Ask HN: How to preserve privacy while using smartphones?
I currently use an Apple phone, with a special camera covering case. That's pretty much my setup, plus opting out of anything that can be opted out. It's long bugged me that there is no way to manually disconnect the microphones. Looking into it there only appears to be the Linux based PinePhone that offers switches for disabling camera and microphones. While that's great, the rest of the phone isn't so much.
I'm a casual smartphone user. I don't want to put months into jailbreaking, tweaking, monitoring connections etc. I know though that both iOS and Android call home to transmit a bunch of private data. And now Apple is going to scan our data as well, ffs!
Basically I'm looking for a setup that would give me the best privacy with a quality phone (something similar to a modern iphone) and ease of use. Of course that's contradictory, but what would be the best compromise in your view? What is your own setup? I'm open to any suggestions and am even considering extreme solutions like getting rid of the smartphone altogether.
14 comments
[ 3.3 ms ] story [ 17.2 ms ] threadBe sure to donate to FOSS projects as well.
I havent got around to putting all data through my home DMZ box to hide from carrier spying.
For example, are you worried about location information? Who do you want to avoid knowing if? What granularity is acceptable?
Your smart phone reveals a masssssive amount of information, from checking access points and nfc devices to cookies on the web to exif, to cell towers. If you really want total privacy you shouldn’t carry one at all.
My thinking is that I want to generally do as much as I can to reduce the amount of data I reveal without compromising too much on convenience. I understand that I'm still leaking a lot of data, but maybe there are some simple things I can do to reduce it at least a bit?
But yeah, at some point you have to accept that you can't be zero-trust with your mobile provider.
Edited to add VOIP recommendation.
It's extremely usable, with only minor hiccups if you're trying to use any apps that require Google Play Services. GrapheneOS does allow you to install play services sandboxed without any special system access (just like any other app). I've replaced a couple of apps that required those to FOSS alternatives without much hassle at all.
Install via WebUSB[0] was very simple and went without a hitch, and at the end of the day is basically just a normal Android experience, just much more secure and private by default.
0: https://grapheneos.org/install/web
The security posture of a dumb phone is even worse than a smartphone.
These devices were designed when security wasn’t even an afterthought, let alone a design decision, and they haven’t improved since then.
Then turn off everything you can in options on that phone, if you can root it, apk remove/freeze apps.
I de-googled, de-amazon'ed my phone, removed all accounts except google, and no longer use apps, i use a browser. (Except spotify/yt, because I listen to podcasts more than anything else.)
2FA on everything.
You'll likely need to deprogram your concept of "quality" to prioritize security and privacy over convenience, then give anything you try an honest chance. Remember, any frustration you might feel early on is just withdrawal from all of the non-volitional and anti-consumer patterns leaving your life.