I am getting weary about hearing of all the ways that our devices are spying on us. The main ways in which we give away information are the sites that we visit and the searches we make. But we know about those and have grudgingly come to accept them as facts of life and the price we pay for the conveniences they provide. But there are other, more disturbing aspects, like that the cameras and the microphones on our devices may be surreptitiously recording us.
If you think your smartphone is spying on you, you’re probably right.
Apps are designed to track your moves, and your phone’s microphone can be picking up your conversations.
So if you’re suddenly bombarded with ads on your social media for things you’ve never searched for but have spoken about, it’s no coincidence.
…It’s simple to check your device for which apps have access to the phone’s microphone or camera.
Open settings, tap “privacy”, tap “microphone” or “camera” in the privacy menu, and on the next page, you can view which apps have access and you can toggle the access off.
That can help stop your phone from listening to your conversations.
Apple is also expected to introduce within the coming weeks new pop-ups that will alert phone users to whether an app is tracking them.
Facebook says data collection is needed to make user experiences better but if a user opts not to allow an app such as Facebook to track them, then Apple will prevent the app from doing so.
The new feature has been controversial among tech giants but will no doubt be welcomed by smartphone users.
This article goes into more detail about what options are available for all the varieties of smartphones out there.
Like many ordinary users, there is a limit to how much effort I am willing to put into preventing this kind of spying. This is partly out of a sense that I am hopelessly outmatched and that whatever preventative measures I take, the other side can get past them, and partly out of the sense that my life is so ordinary that I cannot see that anyone would find anything more than the mildly embarrassing. My only hope is for action at the governmental level to prevent such things. So apart from covering the camera lens when I am not using it, which is easy to do and I rarely use the camera anyway, I do not do anything else.
The only phone I have has a wire attached to it. So they (whoever they may be) can only listen while I am at home. And since the only one I talk to within earshot of my phone is me, its gonna be mighty boring for whomever might be listening.
At least the US (for now) still has 2G networks, meaning old phones won’t gve away more than cell location, no ability to record and transmit data. If everything goes 4G or 5G, you won’t have a choice except for “smartphones” and no way to stop the spying except to turn the phone off or leave it at home.
I sometimes think about getting one of the Taiwan made T9 “dumbphones” approved for soldiers and those in the tech industry. They’re 4G, but they have no SD slot, no recording ability nor a camera, only calls and texts. The science parks approve them to prevent industrial espionage.
The problem is lazy people who just install apps. For browsing, I installed the mobile firefox browser complete with appropriate no spy add-ons. I haven’t seen a targeted ad for years.
https://gimletmedia.com/shows/reply-all/z3hlwr
Intransitive @2: My son had an old-fashioned flip phone. He received a message that this will no longer be supported by his provider.
@2, @5:
Remember 3G? It’s going away as AT&T, Verizon and T-Mobile shift to 5G. What to know about 3G shutdown
@5: There are flip phones that support 4G LTE, and so should not be affected by the 3G shutdown.
ZTE/Consumer Cellular Link II
Years ago, I raised a similar concern with an FtB-local security guy. He replied:
Since then, I’ve seen others note that quite often during a group conversation, at least one person may have an app or other function active on their phone, allowing that (or another app) to forward whatever that phone hears to a remote databank -- with no detectable battery drain.
@2 Intransitive
Except, y’know, when you make a phone call. All of that info is dumped onto the POTS unencrypted, tapped by multiple parties and turned into a transcript for later use. Especially with regards to any network that still runs the GPRS protocol, the encryption strength in the proprietary GEA-1 algorithm was deliberately weakened [Techdirt link] to comply with Washington’s crypto export restrictions. GEA-1 is trivially broken, and any phone which can be tricked into falling back on it (nearly all of them) is a security hazard.
You’re right about leaving the phone at home, though. For those who can stand the minimal inconvenience of setting up low-tech ways of staying in touch with others, the mass-surveyers have a far harder time tracking that if you do it right.
#2, #8, others:
Taiwanese companies make 4G LTE phones (one of several) without cameras, USB card slots, or recording ability. You get calls, text, FM radio, and that’s it.
The military and science park staff are allowed to bring them on site because espionage (political or industrial) is impossible. If the phone can’t transmit anything but phone calls and text messages (which you have to do yourself), it’s a lot harder to be spied on. They’re made domestically so there’s no PRC spyware.
At home your best friend is a VPN.
Do not use a “free” VPN service. You know what they say about free products and that applies in spades here.
A few ad blockers and anonymous browsing make things more secure.
As indicated above, run as few apps as possible on your phone and review the permissions of each app. Don’t be afraid to turn off permissions that the app says will cause it to malfunction.
I recall Edward Snowden saying that, when he used to attend CIA meetings, everyone brought only a flip phone, because you could take the battery out of it. The only phone that can’t be tracked is one without a battery. Even if it’s turned off, really energetic people can track it.
I saw a photo of Zuck once, with his laptop on the desk behind him. He had a piece of black tape over the camera and tissue stuffed into the microphone port. Good ideas. You could do some such with a phone, too.
Turn off all location services, all of them. And, if you have an iPhone, you can jailbreak it (a good idea anyway), and then install an app that allows you to refuse all incoming connections when you open any app, forever if you like. Or to select only the connections that you want. (This is why Apple doesn’t want you to jailbreak.)
I’ve always had a flip phone, but had to grudgingly buy an old used iPhone, as was said, they’re suspending service.
Companies like Google are actively helping this.
I run a stock phone with (thankfully) no bloatware due to it being bought separately from the subscription. Several of the default installed apps are basic Android and E.V.E.R.Y S.I.N.G.L.E T.I.M.E I open the phone those default apps spit out one more more warnings that they can’t possibly work since I’m not allowing them total access to the phone (and again when I open the selected app, it is a miracle that I’ve been able to use SMS let alone call people or receive calls since neither app should work according to the notifications).
So for the last four years I’ve been ignoring those warning notifications. The thing is that for other people it trains them into just selecting the notification then hitting accept on the required permissions when such a notification pops up to get rid of the annoyance.
Interesting and very scary BBC progamme Stalkerware: The software that spies on your partner
I was listening to this this morning on CBC. In the next programme the host was saying that Dutch (?) research had shown that the best song for any time was “I’ll be watching you”.Can you spell ironic?
I don’t know why they added a VPN as a way to stop your phone from listening in. Sure, it’s an encrypted tunnel and it can stop your ISP or in this case telephone company from reading your network traffic. But that doesn’t do a thing to stop your phone from listening or from sending your data to places you don’t want it going.
I know there are projects to make phones that are more trustworthy but they’re still in early days. I have one such device and it has hardware switches to turn off various things like the microphone, cell modem and wifi. For software it uses a version of Linux that lets a knowledgable user have the same options for control that you could get from installing Linux on a laptop and generally seems to lack surprise stalkerware because it’s open source.
There are dwawbacks though. Generally it’s a mixed bag right now. Ideally I’m hoping that the second gen model works out some of the current quirks so it’s a reasonable choice for techies and I’m hoping by the 3rd or 4th gen it’s something a normal person might reasonably choose.
Along the way I learned some things about phones though. Most people would think they own the phone and all of the parts that make it up. But in reality you have almost no control over the modem. And it’s not just a modem. It’s a mini computing environment that runs its own software. Your phone OS talks to it but doesn’t run it. The situation has some parallels with letting your home ISP give you one of those combo modem/wifi router gadgets. Usually your ISP can spy on your unencrypted traffic that goes over the internet but if they own your wireless router then they can spy on what devices you connect to it and any traffic using the wireless, even if it never leaves your home network. Cell modems are inside your phone and likewise seem to have unexpectedly broad access to your data because the corporation controls something inside an area you’d probably expect to be under your control.
Caveat: I used “stalkerware” to describe something before noticing jkrideau’s comment. It’s possible we’re not using the terms the same way. I was using a broad definition of any software that spies on you without your knowledge and sends the information it gathers to a third party. Also, open source software doesn’t specifically protect you from that, but it seems much more likely such spying will be noticed.
@ 16 lanir
I do not think we are. The BBC programme explicitly is using the term to describe an abusive partner using that software to monitor the activities of a person. The equivalent of physical stalking.
I suspect this is just a functional subset of your “stalkerware” and may be being used to stress the social implications of the software in one area. If you are an abused wife, discovering that your abuser knows everywhere you have been and everything you have said is just a tad terrifying.