Before I buy... is PinePhone actually open source?
#1
Hello

We require open source firmware verifiable 4G/MNO connectable via SIM Card devices with POTS call capability and zero possibility of GPS location awareness.

I am going off this review: https://www.androidpolice.com/2020/08/13...-in-years/

Correct me if this review is outdated. But the first thing I noticed is the oppressively large Quectel EG25-G chip. This is not open source correct? And it has proprietary firmware correct? Also its from China. And has a built in GPS/GLONASS chip, right?

So basically if I want to be sure GPS is not on giving my location to Xi Jinping's CCP automotons, it basically means I can never use the PinePhone as a phone, correct? I don't like software switches. They can be exploited. Don't assume my threat model nor assume or underestimate the adversary. It's possible, and when a threat is possible you don't hope, you make the threat an impossibility, end of story. Especially if you're serious about not dying alone in a death camp, or watching your children, sister, mother, grandmother disappear in the middle of the night never to be seen again.

So whats the solution here? Remove the chip? And use something like an external MIFI device that gives me 4G connectivity, but allows me to connect my PinePhone via wifi while being sure my mifi device has no onboard GPS ship and an overseas international roaming MNVO sim card bought with monero and shipped to a hotel room paid with cash under a false name?

If going the route of removing the Quectel chip and using an audited mifi device is the only option, then my last question whats your best recommendation for phone calls on the device while not touching the phone number on the SIM, just using the sim for encrypted data and using the phone for VOIP. In the past we've had great success with Twilio and Zoiper App on android devices. The android devices have no gps, are wifi only, and we use wifi to connect to first a hardware router with hardware VPN, then the route connects to another MIFI device that only accepts data. And then twilio calls are made through various twilio merchant providers that allow you to pay with crypto. Ultimately multilateration on random anonymous SIM cards in the context is too much work for advasaries because twilio is unaware if where the actual call is coming from and the MVNO and MNO Tower operator isn't aware of what data is being sent or recieved on the sim card. And again the phone number on the SIM card is never used. Its just for encrypted voip calls, but no body knows who the caller is except the person receiving the call.

All in all this is a bulky setup. It means to have truly anonymous mobile phone calls one has to carry around a router, mifi device, android device and various battery packs, then keep everything configured via a laptop. Its very difficult when one VPN connection gets bogged down. Or your mifi or other devices lose power, you must wait for them to boot up. So I am hoping I can build a better solution with PinePhone or Pine64 architecture in general. We would also like to transition into Satt, as this would make multilateration irrelevant. Meaning while the tower might not know whose using the international SIM card, but they can investigate every single person that turns one on. Deanonymising the target and their mission. So any help with Satellite would be appreciated as well.

We are ready to buy many devices if we can make something possible here. Well make something better than our current setup.

Thank you for your help.
#2
This is as 'open source' as is possible at this price point, there is a discussion about modem isolation on the main website page about
10 months ago, that goes into detail.

The Librem would be the 'next step' but I believe that sells for $700 - $750 USD. that has a removable/ replaceable modem.
and it is not currently as 'usable' as the Pine phone.
      LINUX = CHOICES
         **BCnAZ**
               Idea
   Donate to $upport
your favorite OS Team
#3
(11-10-2020, 02:28 PM)JuniperFury Wrote: ...
This is not open source correct? And it has proprietary firmware correct? Also its from China. And has a built in GPS/GLONASS chip, right?
...
Correct, correct, correct, right.

(11-10-2020, 02:28 PM)JuniperFury Wrote: ...

So whats the solution here? Remove the chip?
...

I suggest there is no point starting with a PinePhone - start with a Raspberry Pi or some other Pi-like clone and add the peripheral bits you are happy with.

ps - I think this article is still pretty much the story on open source phones.
  • ROCKPro64 v2.1 2GB, 16Gb eMMC for rootfs, SX8200Pro 512GB NVMe for /home, HDMI video & sound, Bluetooth keyboard & mouse. Arch (6.2 kernel, Openbox desktop) for general purpose daily PC.
  • PinePhone Pro Explorer Edition, daily driver, rk2aw & U-boot on SPI, Arch/SXMO & Arch/phosh on eMMC
  • PinePhone BraveHeart now v1.2b 3/32Gb, Tow-boot with Arch/SXMO on eMMC
#4
(11-10-2020, 02:28 PM)JuniperFury Wrote: So basically if I want to be sure GPS is not on giving my location to Xi Jinping's CCP automotons
If not China, you'll give it to Russia, which shares with China.
If not Russia, you'll give it to USA, which shares with Russia.
If not USA, you'll give it to EU, which shares with USA.
If not EU, you'll give it to Israel, which shares with EU.
And so on.

As long as it's a device that emits at least 1 wireless signal, you're guaranteed to give away your location.
And you can put it completely on wires, but as soon as you get a phone call, you're tracked again.
Even desktops are tracked, your ISP does that.

Open source doesn't eliminate tracking entirely, but it does eliminate tracking on their side, which limits the amount of information and its accuracy collected.
So you can't become entirely anonymous, but you can make yourself less accurately identifyable.

So the only way to stay away from any kind of tracking, will be to lock yourself up in your home, cover all your windows, wrap all your walls off in aluminium foil, sell every gadget you have, and don't use any technology at all.
#5
(11-10-2020, 02:28 PM)JuniperFury Wrote: We require open source firmware verifiable 4G/MNO connectable via SIM Card devices with POTS call capability and zero possibility of GPS location awareness.
Unfortunately there is no such device, and there won't be so long as radio devices require regulatory approval. Read the 4G standard docs - see
https://www.3gpp.org/specifications/ - from what I remember location awareness is part of the specification. Many (most?) jurisdictions now require location for emergency calls, and network operators find it useful for a number of reasons, including selling it to 3rd parties even when they've promised they won't.
#6
(11-11-2020, 06:29 PM)wibble Wrote:
(11-10-2020, 02:28 PM)JuniperFury Wrote: We require open source firmware verifiable 4G/MNO connectable via SIM Card devices with POTS call capability and zero possibility of GPS location awareness.
Unfortunately there is no such device, and there won't be so long as radio devices require regulatory approval. Read the 4G standard docs - see
https://www.3gpp.org/specifications/ - from what I remember location awareness is part of the specification. Many (most?) jurisdictions now require location for emergency calls, and network operators find it useful for a number of reasons, including selling it to 3rd parties even when they've promised they won't.

Exactly what I wanted to say, there were regulation put in place, to make it impossible for any average Joe to have a device that is 100% untraceable.

What concerns me, is not some intelligence agency tracking my gps signature, because I am not of an interest to them.

Some primary concerns are things such as when you buy a very expensive phone such as the latest Samsung Android phone, or a Google Phone, or an iPhone, pay like 800 euros or USD for it, think that you "own" it, while in fact those companies feel entitled to encapsulate malicious features on system updates, without your consent! such as the very dirty move that apple did when they decided to add a Tracking feature as a native part of their OS (so you can't even get rid of it), without even asking the end customers if they agree to it, with the excuse that it was to "fight the pandemic", right after they have mentioned that the collected data will be "available to various of governments agencies", that is a very big breach of my privacy and what gets me the most is that they feel like they can do it, and they don't even need my permission to do it, they sell you a phone for a lot of money but still feel privileged to do with it and the data that is on it as they please like they lent it to you for free or got your permission to use your personal data for their own business model. 

Or when google phones or Android phones literally are constantly taking audio samples of what you are talking about, and translate it to traceable data - then you open up an app such as facebook (another huge privacy violator and private data miner) and surprisingly see an offering that is exactly what you TALKED about with your wife an hour ago, without ever typing it into any search engine on your device - that is a big privacy breach.

Those companies IMHO can never be trusted again, from the moment they decided to put profits the top priority at the expense of their customer's privacy and real ownership (not to mention that they started designing their products to be un-repairable, again for maximizing profits without any care for product quality and longevity)

That is from the basics of the "privacy" prospect. but in general for many daily linux users - owning a Linux powered phone that is not running on the hardware of one of the big tech giants is pure bliss.
#7
@JuniperFury

Maybe you should have a look at the ZeroPhone if you are really that nervous about your privacy.
#8
(11-11-2020, 01:14 PM)bcnaz Wrote: This is as 'open source' as is possible at this price point, there is a discussion about modem isolation on the main website page about
10 months ago, that goes into detail.

The Librem would be the 'next step'  but I believe that sells for $700 - $750 USD.  that has a removable/ replaceable modem.
  and it is not currently as 'usable' as the Pine phone.

Can you link me to the modem isolation discussion?

So you're saying the quctel modem in the PinePhone cannot be removed?

I like the Librem and was ready to order but cannot wait 6 months.

Do you think the PineTab is stable enough to use a voip app?


(11-11-2020, 01:47 PM)dukla2000 Wrote: I suggest there is no point starting with a PinePhone - start with a Raspberry Pi or some other Pi-like clone and add the peripheral bits you are happy with.

ps - I think this article is still pretty much the story on open source phones.

Why the Rasberry Pi and not Pine 64 Single board computers or other options?

Also is there a Pi version without wifi?

(11-11-2020, 06:29 PM)wibble Wrote: Unfortunately there is no such device, and there won't be so long as radio devices require regulatory approval. Read the 4G standard docs - see
https://www.3gpp.org/specifications/ - from what I remember location awareness is part of the specification. Many (most?) jurisdictions now require location for emergency calls, and network operators find it useful for a number of reasons, including selling it to 3rd parties even when they've promised they won't.

Thank you for the standard docs. I'll dive into them.

So most mobile network modems are blackboxes? Is there any way to reverse engineer them or hobble together my own 3G modem for private use?

I saw an unrelated project that might be useful: https://www.forbes.com/sites/thomasbrews...gray-jeep/

It's using a "a software-defined radio (SDR)" for MITM attacks. Is it possible to use such a modem just for calling and not spying on other phones?


(11-12-2020, 03:28 AM)as365n4 Wrote: Maybe you should have a look at the ZeroPhone if you are really that nervous about your privacy.

This looks promising. Would this kit have whats necessary to to send and receive data to be used as a mifi hotspot?

Ultimately, if we cannot remove the quctel chip, is there anyone in the Pine64 community building hotspots with the Pine64 architecture? I see something like a small box with a small touch screen controlling inside a few sim cards, multiple vpns, and offering a wired or aes256 connection to the voip device wirelessly. That's what the PinePhone seems to be with what the article said. That the modem is in a blackbox, seperate from the Linux computer via USB I believe. But I want to be able to quickly throw away the IMEI if I have to without throwing the whole phone away.

Thank you all for donating your time.
#9
(11-13-2020, 10:27 PM)JuniperFury Wrote:
(11-11-2020, 01:14 PM)bcnaz Wrote: The Librem would be the 'next step'  but I believe that sells for $700 - $750 USD.  that has a removable/ replaceable modem.
  and it is not currently as 'usable' as the Pine phone.

Why do you think that Librem 5 is not as usable as PinePhone? I think it is already faster and more stable. Purism works on both software and hardware, so I expect it to become a reliable daily driver faster.


>Can you link me to the modem isolation discussion?

You should be able to find details here: https://wiki.pine64.org/index.php/PinePhone or here: https://xnux.eu/devices/feature/modem-pp...-pinephone.


>So most mobile network modems are blackboxes? Is there any way to reverse engineer them or hobble together my own 3G modem for private use?

AFAK no, but see here: https://forum.pine64.org/showthread.php?tid=11815.



>Do you think the PineTab is stable enough to use a voip app?

PineTab is ne less progressed than PinePhone, so I doubt it.


> But I want to be able to quickly throw away the IMEI if I have to without throwing the whole phone away.

Only Librem 5 allows to do this.
#10
Eventually you WILL be able to put a modem into your PineTab,

  but that option may or may not be available for some time ?
      LINUX = CHOICES
         **BCnAZ**
               Idea
   Donate to $upport
your favorite OS Team


Possibly Related Threads…
Thread Author Replies Views Last Post
  PinePhone - boot from microSD laserpyramid 5 299 03-06-2024, 06:37 PM
Last Post: aular
  Are you using the Pinephone as your daily driver? jro 157 105,110 02-18-2024, 11:33 PM
Last Post: aular
  2020 PinePhone Manjaro CE EU for sale, name your price astrojuanlu 7 1,524 02-14-2024, 04:51 PM
Last Post: astrojuanlu
  pinephone is not bootble for the box. ijij 1 461 01-19-2024, 01:29 PM
Last Post: fxc
  Multiple issues with the Pinephone MTXP 12 1,938 12-28-2023, 07:55 AM
Last Post: MTXP
  pinephone repair shop shengchieh 0 383 12-26-2023, 02:42 PM
Last Post: shengchieh
  sudo nano file saving pinephone beta edition CharlesGnarley 4 1,479 12-22-2023, 03:44 PM
Last Post: Kevin Kofler
  Can't get Mobian on PinePhone to recognise USB-C docking bar duncan_bayne 9 6,602 12-04-2023, 02:14 AM
Last Post: Peter Gamma
  Pinephone not booting, always vibrating alexander12 7 4,668 11-22-2023, 06:46 PM
Last Post: Scary Guy
  Pinephone on Verizon chachi 3 992 10-09-2023, 11:26 AM
Last Post: alaraajavamma

Forum Jump:


Users browsing this thread: 1 Guest(s)