#phonehacks

hackaday@xn--y9azesw6bu.xn--y9a3aq

Privacy Report: What Android Does In The Background

image

We've come a long way from the Internet of the 90s and early 00s. Not just in terms of technology, capabilities, and culture, but in the attitude most of us take when accessing the 'net. In those early days most users had a militant drive to keep any personal or identifying information to themselves beyond the occasional (and often completely fictional) a/s/l, and before eBay and Amazon normalized online shopping it was unheard of to even type in a credit card number. On today's internet we do all of these things with reckless abandon, and to make matters worse most of us carry around a device which not only holds all of our personal information but also reports everything about us, from our browsing habits to our locations, back to databases to be stored indefinitely.

It was always known that both popular mobile operating systems for these devices, iOS and Android, "phone home" or report data about us back to various servers. But just how much the operating systems themselves did was largely a matter of speculation, especially for Apple devices which are doing things that only Apple can really know for sure. While Apple keeps their mysteries to themselves and thus can't be fully trusted, Android is much more open which paradoxically makes it easier for companies (and malicious users) to spy on users but also makes it easier for those users to secure their privacy on their own. Thanks to this recent privacy report on several different flavors of Android (PDF warning) we know a little bit more on specifically what the system apps are doing, what information they're gathering and where they're sending it, and exactly which versions of Android are best for those of us who take privacy seriously.

The Real Research Confirms Suspicions

The report takes a look at six different "flavors" of Android and what each one is doing behind the scenes. The researchers studied operating systems from Samsung, Xiaomi, Huawei, and Realme which all also produce their own devices, but also looked at two alternative Android-based operating systems -- LineageOS and /e/OS -- that can be installed on some devices and customized for privacy if the user chooses. /e/OS is built with privacy in mind, while LineageOS is more of a drop-in replacement which doesn't specifically focus on privacy. It should be no surprise that the four Android versions customized by the device manufacturers report a ton of user data, or that any device with a Google Apps (GApps) package reports a seemingly unending stream of user information back to Google servers, but some of the specific results that the research team found are definitely worth noting.

First, the paper points out that all of these companies are trivially able to link devices to users. Companies match IMEI numbers and other identifiers of devices to other user data that makes linking these accounts together a simple game of connect-the-dots. Largely the reason for doing this is to target ads, but all of these companies will also share this information indiscriminately with various governmental agencies. They also aren't perfectly secure, so any black-hat attacker who gets access to this information will have it as well. This shouldn't be too surprising, but the new information here is that researchers also found this data is shared among companies. For example, Samsung and Google seem to share each other's data amongst themselves. Swiftkey, a popular keyboard app, also sends information to Microsoft via Google. It's quite a complex web of data sharing and services from one company to support another's data gathering efforts. Some of these data gathering efforts also include details such as timestamped app usage and personal contact gathering. While a lot of the information the operating systems are actually gathering is sometimes obfuscated, it's clear that anything done on any of these devices might as well be recorded as if it was a Twitch stream as there's evidence to suggest that literally everything could be monitored by someone (or some piece of software), right down to a user's keystrokes.

The researchers contrast this rampant data gathering activity with /e/OS, a privacy-oriented version of Android. /e/OS is a fork of LineageOS which is specifically devoted to privacy, includes no Google-related software, and gathers essentially no user data on its own apart from information about available updates and some other necessary information. LineageOS is only marginally better than the Android offerings from the major manufacturers when the GApps package is installed with it, largely because the Google system apps are so pervasive at gathering user data. It is possible to use LineageOS without the GApps package but the researchers did not take this approach and largely focused on /e/OS as the de-Googled version of study.

Beyond This Study

While /e/OS is certainly an excellent choice for privacy-conscious users of smartphones, there are a few others worth mentioning that were not included in the study. Drawing the conclusion from this research that the real privacy violator is GApps (as long as you can avoid the other spyware from Samsung et. al.), it is possible to install LineageOS on a wider array of devices than /e/OS currently supports. Since installing GApps is something that is typically sideloaded after installing LineageOS and is an optional step, this can simply be omitted.

LineageOS logoAdditionally, if you absolutely can't live without Google Maps or Gmail, there is a way of accessing Google services without actually installing them on your device. A software package called MicroG is available which is an open-source replacement for GApps and allows the user to access Google services that otherwise would be available but restricts tracking and gathering of user data by Google in key ways. There is a fork of LineageOS called "LineageOS for MicroG" which includes this package instead of GApps by default, although there have been squabbles between the maintainers of this project and LineageOS over concerns with the way that MicroG accesses the Google services by signature spoofing.

GrapheneOS LogoFor those with Google Pixel devices specifically, there are two other privacy options. GrapheneOS is the Cadillac of privacy-focused versions of Android and has a number of improvements to enhance security as well, such as app sandboxing, implementation of secure/verified boot, disabling of peripherals via toggles, and other enhancements. CalyxOS is based on GrapheneOS and is similar but does allow for the use of MicroG and has some less-intense security practices than GrapheneOS. The only downsides with these flavors of Android is that they are built almost exclusively for the Google Pixel and at a minimum requires trust that Google didn't build a hardware backdoor of some sort into their phones.

Android Isn't The Only Option

There are a few other options for improving online privacy when using a smartphone. Linux-only phones such as the Pinephone are available but are not as fully-featured as Android. Some versions of Linux are also available for phones that would otherwise run Android. It's also probable that an iPhone is a security and privacy improvement over a factory Android device from any major service carrier or device manufacturer, although the fact that their software is closed-source and behind a walled garden makes this extremely difficult to verify. Still, if a user isn't willing to jump through all of these hoops to install /e/OS, GrapheneOS, or Ubuntu Touch, or if their phone has a locked bootloader making it impossible to flash a new OS (or if their device just isn't supported), it's preferable to choose an iPhone only if all other options are exhausted. Of course, the only other option is to not own a smartphone at all, which is arguably the easiest way of improving the privacy concerns with these devices.

The paper goes into great detail on methodology and also includes information on how they determined what data was being sent for those curious about specifics. It's also worth noting that they point out that none of this research investigates any specific apps that might be installed on a phone and only looks at the operating system apps. If you install random freemium games, banking apps, or Facebook on your GrapheneOS install, for example, it's likely to void any and all of your privacy efforts. The paper itself is worth a read though even for those who haven't considered their online privacy before, even if they did grow up in the 90s.

#featured #interest #originalart #phonehacks #android #calyxos #gapps #grapheneos #lineageos #microg #privacy

hackaday@xn--y9azesw6bu.xn--y9a3aq

Pining for a De-Googled Smartphone

image

Pulling the Google logo off of a smartphone

Last summer in the first swings of the global pandemic, sitting at home finally able to tackle some of my electronics projects now that I wasn't wasting three hours a day commuting to a cubicle farm, I found myself ordering a new smartphone. Not the latest Samsung or Apple offering with their boring, predictable UIs, though. This was the Linux-only PinePhone, which lacks the standard Android interface plastered over an otherwise deeply hidden Linux kernel.

As a bit of a digital privacy nut, the lack of Google software on this phone seemed intriguing as well, and although there were plenty of warnings that this was a phone still in its development stages it seemed like I might be able to overcome any obstacles and actually use the device for daily use. What followed, though, was a challenging year of poking, prodding, and tinkering before it got to the point where it can finally replace an average Android smartphone and its Google-based spyware with something that suits my privacy-centered requirements, even if I do admittedly have to sacrifice some functionality.

Setting the Stage

First, a bit of a disclaimer. This article is not a critique of the PinePhone compared to a flagship Android phone. Rather, it's a journey into the open-source world with respect to a smartphone that is designed to run Linux from a person who is willing to go to extremes to use free and open source software (I still use this computer daily, for example) without appearing too crazy. The developers at Pine64 have done an incredible job bringing one of the only Linux-first smartphones to market. I also owe a huge debt to the FOSS community who continues to build and maintain free software for these devices. Even though the experience isn't yet as refined as an iPhone or Galaxy, it's still quite possible to use one for regular, daily use but there are some missing pieces to acknowledge.

I have also been on a journey to remove as much of Google's concerning ecosystem from my life as possible over the last five years or so. Some things are easy, such as using Duck Duck Go as a search engine and Firefox as a browser. Some things were a little bit of a hassle at first, like switching to ProtonMail as an email and calendar service. And some things still are extremely difficult, like removing Google services from my Android devices. To that end, I had originally purchased a OnePlus 3T several years ago with the intention of installing the de-Googled LineageOS variant of Android on it, but perhaps due to a lack of confidence in not bricking the $400 device during the installation procedure I could never quite bring myself to wipe the phone clean of its factory-installed operating system. Now, the Android phone is so well-worn that the USB port no longer connects the data pins on the cables so even if I wanted to flash a new firmware on it now, it would be virtually impossible.

Some (Software) Assembly Required

When I first purchased the PinePhone, it came with Ubuntu Touch pre-installed. The distribution was once an official Canonical-supported software project to bring the ease of Ubuntu to the smartphone world. Canonical abandoned the project for reasons not worth mentioning here, but since the software was open source it continued as a community-driven project directed by UBports. Hoping that the Ubuntu name meant that I would easily be able to get started, I purchased the device. Most things worked out-of-the-box, such as calling, text messaging, and internet browsing. There were some notable exceptions, such as the lack of dual-tone multi-frequency (DTMF) support. These are the touch tones that a phone sends which correspond to the number pad. I thought briefly that this might not be a deal breaker, but I found out quite quickly that I couldn't dial in to conference calls, check my voicemail, or interact with any automated phone system without this support.

After exploring this problem for a while, it seemed like a solution may have been to install any of a number of alternative operating systems to see if they had solved this issue already. Unlike Android phones, which require unlocking the bootloader, installing custom recovery software, and backing up and flashing ROMs, any one of which may brick the device if you take a wrong step, this is incredibly easy on the PinePhone. Simply imaging a microSD card with the operating system of choice and placing it in the PinePhone allows the device to automatically boot to this image rather than the one installed on the phone's built-in memory. This makes testing software extremely easy and surprisingly user-friendly. To solve the DTMF issue I tried PostmarketOS which seemed like the furthest along of all of the various Linux distributions for phones, but this OS was much less refined than Ubuntu Touch so I gave up for the time being and shelved the phone.

PinePhone side-by-side with Android-powered OnePlus 3TThe author's PinePhone (left) beside a OnePlus 3T. The differences are not obvious on the surface but become apparent quite quickly when used. Note: this photo was not taken with the PinePhone's camera for several reasons.

I would come back to the phone every month or so to see if the UBports packages had been updated to support DTMF but I was continually disappointed until about two months ago where I found this feature finally working. This also coincided with, in my opinion, a horrible yet unsurprising decision by my former service provider (AT&T) to start locking out service for anyone who switches their SIM card to another device unless that device is on a whitelist. (Other carriers in the US such as Verizon seem to be actively restricting devices in other ways as well, so be sure to check with your carrier before swapping your SIM to a PinePhone.) Even after switching my SIM back to the heretofore-working OnePlus, my service would remain locked out unless I called AT&T customer service to have it reactivated which was quite the catch-22 and often required several levels of escalation. This made it a no-brainier to switch to a carrier that (so far) hasn't riddled my life with arbitrary hassles, though.

Slowly Adding Options

With that speed bump out of the way, and finally in possession of a working Linux-only phone with most of the capabilities of a flip phone from 2007, I started experimenting with other modern smartphone features. I knew going in not to expect everything to work flawlessly, but there are a few notable absences from the Linux ecosystem. Obviously I was fine with losing Google Maps, but the GPS functionality on the PinePhone paired with something like OpenStreetMap is not yet a full replacement for that. Additionally, my international friends tend to use WhatsApp for texting, but there is not a version of that available for anything not Android- or iOS-based. Similarly, Spotify, Signal, and my ProtonMail calendar are also not available. I also assume that various social media apps may not be available either, but from a privacy perspective I can't recommend anyone having social media accounts in the first place.

The camera boasts reasonable specs but the app that controls it is, at best, still in development. Similarly, while there are respectable podcast and music apps available, the phone gets uncomfortably warm in my pocket while simply listening to audio with them. This is one of the only complaints that most who have the phone notice, specifically in regards to battery consumption, and it seems like a lot of the power optimization for running single applications isn't quite there yet. I feel like the phone essentially acts as a laptop with every background process running all the time unless it's fully in sleep mode, but I still give this phone a pass because of the clear understanding that it's still very much in development.

The Key to Happiness is Low Expectations

But enough about the obvious missing features. For me, a privacy-conscious person who doesn't want to waste time staring at a phone more than I need to anyway, it's almost perfect. There are physical switches for various hardware such as the cellular modem, microphone, and cameras, and I leave the front camera switch in the "off" position all the time because that hardware has always struck me as slightly creepy anyway. On the software side, a mobile version of Firefox is available for it which does almost everything I need from a mobile browser. The most important feature for me also works flawlessly: the WiFi hotspot. Except for a little hiccup where my ancient Apple laptop wouldn't connect to it for some reason (which I solved by adding a tiny USB WiFi dongle instead of using the built-in chip), and another hiccup where I couldn't get the hotspot to work in Ubuntu Touch at all (which has since been fixed), everything that I need works as well as I need it to.

Rear of a PinePhone showing hardwareThe rear case is easily removed without tools, exposing (from top left, clockwise) a heat sink, six pogo pins, the six hardware kill switches (with 3.5 mm headphone jack for scale), microSD and SIM card slots, and removable/replaceable battery

I have also been able to easily experiment with other operating systems since it's basically encouraged with this device. I have had excellent success with another distribution called Mobian ("mobile Debian") and use this distribution nearly full-time now. Mobian is great for me personally because I have been using a Debian variant of some kind or another on my personal computers since 2005 and I am not interested in switching to or learning anything else anytime soon, and Ubuntu Touch (while being Debian-based) has some needlessly difficult aspects to it that Mobian seems to have solved. Besides Mobian and Ubuntu, though, there are some Arch-based distributions available if that's more your style, and plenty of other offerings outside of either. One of the other excellent features of this phone and OS combination is that I can SSH into it just like I would any other computer and use apt to install whatever software I like. This worked surprisingly well for installing the Kodi media player, for example. There's even a dock that connects to the USB-C port on the phone that essentially turns it into a fully-featured Linux desktop with Raspberry Pi vibes, but I haven't tried this out yet. I do find it intriguing as a feature, though.

Almost all of the other downsides of using a PinePhone were things I was going to accept in my life anyway because of privacy issues, even if this phone didn't exist at all. For GPS I have been planning on getting a standalone (or possibly handheld) device specifically for navigation that doesn't need to connect to the Internet at all. Similarly, I am thinking about a standalone audio player similar to a classic iPod for music and podcasts. For email, which I haven't even tried to set up on my PinePhone yet, I simply connect to the hotspot and check it on my laptop rather than have my phone continually interrupt my life for what often turns out to be minutiae. For notes, I use an even older set of tools: a piece of paper and a pencil. It might seem like I am turning into a bit of a Luddite, but to me the invasion of my privacy for mild convenience is no longer worthwhile. If I have to carry around a GPS, iPod, phone, and notepad like it's 2007 again in order to preserve a shred of digital privacy then I think I will manage to survive. The only thing that I find to be a true downside for my use case is the lack of MMS support (without taking extreme measures), but I will have to take that as an acceptable loss for the time being and rely on a real camera when I need one.

Opening the Door for Options

Further, I think that the exercise in using open technology like this is a way for people like me to put their money where their mouths are. Everything about this phone is something I've wanted from my Android devices but have never been able to get in one package such as a replaceable battery, removable storage, hardware kill switches, an unlocked bootloader, the ability to easily flash any image I want, and lack of any Google software. Even things like the I2C interface and the six pogo pins are nice to have and make the device upgradable with whatever you want. There aren't any mainstream options on the market for "regular" users that even approach this, and there won't be unless people like us support underdog developers like Pine64 or Purism. There won't be a real choice until the choice is real for a large number of people.

My experience points out how difficult it still is, but that it is possible. Even if you don't think you can fully switch to a Linux-only device like this for your daily life, it's worth it to pick one up and start tinkering with it. There are plenty of niche applications for these devices well beyond their use as a simple phone, and it's worth the time to experiment with them.

#featured #interest #phonehacks #android #degoogle #linux #mobian #opensource #pinephone #privacy #ubuntutouch