Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: How To Bypass Gov't Spying On Cellphones?

Posted by timothy on from the excuse-me-while-I-snap-this-glove dept.

First time accepted submitter jarle.aase writes "It's doable today to use a mix of virtual machines, VPN, TOR, encryption (and staying away from certain places; like Google Plus, Facebook, and friends), in order to retain a reasonable degree of privacy. In recent days, even major mainstream on-line magazines have published such information. (Aftenposten, one of the largest newspapers in Norway, had an article yesterday about VPN, Tor and Freenet!) But what about the cell-phone? Technically it's not hard to design a phone that can switch off the GSM transmitter, and use VoIP for calls. VoIP could then go from the device through Wi-Fi and VPN. Some calls may be routed trough PSTN gateways — allowing the agencies to track the other party. But they will not track your location. And they will not track pure, encrypted VoIP calls that traverse trough VPN and use anonymous SIP or XMPP accounts. Android may not be the best software for such a device, as it very eagerly phones home. The same is true for iOS and Windows 8. Actually, I would prefer a non cloud-based mobile OS from a vendor that is not in the PRISM gallery. Does such a device exist yet? Something that runs a relatively safe OS, where GSM can be switched totally off? Something that will only make an outgoing network connection when I ask it to do so?" And in the absence of a perfect solution, what do you do instead? (It's still Android and using the cell network, but Red Phone — open sourced last year — seems like a good start.)

6 of 364 comments (clear)

  1. Don't play.... by bobbied · · Score: 5, Informative

    The only way to win is not to play...

    Or, buy a new handset and phone number for every call and only pay cash.

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  2. Re:what makes you worth tracking? by immaterial · · Score: 5, Informative

    its like the idiots who think the supermarkets are tracking them personally with the loyalty cards. stores want aggregate data and purchase bundles to do loss leader promotions. they really couldn't care what you buy personally

    Bullshit. Careful who you call idiot, lest you look even more the fool.

  3. Encrypted phones by Animats · · Score: 4, Informative

    There are encrypted GSM phones with end-to-end encryption when talking to a similar phone. They're overpriced and hard to buy, but available. The source code is available so you can see how it works. It's classic Diffie-Hellman 4096-bit key exchange to establish a session key, followed by 256-bit AES encryption for the data.

    It's too bad OpenMoko tanked. That was a totally open source phone down to the hardware level. That plus Cryptophone-compatible code would have been trustworthy.

    1. Re:Encrypted phones by Anonymous Coward · · Score: 3, Informative

      Openmoko is not tanked.

      OpenPhoenux project, coming from Openmoko community, may be the answer for all those needs. It has less resources than Openmoko had, as it's done by a small german company Golden Delicious, but thanks to that it makes small moves rather than big and crazy that Openmoko did, so it's less likely that it'll completely fail like Openmoko did.

      Old Openmoko Neo Freerunner already was perfect for such purpose, but it's a bit unusable for anyone who's not hardcore geek always being ready to use terminal on his phone to do simple tasks in case something breaks. Fortunately, new GTA04, together with QtMoko or SHR systems, should be quite good choice.

      http://www.openphoenux.org/

      "What OpenPhoenux stands for:
      * participation by everyone
      * extensible hard- and software - DIY
      * allows to inspect what the system is doing (as far as achievable)
      * can be repaired using standard parts (as good as possible)
      * long-term support (e.g. software upgrades for an 2007 Neo 1973)
      * no planned obsolescence through open hard- and software
      * no central, intransparent, stock exchange listed instance that gives directions
      * hardware development and production near to users (Europe) under fair labour conditions
      * independent from the "modern mainframe" and back to the networked, decentralized web
      * everybody plays client and server roles and keeps control over his/her participation
      * makes the technical system transparent, not the user"

  4. Re:Disposable cell phone by ub3r+n3u7r4l1st · · Score: 3, Informative

    and how do you know if a warrant has been issued and executed? You have basically don't have a right to protest a warrant because you don't know it even existed.

    And all mail are scanned and the image is taken and stored into a database (presumably the NSA):

    http://www.thesmokinggun.com/documents/woman-arrested-for-obama-bloomberg-ricin-letters-687435

    --
    New Economic Perspectives
  5. Redphone, huh? by geminidomino · · Score: 4, Informative

    Funny how a privacy-oriented app like TextSecure (text app from the makers of Red Phone, mentioned in TFS) wants to access my Device ID, SIM serial number, and Subscriber ID...