Replying to Avatar GHOST

How to Make Your Android Phone Invisible to Google

Your Android phone is a snitch.

Out of the box, it bleeds data. Location history. Voice recordings. App usage. Advertising IDs. MAC addresses. Sensor telemetry. Google doesn’t need to hack your phone, it was built to hand your data over.

Even if you turn off everything they let you turn off, it still talks.

Quietly. Constantly. Back to the mothership.

But you can shut it up.

Not perfectly. But enough to claw back control.

Here’s how to make your Android phone invisible to Google, or damn near close.

https://untraceabledigitaldissident.com/how-to-make-your-android-phone-invisible-to-google/

Avatar
The Stacker Monster 5mo ago 💬 5

this is a great write up and I love nostr:npub1235tem4hfn34edqh8hxfja9amty73998f0eagnuu4zm423s9e8ksdg0ht5

I would love your take on mobile privacy from the actual network provider. from what I understand, there are two major attack surfaces here.

1: your IP address and all your traffic metadata, which can be 'easily' solved by running a good VPN.

2: your SIM is constantly pinging cell phone towers and building a constant historical record of your whereabouts with quite good accuracy that your SIM provider has. this is tied to the SIM card phone number (or other SIM related identifiers).

while one can purchase a SIM non-kyc, linking a phone number to a person is usually trivial to a large actor given most people's contacts upload your phone number and name into various databases (either apps like whatsapp or into contact backup/sync solutions)

Fighting number 2 is what I'm most concerned about and it seems to be harder to do on graphene than on iOS. Largely because a high quality, cost effective, reliable VoIP app (which solves problem number 2) is hard to get to work on graphene.

Do you have any thoughts or solutions about this concern? Perhaps the concern itself is just overblown and I shouldn't worry about that?

Reply to this note

Please Login to reply.

Discussion

Avatar
GHOST 5mo ago

I have no idea what your threat model is. You would have to decide what amount of friction you are willing to live with.

The most effective fix is to not own a phone in the first place. This is a bit extreme if you are just trying to avoid surveillance capalism but absolutely necessary if a state actor is after you.

You are right that there are more and easier apps for iOS than graphene but NOT for the right reasons.

If you are looking for a magical app or device to accomplish this it is just not possible.

Even if you cloak your traffic with a perfect VPN chain, your radio modem still screams your location to the nearest towers every few seconds. That signal is tied to your IMSI (SIM identity), and your IMEI (device ID) gets swept up too unless you've spoofed or blocked it somehow (which most phones won’t let you do without deeper firmware-level games).

If you are a activist and doing activist things or going to meetings then do not take your phone with you. Only communicate with burners on secure channels.

Most people don't need to worry about this but if you have a elevated threat model then Compartmentalize. Have a personal phone at home that's wifi only and a burner that stays in a faraday bag.

I have a old article on how to use a burner phone posted on nostr. I will dig it up and put it on the blog.

Avatar
GrapheneOS 5mo ago 💬 1

nostr:npub1wq8aszhx3cqfa5af0j2z6fnwxhu2fg3xcuy6m3ph4ut2hrg957fs72xxan nostr:npub18dlusgmprudw46nracaldxe9hz4pdmrws8g6lsusy6qglcv5x48s0lh8x3 You can buy a non-KYC eSIM from several companies to avoid it being inherently tied to your identity.

There are data-only eSIMs rather than using calls/texts at all and we also plan to provide support for disabling calls/texts for attack surface reduction.

Most VoIP apps work fine on GrapheneOS and there's an open source app/service you can use for it.

Avatar
GHOST 5mo ago

I agree with your other responses on wifi + VOIP. But I am not a fan of the non-kyc SIMS and never recommend them.

They are too easily compromised and linked by the users behaviors.

Tower triangulation is permanent history. It’s logged, stored, and retroactively searchable. Even non-KYC SIMs don’t help if your social graph doxes you passively.

They are a illusion of safety for people who don't really need that level of threat protection and too big a risk for those who do need it.

Compartmentalization is the easier and safer route.

Avatar
Cyphernomad 5mo ago

Which would be the VOIP options?

Avatar
The Stacker Monster 5mo ago

I agree, the social graph is the easiest dox that happens. That is why something like a mysudo seems like an easy way to compartmentalize (using up to 9 identities)

Do you compartmentalize using voip or some other way?