Replies (86)
They don't because the phone is not in my name and no account has my real data
For those who don’t have the gumption to ditch their current phone and OS, an easy way to help mitigate tracking is deleting the weather app. It consistently pings your location not just for weather data but also enables companies to more specifically track you, market to you, and sell your data. So if you’re not diving head first into GrapheneOS, delete the weather app on your current device and download an open source privacy respecting version for slightly upgraded privacy.
Have you ever used or activated your sim or esim at home or work? Oops.
What's this location transmission that's ostensibly happening every 4.5 minutes? Which app does that?
thank you 🫂💜
It’s much faster than that. Be honest 😂
Someone should just do what
@Laeserin 🇻🇦's team did with the bible and port extreme privacy over to nostr notes.
Assuming he doesn't mean location but means pinging cell towers which is a proxy
The OS does that in the background.
Check the 2021 Trinity College Dublin study:
https://www.scss.tcd.ie/doug.leith/apple_google.pdf
"Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google"
Is graphen os hackable? Was always curious if say the police or other wanted to track you if it was still possible ? I assumed yes but don't know
According to cellbrite, no.
Even if they get an unlocked phone, they cannot do most exploits they usually do.
If its locked or even shut down, I haven't heard of any exploit.
Yes, great book, and frequently updated.
Funny cause it's true...
I know 😂
This is high on my to do list for 2026.
First I need to buy a pixel but today I'm stacking some cheat sats!
Nice..
Every day I am more worried about privacy. Thanks for sharing!
What about iOS ?
Can't fault anything
@Max says in this article. Great advice about what apps to install and how to set up your phone.
I love GrapheneOS. Used it for many years, and many Pixel versions. Brilliant!
View quoted note →If you don’t want to be tracked - don’t carry a cellphone. Even a GrapheneOS powered phone is going to be periodically updating its location to the nearest cell tower to keep the HLR updated.
Thank you for this information!
Been experiencing a lot of issues with my grapheneos ever since I plugged to charge in a rental car :/ anytime my battery dies it takes a massive amount of effort to turn it back on and always stalls on the grapheneos logo just sits there and I have to pres power and sound buttons to restart and then pause for it to first regain charge before powering. It's weird and frustrating. I think I've been hacked. I woke up today wanting to just juke it.... Like reset from ground 0 but unsure how yet.
Thank you for this Max
It is not mine and is not even fromy country. It is used around. I have 5 phones.A wifi spoofing system so I can pretend to be where I want and a gps disruptor.
Maybe learn about directional antennas. I dunno
Yes but that's quite coarse grained.
Ey Max!
Guiness World Record Installing @grapheneOS is ours.
🔥🔥🔥🤓
Better than within 500m from what I understand. And 5G probably better.
Been running graphene for about a yr now, pretty happy with it so far
I am probably the least tech savvy person on this thread and I have been running graphene for about 6 months now and am very happy with it.
Yeah not close enough to tell which shop or which doctor I'm attending.
From who? Information online is all tainted. Nothing useful at this point. They know all and stop whatever is not supposed to be given to the public.. only way old hardware warfare. Remove chips, shortcircuit antennas, disconnect microphones and cameras. Faraday cages and rf sensors to verify real offline transmissions. So... Best choice remove all the wifi equipmenta and rewire home. Some tracts in fiber. I bet in few years Internet will be unusable anyway so storing all I need in local network and doing physical optical backups.
I built many directional antennas years ago but now the new arrays and geometries are out of diy abilities. The only way is tricking the system with shields and coaxial delay so they cannot triangulate the signal. At a certain point better to avoid the transmission and that is it. With AI analysis they can easily decode position even with this tricks. Pair car plates from cameras with gsm position and rebuild behavior.
May I ask what service you use? I am aware that Silent Link does not offer voice, and I feel like I need voice as a new dad. Am I wrong? In the age of AI, is it just a matter of time until my voice is stolen and used to impersonate me for nefarious reasons? I heard you can do calls over Signal if you get your loved ones to download it
Be a submarine and use a Faraday bag. Only surface when you absolutely need to.
Sometime ago unlocked extractions stopped providing access to the full filesystem. We didn't do anything in particular to cause that. If that's not available they'll do 'logical extraction' instead where they acquire the data through traditional logical operating system features like ADB.
The big capabilities to look out for are AFU (extraction AFU without password) and Brute Force capabilities, neither of which are present.
Do you know who the fuck the new oem graphene os is partnering with?
Given the slave-centered nature of the mobile infrastructure, the only logic conclusion is to opt-out the whole mobile ecosystem, until there are more reasonable alternatives. Continuous friction with the limits is not only tiring, but unfair with the user. If the corporate world wants mobile-centered-identity, let them pay for it. Why should I buy an expensive device just to discover how much crippled is it against my own interests? The government may force you to have a bank account, but the same bank cannot mandate you to own a phone. Do you sell freedom? Really?
No, really curious tho!
Interesting, but the logical extraction still gives them all data?
Isn't signal calls & jitsi enough?
That's why you have airplane mode.
Make sure you set the USB C port to charging only even when unlocked, this might have prevented the exploit. There are also power only USB cables or adapters who cut the data cable connection.
Yes, it is a good idea to regularly reinstall graphene os and start from zero, make sure you have all backups.
It's the OG free ROM, but doesn't come close to Graphene's hardening.
Better than all legacy android versions, gets even better when you turn on lockdown mode, but that removes all the cool UX features iOS users love, so at that point might as well switch to GrapheneOS, which is even better.
🤔
Im holding out buying a pixel only cause of their stupid announcement. Cunts.
It'll take at least a year until that gets released, get a used Pixel 8a for now, cheap and secure.
Keep mine in a farraday pouch. Rarely do i take it with me when out n about. Used mainly indoors connected to wifi. Not a fan of them and can live without one. i control it, not other way around.
Does one totally negate the benefits of using a “privacy phone” if they are constantly in the company of people who are using Swiss cheese devices and apps? I can’t even get my circle of people to adopt encrypted chat apps and get the fuck off Fakebook. Seems pointless to get all James Bond, other than as an educational exercise, when surrounded by data leakers and outright big tech platform shit posters. #asknostr
People will continue to use what they know until the cons of doing so outweigh the pros.
If they’re not concerned about their privacy then there is no motivation to switch to a new protocol, it’s as simple as that.
#fuckandroid #buyaniphone
What I’m getting at is, by extension, do you completely erase the benefits you gain by setting up a privacy device if you’re sitting right next to people all day who can be drone striked to their phone location
If you’re sitting next to people that could be targeted by a drone strike, it seems like you have bigger issues to deal with, hehe.
Lol
I also switched to Graphene a couple of months now and it is surprisingly good. Maybe it is because I use anyway a lot of Open source tools. Everything exists maybe not that convenient but it works.
Honestly the only thing I really miss is pay by Google pay and I know it is silly because it tracks every transaction to create a nice profile but it was so darn convenient.
Yup. I feel like monero has the right idea with decoys. They need to be normalized though. Today, a decoy makes you stand out as bad as a coinjoin transaction. In monero, everyone is required to use decoys.
From who? Nobody, anybody. I just want the 'reasonable expectation of privacy' bar to go up not trend down as it has since the beginning. The reasonable expectation of privacy is about zero these days which lawfare can do whatever they want now.
>: /
No tech people should skip entirely a tech they do not understand. In the 90's I was in teams developing non contact smartcards and so on. I know quite well how to fuck up those system. The average guy does not. Unfortunately they now developed thing that I do not even know.
Graphene is so cool
View quoted note →@npub1akqt...8mnr faraday bags work great when you want to disappear too.
I am currently using usmobile warp although I am not certain that the carrier matters that much as you can manually lock the mic the location and the camera on and off. You can also set up a alternate profile which I use to switch between a very locked down graphene os and a very sandboxed google play. Hope this helps!
It's always concerned me that Graphene is built primarily for phones built by Google. Do the developers know every single thing the chips inside do? Software is one thing, but hardware is a whole different game.
🫡 thank you sir. Hope you and the family are well
There is no other hardware with a lockable boot loader and secure elements.
They are working with a second manufacturer at the moment.
Now I'll freely admit, I don't know much about chip design, but I watched something a long while back where someone showed that there are parts of chips which aren't made clear on manufacturer's details, posts which aren't clarified. That's what got me thinking...
Why would Google, who were founded for the purpose of mass surveillance, provide a tool which can bypass it? It doesn't make sense.
So if another company is going to make hardware which Graphene will work with, I'd be much more interested to learn more. All the while it's on Google hardware it's not for me. They can watch me openly, like they currently do, on Amdroid.
Yes, we desperately need freer hardware, and I'd probably switch to an alternative if that would exist.
It gives them all the files of an unlocked profile, calls and SMS history and light application data but this is depending on the techniques, OS and app support. Certain logical extraction techniques use standard ADB functionality, Android backup features, or more invasive methods like downgrading a system app to a vulnerable version (GrapheneOS closes this security hole).
If they wanted data on certain apps like messengers then manually browsing the apps and reading the messages with a camera mounted to the screen may be needed instead.
Full filesystem would give access to privileged OS data and the /data of all applications in at profiles not at rest. If there's a hot wallet app only protected by a simple PIN they could just clone that app data elsewhere and get control of the keys by brute forcing the PIN. Not usually possible on logical extractions.
No idea how to do this yet but gonna research and read your article :)
All phones including grapheneOS devices have coprocessors on them that have network and device access and are not publicly documented in any way
If you want actual privacy you DO NOT carry any phone
View quoted note →Yes, its explained there, super simple.
Settings > Security & Privacy > Exploit Protection > USB-C Port > Charging Only
To reflash graphene, just to the same steps you did to install it in the first place.
Ok great! Just did. Hope the next few days I am just gonna reset the whole thing once I figure out what I need back of on and how.
You mentioned pixel 9 as reported by the whistleblower... Are earlier pixels more vulnerable?
The Pixel 8's Tensor G3 chip pairs with an upgraded Titan M2 security coprocessor to isolate sensitive cryptographic operations, while introducing Memory Tagging Extension (MTE) support for runtime detection of memory corruption vulnerabilities and significantly hardening the cellular baseband firmware with bounds sanitizers, integer overflow protection, stack canaries, and control flow integrity to reduce what has historically been a major attack surface.
That's a major improvement compared to the 7 or earlier generations.
So 8s are just fine then? Or should one aim to upgrade to 9?
8s are fine, especially if you have it already or want the cheapest option.
Both 9 and 10 are marginal improvements in build quality, performance, battery, and they will receive updates for one or two years longer (standard is 7 years official support from google, Graphene usually supports even longer)
K good. Hope I dont need to replace it. So hope to figure out whats wrong with it and fix it.
I'd say make selective backups of your important files, not everything since that might include the malware, and then go again through
Web installer | Install | GrapheneOS
and start over.
What about the tablet since those come out less often
Checking this out later
Can you install it on a new pixel ? I just ordered one
You’re android smartphone does this always, your iPhone only dos it if you install shit meta apps etc
View quoted note →Yes
I haven't reset yet but wanted to let you know doing the charging USB instructions seems to have fixed my starting after dying phone problem. Thank you,
@npub18lzl...ugm3!
Awesome.
Well Del the Dack are you going to tell us or what?
I dont know. I want to know as well. Its so annoying.
