Slashdot Mirror

← Back to Stories (view on slashdot.org)

Keeping Data Secret, Even From Apps That Use It

Posted by samzenpus on from the no-information dept.

Nerval's Lobster writes "Datacenters wanting to emulate Google by encrypting their data beyond the ability of the NSA to crack it may get some help from a new encryption technique that allows data to be stored, transported and even used by applications without giving away any secrets. In a paper to be presented at a major European security conference this week, researchers from Denmark and the U.K. collaborated on a practical way to implement a long-discussed encryption concept called Multi-Party Computation (MPC). The idea behind MPC is to allow two parties who have to collaborate on an analysis or computation to do so without revealing their own data to the other party. Though the concept was introduced in 1982, ways to accomplish it with more than two parties, or with standardized protocols and procedures, has not become practical in commercial environments. The Danish/British team revamped an MPC protocol nicknamed SPDZ (pronounced 'speeds'), which uses secret, securely generated keys to distribute a second set of keys that can be used for MPC encryptions. The big breakthrough, according to Smart, was to streamline SPDZ by reducing the number of times global MAC keys had to be calculated in order to create pairs of public and private keys for other uses. By cutting down on repetitive tasks, the whole process becomes much faster; because the new technique keeps global MAC keys secret, it should also make the faster process more secure."

59 comments

  1. Not the first commercial application by pjt33 · · Score: 3, Informative

    The summary claims that

    Though the concept was introduced in 1982, ways to accomplish it with more than two parties, or with standardized protocols and procedures, has not become practical in commercial environments.

    (I presume it's quoting the article, but samzenpus has managed to make the link self-referential).

    That just isn't true. I've read a very interesting paper about "massively multiplayer" commercial use of MPC back in 2008. It involved Danish researchers, so it may be the same team, and there may be improvements, but it would be good to limit the claims to the actual novelties.

    1. Re:Not the first commercial application by rudy_wayne · · Score: 4, Insightful

      Datacenters wanting to emulate Google by encrypting their data beyond the ability of the NSA to crack it

      2 years ago, a court ruled that much of the NSA's activities were illegal and unconstitutional. However, because this was a secret ruling, by a secret court, nobody knew about it until just recently and so the NSA was free to go about their business. And they continue to engage in their illegal and unconstituional activities because there is no one in power who is remotely interested in stopping them.

      The point is, if you are thinking about encryption or other ways to "hide" from the NSA, you are trying to solve the wrong problem.

      If the NSA can't break your encryption or figure out how to get at your data, then they will simply issue a secret order (that you are not allowed to tell anyone about) demanding that you decrypt or turn over your data under the threat of going to prison. A threat which is enforced by a secret court whose rulings are secret and cannot be discussed with anyone.

      Until this situation changes, encryption or other schemes are meaningless.

    2. Re: Not the first commercial application by PuppiesAndGoats · · Score: 1

      Citations? I don't disbelieve you, I just don't want to hunt down information that's less than correct.

    3. Re: Not the first commercial application by Anonymous Coward · · Score: 0

      Last I heard, the Supreme Court ruled that the NSA could collect metadata and such.

    4. Re: Not the first commercial application by PuppiesAndGoats · · Score: 1

      I was more curious about the reference to secret rulings against citizens, which sounds made up.

    5. Re:Not the first commercial application by Anonymous Coward · · Score: 0

      Hi,

      Disclaimer: I am the creator of Sharemind, another earlier secure multiparty computation system.

      Secure multiparty computation can be considered quite mature now.
      See the following:

      Satellite conjunction analysis (with secure floating point!) - http://news.discovery.com/space/spy-tech-keeps-satellites-from-bumping-130411.htm
      Financial reporting - http://fc12.ifca.ai/pre-proceedings/paper_37.pdf
      Genome-wide association studies - http://bioinformatics.oxfordjournals.org/content/29/7/886

      The Sharemind secure multiparty database has a preliminary SDK available (and we are working on a more "industrial" version 3)
      https://sharemind.cyber.ee/

      The SPDZ work is really cool and I am personally looking forward to using these kinds of protocols.

      Dan

    6. Re: Not the first commercial application by SpaghettiPattern · · Score: 1

      You almost suggest preemptive surrender. Cryptography should continue to develop, regardless of how government bodies are perverted. We're now playing catch up on one side. The other side should not suffer from defeatism.

      --

      I hadn't the slightest objection to his spending his time planning massacres for the bourgeoisie... (P.G. Wodehouse)
    7. Re: Not the first commercial application by Xest · · Score: 2

      Even if not it completely defeats his own point. If we have a cryptography breakthrough such that the NSA has to approach individual citizens with secret orders to access each and every one of their GMail accounts then this has two effects:

      1) It pisses average citizens off and makes it an election issue to the point you'll get civil disobedience as everyone starts defying their orders and talking about them.

      2) It limits the ability of NSA agents to actually spend time using any of the data anyway because they're all tied up visiting people's houses getting them to sign secret orders.

      That's why people claiming technology is irrelevant are wrong and simply don't get it, technology is still the vessel by which you can enact political movement on the issue. You wont just be able to magic up political movement by itself like some people seem to believe, you have to keep fighting and push the likes of the NSA to become so intrusive in their actions, or their operations become so prohibitively expensive that people do begin to care and you do that by making the technology less trivial and more inconvenient to defeat.

      The point isn't about inventing some magical technology that can defeat the NSA, the point is to make the NSA's blanket spying program ever more difficult and ever more cost and time prohibitive to perform by using better technology.

    8. Re:Not the first commercial application by Trogre · · Score: 1

      Which court? As far as I know, only the Chief Justice of the Supreme Court (TM) can declare something unconstitutional.

      --
      "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
  2. Well, darn. by mcgrew · · Score: 2

    I just upgraded to a smart phone and hated how every app I wanted to download wanted everything. Why should Pac Man need my contacts list and GPS information? So when I saw the submission I though ALL RIGHT!!!

    Sadly, this is interesting but solves a completely different problem, so I guess I'll be appless for a while (except the KSHE app, everything it needed had to do with its workings).

    TFA doesn't say if this could be used for private messages between individuals. But we need to have every damned thing encrypted, the NSA is only one entity that knows everything about your online life. I think it's damned creepy either way and would like to see it outlawed. Fat chance, though, since the corporate spies own the government.

    --
    Free Martian Whores!
    1. Re:Well, darn. by DavidClarkeHR · · Score: 3, Informative

      I just upgraded to a smart phone and hated how every app I wanted to download wanted everything. Why should Pac Man need my contacts list and GPS information? So when I saw the submission I though ALL RIGHT!!!

      The solution you are looking for is SElinux, and it is already enabled in the latest cyanogenmod nightlies.

      --
      - Nec Impar Pluribus, or so I'm told.
    2. Re:Well, darn. by ackthpt · · Score: 1

      I just upgraded to a smart phone and hated how every app I wanted to download wanted everything. Why should Pac Man need my contacts list and GPS information? ...

      Exactly why I haven't installed any new apps on my Galaxy S4 since buying it. I figured I'll download the SDK and build what little I need. For all you know some of the simplest free* apps may be written by NSA fronts.

      * as in beer.

      --

      A feeling of having made the same mistake before: Deja Foobar
    3. Re:Well, darn. by noh8rz10 · · Score: 1

      I just upgraded to a smart phone and hated how every app I wanted to download wanted everything. Why should Pac Man need my contacts list and GPS information? ...

      Exactly why I haven't installed any new apps on my Galaxy S4 since buying it. I figured I'll download the SDK and build what little I need. For all you know some of the simplest free* apps may be written by NSA fronts.

      * as in beer.

      or free as in speech, considering nsa worked to influence encryption standards and put shills into the open source development process.

    4. Re:Well, darn. by fustakrakich · · Score: 2

      I don't believe an Android phone is ever 'appless'. There are plenty of hidden processes running that are very difficult to weed out. And since even a dumb phone is sending everything through the NSA anyway, you may as well enjoy all the toys you can. Maybe there is a network sniffer (illegal hacking tool in Germany, no doubt) you can install, and block all unwanted traffic. That's the only hope I see in this scenario.

      --
      “He’s not deformed, he’s just drunk!”
    5. Re:Well, darn. by mcgrew · · Score: 1

      The solution you are looking for is SElinux, and it is already enabled in the latest cyanogenmod nightlies.

      I'd love to do that but my carrier wouldn't go along. Hell, it's the latest Android and they disabled sideloading apps before shipping it. If I installed Linux it would be a four inch wifi tablet.

      --
      Free Martian Whores!
    6. Re:Well, darn. by mcgrew · · Score: 1

      All the KSHE app wanted was access to the internet, sound chip, and sleep circuitry (so It wouldn't stop playing when the screen blanked out). So far, playing KSHE is the only thing the Android does that the Motorola feature phone wouldn't, although the camera is a lot better and it has way more storage. Hell, I could play pac-man on the feature phone without telling them who I knew and where I was.

      Wait - OK, this one is "waterproof". Dropping it in the toilet isn't as dangerous (that's how my Razr died ten years ago).

      --
      Free Martian Whores!
    7. Re:Well, darn. by nullchar · · Score: 2

      If you cannot root your phone, you should return it and purchase a model you can install a custom ROM on.

      If you care about your privacy, with respect to smartphone apps, you'll need root (at minimum) or a custom ROM.

      At least with root, you can use DroidWall as a firewall to disallow those contact list reading apps from sending your data to the outside world.

      If you're stuck with your [poor] choice of smartphone, perhaps App Ops can help.

      You always have a choice!

    8. Re:Well, darn. by mcgrew · · Score: 4, Interesting

      It's not just the NSA. I'm outraged that they're spying on citizens, even though they have no reason to be interested in me. I'm outraged that advertisers insist on knowing my GPS position, who's on my contacts list, etc. It's creepy and it pisses me off. I thought stalking was illegal?

      --
      Free Martian Whores!
    9. Re:Well, darn. by DMUTPeregrine · · Score: 1

      https://f-droid.org/repository/browse/?fdid=dev.ukanth.ufirewall may be something you'd like. It's an open-source frontend for iptables. Or you could just use a terminal emulator (or Android's USB Debugging and the SDK) and the command line iptables...

      --
      Not a sentence!
    10. Re:Well, darn. by TheRealMindChild · · Score: 2

      So to hide data from the likes of the NSA, you want me to use a system developed by the NSA? Brilliant!

      --

      "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    11. Re:Well, darn. by fustakrakich · · Score: 1

      I thought stalking was illegal?

      Like terrorism, it depends on who the perpetrator and the target is.

      --
      “He’s not deformed, he’s just drunk!”
    12. Re:Well, darn. by Anonymous Coward · · Score: 0

      The solution you are looking for is SElinux, and it is already enabled in the latest cyanogenmod nightlies.

      I'd love to do that but my carrier wouldn't go along. Hell, it's the latest Android and they disabled sideloading apps before shipping it. If I installed Linux it would be a four inch wifi tablet.

      Then you don't have a smartphone. You have a feature phone.

    13. Re:Well, darn. by Anonymous Coward · · Score: 0

      So to hide data from the likes of the NSA, you want me to use a system developed by the NSA? Brilliant!

      You mean, to fight for governmental change, we need to use the government?

    14. Re:Well, darn. by Anonymous Coward · · Score: 0

      The NSA has credibility issues and by extension so does SElinux even with its open source. This was posted 2 days ago:
      http://linux.slashdot.org/story/13/09/07/195241/john-gilmore-analyzes-nsa-obstruction-of-crypto-in-ipsec

    15. Re:Well, darn. by chihowa · · Score: 1

      I think the most important aspect is that the right people (or the right kind of people) are making money off it. If connected people are profiting from it, anything is legal.

      --
      If you want a vision of the future, imagine a youtube comments section scrolling - forever.
    16. Re:Well, darn. by Anonymous Coward · · Score: 1

      DroidWall has been discontinued for awhile after the dev sold out to an android AV company. But it was forked since then, Android Firewall is pretty much its spiritual successor (free, no ads or tracking networks, no nonsense, and GPLv3): https://play.google.com/store/apps/details?id=com.jtschohl.androidfirewall&hl=en

    17. Re:Well, darn. by mcgrew · · Score: 1

      It's not the phone, it's the carrier. At $40 per month for unlimited everything, changing carriers is kind of out of the question. My daughter's on AT&T with an iPhone and her bill is always over $100.

      --
      Free Martian Whores!
    18. Re:Well, darn. by jhol13 · · Score: 1

      Forget SELinux, use http://grsecurity.net/.
      See e.g. https://lwn.net/Articles/538221/

    19. Re:Well, darn. by Anonymous Coward · · Score: 0

      As someone who just did a major survey of carriers looking for a new cell phone provider, may I ask who you went with? $40 Unlimited sounds like PlatinumTel. If so, you should be able to use whatever phone you'd like.

    20. Re:Well, darn. by nullchar · · Score: 1

      With every carrier, you have a choice between a shitty phone and a decent phone. You should be able to maintain that plan and purchase your own phone to use on their network. It may not be subsidized (and your current device may go unused), but only you can value your privacy (original nexus4 is pretty cheap).

    21. Re:Well, darn. by Anonymous Coward · · Score: 0

      In Canada, that's wind mobile. Unlimited everything, tho throttling kicks in after 5gb of netflix.

    22. Re:Well, darn. by mcgrew · · Score: 1

      You should be able to maintain that plan and purchase your own phone to use on their network.

      Yes, you should, and in most places you can, but it's different in the US.

      --
      Free Martian Whores!
    23. Re:Well, darn. by nullchar · · Score: 1

      In the US, ATT, Tmobile, Verizon, Sprint all allow you to use select handsets on their networks. Verizon is the most restrictive, with their use of CDMA instead of GPRS, but you can easily purchase other phone models than the "free" one given with your plan.

      $40 for data + voice sounds like a good deal, so it probably isn't from any of those major four listed above.

  3. Like homomorphism by plover · · Score: 3, Interesting

    How is this different from homomorphism? The thing is that it's not intended to keep secrets. Correlations might still exist that could give basic traffic kinds of data away. Have they figured ways to prevent those secrets from leaking?

    --
    John
  4. goog lol by noh8rz10 · · Score: 0

    FTFS:

    "Datacenters wanting to emulate Google by encrypting their data beyond the ability of the NSA to crack it..."

    bahahahahaha! why would anybody think that goog is trying to "protect" the data of its users/product?

    1. Re:goog lol by geekoid · · Score: 3, Insightful

      Due to there history of trying to protect their users data?

      It's in their best interests not to allow outside parties get at the data?

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
    2. Re:goog lol by noh8rz10 · · Score: 0

      have you even heard of snowden? have you been in a cave the last three months? or are you such a fanboi that your head is in the sand still?

    3. Re:goog lol by Anonymous Coward · · Score: 1

      What does Snowden have to do with it? Had the government done a competent job of restricting him to just data that he was supposed to have, most of this mess wouldn't have happened. It didn't even get down to the point of encryption. He was permitted access to a computer with an accessible USB port as well as the ability to access tons of information that he shouldn't have had. Even without the eventual breach, it was a ridiculous set up from the get go.

    4. Re: goog lol by Anonymous Coward · · Score: 0

      WTF? "...most of this mess..."....so you're basically saying you wish the government had put into place better security protocols so that we would never know any better and our collective heads would still be in the sand right alongside your's?

      the world would continue the status quo of thinking encrypting our data is not worth it...and continue tolerating the occasional security breach from outside hackers that gain access to personal data.

      as it is now...I'll take this mess thank you.. it's what gave the world a big wakeup slap across the face to get their act together.

    5. Re:goog lol by stealth_finger · · Score: 1

      What does Snowden have to do with it? Had the government done a competent job of restricting him to just data that he was supposed to have,

      Yeah, because he famously googled his information.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    6. Re:goog lol by stealth_finger · · Score: 1

      doh, quoted wrong post, was supposed to be that one "have you even heard of snowden? have you been in a cave the last three months? or are you such a fanboi that your head is in the sand still?"

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    7. Re:goog lol by tlhIngan · · Score: 1

      Due to there history of trying to protect their users data?

      It's in their best interests not to allow outside parties get at the data?

      Only to the point where $$$ is concerned. You forget 99% of Google's income comes from selling ads. Ads that come with piles of analytics (courtesy of "Free" Google Analytics). And Google owns the vast majority of ad networks out there, including the ever-popular DoubleClick (purveyor of famous Pop Ups and Pop Under ads).

      I'm fairly certain the NSA could get access at data far more easily by simply paying for it rather than trying to get it "for free". It's not in Google's interest to offer it for free. It's in Google's interest to SELL you to customers.

      Heck, the commercial sector is basically doing the government's work for them - Google has its fingers in so many ways that the data collection will far exceed what the NSA could possibly hope to collect. (Except, perhaps, for Tor users since the NSA can run and monitor a bunch of exit nodes which they do - but it's no big stretch that a Tor user might go and log into their Google account...)..

    8. Re: goog lol by Anonymous Coward · · Score: 0

      the world would continue the status quo of thinking encrypting our data is not worth it...and continue tolerating the occasional security breach from outside hackers that gain access to personal data.

      You realize the "status quo of thinking encrypting our data is not worth it" is caused by the government forcing corporations to fork over their data, regardless of whether or not the public knows about it, right? Most of the organizations trying to "stick it to the man" are, at best, going to pose a mild inconvenience. The majority of people who were surprised by this also have no idea how any of it works and no real way to do anything about it.

      Net change: ~0

  5. Eh.... by IamTheRealMike · · Score: 5, Informative

    Two datacenters owned by the same company using MPC is a really dumb use case. That won't help at all. The point of Google encrypting cross-dc communications is a forcing manoeuvre - it forces intelligence agencies to go via Google Legal to get information where the request can be analyzed and pushed back on. Even in countries where the legal system is flimsy and corrupt, that's an issue that can be improved significantly just with a single act of Congress or Parliament, whereas undoing their wiretapping infrastructure will prove somewhat harder because there's no adversarial lawyer standing in the way.

    A better example might be two datacenters owned by different companies, where they don't mutually trust each other. Or, to give an actual use case, the OTR chat encryption protocol uses MPC to authenticate connections. They call it the socialist millionaires protocol. The two parties agree on a secret word (typically by one user posing a question to the other), and then a variant of MPC is used to verify that both parties selected the same word. The word itself never transits the wire and it's only used for authentication, so it's relatively strong even if the secret word is short or predictable.

    Now, for some background. The paper can be found here if you want to skip the million+1 links and registration crap.

    The basic idea behind MPC is that you write your shared computation in the form of a boolean circuit, made up of logic gates as if you were making an electronic circuit. The inputs to the program are represented as if they were electronic signals (i.e. as one and zero bits on wires). Once done, there are two protocols you can follow. The original one is by a guy named Andrew Yao. Each wire in the circuit is assigned a pair of keys. The details I'll gloss over now, but basically given the circuit (program) as a template, lots of random keys are created by party A, then the entire "garbled circuit" is sent to party B who will run it. Party A also selects the keys for his input wires and sends them to party B, who doesn't know whether they represent 0 or 1, only party A knows that.

    Now party B wants to run the program with his input, but he doesn't want party A to know what his input is. So they use a separate protocol called an oblivious transfer protocol to get party A to cough up the right keys for B's input wires, without A finding out what they were. Finally, party B can run the program by progressively decrypting the wires until the output is arrived at.

    What I described above is Yao's protocol. There is also a slightly different protocol called BGV. In BGV you don't send the entire program all at once. Instead, as party B runs through the program, each time they encounter an AND gate they do an oblivious transfer with party A. XOR gates are "free" and don't require any interaction. I forgot what happens for other kinds of gates. Basically, BGV involves both parties interacting throughout the computation, however, it can result in much less network traffic being required if your OT protocol is cheap, because if your circuit is very wide and shallow then most of the garbled program never has to even get transferred at all.

    From what I can tell, most of the best results in MPC these days are coming from BGV coupled with new, highly efficient OT protocols. SPDZ appears to work on yet another design, but the basic reliance on circuit form remains.

    1. Re:Eh.... by Anonymous Coward · · Score: 0

      The boolean circuit-based solution is very flexible and allows you to create complex bit-level protocols.
      However, the way the protocols in SPDZ, Sharemind and some other protocols work,
      is a bit more efficient, as it processes more bits at once and reduces the multiplicative depth of the whole circuit
      and the communication complexity between the multiple parties.

  6. And, SElinux was given to us by which org? ;-) by PaulBu · · Score: 2

    I think it was in the news recently, a lot, but not for their Linux contributions...

    Though, maybe those were referenced too, along with some other contribs to MS, standards organisations, etc.

    If anything, I am sure that someone is giving close and fresh look into SElinux parts right now...

    Paul B.

  7. Read summary too fast ... by Anonymous Coward · · Score: 0

    Thought it said "reducing the number of times global MAC keys had to be ejaculated". Whoops!

  8. If you believe what you do online can be secret by stevez67 · · Score: 0

    I want to sell you some ocean front property in Colorado and some lake front property in Death Valley.

    1. Re:If you believe what you do online can be secret by istartedi · · Score: 1

      lake front property in Death Valley.

      That's not as far-fetched as you think. The lake is there it's just not usually very wet. During wet years people have floated canoes and kayaks there for a while.

      --
      For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
  9. It Has My Support by Jane+Q.+Public · · Score: 1

    I'm all for "Keeping Data Secret, Even From Apes That Use It"

    Um... wait. Never mind.

  10. Why am I not surprised ? by Taco+Cowboy · · Score: 3, Interesting

    Last I heard, the Supreme Court ruled that the NSA could collect metadata and such.

    The system is indeed stacked against us, the people.

    From the court, to the congress, to the White House, to the law enforcement, to the press - their convergence behind the tyrannical regime spelled DOOM to the very concept of the United States of America.

    I left USA more than 10 years ago due to my disgust of what had happened, and the more I see my country from afar, the more sad I'm becoming.

    What the fuck is happening to America ?

    Why the fuck my fellow Americans are allowing this to happen ?

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:Why am I not surprised ? by cavreader · · Score: 1

      "Why the fuck my fellow Americans are allowing this to happen ?"

      What exactly should Americans be doing start a civil war? The surveillance programs are already out in the open for all to see and criticize. At this very moment there are people publically investigating the legality these programs and working towards modifying or totally shutting these intelligence gathering programs down.

  11. Security-by-obscurity? by Anonymous Coward · · Score: 0

    In a paper to be presented at a major European security conference this week, ...

    What is this? Security-by-obscurity?
    Just tell us the name of the conference.

  12. A simple solution by Anonymous Coward · · Score: 0

    Isn't just encrypting the data and having all the decryption done locally with a key (password) the user of the data knows of the best solution? In this way, it is impossible for anyone other than the user to have the data since he's the only one who can decrypt it. Why send your password to a server that will decrypt your documents when you can just have the server host crypted documents and when you need them ask the server to give them to you and then decrypt them yourself, from your own machine?

    I think this technology already exists and is already used, directly in the browser. I believe blockchain uses this method.

  13. Sharemind by Rehapapp · · Score: 1

    Check out the Sharemind, three-party secure computation system, it has even a SDK available: http://sharemind.cyber.ee/download-sdk .

  14. Why focus on the NSA? by dutchwhizzman · · Score: 1

    The NSA may be a big problem, but it's hardly the only threat to people looking at data they have nothing to do with. How many admins have access to large troves of user data they have nothing to do with, that would make good money if sold to certain parties? How many databases hold data that can't be effectively shielded with more than a single layer from people that should only have access to parts of it? Stop fretting about the NSA in this context, they are only one of many threats this problem tries to solve.

    --
    I was promised a flying car. Where is my flying car?
  15. rooting only superficially works by dutchwhizzman · · Score: 2

    There are large binary blobs in your phone that hold the firmware for the baseband processor and other chips. Rooting the phone will give you some form of control over the OS running the user interface, but not the rest. It is probably trivial for attackers to find a backdoor in one of the binary blobs, once they start looking for it. It may be restricted to that model phone and that version of the binary blob, but chances are, that with just a few actual backdoors, implementations for most of the smart phones can be made. Don't trust your phone any more rooted than non-rooted, it's still mostly unknown territory for you even if you have it rooted.

    --
    I was promised a flying car. Where is my flying car?
    1. Re:rooting only superficially works by nullchar · · Score: 1

      Agreed. Root gives you minimal more control over your device, but unless you manually remove the pre-installed bloatware, you'll still worry about it.

      A custom ROM image is decent, but you're often relying on blobs for radios and other hardware layers like video. Those could be trojaned as well.

      A firewall blocking outgoing connections is nice, if you can trust iptables and the kernel. Though outside of IP (tcp/udp) information could still be sent via the carrier's radio protocols.

      The GP was complaining about third party apps leaking his personal information, so a custom ROM allowing fine-grained permissions control would help.

  16. Yeah, RIGHT! by Anonymous Coward · · Score: 0

    Does ANYBODY here actually believe google encrypts data so that NSA can't read it?