Slashdot Mirror
Are There Any Smartphones That Respect Privacy?
An anonymous reader writes "After many years I am finally considering entering the smartphone era. Within the mainstream, there seem to be four OS choices: Windows, Android, Blackberry, or iOS: Android comes out as clear winner to me. However, all of the choices in one way or another require sharing a lot of personal information in the Cloud run by their respective corporations. Let alone Blackberry's centralized mail servers; there is no way to have an Android smartphone working decently without sharing all of your contacts, calendar appointments, and other stuff with Google. While Android is less intrusive than iOS, the lack of privacy remains quite annoying no matter how comfortable it is to have your own calendar and contacts centralized. In 2011 is there any option, other than living in a cave, to keep one's own life private while enjoying the wonders of modern smartphone apps?"
And I'm serious. While not as versatile towards own-hosted solutions as the old Windows Mobiles, it's still light years beyond Android and iOS. You can easily use your own Exchange server to sync and share your contacts, calendar and other stuff, which gives you true privacy. It also doesn't leak data to Google like Android does, it doesn't have the malware problem that Android has and the phone itself is a full smart phone with an great UI (Windows Mobile somewhat started lacking in this in recent years).
The reason for this is simple too. Microsoft may be many things, but they have always respected privacy. In fact, they have never really cared about personal data the way Google does. All they want to do is sell you the software and be done with it. Google, on the other hand, gives you the software for free but then keeps tracking your every move. I rather choose the first one, but i guess it's everyone's own choice. I do value my privacy though.
The only time when you need contact with other servers is to download and install apps, which imo is a stupid decision fueled by iOS and Android doing it that way. Old Windows Mobiles always allowed you to install apps the way you wanted, the desktop Windows way. However, I guess that provides some extra security.
Nokia has also just unveiled Nokia Lumia 800, which looks really slick and has been praised by the people who have tested it. Personally I'm going to wait until it's released and read a few more user reviews, but I think that's going to be my next smart phone.
There is also Nokia's MeeGo-based linux phone, N9 which is really slick and has all the features you need, too. But support for that might be worse in the future, as Nokia is mostly going to do WP7 phones now.
Why does Android come out as a clear winner for you, and why do you think that iOS is intrusive?
OK, so you say you're concerned about the security of your list of contact phone numbers and addresses. Yet when you want to call the contact, you ask your cellular provider via the GSM network to establish the connection. When you email the contact you use the 4G network to access the internet, and send your email to them, secured only on the hop between your phone and your SMTP server, but otherwise probably being transmitted in cleartext. When you bring up their address in the map, you give Google the locations of every place you view. And every where you go, whether it be to a calendar appointment or just out for a stroll, the cell phone is broadcasting your identity and approximate location to anyone interested in such things.
I think distrusting Google wouldn't be first on the list of privacy actions to take.
Not having a cell phone would go a lot further protecting your privacy, but you said you don't want the cave option. Get a Kindle Fire (wi-fi only, only when you want it), root it, and add only GPL software you trust, including a SIP client. Carry a Sprint wi-fi hotspot, turning it on only on your terms. Or carry a dumb phone (Sony Ericsson makes one) then use Bluetooth to tether the smart device. Instead of the Kindle Fire, you could use an iPod touch.
You could even carry an iPhone. To the best of my knowledge, Apple isn't scraping my contact list. Yet. I think.
John
Wait a minute. I'm a manager, and I've been reading a lot of case studies and watching a lot of webcasts about The Cloud. Based on all of this glorious marketing literature, I, as a manager, have absolutely no reason to doubt the safety of any data put in The Cloud.
The case studies all use words like "secure", "MD5", "RSS feeds" and "encryption" to describe the security of The Cloud. I don't know about you, but that sounds damn secure to me! Some Clouds even use SSL and HTTP. That's rock solid in my book.
And don't forget that you have to use Web Services to access The Cloud. Nothing is more secure than SOA and Web Services, with the exception of perhaps SaaS. But I think that Cloud Services 2.0 will combine the tiers into an MVC-compliant stack that uses SaaS to increase the security and partitioning of the data.
My main concern isn't with the security of The Cloud, but rather with getting my Indian team to learn all about it so we can deploy some first-generation The Cloud applications and Web Services to provide the ultimate platform upon which we can layer our business intelligence and reporting, because there are still a few verticals that we need to leverage before we can move to The Cloud 2.0.
Any reason you could not just get an Android phone and then just say no, when it ask you for permission for your location data? It only ask once.
Then you just need not to add your google account, and you will be free of the cloud.
Google is an information vendor their goal is to give you a phone / phone OS so you use it, then spy on you to find out what you like and where you go, and sell that information to others to make a profit.
So if you're concerned about who is intrusive, then don't use Android.
-- Flame me and I will happily flame you back. Bring it!
just flash CM7 and don't flash gapps, use an alternative market to get your apps, was that so hard to find out? CM7 is fully usable without google propietary apps, you just have to make some compromises (no gmail app, no google navigation, no official market, etc..)
RIM solved this problem. If you don't want your data on somebody else's server, set up your own BES (Blackberry Enterprise Server) with YOUR security policies.
Taint cheap, but you gets what you pays for.......
The consumer blackberries connect to BESs operated by the carriers. My corporate owned one connects to OURS, and the company has all kinds of flexibility to impose policy, remote wipe, etc.
Red
I didn't have to create an iCloud account to use my iPhone. I don't sync my location, contacts, mail, etc. with iCloud. I back my phone up to my own computer. I struggle to see how this is more intrusive than Android, which required that I sync everything with Google. Granted, I *do* sync everything on my iPhone with Google, but that's another question entirely.
Do you really need reason for beer? Wingman Brewers
Even though I have my phone set up to sync my calendar so I can set appointments and meetings on my laptop and have it reflected on my phone, it still asks you whenever you make an appointment if you want that to be a Phone-only appointment, or a Google Calendar appointment which will be synched (but even then only manually unless you've enabled autosync in the menu). As far as I can tell Phone-only is the default and cannot be changed, so even if on a particular phone "Calendar Sync" is on by default, you'll have to specifically make a Google Calendar appointment for it to ever leave your phone.
You can likewise turn off contact syncing. When I got my phone, all those syncs were set according to what I wanted as part of the setup process. They aren't hidden opt-out features, though that may depend on manufacturer/carrier tinkering, since they all like to streamline the setup process.
ASCII stupid question, get a stupid ANSI
specially with the mail centralized server, and this is why they get some issues with some governements
You can tell Android's built-in Sync to not touch your contacts, appointments, email & then use the generic (& built-in!) calender & email applications that do exactly the same things over standard protocols...
I have an HTC Inspire with ATT. I can take out the sim card and use google voice with wifi. You can also use a gps spoofer app with the sim card inserted and it will report your location as being where ever you want. Otherwise, the main problem is that when you buy a contract you are buying time on someone else's network. They have omniscience when they want it, basically.
if your life is such a big joke then why should I care?
In spite of that, email communication and web communication is encrypted/decrypted on the BlackBerry smartphone itself, so RIM (the company that does BlackBerry) can't snoop into your data contents even if they wanted to. That's why some authoritarian countries around the world couldn't quite understand - they demanded RIM hand over the secret keys to let them read any message contents, which they just assumed RIM must have, even though they don't. Similarly, with the riots in Britain earlier this year, the authorities complained that the rioters were co-ordinating using BlackBerry phones, and they couldn't intercept those communications. To me, that's a strong recommendation for a BlackBerry if you want security and privacy.
Atheism is a religion to the same extent that not collecting stamps is a hobby.
Depends on what you consider private, but I would put the Android phone last because of the tight Google integration. At least on the iPhone you can have everything local, not synced to the cloud.
The days of privacy are over for the most part. If you are using cloud services, you can be sure your data is being mined in some way.
It is perfectly workable to plug in your old SIM with phone numbers stored on it and use them from an Android phone without ever setting up a Google account. It is also possible to add fully featured contacts and calendar appointments locally on your phone without sharing them with Google.
If by "working decently" you mean the phone should seamlessly sync with your other devices through the cloud, you have the option of setting up your own SyncML server, and most manufacturers also include MS Exchange ActiveSync as well.
Sure it is a dead OS, but it's got a few years of support (Four solid years if you believe Nokia and Accenture). You can get a brand new unlocked Symbian^3 smartphone for less than $400: http://www.amazon.com/Nokia-Touchscreen-Featuring-Navigation-Camera--U-S/dp/B003ZX7RL4/ The N8 has a great camera, better than almost any other smartphone out there, an FM receiver as well as transmitter, USB on the go, and a micro HDMI out port. You can install and run whatever apps you like. you can tether it out of the box as-is via USB or bluetooth. sure some third-party apps want to call home, but the phone warns you when they do, and it's easy to disallow/disable.
Why should they dumb down? Machines taking over the world have to start somewhere; why not in your pocket?
While I admit I haven't tried, it should be possible to run an Android phone without ever signing into Google - indeed without a Google account whatsoever. The email application support POP, IMAP or Exchange, the contacts can be synced with SyncML or Exchange (and a few other options I am sure), applications can be sideloaded, IM+ does a pretty good job with Jabber etc. Surely it would make it somewhat more complicated but I am quite sure it is possible.
In other words - Google offer a way for people to run the smart phone without any knowledge about servers and with an extremely simple setup (enter your google account once), but it is in no way forced upon you - so I think it's actually quite acceptable.
The problem is that most of the uneducated masses don't care about privacy and don't see a need for it. So they go for the number of Apps or GHz when purchasing a new mobile device, without caring that this device is a fully functional computer with all sorts of sensors that is connected to some sort of network 24/7!
There were a few attempts at true Linux mobile devices, but even the last two devices with potential (the Nokia N900 in 2009 and N9 this year) only got a lukewarm reception mostly due to crappy marketing and not enough people promoting truly open platforms that let users know what their devices are actually doing in the background.
The N9 is still up for graps. There is even an independent project called Mer being worked at that aims to be fully open, based on Meego, feel free to join if you have some coding skills.
Let alone Blackberry's centralized mail servers; there is no way to have an Android smartphone working decently without sharing all of your contacts, calendar appointments, and other stuff with Google.
You have got only partial information somewhere.
You can have pure Android smartphone, without any demands to share your privacy with Google. Period.
If you want to use Android market (market.android.com) then you need to activate your new phone first time to it. It does not mean you need to input your personal email address to it or bond your personal gmail to it. You only need to create a one for your Android market store profile.
You do not need to use other Google services at all.
- Not GMail for email, you can choose what ever just offers POP3/IMAP connection
- Not Google Calender, you can stick what ever just gives standard vcard sharing, even sync manually
- Not Google Contacts (GMail contacts), you can disallow the syncing contacts with Android profile account and keep them in phone only or in SIM card. You can even from contact book sync them with standard vcard to microSD and sync manually.
You don't either need youtube account or anything. Actually you don't even need a Android Market profile if you are willing to get your applications somewhere else than Android Market. Like Amazon store or any other third party who you can trust.
Android Market just makes it easy to install applications (via phone or any browser) to your phones and especially buy them (even that Google changed 24h return time to 15 minutes).
Corporations can at one step totally skip whole Android activation with Google. They can activate the phone to their own exchange environment (I could thing same thing would be possible to do with Linux servers).
So corporation IT department can manage the phone without Google knowing anything at all.
I have used GMail from the beginning when it was just in invitation mode.
I bought my first Android phone 9 months ago, it is a very cheap one (107€ with 2€/month for unlimited data speed and amount and the phone supports 7.2Mbits connection and nearly full speed (750-800KB/s) as hot-spot for computers with ping being 70-90 by avarage.
Before that I owned only a Nokia phones. Symbian before Symbian was terrible, I never used it for any things, even it was classified as smartphone (without touchscreen).
And now, I use Google services very much. Why? Because they integrate very well with the Android and I can really get many benefits from it.
If wanted, I could have kept contacts off from GMail or my calender off from there. But I don't have a home server what to keep online all the time or I don't want to start syncing contacts and other data with my own rented server.
If I would have home server, I would really use it for every thing what Android support.
Did you know that Microsoft has paid to at least one carrier in US to sell Android phones, on what every Google service is replaced with Microsoft own services and user can not install Google services back?
So customer is tied to Microsoft Bing search, Bing maps, Hotmail, Calender etc?
People believe that Android forces customer to Google. That simply ain't true. It is just the easiest and actually most secure way to use smartphone.
Google search .....
Picasa
Google Calender
Google Reader
Youtube
GMail
Google Docs
Google Maps
Google offers so many features and none of those need to even be used with your private contacts, emails, etc. You can just disable the sync or add a new offline account for those in phone.
When it comes to privacy, easiness and many other features. Android just is best, and not even Microsoft have nothing to offer in Windows Phone (7.5 yet... lets see what future shows us).
And even though it was launched in 2009, it offers a boatload of features that other phones don't even try to match: the Nokia N900.
-- Look to the Rose that blows about us--"Lo, Laughing," she says, "into the World I blow..."
Depends, what do you mean by privacy? You encrypt communications, that's one level of privacy, the real issue in my mind isn't the phone, it's the service you use.
No matter how you handle the communications there is still the issue of the account being tied to you, you have to pay for it some how and you need an address for the phone to registered to.
Gift cards and prepaid VISA type cards won't work, they either get refused or require some personal information which brings me to the only true privacy I can think of, use another persons account, either by agreement which still ties you to it, steal it, or create a factious account which is more work than you want to get into and doesn't allow you to be "social".
I'm sure all of this is way above what you're looking for so I won't get into facial and voice recognition which brings me back to "Depends, what do you mean by privacy?".
In your case don't use outside services like Google or Facebook, ever, just don't, and get over "The Cloud" which is a euphemism for collected database to be used by everyone else including you.
Sync with your local computer keep the info encrypted on the phone and on the computer, but when it comes down to it you can only control your own data, not the data you share with others, which leaves you with 2 choices.
Get over it or get off The Grid.
"If any question why we died, Tell them because our fathers lied."
Uhm... you do know a BES still connects through RIM's network and servers right?
We run BES Express for free....
http://us.blackberry.com/business/software/besx/
Install FDroid, K-9 Mail and Firefox (from the FDroid repositories of course). You can likely even use CyanogenMod without installing all the Android Marketplace if you want - I do this for my HP TouchPad. No need to sync anything with Google.
It's GNU/Linux dammit!
Yes, but it is encrypted from the BlackBerry to the BES. All RIM sees is the encrypted data.
I will second the lengthy post above, I have been using android phones for a few years now without sharing any data on the cloud, and it's not hard. use POP3/IMAP for email in the regular email client, and don't specify a google account for anything. Everything still works just fine. You can sync your contacts and calendar and such to your local PC with the sync software, that's your backup. No internet services involved.
A warning though. If you decide to install Google+, it will log you on for all other apps on the phone and sync your contacts from Google+ to your phonebook without asking you. When I did that once, I got a ton of duplicate and unwanted contacts in my phone. The people I have phone numbers for are a very small subset of people I have on social networks.
Google+ is a failed product at this point anyhow.
As opposed to the world of PCs, there is basically no free-software alternative for "smartphones," so you cannot be sure that any of them will respect your privacy beyond normal voice calls (if that). That's because mobile phone users are much more like subscribers than owners, with the latter being the telcos. And as long as there is nothing to prevent the telcos from acting like Google, Twitter and Facebook -- using people's personal information and activities for their own gain -- how can smartphones users expect to be treated any better?
Not necessarily expensive either.. BES Express is free, or you can go with MDaemon BlackBerry Edition..
The packets go through, but they are encrypted by the BES and by the handheld device. RIM does not have visibility into the content of these encrypted packets.
Any smartphone that allows you to opt-out of location tracking and bundled cloud apps (mail, maps etc) is basically the same as a mobile PC when it comes to privacy. There are plenty of alternatives to the bundled apps if you choose a platform that allows them. Android has alternative email (K9), browsers (Opera), maps (Osmand), market (Amazon). The only thing that doesn't have a replacement (that I know of) is the YouTube app, but if you enable HTML5 you should be able to browse the mobile site and play videos with the built in Android media player.
Agreed. If you want absolute privacy, your own BES is the way to go.
And you can get BES Express for free (you lose some of management policies, but the core security stuff is there) though you'll need a mail/calendaring/contact server to hook it up to, which means (if you want to avoid Exchange) probably VMware's Zimbra.
--srj/mmv
Agreed. Plus, the one time there was a bug in privacy (location tracking); they fixed it quickly.
Uhm... you do know a BES still connects through RIM's network and servers right?
Yes, but it's encrypted, and RIM doesn't have the keys. Your packets also transit your cellular carrier, but they don't have the keys either.
Just like when you're doing your online banking, your packets are carried by your ISP, it would be trivial for your ISP to snoop those packets, but due to https encryption, the bad guys can't listen in (when properly implemented).
Check them out at http://www.carrieriq.com/
Never trust a man wearing a coat and tie!
FIrst of all - RIM ("Blackberry") are not running "centralized mail servers". They only connect your smartphone with your IMAP mailbox (say: your existing email account) and do the HTTP-push and wireless part. Their core business was (and probably still is) some sort of middleware between companies' email and calendar servers and employees PDAs and phones. Secondarily: Any smartphone that provides a regular IMAP client or lets you install one will perfectly meet your needs. Almost any smartphone will do. You'll just connect to your actual mailbox via SMTP through the internet, as you do now. No Google involved (unless you are using Gmail). My girlfriends stone-aged Motorola can do this out-of-the-box and so does my Blackberry (I use a BB, but not RIMs data service, just my wireless network provider's regular data plan)
Oh, the beautiful gloss of greality!
Came here expecting to see a link to this video of why RMS doesn't use cell phones: http://www.youtube.com/watch?v=WGkNiRFwmOg. Left dissatisfied.
for the most part. I use an iPhone, in part because the UI works for me, in part because Apple's "walled garden", while limiting, insulates me from an increasing range of malware that I would have to deal with on Android. iOS privacy issues are so far acceptable to me. Android is too open to malware, and too beholden to Google, whose business model depends on your surrendering all your personal information for their use. Blackberry seems like a sunset system, not much future to it. As for Windows, I have had so much grief with MS products over the years that I would never use one if there were any alternative. So for me, iPhone is an imperfect approximation to my ideal. YMMV.
Well, there's still the good old N900 or newer, not-quite-so-good N9 with Maemo...
I would also suggest using webDAV at home or setup remotely, and configure your calendar, contacts, bookmarks and other file-syncing that way (of course encrypting everything before it hits the wire).
Additionally, in September RMS wrote a great piece on Android that might be of interest to you. Also, this little nugget from Firefox developers doing a pseudo-Q/A on Reddit (i know, i'm sorry) regarding your privacy in the browser might also be of concern to you.
And the two bugs were:
- The cached data of locations of WiFi and Cell towers was stored in a directory incorrectly flagged for backup to the PC/Mac.
- Turning off Location Services didn't clear the cache.
Apple also did change the behavior of the cache to clear entries after a week, which I find annoying. I've noticed the difference in time it takes to find me when I want to use location services when I'm out and about in the larger metro area on the weekends.
The rest of the bugs were in the so called "journalists" the blogged about it, turning it into locationgate thanks to the internet echo chamber.
It's the first, and the oldest smart phone OS
Enough said.
This is a Mac, what you have there is an embarrassment to your fellow computer users.
All the software (including drivers) is FOSS. Of course the GSM chip still tracks your rough location in order to work.
I see a lot of people discussing Android in this regard, and just want to point out the same is true of iPhones. You don't have to share anything with Apple really. There is nothing forcing you to turn on any of the features that share your location, contacts, or any other data. So your biggest concern is still the telephone company. If you want to get a iPhone, but use your own servers for e-mail, and your own local machine for contacts, and such, it is as easy as pie to set up.
Now, note: If you use the Maps application you are sharing that info with Google (Who processes the searches). If you use the App Store you will need a account with Apple (big shock there). If you use your smartphone to post info on Facebook, well guess what you're sending them data. Typing in google searches in Safari, yeup, sending info to Google.
While I don't know or use Android phones, from everything I can tell any of the Smartphones are fine for privacy if you pay attention to what you turn on and use. The real question is, who are you trying to be private from? Because if there's a batch of tech companies that I wouldn't trust in any way shape or form to respect my privacy from government or corporate overlords it would be the phone companies themselves. So if you're that desperate to be private, perhaps a cell phone isn't what you actually want in the first place.
But if you really want a smartphone, well get the brand and model that you want. Just watch what you turn on, what you install, and what you do. Like any computer system.
I've just got a SGSII and I was shocked when I realized that, you can not log out of gmail.
How can that be? Locking the screen is the safest way to keep your gmail account private in an android device.
That's why people like me loved the Nokia N900. I remember how my forsaken OS phone let me do whatever I wanted.
I still have my privacy using Android, but you have to install some new applications - OS: CyanogenMod - Calendar = Jorte - Mail = K-9 E-mail - Maps = Osmand Now I atleast think Im secure, but who knows? It would be conforting if there was a android distribution which have moved everything that have to do with googles servers.
Android is a Google product and Google's main business is selling advertising. Android just another channel for ad traffic for Google and so Google does not consider android users to be their customers. Rather, users of Google's services are the "product" sold to their real customers namely, advertisers.
Given this nature of Google's "free" services, explain to me how Google is interested in preserving your privacy and not intruding on it?
Jesus was a compassionate social conservative who called individuals to sin no more.
RTFA. That is only on BIS and BBM. BES is encrypted with the client's own key.
I once took an excursion to Reddit, and later HN. Unlimited up/down voting sucks when dealing with a hive-mind.
Google's business model is collecting and selling information.
Not true. Google's business model is collecting users and selling some advertising. They do not sell personal information, and there is no way for advertisers to get access to your anonymised profile.
Still not true. Google's business model is collecting users and information about these users, and selling some targeted advertising based upon their user profiles and/or the information (web, email, social network, etc) that they are currently viewing.
Not really sure what kind of privacy invasions you're trying to "run away" from...
But I find that the Android support of multiple accounts comes in pretty handy. I have one gmail address for personal interactions with people and holds my address book, then I have one (or more) "spam" accounts that I use for all of the social network accounts, logins, etc., for just about any interaction with any online business or service that wants an email address for something. Notifications are only enabled on the personal account, and it tends to be rather quiet (yay for having no friends!).
Team that up with multiple google voice options, and I don't even have to give out my "real" phone number most of the time for texts. And the voicemail transcriptions make it easier to wade through incoming stuff. But other than occasional calls from the Red Cross, I barely ever get any kind of telemarketing or "survey" calls to my cellphone number even though I've been handing it out for various things for over a decade.
So of course Google could link all my various accounts together to get a more complete profile of me, but not really sure what they'd do with it. All of the marketing gets directed at the spam account. They likely get more advertising bucks if they can say they're selling access to multiple personas (even if they all lead back to me) anyway, so it's probably win/win.
Last I checked, Cyanogenmod was made by Cyanogen and his crew. Cyanogen is employed by Samsung. All of them are well known in multiple places. They are most certainly not "anonymous hackers", you tool.
You can use an iPhone without ever creating an iCloud account. Manual-entry-only contacts, calendars, etc, are fully possible. Or, sync with your PC via iTunes over USB, no network connection required to anything. The *ONLY* thing you would have to deal with Apple about is putting your info on file along with a billing source to download apps.
Or you could go for a just-retired Nokia Symbian S60 phone. I used S60 phones before moving to iOS, and they were great for the time. I understand they kept up reasonably well until very recently.
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
As strange as it sounds, you really have the most privacy with a WM6 phone. You don't even need a network connection with that one, it can be synchronised with Outlook, you can install applications from anywhere, you can develop your own applications and most of the WM6 devices are insanely hackable. On the one I own you can even install WP7, Android or Ubuntu.
"It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
why not instead of whining about the situation, help making a privacy respecting smartphone platform happen?
The successor to the openmoko gta02 is the goldendelicious gta04 featuring an omap3 processor and umts internet and many more things you would want your smartphone to have.
They started preorders now: http://www.handheld-linux.com/wiki.php?page=GTA04
So quit whining, get yourself a truly free and open phone and help making the operating system where YOU choose and not some evil corporation.
You can do the same with Android.
- I use my ISP's IMAP and SMTP servers
- I run my own calendar (caldav) and contacts (carddav) server, Davical right now.
You just need carddav-sync and caldav-sync for Android from http://dmfs.org/
Mike.
Living is a horizontal fall
Thank you - that was exactly the same thinking I was following. So far, Apple has not abused its ability to poke into people's lives yet, although it is trying harder with iCloud and iMessage which both seem to say to me "iWant your data on our systems" (iMessage is basically the same idea as WhatsApp, who is already tapping the SMS traffic of millions of users without explicitly telling them this).
My conclusion is that all really want to have your data, but some still have the decency to ask (although that attitude is waning - I guess too many people say "no").
One extra consideration: Android is "Too Open" source for me - as there is no control on the market other than after-the-event removal, the place is literally teeming hit malware. It seems to provide a good argument for Apple's walled garden after all..
Insert
I'm amazed nobody seems to have mentioned this combination yet. Point your Android phone at a z-push installation and it won't know it's not talking to Exchange/ActiveSync. Point your windows clients at Zarafa and they don't know they're not talking to Exchange. On my Android device(s) I use Activesync for contacts and calendar, but K9 with IMAP for mail (Zarafa does IMAP too, and supports NOTIFY so you get "push" email). There's a CalDAV gateway which KDE and/or Evolution can talk to, and of course IMAP for mail. The only thing missing at the moment is desktop contacts sync, but there's a read-only CardDAV extension I plan to try to get working at some point.
I wouldn't be using anything which isn't mine to control; when someone gives me their contact details, I do not wish to assume they have also given me permission to hand that information to a third party. Same for calendars.
And there's a pretty decent web interface for casual use (I wouldn't use it for anything serious as it doesn't do threading), but it's OK for casual stuff, and you can keep it open as a calendar application if you don't want to use CalDAV.
There are packages for everything but Z-Push in Fedora and presumably other distros. Z-Push is easy to install anyway.
Unless you are hundreds of years old, or actually living in a cave and off the grid, life never was private.
In most countries, people are required to have an ID, like Social Security number in the USA.
From that alone the government has your ID number, name, and usually an address and contact information.
This info is often shared in many places, like banks, credit card companies, places of employment, etc.
If you work for a company, as most people do, chances are you applied at many places before you got this last job.
Each company gets lots of information about you, checks your info, credit, criminal background, references and past history, even if you don't get the job.
Then most people live in some type of dwelling. You have to give lots of your information to them, even if you buy the property.
Like most people, you probably get service of utilities like electricity. They want your information also.
Unless you like staring at the walls most people have some sort of tv service, like cable or satellite. They want your info.
Same is true for Internet service, and most any other type of service. They all want and usually get your info.
When you pay your expenses, unless you use only cash, you tell these service business where you store your money, and your financial companies which services you buy. The secrets are out!
If you don't choose to be a hermit, you might choose to make friends, buy groceries, visit places, and they want your info too.
So of all the millions or possibly billions of people these companies like Google have information on, with billions of bits of information, why is YOUR information so special or interesting that it even matters if you store your contacts or emails with them or on your local phone or some computers and servers???
Your life was never private, and unless you really want to remove yourself from any sort of life, it never will be. Privacy is a facade. Only tiny bits of your information can be kept secret. Even account numbers and passwords have to be stored on these companies servers just so you can login.
Using many of the conveniences of life, they can make life easier, simpler or both. Technology is a big part that. To give up so much versatility to hide so little information that is stored with only those companies that provide the services, just like all the other services you already use, seems too high a price to pay just for some pretend privacy.
"Two things are infinite: the universe and human stupidity; and I'm not sure about the universe." Albert Einstein
.... because running a software made by "anonymous hackers" is much more safe than original OEM version.
Except a) the hackers aren't anonymous; the guy is well known and has just taken up a job with a phone manufacturer. b) The people who write for the big companies actually are anonymous and often don't even work directly for the big companies c) most of the privacy violations we see are motivated by commercial interests which is before we even get to d) the thing about Cygenomod is that the source code is out there
c) that I mentioned above is the most important thing though. According to reviews, Windows Phone has no native contacts data store. This essentially means that you end up using Facebook (or linkedin etc) for storing data. This is a simple commercial decision which compromises the user's security in order to push forward Microsoft's partnership with Facebook and against Google+. It's very key to understand, at this point, that Microsoft's investment in Skype and Facebook tells us that the company's entire attitude to personal computing and privacy has changed. They will now do whatever they can to make up for the lost years when they allowed their own users to do more or less as they pleased.
Simply put, to have any chance of privacy at all we need something which has at most limited influence from commercial develpers and must have no influence from Microsoft.
=~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
When you first login to the Android phone, you have the option to turn off sync for any services you don't want to sync with the cloud. You might leave on mail, but disable contacts, calender and gallery. This way, none of that data will be sent to Google, our pulled down from Google.
Also, remember that a LOT of people use Google - 200m Android , 550k new daily - so unless there is a very specific need for Google to look at your data, they won't. You can assume that to a fairly high degree your secrets will be safe.
Phones and tablets are pretty much post-freedom, curated computing has taken over them. The N900 was the last open phone. In the future maybe a completely different OS can be put on a rootable Android device.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Elop may have tried it, but it still isn't dead, they just issued a few new ones. After the Belle update, Symbian is *finally* what it was supposed to be, it's now at par with other OS, at least at the base level.
Also, update-wise, updates C- and D- are also already planned (sorry I don't remember the names, but Symbian is following the android pattern for update names)
I am an ACCA student. Got a query on Accountancy/Finance? Maybe I can help!
Have a Linux for smartphones?
Honestly, with the number of android phone cracked wide open why is there NO linux on them? OpenMoko was 90% there and all source available. Why dont we even have some "Linux for Droid" or other projects out there?
Honestly, a "Hardened" smartphone is something that many paranoid geeks would be all over, and the "uber 1337 hax0r's would wet themselves over such a thing.
Do not look at laser with remaining good eye.
Simply put, to have any chance of privacy at all we need something which has at most limited influence from commercial develpers and must have no influence from Microsoft.
In other words, the best solution for privacy might be to use a cheapie burner phone for making calls, and use a proper computer for doing anything online. Yes, this probably sounds like I'm being a troglodyte, but given the current state of the technology it might still be the better solution than any kind of smartphone
- no matter much we might wish otherwise.
You don't have to use iCloud. I have a brand new iPhone 4S and I sync the old fashioned way, to iTunes. I might switch for the music features but until I do Apple doesn't have a copy of that stuff. Further what you sync is determined by you.
I know this is hard to believe for most of you, but outside of your Moms' basements, the majority of users see these smartphone features and cloud services as a feature, not a security flaw.
More importantly, there is continuum of convenience and security. Most of the world thinks you lot here err on the side of security, which compromises user friendliness (hello, ever try to get an entire office to install their certs correctly?) in favor of security. Most users err on the side of convenience, at the risk of security. The correct choice depends on each user's individual needs and situation, and these one-size-fits-all corporate IT policies you all love around here aren't always very good for Average Joe.
What worries me more than Google is definitely the apps. Pretty sure most of the apps now ask for permission to read contacts, text messages, etc. It's all good and fine if it makes sense that the app needs that type of access...but why does a dictionary app need to know my location? I think it's these third parties we need to worry about more. I think Google needs to allow Android users to deny apps certain permissions.
They already have. So have several other organizations.
In Google's case, they sell access to your eyeballs. That is, they target advertising in their search engine (at least) towards your profile. It's fairly benign, all you have to worry about is someone more evil getting into their data.
In the case of the other organizations profiling you, well, what they are doing is selling your profile.
True, that. But it's not private in the sense that some people value. It's just reasonably safe from the viewpoint of identity theft protection and the like. Which is good enough if you trust your government at all.
The most private cell phone you can get? The one with its battery out. Or, barring that, a prepaid one paid for in cash, in another town, using a mode of transportation other than your car. That's not foolproof, but it'd be reasonably private. Running around with 14 user-installed apps all broadcasting your location, not so much.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Try Samsung's Bada (also linux-based), it can be found on the Samsung Wave line-up of phones. Nothing stored in the cloud at all and has a great UI (looks like a bastard son of iOS and Android).
Actually, this is me, but not for any security reasons. A phone is just a crappy UI for the net. I hate typing messages with my thumbs, and trying to navigate a website on a screen that makes an Osborn look huge! So I have a dumb phone, (Verizon calls them "feature" phones, and is trying to get rid of them) and a very light laptop.
You said: "Android comes out as clear winner to me." Obviously you haven't looked very close at the market. It's not Android my friend. With all of the Google support for iPhone, you don't need Android. All of your complaints are solved by iOS. If you don't like networking your contacts, then don't use Google Sync on your iPhone nor iCloud and just manually enter your contacts. Sync your mail via gmail, exchange, or plain ol imap. Use a non networked iCalendar. Disable bluetooth when not using it. Lock your phone with a real password, not a passcode. Clear your call and text history. Then backup your phone with the click of a button entirely with iTunes to "centralize your world" as you are asking. All offline by choice. If you don't already use gmail, you won't be forced to create one. Just use whatever email identity you have already established in your life. Android struggles with polishing these basic abilities across their 100's of phones and multiple chaotic vendors as compared to Apples simpler and more successful 5 phones.
anyone that is today, running around trying to keep their data private is at best fighting a losing battle. for an average person living an average life, it's impossible. i imagine there are people here that are tech-savvy enough to pull it off, but the curtain is drawing even for them.
in stead of focusing on how to keep data private, i'd rather see data be free ... but with strict regulations on how it can be used. for example, i don't care if my insurance carrier can find my complete medical history ... as long as they aren't allowed to discriminate against me based on it. i don't care if a company uses my data to target advertising to me, as long as we have laws allowing us to opt-out. anyway, they are already spamming me with untargeted advertising. could targeted advertising be worse?
My solution is to host my own funambol (contacts only), IMAP (email) and caldav (calendar). It hasn't taken too long to get everything working and it works reliably with over the network sync between my local clients (email/contacts/calendar) and my android device. All in all it just works. If you really do not want to share your information with cloud providers (as I won't since I use it for business and will not allow them to harvest my clients contact info) this is a good solution. I suspect you can use exchange or zimbra to accomplish the same thing if you prefer.
I use an android phone and as someone here has pointed out it does need to be configured with a google email account to activate you can set it have sync with that account off. I've verified that no contacts, calendar, etc show up on that gmail account.
I love Android, but don't trust Google that much with my most personal data (particularly email and contacts). So I don't use gmail for anything but app purchases or save any contact or other personal data on my Google account. I use Yahoo email (eventually I'll get my own mail server) which works just fine with the Android email client or I can use the Yahoo mail app. Funambol let's me sync all my contact data to a private, personal account that is not searched or mined. Funambol will sync all sorts of data on all sorts of devices, it's open source and free unless you need to sync huge data, like multimedia files. There's even a web interface for my data. Finall!y!!! All the advantages of Android without the feeling Google's looking over my shoulder. (Well, they are probably looking at my browsing habits, etc.) Not associated with the company, just overjoyed with this solution. I looked for something like this long and hard before finding it. I can't believe it's not a household name given how useful it is.
i run my iphone with the local-sync only - the contacts and calendars go between my hard disk, usb cable, and iphone ONLY - i have totally switched off the 'sync to the iCloud' - unlike google - the contact info is nowhere except on my hard drive and my phone.
you have the option (and convenience) of using the cloud if you want to - but unlike google, iCloud isn't required, you can set it to run completely locally, and in iOS 5, you can turn off your navigation services, and you're pretty good.
however, all cell phones still track all incoming and outgoing phone numbers, that the time and length of those calls - you're not going to get around that -- so, if you get rid of the phone, and run it completely on the internet with skype (which is registered somewhere anyway) -- you could do it all with an ipod touch. at least that way, you don't have the long trail of phone calls, numbers, and times following you.
2cents
jp
Are There Any Smartphones That Respect Privacy? Did you phrase it this way to get a more "impassioned" debate, or did you just not proofread before posting? First of all, smartphones aren't sentient beings. They can't respect privacy any more than my lawnmower can respect privacy. So ok. Maybe you really meant "what smartphone hardware/software/service provider combination allows me to keep as much personal data private as possible?" In which case I would tell you that you shouldn't get a smartphone. Heck, maybe you shouldn't even have a normal phone. A phone is by its nature something that communicates things, something that is at odds with "privacy" in the nebulous way you have used the word. What you asked is sort of like "Are there any Ford vehicles I can get that won't make me a bigoted, racist redneck?"
But a phone alone is worthless. Quality of network is very important, and if you want to develop software for your own use, WP7 is the pick of the bunch; the free tools for WP7 are streets ahead of the paid tools from Apple or Android, and the programming model is better. Contrary to widespread misinformation, the Android toolchain is no more free than the WP7 toolchain, which is to say that both provide a freebie version for non-commercial use. It will cost you to register for use of the WP7 marketplace, which is a Microsoft copy of the Apple app store infrastructure, and serves the same QA function that protects both Apple and Microsoft users from the malware plaguing Android.
Having had a very bottom end dumbphone (that means it even had a web browser; but was S40) I'm pretty convinced by this. I have some Androids and an N900; my friends have iPhones and lots of Androids. They're great for some uses but they just can't nearly compete on battery lifetime, (small) size or convenience.
=~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
Not sure what you mean: GP poster was talking about N900, which more or less comes with root. Not sure how Google would have anything to say about the Maemo browser (micro-B, I think it's called) or how they could make it less/more easy to have NoScript equivalent. Presumably you can run NoScript on Fennec (ie. Firefox for N900) although I haven't tried on mone.
404555974007725459910684486621289147856453481154 in hex is "You sank my Battleship?"
[GPG key in journal]
People, I am amazed that when Apple makes a fumble on location services there is huge media attention on Apple "spying" on people. Where is the noise on Carrier IQ? A real root kit installed on all devices (not confirmed on iOS though) http://www.wired.com/threatlevel/2011/11/rootkit-brouhaha/