How to stay connected on mobile without being spied on

[misteraven]

Sister thread to How to browse the internet without being spied on. so definitely read that for more detail on internet browsing specifically.

 

That said, I'm freakin tired of having real life conversations with people, only to see ads for whatever I was talking about start showing up online and in social media. There is zero doubt in my mind that the smartphone we all walk around with is listening and tracking every single thing we do. I'll let dudes like @Mercer, @Dirty_habiTand @Hua Guofanglink specific articles describing evidence of such since they've done so in other articles. But, yeah... Hard is might be to drop the conveniences of the smartphone and our connected world, I'm just not okay with knowing that at any given time, everything I'm saying and everywhere I'm going is being tracked and logged for whoever the fuck knows what. Since this situation is so prolific that, they can suddenly stuff ads fro no carb and keto diets into your feed after you had a conversation on that subject, I can only imagine the ability of government to drill deep down into your life. Used to be paranoid thinking to say shit like this, but there's just way too much obvious evidence now that I don't think it's even disputed anymore and well, I have zero trust for government in these matters.

 

With that being said, I admittedly don't have a lot of knowledge in hardware that is engineered for privacy. What I do know is that my iPhone X seems to be intent in selling out my privacy. I've already followed a dozen different articles on privacy that advise what settings to disable and what apps to not install, etc. I've already changed to the Brave Browser / Duck Duck Go full time. I do not have Facebook installed. I largely use Telegram Messenger, and now more and more BCM messenger for messaging. @Mercerwas cool enough to lend me his NordVPN account, so I started using that as well. Yet, I'm still seeing clear evidence that my phone is picking up on what conversations are happening in the vicinity and serving me targeted advertising. Who the fuck knows what else its tracking, and no I'm not doing anything illegal, but I do see it as an audacious violation of my privacy and I'm not cool with it. 

 

I'm honestly thinking of buying an old phone off ebay and using that instead, but I also recognize how the carriers make that difficult by not supporting older protocols, etc that make those not work.m What I would really like is the ability to send / receive calls, send / receive texts (preferably with a alpha / numeric keypad and not that clicking a number 15 times to get a letter I need, and be awesome if I can configure email as well. 

 

Anyhow, not sure what to do about this and figuring it's a timely topic important to a lot of you, so kicking off this thread so we can focus the 12ozProphet brain trust on digging out a solution.

 

This product here Spot X-2, seemed like an interesting possibility... Text only though, but figured it likely had a proprietary OS and seems so limited and niche that I would think the usual software and tools for tracking and cracking probably don't work on it. No idea though.

[Mercer]

In your case @misteravenyour phone is still going to be doing nefarious privacy intrusions as long as you have Instagram installed. There may also be other apps installed that do the same thing that have nothing to do with google/Facebook. You can see what apps have access to the microphone and start narrowing it down from there. It’s also a good idea to periodically check to see which apps are tracking your location as well.

 

For someone in your position (really anyone) I’d recommend having a burner phone you’re not using stashed away out of earshot, until you need it to post on IG/FB or whatever google apps you’re running. Truth be told I should still be using that same setup myself, but I’ve yet to bust out the backup phone and install these apps to keep them off my phone. I currently run IG on my main phone. I used to just make use of the built in browser in 1Password to check in on FB, IG occasionally but that method limits you ability to post.

 

Also, a point most people miss is That even with these apps removed, Facebook will still find out if you buy something online, and can also serve you adds based on other sites monitoring you. Almost every website makes use of the free tools these companies provide and give up information via their Facebook like buttons scripts, google analytics script or whatever they’ve installed on their sites. Without any intentional interactions with FB/Google you’re still being watched. To top things off, the software has gotten so good they can even predict your actions/habits fairly accurately with zero input sources whatsoever, and still serve you adds that feel creepy, like they’re reading your mind without actually doing so.

[Dirty_habiT]

I take my apple watch off when i'm layin pipe.

[Dirty_habiT]

I'd say if you have any app open in the back ground that you've allowed access to your location, microphone, camera, etc.... then it's a risk.  I'm VERY careful about which apps get access to what on my phone, and I'm also very picky about apps in general.  I don't use anything that is related to social media period, the end.  On my laptop or on my phone.  So fuck those companies.  I've done the same with my default search engine by using duckduckgo.com on my phone and laptop only.  Occasionally I will go to maps.google.com to look up something the ddg maps can't find, but I do so in a private window.

 

I think the best bet you're going to have for a phone that will be "good" is going to be a hardware modular linux phone that doesn't run google's android software.  This is going to be a bit of a monumental task to undertake but I guarantee that there are nerds already working on this exact thing due to their similar distaste for the invasion of privacy.

 

https://itsfoss.com/open-source-alternatives-android/

 

https://www.tizen.org/ - this seems promising

 

My ONLY gripe with any of this is that I think Apple makes the highest quality packaging of hardware out of any manufacturer.  I'm not trying to be a nut swinger here, I've been fucking with technology since 386-SX based processors were what you had in your PC at home.... I've seen all this stuff mature and grow up, and I don't believe that Samsung, Motorola, or any other company makes hardware that is as high quality as apple.  Now, if you want to get into an "open hardware" phone, you're very likely going to sacrifice on even Samsung/Motorola level of quality.  Not because nobody can compete with these companies, but because they've been making this stuff for a long time and they're already good at it.

 

Someone is going to have to enter the "market" and standardize a design, and then start building upon it and not give up in 2 years after someone with one of these big companies offers to pay them a high salary.  That's the challenge, the people capable of delivering what you want are on payroll with companies that won't allow them to make anything like this so their talents are spent on making the products that you already don't like.  Someone will do it, we just can't know when.

 

edit: https://shop.fairphone.com/en/spare-parts/?ref=header - this looks promising.

[misteraven]

1 hour ago, Mercer said:

You can see what apps have access to the microphone and start narrowing it down from there.

I have IG mic disabled by default. I rarely post, but only time I enable it is when I do post, since it wont even let you post a photo without enabling the microphone. They really try hard tyo ensure you keep it on. Likewise, been making it a habit to quit the program after I look at it and that, and anything remotely similar, is set to not run in the background.

 

1 hour ago, Mercer said:

It’s also a good idea to periodically check to see which apps are tracking your location as well.

I don't allow any apps access to GPS when the app isn't active with the single exception of weather, find my friend and a couple system type apps that are obvious. I also quit almost all apps after I use it, rather than close them.

[diggity]

13 minutes ago, misteraven said:

I have IG mic disabled by default.

I have my photos, camera and mic disabled for instagram and it hasn't ever stopped me from using images from those places.

it tells me that it doesn't have permission and then posts it anyway.

 

these motherfuckers cant be trusted.

 

I use Aloha as my browser when I'm snooping around. 

Its got a vpn on it that you can turn on/off. not sure how much it helps or if its not logged somewhere but its giving my somewhat of the appearance of safety.

 

Also my job has some shit that i have to install on my phone where they can pretty much see everything i do anyway so...theres that.

[misteraven]

51 minutes ago, diggity said:

Also my job has some shit that i have to install on my phone where they can pretty much see everything i do anyway so...theres that.

What, why? Fuccckkkkk that. 

[diggity]

I don't have much choice if i want to get email on my phone. 

[diggity]

there is hope that shit is going away. apparently they dont want to pay for microsoft anymore so they are going to force all of us to gmail and google docs. in that scenario they will probably lose access to that feature.

 

they basicly want some shit that will allow them to delete their info off your phone when you get fired or quit. 

which is beyond stupid since you can back up everything. 

[Dirty_habiT]

My job tried to do the same thing.... my solution is that my personal phone is my personal phone and is not to be used for business purposes.  You're lucky if I even answer it if you're someone I work with and I can see that you're calling me.  If you want me to do work shit on a phone then issue me a company phone and I'll carry two..... and use the company phone when I'm at work "on the clock" only.  This whole bleeding out into my free time shit is like homework in high school. 

 

Also @misteraven- you're placing an awful lot of trust in the closed source phone's OS software by thinking that it strictly adheres to those little toggle switches you set for what can do what.  There are software bugs that are constantly being patched and it's about as good as having a zero-day exploit to have a software bug that can enable the mic with one of those phone OS switches turned off.  Don't believe that stuff like that doesn't exist, I guarantee that it does.  It's worth MILLIONS of dollars to have knowledge like that because of the exploitation you can inflict upon people.  Think of the black mailing that can happen.

 

I bet "important" people stay as far off the grid as possible.  I keep my GPS turned completely off unless I'm routing to a place I need to find that I've never been to before..... when I get close (read: not arrive there) I turn the GPS off so that bitch ass siri doesn't know that I ever made it to the place I searched.  Is this "good enough"?  Probably not.... but it makes my muppet brain feel like I'm doing the right thing to protect myself.

 

Phones are a tool and dumb ass phone users have turned them into toys/entertainment devices and corporations/governments have turned them into data collection/spying devices.  Anyone who believes they want privacy and uses a cell phone is just lying to themselves.

[~KRYLON2~]

You're all making me paranoid 

[Hua Guofang]

I think @Dirty_habiTis right, apps are the real vulnerability and they should be limited as much as possible.

 

@misteravenI've seen as many 'investigations' find that the phones are not listening to convos as I have heard complaints that they are. Doubt that they are being used that way but I suspect they are. I know that's incongruous but I think this pretty accurately sums up the age we live in!!

 

Honestly, bottom line is:

- write nothing down you don't want public

- use minimal apps

- don't use facebook - IG - etc.

- don't use gmail

- don't use loyalty programs

- turn off all geo-location on your phone but don't trust that its actually turned off if you really want to hide - ditch your phone altogether if that's the case.

- don't try and hide meaningless shit

- confuse your data (swap your phone/computer/debit card/etc. with trusted friends and family when you can)

- use cash (especially for grocery shopping)

 

..., and all the other shit I've been saying in other threads.

 

[KILZ FILLZ]

 

At that point you might as well have a digital camera, MP3 player and one of these 

 

 

[misteraven]

5 hours ago, Hua Guofang said:

@misteravenI've seen as many 'investigations' find that the phones are not listening to convos as I have heard complaints that they are. Doubt that they are being used that way but I suspect they are. I know that's incongruous but I think this pretty accurately sums up the age we live in!!

I've proven this repeatedly. Don't even care how many studies suggest otherwise, because it simply happens to regularly to be anything else. I'm aware that if you search for something, that ad retargeting will then start feeding you ads relating to what was searched. That's not what I'm referring to. I keep seeing situation where I'm having a conversation with an individual and / or texting an individual about an obscure subject and within 24 hours, advertising related t that very subject will clog my feed or suddenly show up online for the next couple days and then taper off.

 

Also, I know a couple people that work with or for Apple and have been told how most of their meetings require that everyone leaves phones and smart watches in special areas outside the room. Though they've never said they were informed of specific info that says these devices are tracking / listening, it's a policy on Apple's campus and off campus Apple meetings that they not attend meetings with those devices. If you knew the context of the relationship and the individual, you'd appreciate that there is not reason that they'd make that up.

 

-------

 

I went in and deleted a few apps, but there's not a whole lot on my phone already compared to most. No news apps, only social media app is Instagram and YouTube. Mainly weather stuff and some obscure apps that are relevant to the outdoors, as well as some technical apps like SSH and server shit.

 

I'm not making it a point to ensure all apps do not have camera / mic access and that are all quit instead of just closed. Doubt it'll make a difference and though I don't doubt that the apps are likely the larger offenders, I really don't trust my mobile device. I have read about how the technology has existed to intercept phone calls for ages (stingray). That cellular phone carries themselves are coordinating with the NSA on mass surveillance for ages now. That they can covertly remote activate your phones microphone and stream your conversation back without your knowledge. Even the head of the FBI doesn't trust his laptops camera and I'd assume he has a pretty solid IT department to ensure his laptop is hardened. According to Edward Snowden, desktops / laptops are far more secure than smartphones.

 

 

[Dirty_habiT]

On 1/4/2020 at 5:53 PM, ~KRYLON2~ said:

You're all making me paranoid 

Here's the thing though..... and I hate saying this..... they VERY likely dgaf what you're up to.  It takes an incredible amount of processing power to even consume this data.  Collecting and storing it is one thing, processing it and "figuring out what it means" is a whole other ball game that requires massive CPU to do.  For now they're fine with storing data and processing it as fast as they can.... or using the processing power they do have to look at high profile targets.

 

There's no doubt in my mind that one day the govt will retroactively look into shit people did in today's day and time..... and use that kind of stuff to get warrants.  I don't know if it will matter because people may have cleaned their lives up, but like you want to talk to your weed dude on your cell phone and use code words for your weed..... the gov isn't stupid.  They've been spying on spies for centuries.... and real spies are much more crafty than your average dope dealer/user in figuring out how to mask their communications.

 

The reason I don't like to say this is because it opens the door to people saying "if you're not doing anything wrong you have nothing to worry about."  That sentiment doesn't sit well with me.  It's not that I'm doing anything wrong, it's that I deserve privacy.  I shouldn't have to wonder what data is being collected about me whether I'm a normal guy or a cartel member.  With that said, this is exactly the kind of thing we need to use to bust drug and terrorist organizations, no other way around it.  Traditional methods are not good/fast enough to bust drug cartels and terrorist orgs that are using this exact technology to do their business.

 

I don't know what the right answer is, but I'm some where in the middle ground on all of it.  I understand technology very well, there's no doubt in my mind of the capabilities of the large corporations and the government..... but I'm not worried, because, again..... I'm not doing anything wrong.  Fuck em, I don't have dick pics on my phone because I have more dignity than that.... I don't talk about drugs because I don't do drugs.... I don't talk about anything of interest on my phone that the government would want to know about to charge me with any crimes.

 

I use Signal for all of my communication if I can.  I've got both sides of my family (mom and dad) to completely stop using normal text messaging, we use Signal only for our group chats.  This at least keeps Apple/Google/whoever from collecting my information.

[Hua Guofang]

On 1/6/2020 at 7:36 AM, misteraven said:

I've proven this repeatedly. Don't even care how many studies suggest otherwise, because it simply happens to regularly to be anything else. I'm aware that if you search for something, that ad retargeting will then start feeding you ads relating to what was searched. That's not what I'm referring to. I keep seeing situation where I'm having a conversation with an individual and / or texting an individual about an obscure subject and within 24 hours, advertising related t that very subject will clog my feed or suddenly show up online for the next couple days and then taper off.

 

Also, I know a couple people that work with or for Apple and have been told how most of their meetings require that everyone leaves phones and smart watches in special areas outside the room. Though they've never said they were informed of specific info that says these devices are tracking / listening, it's a policy on Apple's campus and off campus Apple meetings that they not attend meetings with those devices. If you knew the context of the relationship and the individual, you'd appreciate that there is not reason that they'd make that up.

 

-------

 

I went in and deleted a few apps, but there's not a whole lot on my phone already compared to most. No news apps, only social media app is Instagram and YouTube. Mainly weather stuff and some obscure apps that are relevant to the outdoors, as well as some technical apps like SSH and server shit.

 

I'm not making it a point to ensure all apps do not have camera / mic access and that are all quit instead of just closed. Doubt it'll make a difference and though I don't doubt that the apps are likely the larger offenders, I really don't trust my mobile device. I have read about how the technology has existed to intercept phone calls for ages (stingray). That cellular phone carries themselves are coordinating with the NSA on mass surveillance for ages now. That they can covertly remote activate your phones microphone and stream your conversation back without your knowledge. Even the head of the FBI doesn't trust his laptops camera and I'd assume he has a pretty solid IT department to ensure his laptop is hardened. According to Edward Snowden, desktops / laptops are far more secure than smartphones.

 

 

 

The "I don't care what studies say" approach is an unfortunate one. We should always be open to having our assumptions challenged, even if only to confirm that you hold them for good reason.

 

One of the plausible reasons that you have ads that align with phone convos is that you discuss things that you are likely to discuss - that is to say, all the other data collected on you is enough to understand what you're likely to focus on and discuss in your life and that's what you receive. That you happen too be having discussions about these issues might mean that their psychometrics are well tuned.

 

If you really want to test it, don't base it on things that you discuss as routine in daily and professional life. Discuss things that are completely foreign to you - taking tantric yoga classes in the antarctic, learning how to cook traditional Swedish elk pancakes, or some similar shit. IF you start receiving ads for things that align with utterly concocted stuff your assumptions will be supported. If not, your assumptions will be under doubt.

 

Regard apps, you are right to completely distrust them and treat them with suspicion.

 

Where you talk about not taking phones into meetings, that's pretty standard practice for a lot of companies and is across the board for national security agencies. A company I worked for used to keep phones in foil packets if we didn't trust the organisation hosting the meeting (as in, when we were in the secure facility they'd be outside hacking our devices). All secure areas won't let you take any networked device in, unless it is a cleared device. They don't trust that they haven't been hacked or can be used to upload data from a previously planted device. This means phones, laptops, tablets, smart watches, fitbits or anything with connectivity.

 

If you're in a company that has to work hard to protect your IP and market strategies you most often won't take your phone into meetings, pretty common. But that's because these people will be deliberately targeted for very specific information. This is not the same as "all phones are listening to everyone to target them with ads". It's two different issues.

 

 

 

[Dirty_habiT]

https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/

 

thanks obamaphone

[lord_casek]

App called Privacy Pro. Get it. Use it. 

[misteraven]

On 1/10/2020 at 9:10 PM, lord_casek said:

App called Privacy Pro. Get it. Use it. 

Looks to be a VPN service if this is the right one... https://apps.apple.com/us/app/disconnect-privacy-pro-entire/id1057771839?ls=1

[NightmareOnElmStreet]

Perhaps dumb, but do any of y’all know if things like that privacy pro app works against unsolicited spam calls? Is there even such a thing?? It’s so out of hand on my line lately I can’t take it anymore. I use a burner app for my business line and it’s awesome to not get some asshole spammer calling me. 

[ndv]

On 1/9/2020 at 3:54 PM, Dirty_habiT said:

https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/

 

thanks obamaphone

Stupid is, is stupid does.

[Dirty_habiT]

12 hours ago, NightmareOnElmStreet said:

Perhaps dumb, but do any of y’all know if things like that privacy pro app works against unsolicited spam calls? Is there even such a thing?? It’s so out of hand on my line lately I can’t take it anymore. I use a burner app for my business line and it’s awesome to not get some asshole spammer calling me. 

1. Get a google number (or other free voip service? @lord_casek).

2. Never give anyone that isn't your family or close friend your "real phone number".

3. Give anyone else your google phone number that forwards to your real number.

 

What this will do is provide a layer of protection for your privacy that you don't get with your normal phone number.  I think it is MUCH easier to let google's machine learning systems (which they assuredly have hooked up to these gvoice servers) decide which accounts are being used by assholes.

 

I could go on and on about this subject but I have to get back to work and this is all I could type in the short time I had.  😄  If you have questions about this or how it's better please ask and I'll do my best to answer ASAP.

[Dirty_habiT]

Want to find out who is a dickweed selling your information to spam agencies?

 

When you're at, for example, BestBuy and they ask you for your email address.  Instead of giving them sallyjoe@mountainbillies.com you would give them sallyjoe+bestbuy@mountainbillies.com.  When bestbuy or whoever sends email to the address you gave them, it will still arrive at your sallyjoe email box but the recipient address will say "sallyjoe+bestbuy@mountainbillies.com".

 

When you receive an email for dick pills or hot ladies that are waiting for you to contact them in your area..... to the sallyjoe+bestbuy email address, well, you can put the rest together.  It means they've sold or otherwise been irresponsible (got it stolen via being hacked/social engineered) with your data.

 

Now, there is a way around this.  Nefarious email systems could be programmed to remove anything in between a + sign and an @ sign, and then remove the + sign.  That would "solve" the "problem" for the spammer.

 

You can take this one step further, however.  It takes a bit more work and tenacity.  Most people won't go through this amount of trouble.

 

1. Register a domain, ok mountainbillies.com.

2. Set up email service/server on your domain so that you can host email addresses as you see fit (sallyjoe@mountainbillies.com, gooburt@mountainbillies.com, etc)

3. Enable a catchall email address that allows accepting email for ANY name @mountainbillies.com and forwarding it to some address of your choosing.

4. Give bestbuy the email address: "bestbuysoldmydata@mountainbillies.com"

5. Sallyjoe's your uncle.

[Schnitzel]

On 1/5/2020 at 6:15 AM, Dirty_habiT said:

I take my apple watch off when i'm layin pipe.

https://www.betootaadvocate.com/uncategorized/teenage-couple-break-apple-steps-world-record-during-movie-date/