I don’t like so called smartphones (flashy devices to mine your data and other reasons) but my regular no touchscreen phone’s microphone is no longer working as it should, making conversations difficult.
Enter a smartphone I received as a present, my phobia (for lack of a better word) to smartphones and my (misguided?) obsession with privacy: I don’t want to use this smartphone as my default phone because I’m scared the carrier, ISP or google are going to mine my data and trace my calls.
Which might be an overreaction, because each time I use my regular cell phone, the carrier knows when I’m calling from, who I’m calling and how long the call lasts.
So I ask you: how much more data would I be leaking if I use my new smartphone for calls only, compared to a regular, no touchscreen phone?
I’d say a normal phone is a lot worse than smartphones in general, unless you don’t care about all your communications being readable by the carrier. With a smartphone you can make actually encrypted calls and texts over trustworthy applications/protocols (Signal, Matrix, Simplex, etc.), on a phone you’re stuck with the carrier service; another thing that comes to mind is the storage, as far as I know there are no normal phones with an encrypted filesystem while it is default for a long while on Android.
On the other hand, if your new smartphone model isn’t loaded with a privacy respecting ROM you’ll also have at least some data sent to other third parties like Google and whatnot, but if you can change the ROM, then the potential for better privacy far outweighs the benefits of normal phones doing fewer things with your data by default. If you’re going to use your new smartphone like an old phone, to make carrier calls and SMS, then there will be near to no improvements (except storage security maybe) and as you say, more data snooping
A normal phone doesn’t have AGPS download ephemeris (edit:they may today, I haven’t looked into it for a while), doesn’t have Google Services tracking everything, or third party apps phoning home.
I’d say by default a smartphone is way worse, it has fsr more data collection by default, even without an account. Every data point a feature phone has, a smartphone has, plus more.
Voice calls and SMS use the exact same infrastructure in exactly the same way on both types of phones.
But it can be mitigated quite a bit on Android by not using an account on it, disabling GPS, wifi, Bluetooth.
They could also debloat it to reduce some of the background nonsense (Universal Android Debloat has a “safe to disable” list). (I’m assuming it’s not an unlocked Pixel or a phone that’s on the Lineage list).
If they don’t care about apps, I’d even add NoRoot Firewall, configure it for always on, and set it to block all network access by default. This would be a Global Pre-Filter using asterisk (*) for both the address and port fields with both Wifi and Cell boxes checked (system apps will still have network access, this only affects users apps on a non-rooted phone).
Other than root or flashing a custom OS (like Lineage or Divest, Graphene if they were lucky enough to get an unlocked Pixel), this is about the best that can be done.
Agreed 100%, I wish any smartphone could support Graphene
Sadly it’s only getting worse.
Google and hardware manufacturers aren’t motivated to make open devices. Quite the opposite, really.
They learned their lesson from the BIOS wars of the 80’s that resulted in standardized hardware interface, so any compliant OS could be installed. This is what gave MS the ability to beat IBM at their own game, and prevented strong DRM.
Phones don’t have a standardized BIOS like that, so each brand requires drivers built specifically for it (also a bit of a result of using Linux as the base, since it’s a monolithic OS). Without those drivers you can’t install an OS, and each device is different.
Google and friends like it this way, their long-term goal is fully locked down phones that you don’t control and can’t modify, so they can fully implement DRM.
If you’re really only making phone calls, the built in location tracking is probably the biggest issue? AFAIK, you can only use an off the shelf iPhone with an Apple account, and a similar Android phone with a Google account, so your location will be tied to and referenced with those.
Apple have branded themselves as guardians of their users’ data, so many consider that a safe assurance. YMMV but it may be slightly better than Google’s Dodgier approach. When in doubt, go to settings and turn everything off you don’t use, location services foremost.
You may want to disable other apps that come with your phone as well. Basically anything you don’t use. I don’t know how much data can be harvested from background services of an app that doesn’t have a user signed in, but at this point I’d err on the side of caution. Plus, as you say, your position can always be approximated by your mobile carrier through the cell towers you’re connected to, but that goes for dumb phones as well.
Personally, I only use Android smartphones with custom ROMs like LineageOS without installing the Google apps or services framework because I Just Don’t Use Google. Instead I install microG to spoof the GSF to apps that require it. That’s a privacy compromise I can live with because I use my phone as an internet device as well. Needless to say I take privacy precautions on an app level as well.
You can setup Android without a user account. I’m not sure about iPhone, I don’t believe that’s an option in the setup process (but it’s been a while, since I set mine up).
Apple is only protecting you from other companies also getting the data they harvest from the phone.
Yup. And again, millions of iOS users take that as assurance of Apple’s trustworthiness. In this game, we all need to choose who we trust with our data 🤷
Yes you are batshit crazy
why thanks…?
Dumbphones do all that too.
get a cuatom rom that is privacy focussed,your concerns are valid, mostly. Though dumb phones aren’t much better
My 2 cents: I have a similar relation with smartphones as yours.
In my case, what I fear the most is some app getting my contact list and using it to send some kind of “XXX has joined YYY service” notification to all of them. Also, I didn’t like that Google had all the data they wanted, so I ended with 2 smartphones:
- One de-googled (LineageOS without Google Apps) that I use for calls and trusted apps. This one has my contacts list.
- One default Android-Google without simcard for those apps that require oficial-Android (mainly banks apps) and any app I’m afraid could mess with the contact list.
AFAIK I’ve only had one incident because I trusted Telegram too much. There is always non-zero risk, but this works for me.
If you never enable any data services on your SIM (GSM only for calls) and never connect to WiFi. You’re not leaking anymore data than an old fashioned phone.
However, the fact that you are asking these questions does suggest you are probably being unhealthily paranoid. (Reading these replies, it seems you are in good company on this forum.)
I’m going to assume you are not engaging in high level cyber activities that would require you to adopt this level or paranoia. If you were, you wouldn’t be asking basic questions.
Instead, it sounds like you have developed an irrational fear of what tech companies can realistically do with your data and what level of harm they may wish to cause you.
Typically, they can log your search and browser data to determine if, for example, you like pizza. Then they may show you an advert for pizza or highlight the nearest Dominos on Google maps. But… they can only do that if you share that information with them in the first place by using your new smart phone (with none of the privacy settings enabled) to search for pizza and then using Google maps. Nobody is forcing you to do that. But is it really that bad even if you do?
Google are not going to clone you, or assassinate you or somehow work out you are not paying taxes or are engaging in illegal activity unless you use your phone to do it. And even then, they don’t go round grassing people up to the government for the fun of it. They just want you to click on adverts and, once you are aware of how they operate, it’s relatively easy to avoid them whilst still getting great value from a pretty incredible piece of modern technology.
Now, if you are genuinely worried about government targeting (I don’t know what country you live in) an encrypted messaging App will be significantly more secure than an unencrypted old GSM phone that is quite easy to intercept and relies on the integrity of your MNO provider.
My advice, stop worrying. You already have a cautious mindset so you won’t get tricked by these companies, but you could also be enjoying many of the benefits of being able to access all of humanities collective information from your pocket.
I find they’re a pain to use and I only have one out of social pressure, and privacy or not I’m constantly confused on why they’re so popular.
I just use a throwaway account and have the rule of not putting in any data that I don’t want to be read - which is barely anything any way because I do all my computing on my Linux laptop. I figure if they’re collecting location data and recording me then they’re just associating it with “random guy x” because I’ve never given it anything else. I should look in to one of the de-Googled Android distributions but I have so little interest and energy in anything to do with it, if it could be made totally private I would still rarely use it.