/tech/ - Technology

101010

Posting mode: Reply

Check to confirm you're not a robot
Name
Email
Subject
Comment
Password
Drawing x size canvas
File(s)

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

Manage Board | Moderate Thread

Return | Catalog | Bottom

Expand All Images


(4.73 KB 276x183 knuckleyoung.gif)
A Secure Smartphone Knuckle 01/02/2018 (Tue) 03:38:31 [Preview] No. 12129
Been collecting all I can find on how to make a truly secure cellphone that doesn't leak one's private data daily. Figure it's time to share my findings and collaborate with others for even more insight. Will continue adding as long as this thread remains on topic and doesn't get sidetracked.


Knuckle 01/02/2018 (Tue) 03:44:28 [Preview] No.12130 del
Reasons to Secure Your Data

We all produce a lot of data on a daily basis regarding where we went, and at what times we arrive and eventually leave. Another kind of data shows who we called and who called us. Then another kind even records all that was said. Still more data records all our interests as we travel the web, even what we purchased both on and offline. Since we are creatures of habit, a pattern can likely be determined thru comparison of our daily activities, to the point that accurate predictions could be made by others who (armed with this data) could actually know us maybe better than we know ourselves. How venerable we have now become, when another can know us so well, while we in turn can only give him the non-descript name of "Big Brother".


Knuckle 01/02/2018 (Tue) 03:47:43 [Preview] No.12131 del
How?

How does our government actually gather intel on us? We already know it is mainly thru technology devices such as our smartphones and computers, still most of us have already concluded that we cannot live without them either. Our government's main advantage so far is that the majority of us have little understanding of possible implications that come with these new technologies. When asked, most attempt to hide their ignorance by simply stating "I have nothing to hide" as their sole defense when the subject of one's privacy arises. Is ignorance truly bliss?
This defeatist attitude will eventually place many of us at another's mercy. It is probable that your accumulated data might even someday become "evidence" to prove your complicity against your very own government.
The Snowden revelations put out by Wikileaks has shown actually how far the NSA and CIA will go to find dirt with which they might control others. The Five Eyes program for example, make USA, Canada, the UK, Australia and New Zealand complicit of spying on each other (and then giving back the collected data) as a means to circumvent specific laws which forbid each of them from spying on their own citizens.


Knuckle 01/02/2018 (Tue) 03:50:50 [Preview] No.12132 del
Who?

Our government(along with other Five Eyes members) has already incorporated new laws which now presume an individual is guilty until actually proven innocent. These new laws were supposedly added as protections against terrorism, but in reality do nothing towards helping defeat terrorism. Instead, these new laws only reduce a citizen's rights to a point where authorities can now detain without probable cause(meaning no evidence), without being actually charged(so no lawyer will be present), and held for an undefined period (meaning the 24 hour limit is sorta removed).
In Canada, Bill C51 no makes it illegal for more than 50 people to gather anywhere, while another part states that it is illegal for any number of persons to block a public traffic area (which could mean almost anywhere too). That will put a damper on future protests!
Evidence permitted in a court without the need of a warrant now includes anything that is observed within the officers view. This would therefore include your unlocked cellphone. That's a whole lot of control over one's citizens in a supposed democratic society


Knuckle 01/02/2018 (Tue) 03:53:58 [Preview] No.12133 del
What?
We know that the data is collected en-masse, in other words... collected on everyone. This includes all phone calls and video chat, SMS messages and emails. We also know that our phones onboard GPS records our location and the times 24/7. Also that signal tower triangulation can also determine out location too. Much of this stored data is small in size and will therefore likely be kept for years. Larger data files like audio and video will likely only be kept for a year at most as the storage requirements for this endeavor makes that task most unlikely.
Remember those who claim they have nothing to hide?
• Does that include all your passwords and banking data?
• What about your contacts list? Known association with others could bring you undo attention if someone you know is suspected of a crime....
• What about those comments you made online back when....
• or the history of past websites you cruised....(including those popups that bring you to a nasty sites)
• how about others having the ability to acquire live camera feed or voice recordings at any time from your phone, laptop, tv, game console, cellphone or even your new car's onboard system?
We now live in a world where our home computers are now fully compromised with the advent of Windows 10. Why did Microsoft give away freely what they once charged over $200 for? And then Microsoft even stooped to using a variety of devious tricks in attempt to convert those last ones who refused to migrate over to Windows 10.
So why the big push?
This new version works like no other version before. Windows 10 automatically stores a copy of all your personal data on "the cloud", or in other words, on Microsoft servers.(you agreed to this on the 45 page agreement before install) This now gives your government total access to your data, even when your computer is turned off. And let's not forget that this data is legally no longer your property. This means that no warrants were required to use it against you in a court of law. And even if you did manage to keep your old version of Windows 7, your data is only safe if the updates are turned off. It seems that Microsoft included this cloud access into random updates to gain access to that data which eludes thyem.
Meanwhile those who have a Mac are no safer either as it too has incorporated Microsoft Windows. Only Linux OS's remains as being uncompromised, specifically due to it's open source coding. Since Android was built off this same platform, it too can be trusted, at least more than it's competitors. So is it only coincidence that all new models of laptops with Windows 10 preinstalled cannot load Linux as a replacement OS?


Knuckle 01/02/2018 (Tue) 04:01:08 [Preview] No.12134 del
When?

Many tech companies saw the writing on the wall with the creation of the Patriot Act in 2005. Companies were soon being forced to cooperate with the US government or otherwise face severe penalties. Since the Patriot Act also prevented one from informing others that they were now compromised, a unique system was quickly devised call the "warrant canary" (look it up for better understanding). When a company no longer responded to their monthly canary warrant, it was then assumed that this company now worked for the NSA.
Apple ceased responding to their warrant canary in early 2013 while Google fought back and lasted until mid 2015. Google's real reason became apparent after the US government won a 5 year battle ending with a Supreme court ruling that allowed those who owned the internet infrastructure(the actual cables the internet used) had the right to control the data which it carried. This now meant that those who didn't play along could now be legally denied access.
In late 2013, German authorities submitted proof that Apple conspired with the NSA to spy on Angela Merkel thru her Apple iPhone. This American betrayal of trust towards it's own allies likely cost Apple big time with European sales. Many NATO countries immediately voted to disallow all Apple products into all future assemblies. This harsh response then led to other countries in turn respond by banning the use of all Apple products within their own government facilities. Seems this news was well hidden by western news agencies along with them instead pushing news stories that presented Apple as a defender of your personal data who would never sell out to the NSA demands. Which scenario do you think is more likely?
While Android's "open source" coding makes it impossible for this OS to conceal hidden back doors, manufacturers like Samsung have still prospered by cooperating with the NSA by incorporating various Google apps as a default choice. Where Google once proclaimed loudly that they were the good guys, they now tossed off their white hat off and dawned a black one as they now sell you out by sharing your private data to those willing to pay for it. Supposedly for your convenience (and without asking permission), Google copies all pertinent data to the cloud for safe keeping on Google's servers. But they forget to mention that these servers share (or sell) even your private data for profit (while hiding behind the Patriot Act). Therefore Google too cannot be trusted.


Knuckle 01/02/2018 (Tue) 04:04:17 [Preview] No.12135 del
Why?

Considering all these efforts made towards them just gaining access so as to collect your data, it should become obvious that our government (and it's 5 Eyes partners) has an actual purpose in mind that requires all this data. It's pretty hard not to notice the instability of our present world economies.
Every countries government is expecting and therefore taking measures to prepare for the inevitable chaos that will arise from any possible event which may occur in the near future. There is a great likelihood of some very hard times ahead which will make the "dirty thirties" appear small in comparison. Hard times will predictably produce much social unrest, especially because there are now far more mouths to feed this time around. And it is well known that it takes only one with the courage to speak aloud to spark an uprise. So how can your government possibly maintain control over today's society when the majority of them are likely suffering?
With past and present collected data available, they will find justification to impose their justice on any disgruntled citizen by simply revoking privilege. Instead of having the added costs required for incarceration, they will instead reduce government spending thru denial of social services, pensions or even employment. In this way, those who don't play along will simply get less benefits then those who do.
A somewhat similar approach is being used already in a financially strapped Ukraine.
No matter their reasons, your best bet at this present time is to secure your data flow or at least reduce this leakage to a trickle. The less data they have to work with , the less hold they will likely have upon you later.


Knuckle 01/02/2018 (Tue) 04:12:55 [Preview] No.12136 del
Securing one's data has been a goal by many and it's an ongoing struggle to find go-arounds to each new phone model that comes out.
The most well known approach is to "root" your devices. This procedure gives the user full admin privileges which is essential, so you can either remove hidden spy apps or at least limit their access to your data. Various web sites soon sprouted up to then teach others how they too could take ownership over their phones. Once again government controls somehow managed to shut down most of these sites and then even have manufacturers produce newer models that would be less "rootable" . In this way, rooting became far more difficult after Android version 5.1 and higher.
It is also likely that government demands swayed most manufacturers to redesign any new models more along the iPhone's sealed design which prevents the user from removing the phone's battery (meaning you can no longer be absolutely sure that your phone is actually off). The loss of such a basic security features should therefore make your older android phones more valuable over time.
Due to such tradeoffs, you might want to still hang onto that old phone for a later time when privacy wins over all the eye candy the newer models possess. Everyone is hoping for that they can have the latest gadget and try to believe it is more secure too. In reality, there is little chance any of the new phones can be guaranteed secure. It seems that the most secure phones will likely be those older models because these were less protected and therefore more modifiable.


Knuckle 01/02/2018 (Tue) 04:15:10 [Preview] No.12137 del
Lets break it down:

Android:

Since Google itself is proven compromised, we must assume all Google apps are compromised. Google receives new data daily directly from various (pre-installed) Google apps. Remove and replace these apps and Google no longer receives your new data! But you might still want to leave Google's core app onboard so you can still access to such as Playstore. There are still some hidden apps such as babycrymonitor (OS 5.1 and higher), which are impossible to remove or disable without Admin privilege, but their functionality can be controlled with apps such as Camera Block and Mike Block.
Conclusion: even many newer Androids could be made safe from most data leakage.

iPhones:

All Apple products must be considered compromised. To what extent is unknown. The news hype you've heard is mostly government supported and is likely only damage control due possibly to past events. Recall how news agencies such as CNN continually push a storyline to convince the listener that iPhone won't cave under government threats to unlock the iPhone. A similar situation also occurred with an encrypted Android not long after, yet the only mention of this was some minor headlines. Corporate media only ever mentions the iPhone.
Conclusion: With a closed (hidden)source code, on both their apps and the iOS, All iPhones must be considered unsecurable. This is the perfect game in the governments view because most iPhone owners seem to truly feel their data is secure. In doing so, they become the most venerable.

Blackberry:

Blackberry's lockdown approach is secure against hackers, but the company's past actions prove they will willingly hand your data over to authorities upon request. Off the shelf, they are truly your safest bet towards overall security. But when regarding data leakage, they too gave Google core access for access to the Playstore apps. Again any Google apps will likely share your data to Google servers. Next there is Blackberry Hub to contend with as they too automatically store your data on Blackberry servers. Mind you this data can only be acquired upon official request but it is still available if authorities choose to go that route.
Conclusion: You must now remove all Google apps and also all Blackberry apps to limit your data from leaking onto either of their servers. If you do all this, Blackberry's core defenses are very secure and so your final product will likely be the best defense one could have when using the latest phones. Haven't discovered any hidden spy apps on their OS to date which is good, because the chances of rooting a Blackberry is rather poor.


Knuckle 01/02/2018 (Tue) 04:18:16 [Preview] No.12138 del
So how do you strip an Android?

Most of you have already uninstalled apps from your phone. It's not difficult. You might want to make sure you copy your data off BEFORE you remove the app though.. The real trick is to make sure that the app that you choose to replace your phone's default app is just as functional but doesn't require access to more features than it needs to function properly. This won't be as daunting as you might think because there are a few apps we've found that can help you best decide whom to trust.
This "strip away" approach has already been used by others such as Cyanogenmod (who disappeared quietly too). They started with an early Android OS version and then applied trustworthy apps as their defaults. Similar approach indeed.

If Google can't collect it, they can't pass it on!


Anonymous 01/02/2018 (Tue) 04:23:25 [Preview] No.12139 del
Too much text for very little quality content. It's just a copy-paste from a EFF blog post.
You started saying "how to make", and you ended just playing with words.
>Only Linux OS's remains as being uncompromised, specifically due to it's open source coding. Since Android was built off this same platform, it too can be trusted, at least more than it's competitors.
No. Not even close.
Android is based on linux kernel, but there's lots of proprietary code in the system. And not just from Google, companies require their blobs and drivers to run it on their products.
Also, Linux-based systems are not the only free system. Look more.


Knuckle 01/02/2018 (Tue) 04:40:41 [Preview] No.12140 del
This is my 1st post here and so I'm not up on your rules. The above content is not from any other blog as I wrote this just lately and decided this is the best place to post this content have have it likely remain. I state this as I find little info anywhere regarding this subject matter and have had to compile most data from many tidbits of various sources.
I am well aware of Android being built off the Linux kernal. It is due to this fact that the only secure phones sold usually are built from the Android core. The reason I myself don't purchase one is that they are too expensive. They really are a stripped down version like a cyanogen mod, but they sell you a phone too.

What did get me interested was watching Snowden dissect a reporters phone and thus give some insight into how a secure phone could be rigged. This is where this thread will lead to along with mods that can be done to both new and older models.


Knuckle 01/02/2018 (Tue) 04:51:52 [Preview] No.12141 del
I am usually accused of being too technical and not explaining things in a proper format. I figured the who, what , when why approach would be a good start. I do have many of the articles saved regarding how I drew conclusions. I was really reducing alot so as to retain fact but hopefully not put folks to sleep...
As a service tech, I do have pretty good familiarity with many of these OS's and have actually used a variety of approaches to build a more secure phone. Some are using my latest purchases while others more extreme are done to my older phones.


Knuckle 01/02/2018 (Tue) 05:07:42 [Preview] No.12142 del
I will take some time to write down a step by step lesson for each type of phone.( so you will have to wait a bit) I figure that I'd best start with your "Every Day Carry" phone first as it is the one most will likely follow thru with completing.

I will leave links to apps I found useful and hope others will compare my choice with what they like instead and post them as alternatives.

I know some folks will be uncomfortable with installing apps I post and so I will try to stick mostly to ones they can get from Playstore. There are some that you can likely no longer find and I haven't found a similar replacement. These I will upload for those who want them.(i can upload them, right?)


Knuckle 01/02/2018 (Tue) 06:17:07 [Preview] No.12143 del
I just noted that you actually omitted my 1st posts. They showed actual proof that Google and iPhone cannot be trusted. I figured this needed to be explained for readers to understand why the default apps need removing too.

If you so quickly censor others input without full understanding, then I might as well post this elsewhere as your likely to do this continually.


betamax Board owner 01/02/2018 (Tue) 11:22:28 [Preview] No.12145 del
>>12143
Nobody omitted anything, nobody censored you or anyone here, here's hard proof: https://endchan.xyz/.global/logs/2018-01-02.html

By the way, all cellular phones have to triangulate your position in order to work wirelessly and people that care about OPSEC always use encrypted VoIP connections or something better. Good luck.


Anonymous 01/02/2018 (Tue) 14:48:38 [Preview] No.12148 del
tl;dr:
1) you write like a 13 year-old nigger, though you've made pretty lengthy texts. Get a look at spellckecker highlights sometimes, kay?
2) Your wall of text posesses little to no value. I would consider this post as low effort even for cuckchan or 8ddit. You explain obvious things as you if you see your reader a full retarded normalfag who has no prior knowledge of government surveilance, proprietary and malicious software I'm sure, everyone on end/tech/ is informed enough for this topic to be considered our baseline And if you were to accuse certain government agencies or corporations in spying, please provide direct prooflinks for new users not familiar with this topic to research into.
3) You give no actual instructions on "how to make a truly secure cellphone".
4) There are obvously only two options available: Galaxy S2 with Replicant or any other smartphone with radio chipset physically removed and libre usb wifi adapter attached instead.


Anonymous 01/02/2018 (Tue) 21:01:11 [Preview] No.12149 del
>>12145
>here's hard proof
>implying you can't change the log
I'm not OP, but I too criticised him on here yesterday, and my post is gone. It can be just a bug, but I don't think so.

I'll just repeat, anyway:
>Only Linux OS's remains as being uncompromised
No. Not even close.
Android is based on linux kernel, but it has many Google proprietary code. Also, vendors requires blob drivers to run on hardware.
And... no, Linux is not the only free system, look more.

OP, you started a thread about "how to make" a secure smartphone, but ended with not actual content. Too much text for no content.
We don't want to be rude, but maybe your text will be more appreciated on 4/g/ than here.
You can't have a personal tracking device (aka smartphones) on your pocket all day and get privacy. You have a geolocalization tool with you everywhere. Even efforts like the Purism, CooperheadOS, PostmarketOS and LineageOS are not the solution to this problem.


Anonymous 01/03/2018 (Wed) 00:23:08 [Preview] No.12151 del
>>12148
You faggots never fail to amaze me.


betamax Board owner 01/03/2018 (Wed) 02:32:12 [Preview] No.12152 del
>>12149
>implying you can't change the log
Yes, I can't, no Board Owner nor Board Volunteer can. Anything I do with posts are logged and can't be removed by our side. If anything is done, it would also show up and have a permanent record in the logs. I wasn't here when the bug happened but that's just LynxChan still being buggy after all these years, and you should know that these things can still happen. Some people in /tv/ had some problems around the same time >>>/operate/8056 Perhaps there was an unreported LynxChan update or this might had been a genuine unexplained bug or exploit.


Anonymous 01/03/2018 (Wed) 03:45:22 [Preview] No.12153 del
That photo makes me so angry.



Top | Return | Catalog | Post a reply