The Privacy and Security Guides: Mobile Phone Tracking and Surveillance
Posted by Security Team on
Table of Contents
Welcome to the Privacy and Security guides, where we give you the tips, tricks, and tools to secure yourself or your business in this ever-changing digital landscape we find ourselves in
In today's article, we will dive into Mobile tracking and surveillance
What is it? How does it affect you? And what we can do about it?
Let's jump in!
Let's talk about "Smart" Phones
Mobile phones and similar portable devices have become commonplace and essential communications tools—now used not only for calls but also for accessing the Internet, sending messages, and documenting the world around us.
Unfortunately, mobile devices were not designed with privacy and security at the forefront. By default, they were intended for convenience and ease of use.
As a result, they do a terrible job of protecting your communications.
They also expose you to surveillance risks—especially location tracking. Furthermore, most devices give the user much less control than a desktop or laptop computer.
So it's much harder to:
- Replace the operating system
- More complicated to investigate malware attacks
- Harder to remove or replace undesirable bundled software
- More complex to prevent third parties, apps, and background services, from monitoring how you use the device.
Additionally, the device manufacturer may declare your device obsolete and stop providing you with software updates, including security fixes (also known as planned obsolescence). If this happens, you may not have anywhere else to turn for these fixes leaving your device vulnerable.
Some of these issues can be addressed using third-party privacy software, but some can't. Here, we'll describe how phones can aid surveillance and undermine their users' privacy and track you everywhere you go.
Your Device Is Spying on You
Yep, You got it. Your "smart" phone is an advanced spying/tracking device that you carry everywhere.
That can:
• Record everything you say at any time ("Hey Siri," "Hey Google").
• Record your location everywhere you go.
• Record other devices around you (Bluetooth devices, Wi-Fi Access points).
• Record your habits and health data (steps, screen time, exposure to diseases, connected devices data)
• Record all your network locations.
• Record all your pictures and videos (most likely where they were taken using metadata attached to the photo).
• Most likely access most of your essential known accounts, including social media, messaging, and financial accounts.
• Your Smart Watch? (Apple Watch, Android Smartwatch ...)
• Your Fitness Devices and Apps? (Strava, Fitbit, Garmin, Polar ...)
• Your Smart Speaker? (Amazon Alexa, Google Echo, Apple Homepod...)
• Your Transportation? (Car? Scooter?)
• Your Smart Tags? (Apple AirTag, Galaxy SmartTag, Tile...)
• Your Car? (Yes, most modern cars have advanced logging/tracking features)
• Any other "Smart" devices?
There are even very convenient search engines dedicated to finding them online:
Data can be transmitted even if you opt-out, processed, and stored indefinitely, most likely unencrypted by various third parties.
Not only is your smartphone spying on you.
But also every other smart device you could have.
What can we do about it?
Glad you asked! the good news is there is a lot you can do to better protect yourself and your business.
It can seem overwhelming, but it is all about taking the time to educate yourself on technology and take back your control.
So let us break down some steps and give you some resources that you can use now to better safeguard yourself.
Use privacy-respecting apps and services
Most Google Play and Apple app store apps are filled with trackers and analytics. Unfortunately, they do not respect your privacy, not to mention most are closed source, so you can never really be sure what the code is doing.
Switching to open source privacy-respecting app alternatives is a significant first step to protecting your privacy.
Take a look at privacytools.io, a curated list of privacy alternatives for some of the apps you may already use, not to mention some fantastic resources to get you started.
If you are on Android, take a look at the F-Droid store.
F-Droid is an installable catalog of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.
Adjust those default settings
Your device will generally ship with default settings. However, this is not the best idea if you are concerned about privacy.
There are some things you may want to turn off.
Watch this video by Sun Knudsen, a privacy and security researcher, on what settings to turn off on your phone for maximum privacy and security.
How To Configure iOS for Privacy
Ultimate Smartphone Security Guide
TheHatedOne is a privacy and security researcher this video is on how to secure your phone (Both Android and Ios)
Ditch traditional messaging
Although exploiting your personal conversations is common among many popular messaging apps, there are still a handful of apps prioritizing their users' privacy.
Keeping your conversations private and out of the hands of others is a no-brainer regarding privacy for you and your business.
Avoid: Facebook Messenger, Google Hangouts, LINE, Telegram, Snapchat, Tencent QQ, Viber, WeChat, WhatsApp.
Signal
Signal seems to be the perfect alternative to traditional messaging apps. So here's why you should switch to Signal for your messaging needs.
Signal is Fully open-source, Free of charge, offers full encryption of your data, and data is stored locally.
Signal offers so many exciting security features. It is the perfect substitute for other popular platforms that passively store (or actively share) your information. This app will continue to climb in popularity as the need for confidentiality and security rises.
Session
Another good alternative to your regular messaging app is Session
No phone number or email address is required to signup. Similar functionality to signal, but still in an earlier stage of development. Decentralized servers are routed through Lokinet.
Briar
Briar doesn't rely on a central server - messages are synchronized directly between the users' devices via Bluetooth or Wi-Fi. Online sync via the Tor anonymity network is possible, too. Protecting users from surveillance.
(Only available for Android)
For a more detailed list, please check out https://www.privacytools.io/.
Phone Alternatives
Did you know there are ways to run custom versions of hardened Android designed to be highly secure and private?
Graphene OS
GrapheneOS is a privacy and security-focused mobile OS with Android app compatibility developed as a non-profit open-source project. It's focused on researching and developing privacy and security technology, including substantial improvements to sandboxing, exploit mitigations, and the permission model.
GrapheneOS improves the privacy and security of the OS from the bottom up. It deploys technologies to mitigate whole classes of vulnerabilities and makes exploiting the most common sources of vulnerabilities substantially more difficult. It improves the security of both the OS and the apps running on it. The app sandbox and other security boundaries are fortified. GrapheneOS tries to avoid impacting the user experience with privacy and security features.
Calyx OS
CalyxOS is an Android mobile operating system that puts privacy and security into the hands of everyday users. Plus, proactive security recommendations and automatic updates take the guesswork of keeping your personal data personal.
Keep in mind this is a more hands-on solution that will require you to DIY install a custom version of Android, also called (flashing)
We urge you to check out the documentation on their websites linked above if you are interested.
Conclusion
Thanks for reading. We hope you enjoyed this first part of the Privacy and Security guides.
Don't forget to look at our vast range of privacy and security products.
To help secure you and your digital life
Sources:
https://anonymousplanet-ng.org/- [The Hitchhikers guide to online anonymity]
https://www.privacytools.io/