Home » Articles » SETTING UP A BULLET-PROOF SECURITY SMARTPHONE
Click Here To Hide Tor

SETTING UP A BULLET-PROOF SECURITY SMARTPHONE

When you have to deal with smartphones, every speech about privacy seems pointless, since the forces which attempt to do your anonymity seem too strong to be defeated. To improve your privacy, there are things you can do in the same way as on laptops and smartphones, but I will firstly cover the most important differences between the two systems. You could think that if you can secure your laptop, you can do the same with your smartphone, but there are four strong differences:

  • SIM identification
  • Operating-system configurability
  • Mandatory google-account
  • GPS triangulation

SIM IDENTIFICATION

When you buy a laptop, the laptop itself is not linked to your identity. Of course, the payment method can be easily tracked to arrive to you, but let’s say for a moment you pay for the pc with bitcoins, then there’s no straightforward link to you in the pc itself. On the contrary, when you buy a smartphone, you need a SIM card to use it. The SIM card is related to your name, surname, address, and so on, in a few words, to name your identity. This is the first, apparently insuperable, problem.

OPERATING-SYSTEM CONFIGURABILITY

If you installed a Linux-based OS on your laptop (you certainly did if you care about anonymity), you will know there’s plenty of tools to monitor your network activity, stop processes, close ports and things like these. Anyway, even if you have an android phone, which is based on a Linux kernel, you won’t have the same ease to do what you want with your terminal. In fact, while on a laptop it’s sufficient to digit “sudo” before a terminal command to gain administrative privileges, on a smartphone these privileges are “blocked” by default. This means you cannot uninstall system applications, perform a complete backup of your system’s image, change the appearance of the system, install a custom ROM, overclock your hardware, install applications which require root privileges and so on. You have no full control over your operating system, therefore, you are vulnerable.

MANDATORY GOOGLE ACCOUNT

In some way this is another thing that points directly to you. After buying a new laptop, you can install every software you want without specifying who you are to anyone. When you buy a new smartphone, you’ll be certainly asked to create a google account in order to install any app. In fact, the Play Store from which you’re allowed to install every app, is directly related to your google-account.

GPS TRIANGULATION

Telephone companies know where you are, always. In fact, in order to guarantee coverage for telephone calls, your phone connects itself to the nearest and most powerful cell tower. Thanks to GPS triangulation, the cell’s positions bring up your position. You can add also the google traffic service recently implemented, just to make you a little more paranoid. When you receive traffic alerts in which the road is coloured by yellow (moderate traffic) or red (congested traffic), you’re using information that google collects about the geo-location of every smartphone on the road. Making it easy, if google knows there are a lot of smartphones on a certain street, then you’ll see the street red on your map. This means google is tracking you, constantly, through your GPS. Google also keeps your GPS history, which means google knows where you’ve been in the past. You can disable this google services if you want, but you’ll never be able to avoid the GPS triangulation, because this is how the telephone works.

SO DO I HAVE TO BURN MY SMARTPHONE AND THROW ITS ASHES FAR FROM ME ?

If you REALLY want to stay anonymous then yes, burn it down now !! With all the considerations made, it is evident that a smartphone is a giant luminescent arrow pointing to you.

Anyway for those of you who want to have a semi-normal life using a smartphone but still worry about their privacy, there are many things you can do to improve your privacy. Hope never dies, doesn’t it ?

YOUR DEFENSE AGAINST THE SYSTEM

YOUR DEFENSE AGAINST SIM-IDENTIFICATION

  • throw-away mobile phones

If you cannot avoid sim-identification, you can instead avoid to use a sim. Throw-away mobile phones became popular in the US; they are sold to you without contracts and without a sim and they are cheap (around 40 USD). You buy them, activate them through a call, consume the prepaid credit and then, of course, you throw away them. They are not smartphones, and they have only the basic capabilities like sms and phone calls. But they are completely anonymous.

  • anonymous sim-cards

On the darknet markets many people can sell to you anonymous sim cards. This means that you can buy (let’s say for example) a French sim card linked to a spoofed non-real identity. I don’t know how reliable these kind of sims are but if you’re really desperate, they probably are worth a try…

YOUR DEFENSE AGAINST OPERATING-SYSTEM CONFIGURABILITY

  • rooting your phone

Rooting your smartphone can require a different procedure according to different models, and it isn’t a hard challenge. Some smartphones come with great ease of rooting, while some don’t. Nexus is the one recommended by the tor-project for this kind of activities, but a lot of other smartphones support the procedure. Once you gained the root privileges, you gained a fine-grained control over your smartphone.

YOUR DEFENSE AGAINST MANDATORY GOOGLE ACCOUNT

  • anonymous google-account

No one forces you to use a google-account which shows your name and surname in its email. The account will be anyway related to the ip you used for the registration and the access, but you have some possibilities to mask your ip, and we’ll talk about this later. In alternative situation, you can decide not to use the Google Play Store, so you won’t need a google-account at all.

  • alternative app-stores

Fortunately, the Play Store is not the unique app-store in the world. There are many other app-stores which don’t require a registration with google. Few useful names are Amazon, F-Droid, Slideme, GetJar. I personally found F-Droid interest because is an app-store for free and open source applications that derives from Aptoide, an alternative decentralized store in which every user acts like a store. Slideme catalogues apps based on the compatibility with your device, payment method and location while GetJar is the biggest app-store, providing more than 849,036 apps for different platforms like Android, Windows Mobile, Symbian, Java ME, Blackberry.

YOUR DEFENSE AGAINST GPS TRIANGULATION

  • using a phone not linked to you

Yes, this still remains the most serious problem, the GPS triangulation. But let’s think a little, while you cannot avoid GPS triangulation, you can certainly avoid to make them know that the telephone they’re tracking is yours. And here we come back to the fake sim and throw-away phone discussion.

OTHER USEFUL TOOLS

  • Custom paranoid operating systems and phones

For the anonymity-minded, many “stealth” phones came to the market assuring to you a better “built-in” anonymous experience; Blackphone from SilentCircle is maybe the most famous. There are also a lot of anonymous-friendly operating systems like CopperHead OS. I generally don’t believe in “built-in” solutions, I think anonymity requires your brain’s usage, it is a process made of a lot of little actions which help you to stay anonymous, it’s not a fact of built-in tools. Anyway, for those of you who just use their brains correctly, maybe these built-in solutions can give further help. If you trust them.

  • Orbot

Orbot is the official tor-project android’s app which allows you to use tor on your smartphone. For those who want to hide their ip, this is a must. Just push the onion button and tor will start to work on your device.

  • Orfox

Orfox is a modified firefox browser designed to work with Orbot. Just use it while Orbot is running and you’ll have your ip masked while you’re surfing the internet.

  • Orwall

Orwall brings further the idea of the tor usage on your smartphone. It is an app which forces every other app to connect to the internet through tor. It requires root privileges to work, and it is certainly an excellent choice to gain a better level of anonymity.

  • Pry-fi

Pry-fi is an interesting app which allow you to spoof your mac-address on a public network. The mac address is the one which physically identifies your device. Spoofing it will result in totally masking your device’s physical identity inside a public network. Pry-fi has also an option that changes your mac-address periodically, so that linking the mac to you becomes nearly impossible.

  • Alternative search engines

Please don’t use google, it tracks all your searches. You can instead use DuckDuckGo or Disconnect.me. DuckDuckGo’s app also supports the usage through the tor network.

You can certainly use a VPN service to encrypt all your traffic hiding it to your ISP and masking your real ip. As you can do it on your pc, you also can do it on your smartphone. Most of the VPN providers also offer their service for multiple devices, so you have to pay once to cover 4 or 5 devices.

  • Encryption

Encrypting your telephone will add an extra layer of security. Almost every model supports the encryption of the file-system.

  • Use PGP

I recommend OpenKeychain, an app that implements PGP on android.

  • Use encrypted email

Take a look to useful services like ProtonMail which encrypts your emails, allows the connection through tor and implements a two-factors authentication. ProtonMail is an open source software developed by scientists from CERN and MIT and is based in Switzerland; it uses end to end encryption, it has a no-log policy and you won’t be asked for personal information. Try also to use TorBirdy, an interesting extension for Thunderbird which acts like a tor-button, establishing a connection over tor.

CONCLUSIONS

Smartphones are made to communicate, to share your experiences all over the world, to make your life easier and funnier. They are not made to make you anonymous. For this reason they never should be intended as secure closed systems. However, you could have a million reasons to continue using one, and at the same time worry about your privacy being violated. If this is the case, then I have good news for you: there are a lot of individuals with the same interest of you, people who develop tools to help you stay anonymous, to help you keeping your data far from corporations and governments. Remember that this tools will greatly improve your privacy but your behaviour is the first defense, you could have all the tools named in this article and still use them in a stupid manner, then you would still be vulnerable.

4 comments

  1. The SIM card is related to your name, surname, address, and so on, in a few words, to name your identity. This is the first, apparently insuperable, problem.

    Only if your dumb enough to register a phone in your name, or use a phone in your name to do anything illegal

    Buy a burner

  2. How about doing one of these posts for apple Iphones? Or is there basically nothing you can do to better your security and anonymity? Would the anonymous SIM card work for an Iphone? I already have a VPN on my phone and on my laptop but the OS I use is Windows 10 which i know everyone says is bad but I went through the step by step guide on turning certain things off to make it more anonymous. Plus I have my entire hard drive encrypted with veracrypt. I was thinking of switching to Debian or Qubes OS but i was told by quite a few people to just get Tails OS. Please let me know what you think. Like I dont even know what happens when i switch from windows 10 to Debian or Qubes OS. What happens to all my saved files and pictures and torrents and basically everything on my computer? Please give some advice on what to do. Ive been using windows 10 with a VPN and OpenVPN GUI for over a year and have made over 20 purchases on the DNM and never had any problems but im sure some of you are gonna say im lucky. I just need some guidance to what is the best option for me.

  3. Certainly there are ALWAYS measures that you can take to improve your anonymity, even on an iPhone and there are specific guides for iPhone on the web. I would prefer Android anyway…

    For what concerns changing OS on your laptop, if we speak in general terms, yes, it would be better to install a Linux distribution. Tails is built to keep your anonymity high but I would not recommend it for an everyday usage (it is meant to be used mostly as a live copy). You can install Ubuntu for everyday usage, switching to a live copy of Tails when you need extra anonymity.

    If you’re worried about your files, you can make a backup of your important files, format everything and then install Ubuntu OR (if you have enough space) you can leave your files where they are installing Ubuntu together with Windows on a different partition.

  4. Wileyfox phones have root access as standard and latest version of android, with great technology. Recommended

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *