07-05-2021, 05:28 PM
(This post was last modified: 07-05-2021, 05:29 PM by moonwalkers.)
If you want to start about improving InfoSec habits then why don't we start first with building a threat model? I.e., what are the threats you're trying to protect against? Is it just bulk metadata collection, or is it targeted surveillance? Is it ethically questionable but still lawful surveillance by a state actor, commercial entity data collection, criminal activity, unlawful abuse of power? Are you trying to protect yourself from the annoyance of targeted ads or from current political power targeting you as a member of an opposition?
But most importantly, you have to figure out a practical trade-off between security and privacy vs your use case, otherwise you may end up with a highly secure system that's totally unusable because in the name of security it is unpowered, embedded in a slab of concrete, fully enclosed in a Faraday cage, and burrowed sixty feet under ground.
Without having that threat mitigation vs usability analysis the rest of the discussion on privacy and security can quickly devolve into conspiracy theories and tin foil hat fashion circle jerk, which is the road it seems to have already started going down.
Hardware kill switches are a great feature. But unless they are easily accessible on the outside of the phone (similarly to what Purism did with Librem 5) they are essentially useless outside of development context. Nobody sane enough is going to be opening up the back cover of their phone to flip the modem switch every time they want to start and finish a phone call. At least nobody with a modicum of social life. Same applies to all the other kill switches. Oh, and if you go radio-silent not only your cell phone provider can no longer track you, but the people suddenly no longer have a way to contact you. Unless you carry one of those one-way pagers, if anyone still remembers them.
Oh, and even then your security model relies on assumption that your OS is impenetrable. Guess what happens if some rogue app gains access to the sensors without killswitches, like accelerometer, gyroscope, proximity, ambient light, compass? Once your phone does gain access to Internet, that app can send back the history of the data captured using those sensors, and the analysis of that data can pinpoint your exact location history (https://www.schneier.com/blog/archives/2...ple_5.html) and even what you were doing - after all, the activity trackers can tell you how many steps you walked and what kind of activity you did using nothing other than accelerometer.
But most importantly, you have to figure out a practical trade-off between security and privacy vs your use case, otherwise you may end up with a highly secure system that's totally unusable because in the name of security it is unpowered, embedded in a slab of concrete, fully enclosed in a Faraday cage, and burrowed sixty feet under ground.
Without having that threat mitigation vs usability analysis the rest of the discussion on privacy and security can quickly devolve into conspiracy theories and tin foil hat fashion circle jerk, which is the road it seems to have already started going down.
Hardware kill switches are a great feature. But unless they are easily accessible on the outside of the phone (similarly to what Purism did with Librem 5) they are essentially useless outside of development context. Nobody sane enough is going to be opening up the back cover of their phone to flip the modem switch every time they want to start and finish a phone call. At least nobody with a modicum of social life. Same applies to all the other kill switches. Oh, and if you go radio-silent not only your cell phone provider can no longer track you, but the people suddenly no longer have a way to contact you. Unless you carry one of those one-way pagers, if anyone still remembers them.
Oh, and even then your security model relies on assumption that your OS is impenetrable. Guess what happens if some rogue app gains access to the sensors without killswitches, like accelerometer, gyroscope, proximity, ambient light, compass? Once your phone does gain access to Internet, that app can send back the history of the data captured using those sensors, and the analysis of that data can pinpoint your exact location history (https://www.schneier.com/blog/archives/2...ple_5.html) and even what you were doing - after all, the activity trackers can tell you how many steps you walked and what kind of activity you did using nothing other than accelerometer.
This message was created with 100% recycled electrons