It goes to Israel or some other random country
1 Like
Seeing as how signals lead developers flipped the switch on other companies actively working with the government and ruined their credibility / taking their contracts potentially. I find it hard to judge because we donāt know enough. But we know they destroyed cellbrite and many cases reliant on cellbrite evidence.
Everyone should learn to rom their own phones with custom aosp if theyāre that concerned.
4 Likes
what would you recommend, do you do OPSEC consults?
currently running GrapheneOS; but i dont do illegal shit so it odesnt really matter, just a topic thats always fascinated me, and i like playing hacker on my cellphone, learned that love from the good old days jailbreaking iphones and shit.
5 Likes
I trust it there more than I do DC
I recommend people find a device that is popular (Samsung or Pixel brands) and has a large dev community in aosp for it.
My days come from when I was a part of a team called DroidMod (Motorola Droid/ first VZW Android phone)
Another large team I was a part of briefly contributing to was CyanogenMod. I also worked with and for the creator of Rom Manager and many other popular root applications and softwares (ClockworkMod) / Koushik Dutta.
LineageOS is there name now (CyanogenMod) and I havenāt kept up on the subject because I spend too much time on devices as is. Depending on my goals for security.
Iād make my own AOSP project and directly build from scratch. If I wanted to learn easily. Iād just pursue learning how to break bootloader/ root.
Once you can do that and flash your own recovery. Then you can learn to run popular roms that are tricked out AOSP projects with fascinating edits.
Generally projects that keep their source code available on github etc you can edit yourself to ensure the code has no surprises.
Aosp directly is the only guarantee that you know 100% what youāre getting.
A great resource for learning about Android phones my friend started a blog that was very successful: https://droid-life.com
If you want to learn making roms: https://xda-developers.com
4 Likes
Bigger security issues: wifi sharing/phone number attached to name.
If your device gives off signals for other devices to find it. Say you have two phones. Chances are good they can pinpoint that those two devices have stayed next to each other.
Sim swapping = device ID is still known.
Wifi connections? Donāt do it.
Yes you can edit your device ID and ultimately that will protect you further.
Say you have a sprint phone thatās sprint only. You can change meid with code and make another carrier believe its a Verizon phone. Etc
VPN is silly because ISP / Carrier can see the VPN connection pointing to who needs to give you up.
5 Likes
yeah fursure man, writings on the wall with amazon coming out and saying their alexa systems mesh together, i think at this point, and you would know better than me, everything meshes together. like shit ring doorbells do the same shit, it really is wild IOT has been a killing blow to privacy. We all saw this coming tho, we want to be connected constantly, we want everything to be seemlessly integrated and easy, we want our youtube cat videos on our fridges and toasters! this is the price we have to pay for such conveniences. The āsurveillanceā industry(for lack of a better term) loves our ignorance
3 Likes
The issue with IOT is that itās firmware will be limited on patching and ultimately a better model will replace them with beefier securities and they will stop patching.
1 Like
A lot of things are still also able to not be 24/7 monitored. Body cameras do not live upload.
A big IOT experience I have is setting up body camera compliance.
Body cameras go from officer, To vehicle laptop, To satellite (must be in physical range not a big sexy starlink setup), to the local computer with software able to retrieve and upload to watchdogs servers.
During all these points this data is capable of being adjusted or invalidated.
4 Likes