The 8232 Project
“Unjust laws only burden the just, as the lawless will not heed them.” - 8232
- 39 Posts
- 271 Comments
If anything, I love GrapheneOS for its “Network” permission toggle. It’s nice knowing that my keyboard (or any other unnecessary apps) can’t phone home.
First off, if you’re concerned about phone privacy, consider a custom OS for your phone that respects privacy such as GrapheneOS.
It’s easy to figure out that your device isn’t listening to a constant audio stream 24/7, since that would drain battery and send a lot of noticeable data over the network. However, it is entirely possible to listen for certain keywords as you mentioned, and send them encrypted with another seemingly legitimate packet. There’s no way to be 100% certain, but it is possible in theory without draining too much battery.
The steps you took are good, making sure that apps don’t have any permissions they don’t need. Privacy is a spectrum, so it’s not “all or nothing”. As I mentioned before, if you’re seriously concerned about mobile privacy and want a solution, you can get a custom operating system that can remove any privacy invasive elements. GrapheneOS also allows you to disable the camera and microphone system-wide (although this functionality is present on some other Android builds).
If it eases you any, a lot of these advertisements happen to be coincidence and trigger confirmation bias. It could be that those ads happened to show up by coincidence, or that advertisers managed predicted your interests, or that you got tracked by some other means while downloading the movie. The possibilities are nearly endless.
16·1 day agoThis depends on what you’re trying to defend against. In my opinion (on GrapheneOS):
- “Accessibility” permission (i.e. full control of the device)
- “Network” permission
- “Modify system settings” permission
- “Install unknown apps” permission
- Any permission that allows apps to communicate with one another (such as a reduced sandbox, file permission, or app communication scopes)
Those are the only permissions that I can think of off the top of my head that could potentially allow an app to phone home. Turning off Wi-Fi for the device does little if the app also has the “Wi-Fi control” permission.
Having worked in penetration testing before, one tool I used to query SQL databases represented unknown characters as an underscore (
_) before the character gets brute forced.Bonus story: I used to set the hostname for my phone as a transparent character, so it wouldn’t visibly show up if someone ever did a network scan. I accidentally fooled myself with this while doing a network scan, and got frustrated why the “mystery device” wouldn’t load a hostname.
A password with 300 bits of entropy would take 1.288×10^(-138) seconds to crack with the Planck Cruncher :)
Is it relevant, or was it just a neat extra to add?
Just a neat extra. Most passwords are represented in bits of entropy in this context, and I discovered while researching that the proper unit is a shannon.
I may make a writeup about this, considering a password with all possible Unicode characters instead of just the printable ASCII characters.
I have a friend who absolutely hates that I only focus on theoretical problems, rather than physical problems. Oh well, I’ll be laughing when the Planck Cruncher breeches his accounts :)
The Planck Cruncher has refused to comment about this. ;)
1024 bit. The exact number is about 3.6019×10^72 years, which is orders higher than a vigintillion.
I did consider this while writing this, but I decided to keep it simple. I’m not sure how quantum physics would behave when we’re discussing a computer that can already calculate at Planck “speed”.
One could argue the same about the Tor Project, which has made their own version of Firefox.
It also depends on your layering, or lack of. It’s the complexity issue you ran into.
It leads me to, in the future, simply tell people to know how to stay safe no matter what they use. Perfect security is just as hard as perfect privacy.
Great post by the way.
Thank you! I hope that maybe one day the debate will get a proper resolution. I’m disappointed I couldn’t be the one to provide that.
It depends on what you’re defending against. Both hackers and surveillance can happen behind the scenes, so while no data loss or noticeable breaches happened, that doesn’t mean that nothing happened.
For PDFs I simply use GrapheneOS’s PDF reader, I don’t have any other recommendations in terms of other PDF readers.
I currently started using Moon+ Reader, which is proprietary, simply because I could not find any good open source alternative that matches the quality. It might be able to handle PDFs.
Think of your fed as a guardian angel. That works for the government. And no intentions to guard you. Or any good intentions at all.
I was about to make a pull request to expand the list to the top 109 websites, but the developer blocked me from all interactions because I “spammed too many issues” (I opened 5 and they were all legitimate). Buggy software gets multiple bug reports, what a surprise… The software (or at least the idea) has a lot of potential, but a lot of work and care needs to be put into it.
After getting the crash issue resolved (it is now fixed), I tested this to see how it behaves by using PCAPdroid. I also attempted to decrypt the traffic, to see what it sends.
This is the traffic analysis:
Type Port IP version Size Status DNS 53 IPv4 Random >120 B Closed (Good) TLS 443 IPv6 120 B Unreachable HTTPS 443 IPv4 Usually 2.4 KB Error (Did not trust my decryption certificate) It sends to a random list of hosts, all of which are listed here:
After digging through the code, here is the file with a list of hosts. It also seems to randomly generate user agents, which is good.
The developer blocked me from opening issues on all of his projects.
I’m going to parrot what people in the GrapheneOS community would say: “The most secure place to get apps from is Accrescent. If an app isn’t available there, the next best place is the Play Store itself with an anonymous Google account.” Some bother to add that Obtainium+AppVerifier can be used if it isn’t available for either of those methods. Anyways, they’re very stingy about where they get their apps from.
Here is my take: Despite claims of F-Droid and Aurora Store having security issues, I don’t care. It’s based on your threat model and personal preference. Google may soon be forced to open up Play Store apps to more third parties, so more secure methods of getting them may crop up in the future. You’ll really never have a 100% private way to get apps, that’s the unfortunate reality of how things are. If your threat model is against Google and supply chain attacks, those limit your options down to some less-than-convenient methods. If you do decide to use AppVerifier, do note that you only need to verify the hash once and you’re good for the rest of your phone’s life.
I know, but since we’re referring to permissions here, I wanted to refer to each of them by the permission names.