SoylentNews is people
SoylentNews
Phones can only last so long and my admittedly ancient BlackBerry Curve took one-too-many tumbles and now needs to be replaced. Thanks to recent changes in the cell-phone market, I'm looking to purchase a phone, outright, and get a month-to-month plan for it.
I am very privacy conscious and have, so far, avoided Apple (walled garden - blegh) or Android (tell Google everything). I suspect there are fellow Soylentils who hold a similar perspective. (My current cell provider is US Cellular. I'm open to change, but would like to avoid AT&T and Verizon --- have heard too many horror stories.)
Background: I've been programming computers since the 1970s. I've tried using Apple products, but it seems they are user-friendly to the extent that you want to do what they have already decided is okay. They seem to expose a bare minimum of controls to allow customization. That would frustrate me to no end.
So, that leaves me with Android as the other major alternative. I am leery about giving any more info to Google than necessary -- given a choice, I regularly choose an alternative over a Google product (i.e. DuckDuckGo for search, openstreetmap, etc.)
My thoughts, at the moment, are to get a phone and load cyanogenmod on it. I've read good things about the privacy capabilities it provides; especially fine-grained allow/deny access permissions. Added bonus is ability to apply updates more frequently than a telco-branded phone would provide. I have no experience with rooting/flashing a phone, so I need this process to be as idiot-proof as possible. Also, I'm leery of getting a phone only to see support for it dropped shortly thereafter.
[Continues...]
Must-have: SOLID cellular reception (my apartment seems to have plaster walls - the BB still got great reception), removable battery, removable storage (micro-SD card), WiFi, LTE (USA), good camera, and fine-grained permissions control.
Nice-to-have: hardware keyboard, tethering (i.e. use my phone to get an internet connection that I'd share with my laptop), FM Radio.
REALLY nice to have: Ability to bring up a terminal window and have full CLI ability (e.g. bash) where I could edit/run custom scripts/programs.
Size/specs: I do not want or need a phablet or the latest/greatest processors. I'm reminded of the adage to buy last-year's top-of-the-line model. For some degree of future-proofing, would like to be able to view 1080p content on it.
Other: What did I forget? What things do you wish you knew that you only found out after you got your phone?
My main system runs Win 7 Pro but I could also run a live CD with some Linux distro.
What have your experiences been? Both positive and negative? Please save me from making a mistake that you have already learned from!
I'm looking to replace my phone within the next day or so. I've been impressed with the shared knowledge of this community -- please help!
(Score: 5, Interesting) by Anonymous Coward on Wednesday April 20 2016, @01:31PM
We can assume at this point that all Android devices are -- or will be -- infected.
Add in all the crapware you're going to get (Thanks, Verizon!) and you might as well just start including your credit card numbers, mother's maiden name, and first pet's name into all your email sigs. You'll probably end up getting birthday cards and personal messages from your local police department ("Hey, we flipped on your front-facing camera yesterday--that's a nice outfit, but you'll never pull it off unless you lose twenty pounds.")
Screw that.
Buy this: http://www.johnsphones.com/store/johns-phone-business/item45 [johnsphones.com]
Too austere? Get a good feature phone. Head to Amazon and type in 'feature phone' and you'll see a boatload of unencumbered devices.
Alternatively, look around for what's available in your market. DO NOT go gentle into that good night.
(Score: 3, Interesting) by dyingtolive on Wednesday April 20 2016, @02:40PM
That phone is amazing. I really wish I could pick something like that up. Unfortunately, most of my use case for a smartphone is maps/gps. I've been wanting to get a separate garmin handheld, but I'm not there yet. Also, gps still isn't necessarily navigation. I probably could navigate by atlas (do they even still make those? They used to be free handouts at rest stops, but I haven't seen them for years) but I haven't had to do that in about 10 years.
Don't blame me, I voted for moose wang!
(Score: 1) by tractatus_techno_philosophicus on Wednesday April 20 2016, @03:42PM
The John’s Phone Business reminds me so much of Cinco-Fone, by Cinco.
Now THAT'S a phone I'd carry, especially with the Cinco Cooling Gel.
https://youtu.be/ZG8ZKwaC1jY [youtu.be]
No moral system can rest solely on authority. ~A.J. Ayer
(Score: 2) by Grishnakh on Wednesday April 20 2016, @04:13PM
A feature phone would be nearly useless to me. *Talking* on my phone is one of my least-used functions. I use it a lot more for (in no particular order) 1) voicemail (no, I am not ever going back to "press 1 for next message, press 2 to delete, etc."), 2) calculator (RealCalc), 3) Tinder dating, 4) Google Maps/Waze car navigation, 5) Osmand navigation (for recording hiking trails), 6) flashlight, 7) camera, 8) web browsing (usually looking something up on Wikipedia during a conversation), 9) texting (no, I can't text on a 10-key keypad). And many times when I do use it for talking, I use a WiFi dialer so I don't burn my minutes. Replacing just some of these would require carrying around a slew of devices on my belt, which isn't going to happen, and some of them simply cannot be done at all without a smartphone.
Face it, feature phones are just obsolete.
(Score: 2) by frojack on Wednesday April 20 2016, @05:41PM
1) Do not buy any phone from any carrier. Just buy direct or make sure it is an international version, unlocked.
2) Run Cyanogenmod. (Their fine grained permissions are NOT substantially better than those in Android Marshmallow, but at least you know that most of the spyware will be missing. But bear in mind that Microsoft is a big investor on Cynao these days. You will have problems installing apps [stackexchange.com] unless you relent and allow the Google Play store be installed on your phone. Or you can use third party play stores, one or two of which have good reputations, the rest have high rates of compromised apps.
3) If you want to pay by phone with NFC, remember that several such solutions may not work on Cyanogenmod.
There becomes a point where its not all that worth while to go all heroic trying to avoid Google from knowing anything at all about you. Don't use their email (you just about have to have a gmail account to run android, but you don't have to use it) and turn off tracking (which they seem to honor) and you've done most of what you can do without sacrificing the usefulness of the phone.
No, you are mistaken. I've always had this sig.
(Score: 2) by dyingtolive on Wednesday April 20 2016, @08:39PM
A thought about number 1: If getting an international phone, you need to make sure that it supports the fastest radio bands for the region you're primarily using it in.
I bought the international Nexus 5 when the phone first came out and couldn't get it onto an LTE network. Exchange it and got the US version, worked immediately.
Don't blame me, I voted for moose wang!
(Score: 3, Interesting) by frojack on Wednesday April 20 2016, @08:52PM
True, a little shopping is in order when you are buying something that costs $500.
However, the last three phones I got were ordered from the Manufacturer (usually when on sale), and they
have the ALL the LTE radio bands you will need for your country, the US and the EU.
They've finally got the radio chip prices down so that they can include all pertainant bands.
If in doubt, check out the specs at http://www.gsmarena.com/ [gsmarena.com]
..
.
.
.
Speaking of Costs...Motorola is running a 50% off sale till monday.
http://www.motorola.com/us/products/motomaker/FLEXR6? [motorola.com]
.
.from my spam bin direct to you. My wife has that phone and loves it.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Thursday April 21 2016, @02:30AM
Where are you seeing a 50% off on Motorola phones? I see $50 off. 50% off and I would've grabbed one immediately, as I really need to get away from my Lumia 635.
(Score: 2) by frojack on Thursday April 21 2016, @03:29AM
I miss read it.
No, you are mistaken. I've always had this sig.
(Score: 2) by hendrikboom on Thursday April 21 2016, @12:35AM
I use android. I use google's services, including google plus. I do not have a gmail account. My identity for all this is via my email account on my own server, which is in my basement.
-- hendrik
(Score: 2) by fido_dogstoyevsky on Thursday April 21 2016, @01:59AM
...Don't use their email (you just about have to have a gmail account to run android, but you don't have to use it)...
Whenever I've bought (outright or on a plan) a smartphone (both times) I've started a gmail account just for the phone, checked if a file manager had to be downloaded from the company^w android store and then nuked the gmail account. Any further apps I get from F-Droid and sideload.
I'd probably be inclined to consider Google Play if they made it easy to sort by licence. But they don't so I'm not.
It's NOT a conspiracy... it's a plot.
(Score: 3, Interesting) by edIII on Wednesday April 20 2016, @08:20PM
So.... why leave out the burner phones?
I absolutely, utterly, and forever refuse to give any kind of identifying information whatsoever to a carrier again. If you do, and this is unavoidably and unarguably true: You're under mass surveillance 24/7 by government .
Worrying about a phone? They lock you into the PSTN system with zero protection or support, and also apparently guarantees 60 minutes can access it because SS7 is as secured as SCADA. The more you fight to unlock that bootloader, the more you're just making a literal spectacle of yourself in front of the cell towers.
Since PSTN surveillance is completely and totally unavoidable with Verisign operating the mediation switches for the Tier 1 providers, you might as well give up. You can't secure PSTN traffic, but you can use it as an untrusted line to move to trusted ones. Fighting to secure the phone also seems quite pointless to me.
Here's what I do:
1) Get yourself the most basic burner phone model possible.
2) You're a small boy. Therefore, start installing stupid ass games from the Google play store. Yes, play with it occasionally. Regularly search for banal stuff via the browser. Whatever you do, you're acting as somebody else to provide a fake behavioral profile associated with this device. Become an actor :)
3) Texting is free most likely with the correct plan, so sign up for "Cat Facts". If you can have an automated bot, all the better.
4) Lock it into tether mode.
5) Connect your real tablet to it, treating the connection as untrusted. Meaning, use proxies, TOR, whatever you need and can do to obfuscate your traffic back to your servers.
6) Perform your communications and business over this, using very strongly encrypted connections. Doing so it is possible with enterprise phone software (thankfully Open Source or FOSS) to make that tablet an endpoint, even connected to different PSTN numbers. Texting, even straight SMS, can be moved over to this device. Many large providers for SIP services now also offer SMS at the same time, on the same numbers. So this "landline" number is now no different than a cell phone number to anyone you deal with.
7) Every 60-90 days, wash, rinse, & repeat.
I recommend giving the phone to a homeless person, or somebody in need. That way the fake behavioral profile starts to change, but it doesn't actually stop producing data points either. Anyone attempting to find you from your enterprise endpoints in use on the tablet will hit your servers first, and even then, they need to do a bit more work to identify that burner phone as the one connected. Whatever happens, the likelihood of you noticing somebody attempting to trace you could be quite high if you're the actual personnel that law enforcement would need to speak with to do so in the first place....
Yes, DO NOT GO GENTLE INTO THAT GOOD NIGHT
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 5, Funny) by dyingtolive on Wednesday April 20 2016, @08:52PM
I think I'd rather the government see me listening to some music on my way home from work than deal with the fact that cell tower triangulation reports that I seem to have someone resembling a minor at my house every two months, only to be replaced by another as their old phone mysteriously winds up in the hands of a homeless man.
Don't blame me, I voted for moose wang!
(Score: 4, Funny) by edIII on Wednesday April 20 2016, @09:50PM
I....
That had not occurred to me. Obviously no plan is perfect at first...
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by dyingtolive on Wednesday April 20 2016, @11:12PM
Well, I mean, the first couple might not even throw a flag. For all I know, the 50th one wouldn't throw a red flag. And for all I know, you can't triangulate position off towers (god forbid GPS doesn't disable when you tell it to like a lot of people suspect) precisely enough for it to be tracked down to you. The funny thing about paranoia though is that you don't know which of those assumptions are safe to rely on. :)
Semi-on-topic: I wonder if there's been any reports of anyone with a used phone getting investigated for things the former owner did.
Don't blame me, I voted for moose wang!
(Score: 0) by Anonymous Coward on Wednesday April 20 2016, @11:27PM
Are you sure you would want to tie a homeless person to your personal behavioural profile? Are you really sure about that? Yes, I know that using proxies will keep all but the most determined of law enforcement agencies at bay, but it is never going to be 100%. It seems to me that giving the phone to a homeless person in order to cover your tracks is just asking for trouble. For example, if the homeless guy is a recently released sex offender, I could easily see you having to face some pretty nasty and thorough investigation by law enforcement if that guy decided to have some rather unsavoury internet browsing habits. Just sayin'.
(Score: 2) by edIII on Thursday April 21 2016, @06:34AM
No, that would be stupid. Which is why you keep your personal behavioral profile on your tablet, and you use a fake behavioral profile on the burner phone. Nothing you do on the burner phone should be tied to your identity in any way, shape, or form unless its via a secure tunnel originating from the tablet to an endpoint on the Internet. All of it needs to be fake, or as general as humanly possible.
If it's imperfect then law enforcement understands what the burner phone is, and what my tablet is, and the difference between them operationally. They're not confused about identities, and therefore I can call them out on that.
If it's perfect than law enforcement can only have access to the fake behavioral profile and we have nothing to worry about.
That would be really interesting since many of my burner phones are purchased with cash by a homeless person in the first place. I wait out in the parking lot for it.
Completely unconcerned though. I'm already working with the homeless and materially deprived people in my community. If law enforcement started giving me crap, I would shut those fuckers down in a split second with, "So... I can't give my phone to a person in need? I believe I can. I believe I did. I also believe you need to go deal with that person and not the one giving care packages to the homeless. If you have a problem with that... [hold my hands out to be arrested]". I'm not intimidated about dealing with cops, or that I may have to go to jail. Doing so only provides the community litigation vehicles to accomplish changes in incorrect and harmful policy. It wouldn't be the first time that cops were getting in the way of community organized efforts to help people. Sometimes they need to be reminded that just because a person is homeless the rules don't actually change on how they need to treat them.
Me giving homeless people phones serves two purposes at the same time, one of them being to provide them with some of the things they need. 30 days worth of phone service is something homeless people need, and it helps.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by khakipuce on Thursday April 21 2016, @08:33AM
So the government, assuming they at all give a sh!t about you and your data (what the hell are you doing in your spare time anyway?) see a burner phone with a large amount of encrypted data emanating from it. A few months later that stops and a new burner (what? if they have the level of tracking that your paranoia suggests, they surely know which phones have registered addresses and which don't) appear in the same area with the same volume of encrypted data.
You better not be a Muslim or look at all like you originate from the middle east.
(Score: 2) by edIII on Thursday April 21 2016, @06:42PM
I'm attempting to create a system whereby people can exchange burner phones and specific helper programs to simulate behavior on those burner phones. The burner phone itself is reduced to a device providing an untrusted route. Nothing more, nothing less. The behavioral programs are designed to make all burner phones look the same, in so far as their consumption patterns. If successful, then we all appear to be operating a TOR network across burner phones. That's NOT ILLEGAL, so they come ask me what I'm doing at any time and I have a perfect excuse :)
Yeah, sometimes some people have to take a hit for the TOR network, but I look at that as a badge of honor should it happen.
And? They are all practically unregistered. Most people getting these things are purchasing refill cards for cash. In any case, if you have over 10k+ participating devices across the country that are unregistered that gives you plausible deniability. The same principle upon which TOR operates. The fact some phones may be registered is immaterial to providing the plausible deniability network.
The new burner phone can be somebody else's old burner phone too, which is really the point. All of the burner phones in the system are being exchanged, preferably across large geographic areas. Remember, the only thing you care about is having an untrusted route for your real device. Security considerations are fairly minimal if you are exchanging often, and you can trust a stranger far more than you can trust a wireless carrier or the government. In other words, the TAO will have a real hard time figuring out how to target you specifically. Any compromise will be treating you as a general target, not a specifically chosen one. Since you *are* treating this as an untrusted route, your real device is strongly protecting itself via firewalls and tunneling of all real communications across heavily encrypted connections. You face the same dangers with the device that you face at Starbucks.
That's extremely highly unlikely to have the same volume of data, and is trivially easy to randomize your total bandwidth usage.
Yeah, I guess not. However that has more to do with Donald Trump than anything else. There are millions of Muslims in the United States, and they live peacefully enough. I don't care what I look like to anyone.
Technically, lunchtime is at any moment. It's just a wave function.