Privacy Phones
By Dr David Maddison, VK3DSM
The modern smartphone can be very useful, allowing you to look up
information just about anywhere, navigate to unknown places, take
photos, watch videos, send and receive messages and more. It can also
let all sorts of entities track you, from megacompanies like Google, Meta
(Facebook), Microsoft and Apple to phone companies, the government &
even criminals. What can you do about that? Image source: Dan Nelson – siliconchip.au/link/abv2
O
ne of the things you can do is use
a ‘privacy phone’, a smartphone
designed to reduce the ability for third
parties to track you.
Note, though, that there’s no way of
stopping phone companies or the government from tracking you if you have
a mobile phone. Such devices are therefore mainly focused on preventing the
harvesting of your personal information by ‘big tech’ (generally regarded
as Google, Apple, Microsoft & Meta).
It is possible to buy a privacy phone
but you can also turn certain brands
and models of Android phones into a
privacy phone yourself.
Information that ‘big tech’ gathers
includes your location, how often and
when you visit such places, what you
search for, what videos you watch,
who your contacts are, the contents
of your text messages or emails and
any other information that may be
used to target you for particular types
of advertising or services, or to sell to
third parties for profit.
16
Silicon Chip
Some information they harvest
might also be passed onto the government in response to a warrant (or possibly without one, depending on their
ethics or lack thereof).
Have you ever used a popular
search engine to search for a product or service and then found yourself bombarded with advertisements
on social media, video platforms, or
other search results for that product?
It’s a commonly reported situation that
demonstrates how much information
is being collected.
Before we get to the phones and software that can improve your privacy,
let’s examine why that is a good idea.
It’s important for us to state that while
we do our best to make these articles
comprehensive, we cannot cover every
single edge case.
What information is collected
about you?
Just about any information entered
via your phone or computer is liable
Australia's electronics magazine
to be collected and used (or misused)
by third parties. Apart from the examples mentioned above, that includes
(but is not limited to):
● Name
● Email address
● Birth date
● Gender
● Phone number
● IP address(es)
● Places you visit
● Your interests, based on your web
history, search history and the content
of anything you post or even what is
included in private emails
● Your political & other affiliations
● Websites you visit
● Videos you watch
● People you engage with
● Device information such as type,
operating system (OS), type of browser
and other apps
● Cookies stored by your web
browser
● Which advertisements you watch
or ignore
siliconchip.com.au
Are privacy phones liable for misuse?
Any technology is open to abuse. Those with nefarious intentions certainly
might benefit from phones (and other devices) that limit monitoring and
eavesdropping. However, the main beneficiaries of privacy phones are
intended to be normal, regular people.
You don’t have to be an ‘interesting’ or high-profile person for your data to
be routinely vacuumed up and stored, to be possibly used or misused in the
future.
In this article, we discuss the types of information that might be collected
about you and what you can do to enhance your privacy.
● Which advertisements you click
on
● The contents of messages, chats
etc
Where is your private data
intercepted?
Your data can be intercepted on the
phone network, the web servers you
access, or via apps you use, such as
social media or search engines.
A mobile phone connects to the
world via two channels. One is the
telephone network (via a mobile phone
tower) for voice traffic and SMS (text
messages). The other is via the internet
(either via a tower or WiFi) – see Fig.1.
It is possible for data to be intercepted
over either network, although it more
commonly occurs on the internet.
Voice calls can be made over the
mobile or PSTN (publicly switched
telephone network) telephone network
or using VoIP (voice over internet protocol), an application of SIP (session
initiation protocol). The latter calls
are made via the internet and do not
require a mobile connection if WiFi is
available. A VoIP phone on a private
network can make calls to regular PSTN
numbers using a SIP trunk provider.
Big tech social media and search
engines log your activities, which is
probably the most common way your
data is harvested. Note also that anything you say in a video that’s posted
publicly (eg, on YouTube or Facebook) is also converted to text, which
can be read by humans or artificially
intelligent (AI) bots. Text in photos
you post can also be converted to text
and scanned.
Photos you post or store ‘in the
cloud’, or even those stored on your
mobile device, can also have facial recognition applied, and they can figure
out who the people are in your photos
and thus form associations between
you and others.
siliconchip.com.au
It isn’t just big tech that can intercept your data; state actors or malicious hackers can too. All phone call
and text message ‘metadata’, such as
who called whom, when, where, call
duration and other parameters, are
routinely collected. In Australia, it is
a government requirement.
The EU tried implementing similar data-gathering methods, but they
were not well-received. The following
11-year-old video on the topic drew
a lot of attention to phone privacy
issues. It is named “Malte Spitz: Your
phone company is watching” and can
be viewed at https://youtu.be/Gv7Y
0W0xmYQ
Why some apps are free
Nothing is truly free and phone
apps are no exception. Except for
open-source software, if an app is free,
that is probably because your data is
being collected and sold through the
app. Most private data that’s sold was
actually handed over willingly by the
subject, knowingly or unknowingly!
Most apps downloaded via the Google Play Store or Apple App Store
are required to show what data they
collect.
We do not deny that Google, Facebook and others offer valuable services. For many or even most people, the harvesting of your data is the
price you pay for the services provided; some even appreciate the targeted advertising that results. These
multi-billion-dollar companies have
to earn an income somehow.
Facebook
We are not singling out Facebook
but it is a widely used app that provides a good example of the sort of
information of interest to social media
businesses.
Facebook uses machine learning to
analyse your activities on Facebook
and generate ads based upon such
criteria as:
● What you have ‘liked’
● Which ads you have clicked on
● Your activities on Instagram
● Age, gender, location and the
devices you use to access Facebook
● Information that advertisers, their
partners and marketing partners share
with Facebook that they already have,
like your email address and your activity on websites and apps off of Facebook
If you wonder why you saw a particular ad on Facebook, you can click
on the three dots and click on “Why
am I seeing this ad?” to see why Facebook targeted it at you. For further
information on this, see siliconchip.
au/link/abv1
Facebook also analyses the content of your photos. For every photo
a user uploads, it is said they identify
people, objects, background scenes,
the moods of people and their postures, animals (see Fig.2), location
such as inside/outside, the geographic
Fig.1: the basic configuration of a mobile (cellular) communications
network. Original source: https://doi.org/10.3390/s23010352 (CC-BY-4.0).
Australia's electronics magazine
June 2024 17
Fig.2: examples of Facebook AI recognising animals in photos. Source: www.
digitaltrends.com/web/facebook-ai-image-recognition/
location, activities such as relaxing by
the pool. They store all the detected
characteristics in an associated file
(see siliconchip.au/link/abud).
Facebook also uses its DeepFace
facial recognition engine (Fig.3),
which is said to be more accurate than
the FBI’s. It can be used to tag friends in
photos and can also detect if someone
has stolen your profile photo, among
other uses.
Facebook uses AI to detect and
delete inappropriate photos; they say
they don’t use the phone’s microphone
or text messages to generate ads.
Facebook marketing tools allow the
promotion of products according to:
● Region or population density
● Age, gender, marital status, family status and occupation
● Brand loyalty or user status
● Social status (eg, lower, middle
or upper class)
● Interests, according to keywords
used in searches
● Interests that intersect with the
common pursuits of a chosen group
That indicates the level of information being collected (see siliconchip.
au/link/abus). Creating a social network map can also be valuable for marketers (see siliconchip.au/link/abuz).
Google
Again, we are not singling out any
one company, but Google’s business
model is based on harvesting data
from users and selling it to advertisers. Google (and others) also harvest
location data via SUPL (Secure User
Plane Location) – see siliconchip.au/
link/abur
Does big tech listen in on you
for marketing purposes?
Fig.3: Facebook’s DeepFace image recognition engine is said to be more accurate
than the FBI’s. Source: www.facebook.com/photo?fbid=689135484598987
18
Silicon Chip
Australia's electronics magazine
Facebook and Instagram write: “We
understand that sometimes ads can
be so specific, it seems like we must
be listening to your conversations
through your microphone, but we’re
not. We only use your microphone if
you’ve given us permission and are
actively using a feature that requires
the microphone.”
If you use Google Assistant, your
phone is always listening and waiting
for commands. However, Google says
it does not listen to conversations to
generate targeted advertisements.
The Amazon Alexa is an example
of a device that did use recordings to
generate targeted adverts: siliconchip.
au/link/abv0
siliconchip.com.au
This is a contentious issue. Some
people do not believe these denials.
Others believe them and say that these
companies know so much about you
that their accurate predictive advertising makes it seem like you are being
listened to.
Apple
While they have been criticised for
various reasons (including by us in the
past), Apple has pretty good privacy
protections.
They do not sell your data to advertisers, although they may use it internally. They offer end-to-end encryption on cloud services, do not embed
trackers in third-party websites like
Google, tracking between apps is
‘opt-in’, and they have many other
privacy and security features (see
siliconchip.au/link/abut).
On the other hand, Apple’s phones
are more expensive than many Android
phones, and it seems they want you to
replace them as often as possible (eg, by
locking you into using their expensive
replacement parts, including batteries).
An iPhone can be de-Googled if you
change the default browser to Safari
and choose a privacy-focused search
engine. If you use any app that uses
Google for advertising, you will be
connected to Google, although you can
select “Ask App Not to Track”.
Apple provides information about
privacy and location services in
iOS, iPadOS and watchOS at https://
support.apple.com/en-au/102515
For maximum privacy on Apple
phones, it is important that you turn
off settings that may compromise your
privacy.
Apple maintains that they have
no ‘backdoor’ to decrypt data on an
iPhone, not even in cases of national
security:
Apple has never created a backdoor
or master key to any of our products or
services. We have also never allowed
any government direct access to Apple
servers. And we never will – www.
apple.com/privacy/governmentinformation-requests/
Security expert Rob Braxman has
an alternative viewpoint. He says
that Apple’s use of AI and ‘client-side
scanning’ can reveal the contents of a
phone before encryption. For example, a description of the content of
certain photos might be generated by
the phone, such as a person matching
a particular description.
siliconchip.com.au
How much does privacy matter (to you)?
Some people may be unconcerned with privacy issues and do not want a
privacy phone or enhanced privacy on an ordinary phone. Everyone has their
own opinion on such matters. After all, some people keep their windows
covered at all times, while others leave the blinds open, even at night.
Edward Snowden said, “Arguing that you don’t care about the right to
privacy because you have nothing to hide is no different than saying you
don’t care about free speech because you have nothing to say”.
Most philosophers consider privacy a basic human right in a free
society. Article 12 of the United Nations’ Universal Declaration of Human
Rights states, “No one shall be subjected to arbitrary interference with his
privacy...”.
Even if you aren’t concerned about what big tech is doing with the data
they gather on you, consider what would happen if they are hacked and the
data makes its way onto the ‘dark web’ (as seems to happen often). The
people who ultimately get a hold of that data may not have the best ethics
or morals...
In theory, that could be passed onto
authorities, not necessarily benign
ones, in the case of a dictatorial country. For more on this theory, see his
video titled “Apple Now Has a Backdoor to Bypass Encryption!” at https://
youtu.be/Mg4HWEdar2Q
Also see his video channels at:
• www.youtube.com/<at>
robbraxmantech
• https://odysee.com/<at>
RobBraxmanTech:6
• rumble.com/c/robbraxman
Location tracking
Your location is a valuable commodity to marketers. ‘Geofence marketing’ or geomarketing is a type of
location-based marketing that targets
consumers once they enter a particular
geographically defined area (see Fig.4).
You could receive advertisements via
SMS, push notifications, Facebook
advertisements or other advertisements describing promotions on offer
in the area they have entered.
The user’s location is tracked via
a phone’s GPS, WiFi, Bluetooth or
RFID. The consumer would (possibly
unknowingly) have given permission
for their location to be shared by various apps they use.
Even after you have left a geofenced
area, you may continue to receive
advertisements because you have
shown an interest in that area. This
period may be up to 30 days (as per
siliconchip.au/link/abuu).
Google offers its customers a
Geofencing API (application programming interface) to assist marketers in
tracking customers.
With a non-privacy phone, you are
liable to give away location data that
Fig.4: an example of geofence marketing by Propellant Media. Source: https://
propellant.media/geofencing-marketing-company-providers/
Australia's electronics magazine
June 2024 19
Avoiding telemarketing calls and scams
One way to enhance your privacy is to prevent telemarketers, scammers and
others from getting your phone number. For some advice on how to achieve
that, see www.acma.gov.au/make-your-phone-number-more-private
can be used for marketing. Even if
you turn location tracking off, your
device can still be tracked by its IP
address unless you use a VPN. If you
use aeroplane mode, you can avoid
being tracked, but you will also be
unable to make or receive calls or
use apps.
In the USA, the FBI used geofencing
to identify alleged rioters. Geofencing
can also send notifications if a child
with a device leaves a designated area.
It can be used by home automation
systems to turn appliances on or off
when you arrive at home or leave. Certain car manufacturers such as BMW,
Mercedes, Tesla and VW use geofencing to send the owner an alert if the
car is moved.
For more details, watch Naomi
Brockwell’s video titled “You’re
LEAKING Your LOCATION!” at
https://youtu.be/A9DPDE0FZeQ
reading, activities such as being at a
gym or based on the videos you have
been watching.
Predictive advertising
Privacy-respecting search engines
● Brave Search: https://search.
brave.com/
● Disconnect Search: https://search.
disconnect.me/
● DuckDuckGo: https://duckduckgo.
com/
● Gibiru: https://gibiru.com
● MetaGer: https://metager.org
Google and Facebook generate ads
according to your search history,
browsing history and profile. They
use machine learning to ‘know’ more
about you the more you use the platforms by observing your behaviour
and travels. They can target advertisements depending on what you are
Enhancing your privacy
Many people are fine with big tech
collecting information about them, but
what can you do if you don’t want to
become a ‘data mine’?
The main things you can do are to
stop using certain apps, use a phone
where the ability to harvest your data
has been removed at the operating
system level (a privacy phone) and
use a VPN.
Stop using certain apps
Privacy experts say that the first step
to privacy is to stop using Google services, any apps that use Google advertising services and Facebook. It is also
essential to use privacy-focused search
engines, email and browser apps.
Fig.5: features of the privacy-focused Proton Mail service.
20
Silicon Chip
Australia's electronics magazine
● Mojeek: www.mojeek.com
● Qwant: www.qwant.com
● searX: https://searx.thegpm.org
● Startpage: www.startpage.com
● Swisscows: https://swisscows.
com/en
Be aware that search results from big
tech search engines like Google typically have built-in biases and rank the
search results accordingly, not necessarily in terms of the truth of answers
(eg, they will put advertisers at the top
of the results, even if they are less relevant to your search terms).
Privacy-respecting email services
● ProtonMail: https://proton.me/
mail (free for small users; see Fig.5)
● Tuta: https://tuta.com (also free
for small users)
● Posteo: https://posteo.de/en
● Private-Mail: https://privatemail.
com
● StartMail: www.startmail.com
● CounterMail: https://countermail.
com
Note that if you send an email from
one of these services to, say, Gmail,
Google will still know its contents.
Privacy-respecting browsers
Some browsers, especially popular
ones like Chrome, send information
to websites you visit, including what
hardware you use – see Fig.6. Cookies are downloaded by your browser
when you visit a website. Notionally,
they store preferences, login details
etc, but they can also be used to track
you across websites. Some browsers
have settings to block ‘tracking cookies’ or will do it by default.
Apple’s Safari browser (www.
apple.com/au/safari/) is considered
a privacy-focused browser, but it is
closed source and no longer available
on Windows.
Brave browser (https://brave.com/)
is the best, according to Naomi Brockwell (www.youtube.com/<at>Naomi
BrockwellTV & https://odysee.com/<at>
NaomiBrockwell:4). You can watch
her video titled “ESSENTIAL Privacy
Tools” at https://youtu.be/V6yu0JN
NtRw
Firefox (www.mozilla.org/en-US/
firefox/new/) has features like cookie
blocking, privacy extensions and settings, including a “Facebook container” to make it harder for Facebook
to track users.
There is also Tor (www.torproject.
org), but it is slower than most normal
siliconchip.com.au
browsers. There are also many variants
of existing browsers like Ungoogled
Chromium, GNU IceCat etc.
Privacy-respecting messaging apps
Signal (https://signal.org) is regarded
as a private and secure free messaging
app. Alternatives include Telegram.
Using a privacy phone
The general consensus among privacy experts is that you should use
a ‘de-Googled’ (privacy) phone and
apps. They also say not to use social
media apps; after all, the purpose of
social media apps is to publicise you,
not keep you private.
A ‘de-Googled’ phone is usually an
Android phone with Google services
removed. The Android operating system was developed by Google and is
based on Linux. It is available in two
versions: the free and open-source
Android Open Source Project (AOSP),
or the non-open source version built
into most phones, containing closedsource code such as Google Mobile
Services.
Google Mobile Services includes
Google Search, Chrome, YouTube,
Google Play, Google Drive, Gmail,
Google Meet, Google Maps, Google
Photos, Google TV, YouTube Music
and Firebase Cloud Messaging. All of
these apps are removed from privacy
phones.
Not all Android phones can be
de-Googled. You need a phone where
the existing operating system can be
replaced with a non-Google version of
Android. We will discuss that shortly.
Fig.6: a comparison of web browser privacy features using the default settings.
Source: https://brave.com
Using a VPN
Privacy phones
A VPN (virtual private network)
is a service through which you route
your data instead of via your own ISP
(internet service provider). Your data
passes through an encrypted tunnel
to the VPN server, so its contents are
kept secret. It is then decrypted and
routed through the internet from their
end, then routed back to you through
the same encrypted tunnel.
VPNs are often used as a privacy
measure as they obscure the source
of the internet traffic. They can also
allow you to access ‘geo-blocked’ content, like videos, that can’t be accessed
from your country.
Some people seem to think that
using a VPN ensures your privacy, but
really, it’s only a small part of the puzzle. VPNs have to be chosen well, as
Some phones are manufactured as
privacy phones, while others are standard phones with a new OS installed.
One solution adopted by many
users who want privacy is to use a
‘dumb phone’, much like the original mobile phones. One downside
of not owning a smartphone is that
it makes certain transactions impossible. For example, many shows or
events now require the presentation of
an electronic ticket. No paper ticket is
offered, so you must possess a smartphone for entry.
Your old dumb phone is not likely
to be usable now as it probably used
1G, 2G (GSM) or 3G have limited or
no support now. Examples of dumb
phones that support 4G or 5G and are
available for purchase in Australia
siliconchip.com.au
stated by Naomi Brockwell. She suggests using a Swiss-based VPN like
ProtonVPN as they have strong privacy laws. Her video titled “The DARK
side of VPNs” can be viewed at https://
youtu.be/8MHBMdTBlok
Also see siliconchip.au/link/abux
(PDF) and siliconchip.au/link/abuy
(how to bypass geo-blocking for online
shopping and streaming by Choice).
Mullvad VPN (https://mullvad.
net) can also be a good choice due to
not requiring any details to make an
account and being payable in cash.
Australia's electronics magazine
are the Nokia 8210 4G (Fig.7), Nokia
105 4G; Nokia 2660/2720/5710, Cat
S22 Flip, Opel Mobile Lite (and similar models), Aspera F46/F48/R40 and
Uniwa V202T.
Purpose-built privacy smartphones
Some phones that are purpose-built
with privacy in mind include:
● The Bittium Tough Mobile 2C
(Fig.8, siliconchip.au/link/abue) has
Android 11 (the latest version is 14)
with enhanced security, with or without Google Mobile Services, and data is
strongly encrypted. It has a backup battery, so tampering
can be detected
even with a
flat main battery, including
Fig.7: the
Nokia 8210 4G
‘dumb phone’.
This classic
design has
been updated
to support
4G networks.
Source:
https://w.
wiki/9qRW
(CC-BY-SA 4.0).
June 2024 21
physical intrusion. The microphones,
Bluetooth and camera can be disabled
with a button press.
● The ClearPHONE (Fig.9, www.
clearunited.com) runs the de-Googled
ClearOS, based on Android 10 but with
a private key. There is more information in this video: siliconchip.au/
link/abuf
● The KryptAll K iPhone (Fig.10,
www.kryptall.com) strongly encrypts
voice calls and is said to be used by
heads of state. It appears to be an Apple
iPhone with modified firmware.
● The Purism Liberty Phone (Fig.11,
https://puri.sm/) runs the de-Googled
PureOS. They also make privacy-
focused tablets and portable computers.
● The Murena 2 (Fig.12, siliconchip.
au/link/abug) is a privacy smartphone
that uses the de-Googled /e/OS. They
write, “Murena aims to free people
from the Big Tech control over our
personal data.”
● Punkt (Fig.13, www.punkt.ch/
en/) makes the MP02, a “minimalist
phone” reminiscent of a dumb phone.
However, it can share a data connection with a laptop or other device and
make encrypted VoIP voice calls using
the Signal protocol. They also make
the MC02 “smarter phone” (Fig.14),
which resembles a traditional smartphone and uses the de-Googled Apostrophy OS or AphyOS.
● The UP Phone (Fig.15, www.
unplugged.com) runs a proprietary
version of the de-Googled LibertOS.
It is to be released in May 2024. They
write, “The company is on a mission
to stem the tide against Big Tech and
Big Government, by making privacy
accessible and convenient for everyone”.
Phones that can be turned into
privacy phones
While we know it is challenging
to modify iPhones, many Android
phones also cannot be easily altered.
Generally, to make a phone into a privacy phone, it must have an unlocked
bootloader. Some phone brands with
that capability are easier to modify
than others; see the list at https://w.
wiki/9qQk
Surprisingly, Pixel phones from
Google are said to be the best for
installing custom privacy-focused
Android OSs, a process known as
installing a custom ROM.
Which phones can be de-Googled
also depends on the version of the
privacy OS that is to be used. Each
operating system has a website with a
list of compatible phones (see below).
Buying a de-Googled phone
If you don’t want to be involved in
the (possibly) challenging process of
installing custom firmware on a phone,
many companies sell new phones,
such as the Pixel, with the process
already done for you (see Fig.16).
If you are interested in that, try
searching for “privacy phones Australia” (without quotes) via DuckDuckGo
or Google. Three we found (but have
not purchased from) are:
• aussecurityproducts.com.au
• privacyphone.com.au
• threecats.com.au
Privacy Android OSs
Here are some options to consider if
Fig.15:
the UP
Phone runs
a proprietary
version of
LibertOS.
you want to reflash your phone with
a privacy OS.
Before making any changes, make
sure you research the consequences of
doing so and back up all your important data beforehand! If something goes
wrong when reflashing your OS, it may
be possible to ‘brick’ your device. If
that concerns you, buying a pre-made
device is probably a better option.
The following are all open-source
and free to use:
● CalyxOS (https://calyxos.org)
supports some Fairphone, Pixel and
Motorola phones. It is open-source
and free.
● Divestos (https://divestos.org)
supports many devices; see https://
divestos.org/pages/devices
● /e/OS (https://e.foundation/eosphone-welcome) is a fork of LineageOS. It supports some Gigaset, Fairphone, Samsung, Pixel, OnePlus and
Teracube phones.
● GrapheneOS (https://grapheneos.
org) only officially supports Google
Pixel devices.
Figs.8-12 (from left-to-right): the Bittium Tough Mobile 2C privacy phone runs Android 11 with enhanced security; the
ClearPHONE runs ClearOS, which is based on Android 10; the KryptAll K iPhone is unusual in that it appears to be an
Apple iPhone with its firmware modified to improve privacy and security; the Purism Liberty Phone runs PureOS, which
is based on Linux (Android is as well); the Murena 2 runs /e/OS, a fork of LineageOS which, in turn, is based on Android.
22
Silicon Chip
Australia's electronics magazine
siliconchip.com.au
Fig.16: a deGoogled Pixel
phone with
Proton and
other privacyrespecting apps.
Source: https://
threecats.com.au/
degoogled-pixelgrapheneos-userguide
Fig.17: a screen
grab of the Magic
Earth mapping
and navigation
software.
● Iodé (https://iode.tech/iodeos-en)
is a fork of LineageOS. It supports a
variety of phones.
● LineageOS (https://lineageos.org)
is based on Android and supports
a large number of devices, not just
phones; see https://wiki.lineageos.
org/devices/
● PureOS (https://pureos.net) is a
version of Linux, not Android
● Sailfish OS (https://sailfishos.org)
is Linux-based and has some closedsource, non-free components
● Silent OS (siliconchip.au/link/
abui) is an Android-based OS that
appears to be for enterprise users, but
we could find little information on it.
● Ubuntu Touch (https://ubuntutouch.io) is a mobile version of Linux.
It supports various devices, including
some phones – see https://ubports.
com/nl/supported-products
The following are not open-source
nor free:
● Apostrophy OS (or AphyOS) is
based on GrapheneOS; the only phone
that uses it is the Punkt.
● CopperheadOS (https://copper
head.co/android/) supports Google
Pixel devices.
Fig.13: the Punkt MP02 is similar to a
dumb phone, but it can communicate
with a portable computer and make
encrypted VoIP voice calls via Signal.
Fig.14: also from Punkt, the
MC02 “smarter phone” is a
smartphone that runs Apostrophy
OS.
siliconchip.com.au
Australia's electronics magazine
Using a de-Googled phone
The phone service is not affected
in a de-Googled phone but no Google
apps will be provided. You will still
be able to use Google search via a web
browser, or you can use the alternative search engines mentioned earlier.
To replace the missing Google apps,
you can use:
● Newpipe (https://newpipe.net) is
an open-source client that can be used
to watch YouTube videos, although
you cannot upload videos or comment
on them. It also supports certain other
streaming platforms
● K-9 Mail (https://k9mail.app) is
an open-source email client that can
read Gmail emails or other services.
● Nextcloud (https://nextcloud.
com) is an open-source content collaboration platform that can be used as a
substitute for Google Drive, Contacts,
Calendar, Photos etc.
● Google Maps can be used in a
browser window, but it does not work
as well as the app.
● GmapsWV (siliconchip.au/link/
abuj) loads the Google Maps web page
in a WebView and doesn’t need any
Google services on your phone.
● OpenStreetMap (www.open
streetmap.org) uses crowd-sourced
maps stored in your phone.
● Organic Maps (https://organic
maps.app) also uses OpenStreetMap
maps.
● Another option for mapping is
Magic Earth (see Fig.17).
Gmail and YouTube can still be
used via a browser without an app on
a de-Googled phone, although some
other apps no longer allow a browser
option. Waze works on a de-Googled
phone.
App stores
Google Play Store is not present on
de-Googled phones but Android apps
do not have to be downloaded from
Google. Alternative app stores like
June 2024 23
: the privacy phone that was a trap
We covered this story in our December 2021 article on “Big Brother Is
Tracking You!” (siliconchip.au/Series/373), but it’s so relevant that we
thought we’d mention it again.
In 2021, an international consortium of police, including the FBI, European
police agencies and the Australian Federal Police (AFP), arrested over 800
criminals in 16 countries in a sting. They managed to sell them supposedly
anonymised phones with the encrypted “Anom” app.
The phones and app were specifically marketed toward criminals and
only criminals could buy the phones and app which required approval from
other criminals. Anom was like a criminal version of WhatsApp. The app
was written by Australian police and the FBI, enabling police to monitor and
target organised crime, drug trafficking and money laundering activities
worldwide.
The criminals did not know that every single one of their messages on
the app was fed back to law enforcement officials. The FBI’s name for the
operation was Operation Trojan Shield, while Australian law enforcement
called it Special Operation Ironside. About 50 such phones were sold in
Australia, and 224 people were arrested. For more on Anom, see siliconchip.
au/link/abuv and siliconchip.au/link/abuw
F-Droid host privacy-focused apps,
although they only have about 4,000
apps compared to Google’s 3.5 million.
Perhaps 90% of Google apps can
still be installed on a de-Googled
phone. The Aurora Store acts as a
proxy for the Google Play Store and
allows you to obtain certain apps without the Play Store.
MicroG is an open-source implementation of various proprietary Google libraries that allows some Google
apps to work on a de-Googled phone
while maintaining privacy. Some
apps (perhaps 10%) will not work
because they rely on external “Firebase” Google services. Apps that
require payment, like Uber, will not
work, although bookings can be made
via their website (https://m.uber.com).
De-Googled phones are reported to
have dramatically improved battery
life (as much as double!) because the
phone is not constantly waking up and
uploading and downloading data to
and from Google, Facebook etc.
identification. They discard or destroy
them after use. In Australia, there are
identification requirements for buying
a SIM card, but that doesn’t completely
prevent misuse.
Phone calls made and received, SMS
texts and data usage are logged when
a phone is connected to the network.
The Australian government mandates
that such ‘metadata’ records must be
kept for at least two years (siliconchip.
au/link/abuk).
Call eavesdropping & spoofing
Early mobile phones’ 2G and 3G
connectivity to the PSTN relied upon a
signalling protocol known as SS7 (see
Fig.18), which was developed in 1975
and introduced in 1984. It was adopted
as an international standard in 1988.
SS7 implements call setup and routing, call forwarding, automated voicemail, call waiting, conference calling,
caller ID subscriber authentication
and extended billing, toll-free calls,
premium charged calls, SMS, roaming and tracking. SS7 has an associated internet protocol suite called
SIGTRAN (Signal Transport). SS7 has
security weaknesses that allow:
Attackers to interconnect with the
network for surveillance, location
tracking and interception of short
messaging system (SMS) codes for
two-factor authentication ... Voice
calls can also be intercepted via SS7
attacks, which ... are tricky to block –
siliconchip.au/link/abul
SS7 is vulnerable because it is based
on trust, not user authentication. Anyone with access to a server or gateway
can send a location or redirect request
to a telco, and if they believe it to be
legitimate, they will follow it. It is said
to be difficult to distinguish a legitimate request from a hostile one.
4G & 5G use an improved signalling
protocol called Diameter (see Fig.19),
built on SS7 but with enhanced protections. However, it is still considered
vulnerable. Unlike SS7, it is purely IP
(Internet Protocol) based.
There is little a phone user can do
to avoid their calls being intercepted
by attacks via SS7 or Diameter. Even
though 4G and 5G calls are encrypted
by the phone, the encryption key can
be intercepted by an SS7 attacker. SMS
short messages are sent unencrypted.
What privacy phones won’t do
Each phone has a unique identifier
linked to the account holder, and any
phone connected to a cellular communications network can be tracked
via mobile phone tower triangulation.
The phone location can be established
within about 150-300m in urban areas,
regardless of what phone functions are
used. Even turning the phone off might
not keep you from being tracked!
Criminals use ‘burner phones’ that
were stolen or purchased with false
Fig.18: the architecture of the SS7 mobile phone communications network.
The database keeps track of mobile phones on the network. Original source:
www.techtarget.com/searchnetworking/definition/Signaling-System-7
24
Australia's electronics magazine
Silicon Chip
siliconchip.com.au
Fig.19: how the proposed trueCall CIV (Caller ID Verification) system integrates into the modern heterogeneous
communications network. SIP (session initiation protocol) is for voice, video and messaging, while VoIP is voice
over IP. Original source: www.researchgate.net/figure/CIV-for-heterogeneous-telecommunication-networks_
fig2_371506513 (CC-BY-4.0).
The Pico Gamer
A PicoMite powered
‘retro’ game console
packed with nine
games including
three inspired by
Pac-Man, Space
Invaders and Tetris.
With its inbuilt
rechargeable
battery and colour
3.2-inch LCD
screen, it will keep
you entertained for
many hours.
SC6912 | $125 + post | complete kit with white resin case shown*
Other Items for this project
SC6911 | $85 + post | complete kit without any case*
SC6913 | $140 + post | complete kit with a dark grey resin case*
* LiPo battery is not included
SC6909 | $10 + post | Pico Gamer PCB*
See the article in the April 2024 issue for more details: siliconchip.au/Article/16207
The only practical measure to avoid
eavesdropping is to make encrypted
VOIP calls or use an encrypted messaging app (see siliconchip.au/link/abum
& siliconchip.au/link/abun).
In Australia, it is illegal for government agencies to record your voice
calls without a valid court order. However, Australia is a member of the “Five
Eyes” (Australia, Canada, New Zealand, UK & USA) ECHELON program
(see https://w.wiki/9qSX), which monitors voice calls, emails and internet
traffic for specific keywords of interest
to intelligence agencies.
Caller ID spoofing
Callers can fake the number they
are calling from, making it seem
like they come from a legitimate
number like a bank. STIR/SHAKEN
(https://w.wiki/9hz$) is a set of protocols intended to combat such spoofing. However, they only work with
IP-based systems like SIP (VoIP) and
cannot be scaled globally.
CIV is an alternative proposed
system that also protects SS7 and
Diameter-
c onnected phones (see
Fig.19 & siliconchip.au/link/abuo).
IMEI and IMSI numbers
The IMEI (international mobile
equipment identity) number is a
unique identifier allocated to each
phone and printed somewhere on the
phone or displayed on the screen. It
can be changed for legitimate reasons,
although that is not legal in some jurisdictions, as the IMEI can be used to
block stolen phones.
Phones without physical SIM cards
have an IMSI (international mobile
subscriber identity) number that
works similarly, although it can move
between devices.
The IMEI is not authenticated and
can be spoofed by criminals to clone
phones. It should therefore be kept
confidential to prevent misuse. If selling a phone, it has been suggested to
only give the buyer the IMEI number after purchase as criminals have
masqueraded as buyers to get an IMEI
number, after which the seller loses
the ability to use the phone.
mobile phone towers and trick phones
within range to connect to them rather
than legitimate towers.
They can log the presence of people in certain areas by recording their
phone IMSI number, call metadata, the
content of SMS messages and voice
calls and data usage such as websites
visited. They are used by law enforcement agencies as well as some criminals.
Hackers are known to have used a
fake mobile phone tower to send an
SMS to users with a link convincing
them to download banking malware
onto Android phones (see siliconchip.
au/link/abup).
Tracking a powered-off phone
Firstly, when a phone is “off”, the
baseband processor (inside the radio
chip) may still be active. It draws very
little power in listening mode and
can be remotely commanded to wake
up the phone and do other things; in
some cases, it can even enable the
microphone!
Then there is ultra-wideband (UWB)
tracking. UWB is a low-energy, shortrange, high-bandwidth radio technology that can be used for precise device
location. Radio signals are generated
as pulses sent over a wide bandwidth
at specific time shifts compared to a
clock signal, with the time shift encoding information according to a predetermined coding scheme.
The high bandwidth (>500MHz)
allows the transmission of a large
amount of energy while keeping
within the regulatory limits of output power.
The modulation technique is known
as pulse position modulation (PPM),
with clock-independent variations,
such as differential pulse position
modulation (DPPM; see Fig.20). This
is in contrast to conventional digital
radio, where the frequency, phase or
a combination of both are varied over
a small bandwidth to transmit information.
UWB uses several techniques to
establish location, such as time-offlight, time difference of arrival and
two-way ranging. We will cover these
in more detail in a later article.
Phones and devices with a UWB
chip include iPhones since the 11,
Apple Watch since Series 6, Apple
AirTags, Samsung Note 20 Ultra, Galaxy S21+, Galaxy S21 Ultra, Galaxy
SmarTag+ and Xiaomi MIX 4.
Chips in these devices can precisely
locate other devices at short distances.
The accuracy is around 10-50cm at a
range of up to 200m using frequencies of 3.1-10.6GHz and data rates up
to 27Mbps (see siliconchip.au/link/
abuq). The FiRa Consortium (www.
firaconsortium.org) promotes interoperability of Ultra Wideband devices.
Apple devices use the U1 ultra-wideband chip that is always powered even
when the phone is ‘off’, as long as the
battery is not completely flat.
Incidentally, UWB technology is
used in the US NFL football league
to track the movement of players on
SC
the field.
Fake mobile phone towers
The Stingray was a product of Harris Corporation (now L3Harris Technologies) that has become a generic
term. It refers to devices, also known
as IMSI catchers, that masquerade as
26
Silicon Chip
Fig.20: the Pulse Position Modulation (PPM) scheme. A clock-independent
variation is Differential PPM or D-PPM. Original source: www.pcbheaven.com/
wikipages/Pulse_Position_Modulation/
Australia's electronics magazine
siliconchip.com.au
