap to work on something that nearly everybody knows about.

I just did DV - Design Verification. I wrote tests to confirm the hardware worked properly, in simulation and emulation - the emulator is the size of 2 refrigerators, that ran at 100 Khz that could accept PORTIONS of the design and arrangements needed to be made to power it, and ventilation had to be constructed to keep the lab cool. That machine was as expensive as a 20 room mansion is.

I honestly find technology boring today. Why get an XBox or PS5 or whatever? The only advancement in these systems is better graphics, but shit - they're good enough now. The difference in graphics from XBox1 and the 360 - it's minimal. Sure, it's better, but not the difference between a PS1 and a PS2.
61   Patrick   2021 Aug 20, 6:56pm  

I wrote the AT command set parser on the Nextel phone. Not that anyone uses a modem with a phone anymore.

I also rewrote the credit card form on Craigslist which all their revenue goes through.
62   richwicks   2021 Aug 21, 12:23am  

Patrick says
I wrote the AT command set parser on the Nextel phone. Not that anyone uses a modem with a phone anymore.

I also rewrote the credit card form on Craigslist which all their revenue goes through.


This is why I hated DV. It needs to be done, but none of my work is used by the public.

If you ever use a DC fast charger from ChargePoint - I wrote the communication stack for that. I'm probably North America's expert on that communication protocol, and it's a TERRIBLE protocol. So terrible that I quit in disgust that there was no pushback on it. My superiors simply didn't understand there was an intent to make a monopoly on several fronts. The whole "green energy revolution" is rife with corruption, and I know corruption having volunteered for a few charities, which are mostly just ways to take donations for a problem, when there is no intention of fixing the problem.

Electric cars, in my opinion, are a total scam - but my code is everywhere now. Have to find something more worthwhile to do with my limited time on earth than to work for the mafia.
64   Patrick   2021 Nov 11, 9:24pm  

https://reclaimthenet.org/data-broker-handed-over-smartphone-gps-data-to-dc-government-for-covid-research/


The EFF, a digital rights group, says it has seen public records (obtained here) that show location data broker Veraset and the District of Columbia (DC) government had struck a deal early in the Covid pandemic last year, allowing the latter full access to highly sensitive, individually identifiable GPS data, harvested from people’s mobile devices in the DC area.

Veraset made the offer and DC authorities accepted it, which was followed by half a year of updates coming from the company – that operates a proprietary database for this data, meaning that Veraset’s tools cannot be audited or scrutinized by the public – tracking hundreds of thousands of people going about their day.
65   AmericanKulak   2021 Nov 11, 9:32pm  

At 3AM in the morning, I often wonder if going after Craigslist and others for "Pushing Prostitution" was an excuse to clear the path for for-profit companies, like Facebook Marketplace (which I refuse to use) and even Zillow.
66   Patrick   2021 Nov 13, 11:21pm  

I used to work at Craigslist and I believe that was indeed the case.

It was purely an anti-competitive move by bigger companies like Facebook.
67   Patrick   2021 Dec 1, 1:40pm  

https://reclaimthenet.org/israel-is-using-counter-terrorism-phone-surveillance-to-track-omicron-carriers/


November 30, 2021
Israel is using counter-terrorism phone surveillance to track Omicron carriers
The implementation could be illegal.
69   NuttBoxer   2021 Dec 13, 10:48pm  

I'm fucking sick of smartphones. My work seems to have endless reasons why they want me to use my personal phone. So far I've told them I don't have a data plan, but there's wifi, so sure that won't hold up forever. As soon as I have time, going to look into prepaid shit phones that don't have app capability. The internet and cellphones have become so locked down it's ridiculous.
70   seesaw   2021 Dec 14, 5:25am  

Time to De-Google.. See Rob Braxman on Youtube.
https://www.youtube.com/watch?v=HVL1Xr7IEsY&source=patrick.net
Best Privacy phone. Rob seems very intelligent
71   Bd6r   2021 Dec 14, 12:35pm  

NuttBoxer says
As soon as I have time, going to look into prepaid shit phones that don't have app capability.

L8star Small Mini flip Cell Phone Magic Voice Changer Bluetooth Dialer Cellphone BM60 ca. 35 $
your employer's brain would freeze - they would have no idea what to do with this!
72   Eric Holder   2021 Dec 14, 12:50pm  

NuttBoxer says
I'm fucking sick of smartphones. My work seems to have endless reasons why they want me to use my personal phone. So far I've told them I don't have a data plan, but there's wifi, so sure that won't hold up forever. As soon as I have time, going to look into prepaid shit phones that don't have app capability. The internet and cellphones have become so locked down it's ridiculous.


Motorola F3: no GPS, no contacts, no nothing. =))
73   NuttBoxer   2021 Dec 14, 1:04pm  

Finding a non-smartphone that is supported by carriers is tricky. Was looking at nokia 3310, but not sure there's any carriers who support it, and will allow me to remain anonymous.
74   Eric Holder   2021 Dec 14, 1:44pm  

NuttBoxer says
Finding a non-smartphone that is supported by carriers is tricky. Was looking at nokia 3310, but not sure there's any carriers who support it, and will allow me to remain anonymous.


If a phone is capable of using US GSM frequencies it will be supported by the carriers.
75   joshuatrio   2022 Jan 3, 6:31am  

Anyone found a good privacy friendly phone yet?

My moto g5 plus is flaking out and I don't want another phone that constantly spies on me.
76   clambo   2022 Jan 3, 7:15am  

I was looking at Ubuntu touch which can run on my Pixel.
77   GNL   2022 Jan 3, 8:41am  

Is there any truth to a new Tesla phone coming out? It is supposed to be 100% private.
78   RWSGFY   2022 Jan 3, 10:36am  

joshuatrio says
Anyone found a good privacy friendly phone yet?

My moto g5 plus is flaking out and I don't want another phone that constantly spies on me.


Motorola F3.
79   Hircus   2022 Jan 3, 3:56pm  

NuttBoxer says
I'm fucking sick of smartphones. My work seems to have endless reasons why they want me to use my personal phone. So far I've told them I don't have a data plan, but there's wifi, so sure that won't hold up forever. As soon as I have time, going to look into prepaid shit phones that don't have app capability. The internet and cellphones have become so locked down it's ridiculous.


I started accumulating cheap smartphones and tablets for this reason (can often buy them for $30-50). Sometimes its tough to avoid installing an app to use some handy device, but I refuse to allow some chinese app to invade my phone. So I just keep a dummy device that uses a throwaway email address and no contacts / personal info etc... and install the apps on that, keeping my real phone clean. I don't even bother with a sim, just wifi.

2FA is becoming popular, especially for those who work in tech companies, and they seem to want their employees to use their personal phones to either install the 2FA app, or to receive text messages. A 2nd dummy device can work well for this use case too.
80   Patrick   2022 Jan 4, 12:31am  

Hircus says
I started accumulating cheap smartphones and tablets for this reason


I like this idea.

Hircus says
2FA is becoming popular, especially for those who work in tech companies, and they seem to want their employees to use their personal phones to either install the 2FA app, or to receive text messages. A 2nd dummy device can work well for this use case too.


At one previous company, I just ran a phone emulator on my laptop to run the 2FA app.

« First        Comments 41 - 80 of 300       Last »     Search these comments

Please register to comment:

api   best comments   contact   latest images   memes   one year ago   random   suggestions