[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tor-talk] Thou shalt not use mobile phones (was: Firefox with Tor on Android?)



On 05/25/2015 7:06 PM, Jens Lechtenboerger wrote:

> On 2015-05-23, at 21:54, Mirimir wrote:
>
>> On 05/23/2015 07:47 AM, Alexis Wattel wrote:
>>
>> <SNIP>
>>
>>> From what I know, Mike Perry's article on hardening Android is the
only viable *starting* point to secure an Android platform.
>>>
>>> Good luck fellas!
>>
>> It needs to be a dedicated device, with no links (money, accounts,
contacts, activities, etc) to ones true name. And as Mike notes, it
can't have a working cellular radio. Public WiFi only.
>>
>> <SNIP>
>
> As this discussion has drifted away from the original topic, I changed
the subject.
>
> I believe that the above warning against Android should really be
understood as warning against mobile phones in general: Phones are
powerful surveillance devices, easily exploitable by third parties. I
don’t think that Android phones are worse than other smartphones in this
respect.  Please correct me if I’m wrong.

Actually, Android is better than iOS because it's open-source. Also, it
can run on open-source hardware, which is being developed. But
generally, smartphones were expressly designed to be far less
independent and private than PCs.

> As a matter of fact, people use smartphones anyways.  Some readers
here might say that smartphone users are doomed beyond help.
> I don’t agree.

They are if they're using mass-market iOS and Android devices.

> People may try to protect themselves (1) against targeted attacks and
targeted espionage or (2) against mass surveillance.  Both assume
different threat models, yet frequently both are mixed up, which does
not help.  I agree that I’m doomed if I attempt (1) on my smartphone.
In fact, I don’t think that many people are skilled enough to protect
any kind of device with Internet connection against targeted attacks.
Thinking of Stuxnet, I don’t believe that there are many devices which
can be protected against targeted attacks at all (regardless of network
connections).

Yes, I agree that resisting targeted attacks is difficult, if not
impossible. Maybe the VM that I'm typing this on is pwned. But it's
dedicated to Mirimir, and doesn't administer anything. Maybe the entire
host machine is pwned. But neither it nor other hosts on its LAN contain
true-name information. I appreciate that such paranoia is unusual. But I
do my best to proselytize ;)

> Now, if we mix up cases (1) and (2) it is easy to conclude that there
is nothing one can do anyways.  Resistance appears futile, so it’s
reasonable to resign and submit to the destruction of our privacy.  It’s
the convenient, lazy route, apparently justified by expert advice.

I do not advocate that!

> So, let’s consider both cases separately.  Let’s forget about (1). We
are left with (2), mass surveillance, which as the name suggests affects
the masses and should be everybody’s concern.  Mass surveillance is
based on bulk data collection, where it’s easy to see who communicates
where and when with whom, potentially about what.  I hope that Tor is a
useful tool against mass surveillance. It’s probably safe to say that
with Tor it is not “easy” any more to see who communicates where and
when with whom.  Tor users do not offer this information voluntarily,
they resist actively.

Yes.

> And it does not matter on what devices people use Tor.  Mass
surveillance becomes harder in any case.

Maybe. From what I've read, Tor on smartphones seems quite broken.

> So, please, be careful whom you warn how against the use of mobile
phones.  Too many people are indifferent to mass surveillance already.
Do not join the chorus to mislead the masses in believing that
resistance is futile.

Again, that is not what I recommend. I'm sorry if I came off that way.

> You may suggest to throw away mobile phones, of course.  I would not
expect more than disbelieve, shock, or laughter in response.
Alternatively, you may want to explain other measures—which also work on
phones: Use decentralized services, use alternative search engines,
encrypt communication, anonymize communication.

I do not suggest throwing away mobile phones. What I warn against is
pretending that they can be secure and anonymous. One must assume, I
believe, that all standard consumer smartphones will be pwned, and that
all activity on will be monitored.

But that's not a problem, if one is aware of it. The response is
compartmentalization. Have at least two smartphones. One is for routine
true-name use. The goal there is looking normal, just like everyone
else. Use no encryption, never use Tor, don't be clever, etc.

The others are dedicated to private use. Buy with cash, with the primary
smartphone left at home. Have no mobile account, and use only public
WiFi. And so on.

> Best wishes
> Jens
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk