this post was submitted on 05 May 2024
322 points (97.1% liked)

Privacy

29787 readers
1613 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
322
How Do I Prepare My Phone for a Protest? (themarkup.org)
submitted 1 month ago by [email protected] to c/[email protected]
66 comments fedilink hide all child comments
 

Simple steps to take before hitting the streets

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 1 month ago (1 children)

Burner phone to anything that requires communication. Erase metadata of anything that will be shared and uploaded online.

[–] [email protected] 5 points 1 month ago (1 children)

Burner phones are a strange concept. If you want to store sensitive data on it, you shouldnt use some cheap android phone or even a dumbphone without encryption support.

[–] [email protected] 1 points 1 month ago (1 children)

All Androids since 9 at least have been encrypted by default as long as you have a lock screen enabled. Doesn't matter if its cheap, it is there.

[–] [email protected] 5 points 1 month ago* (last edited 1 month ago) (1 children)

All Android phones have Google malware installed by default, as system apps, which means those apps can do whatever they want.

So every piece of data you put on there is possibly tracked and collected.

Then there are 2 more problems

  • the software is proprietary and cannot be externally wiped clean
  • the software is outdated

This makes it vulnerable to Pegasus attacks and others. There are tons of secure practices to avoid getting it, like LTE-only, HTTPS only, encrypted and trustworthy DNS, sandboxed processes, blocked javascript execution from unknown websites...

But still if the phone is outdated there are unpatched and publicly known security issues. Just spamming them at all phones is likely to succeed as so many people run vulnerable versions, as vendors suck.

Then if you have pegasus, the only way for security is to reflash the A/B partitions, both. Factory reset is not secure as it will keep what is already in the system partitions.

The firmware is protected and signed by the vendors, so it is likely clean.

But Pegasus installs itself to the phone storage.

If you A cant obtain factory images or B cant flash the phone at all, you cannot wipe it clean.

So a good activism phone needs

  • trustworthy and minimal system apps / stock software
  • modern software updates
  • possible to reflash whole device externally
  • nice to have: ability to verify checksum of system partition, like GrapheneOS Attestation

This makes them poorly pretty expensive. I think a slightly outdated GrapheneOS phone is okay though.

[–] [email protected] 9 points 1 month ago (1 children)

Then get a burner pixel 3a and install grapheneOS or DivestOS

[–] [email protected] 4 points 1 month ago (1 children)

I think 3a is already too old. I think 4a is a better minimum, but this is still insecure of course.

[–] [email protected] 5 points 1 month ago (1 children)
[–] [email protected] 2 points 1 month ago

Yes I know, and I want to try DivestOS one time. But they do incomplete patches.

They cannot update the kernel themselves or even worse the firmware. The kernel needs to be built and patched for the specific hardware, GrapheneOS relies completely on Google here. And the firmware needs to be signed by the vendors, so no chance either.

And especially baseband, cellular stuff has extremely many vulnerabilities in the code.