Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: How to preserve privacy while using smartphones?
28 points by trompetenaccoun on Oct 22, 2021 | hide | past | favorite | 14 comments
I currently use an Apple phone, with a special camera covering case. That's pretty much my setup, plus opting out of anything that can be opted out. It's long bugged me that there is no way to manually disconnect the microphones. Looking into it there only appears to be the Linux based PinePhone that offers switches for disabling camera and microphones. While that's great, the rest of the phone isn't so much.

I'm a casual smartphone user. I don't want to put months into jailbreaking, tweaking, monitoring connections etc. I know though that both iOS and Android call home to transmit a bunch of private data. And now Apple is going to scan our data as well, ffs!

Basically I'm looking for a setup that would give me the best privacy with a quality phone (something similar to a modern iphone) and ease of use. Of course that's contradictory, but what would be the best compromise in your view? What is your own setup? I'm open to any suggestions and am even considering extreme solutions like getting rid of the smartphone altogether.




Stock android, vpn based firewall so you can block traffic in/out, camera notification notification, app firewalls to look for app communication, virus/root scanner. You can also degoogle the phone, turn off all sync, and use a fake google account just for app updates. Lock down 3rd party apps.

Then turn off everything you can in options on that phone, if you can root it, apk remove/freeze apps.

I de-googled, de-amazon'ed my phone, removed all accounts except google, and no longer use apps, i use a browser. (Except spotify/yt, because I listen to podcasts more than anything else.)

2FA on everything.


As others have said, put GrapheneOS or CalyxOS on a supported Pixel. LineageOS isn't directly privacy focused, but it's an alternative to using a pure Google product so does help.

You'll likely need to deprogram your concept of "quality" to prioritize security and privacy over convenience, then give anything you try an honest chance. Remember, any frustration you might feel early on is just withdrawal from all of the non-volitional and anti-consumer patterns leaving your life.


As far as I know every mobile phone reveals your location to the owners of the radio towers and your provider. It is probable they forward this information to more parties. You can use one with a hardware off switch, but obviously you cannot be reached by phone for the off time, not using one at all would not make a huge difference at that point.


Part of the problem is defining your threat model. For example, if you're trying to avoid surveillance dragnets like geofence warrants, that can reasonably done by GrapheneOS+prepaid service+ cash-bought phone, combined with keeping your phone turned off near home (separate device for home use). It's also best if your mobile phone number is never used or known by anyone because you use a VOIP number (further decouples your mobile tracking identifiers from your public persona.)

But yeah, at some point you have to accept that you can't be zero-trust with your mobile provider.

Edited to add VOIP recommendation.


Pixel phone with grapheneOS, nextdns.io private DNS, a good VPN, and f-droid app store. Super easy, I've been using this setup for 1.5 years

Be sure to donate to FOSS projects as well.


I am interested in a very short writeup of fdroid gotchas, along with good stuff.

I havent got around to putting all data through my home DMZ box to hide from carrier spying.


I recently switched from an iPhone to a Pixel with GrapheneOS and it's been great so far (a couple months now or so).

It's extremely usable, with only minor hiccups if you're trying to use any apps that require Google Play Services. GrapheneOS does allow you to install play services sandboxed without any special system access (just like any other app). I've replaced a couple of apps that required those to FOSS alternatives without much hassle at all.

Install via WebUSB[0] was very simple and went without a hitch, and at the end of the day is basically just a normal Android experience, just much more secure and private by default.

0: https://grapheneos.org/install/web


It’s unclear what you’re concerned about revealing and to whom. Without a threat model it’s hard to say.

For example, are you worried about location information? Who do you want to avoid knowing if? What granularity is acceptable?

Your smart phone reveals a masssssive amount of information, from checking access points and nfc devices to cookies on the web to exif, to cell towers. If you really want total privacy you shouldn’t carry one at all.


Sorry, you're right. I'm concerned about big tech firms collecting my personal data, which we know they do. I'm worried this will then be used to to create a profile containing all sorts of private information, which could get leaked, sold on to other companies or be shared with state agencies when they demand it. There isn't a specific threat and I don't have reason to believe I'm targeted specifically. Although I do have family in an extremely autocratic country and discuss its politics, which might be a concern as well.

My thinking is that I want to generally do as much as I can to reduce the amount of data I reveal without compromising too much on convenience. I understand that I'm still leaking a lot of data, but maybe there are some simple things I can do to reduce it at least a bit?


I bought de-googled GS2900 with e/OS this week, will give it a try. Decided after I read an article posted here (Study Warns Android Phones From Samsung, Xiaomi And Others Are Spying On Users - https://hothardware.com/news/samsung-xiaomi-other-android-ph...). You have some more phones available: https://esolutions.shop/ I also created new @e.email address and got 1GB of space on ecloud.global, migrated contacts, still have to migrate SMSs and call log.


What is the option for carriers? Do you need to use a VPN for all traffic if you don't want them tracking you through just basic network usage?


I don't particularly distrust my carrier and am not using a VPN. I'm in a country with relatively good rule of law, more worried about Apple and Google.


Bro if you’re that paranoid get a candy bar phone


No, don’t.

The security posture of a dumb phone is even worse than a smartphone.

These devices were designed when security wasn’t even an afterthought, let alone a design decision, and they haven’t improved since then.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: