Hacker News new | past | comments | ask | show | jobs | submit login

Well, they at least they no longer leak them to the servers of every application provider on their smartphone.



Apps on your smartphone only get access to your messages if you give them permission.


Apps routinely ask for many more permissions than they have reason to and users have been conditioned to just 'get it over with'. Technically you are right, in practice users hand over the keys to the kingdom without a moments pause to think of the implications.

Now, you could of course argue that they only have themselves to blame.


I'd argue that if someone wants to get a flip phone for privacy reasons they should be able to not download shady apps and give them permissions without thinking.


Flip phones have some of the best protections available: the sensors aren't there. You can't leak your location if there is no GPS module in your phone, you can't have your camera hacked if there is no camera and so on.

I'd prefer all this stuff came with physical switches so it can be enabled/disabled in a hack-proof manner.


You can't leak your location if there is no GPS module in your phone

While not as precise, you can definitively leak your location by scanning for the surrounding cell towers, especially in a city, which usually have hundreds or thousands of them (Manhattan alone has eleven, for example). I used to run a Python script on my Nokia phone that logged the tower ID, and I could reliable tell when I got to work, home, etc.

And that's just for people who control your phone. Your operator has U-TDOA¹, which is typically accurate to 50m.

The camera part is true, but tape is cheap :)

¹ https://en.wikipedia.org/wiki/U-TDOA


Sure, but that's telcos and the local law enforcement. It's not google, facebook, 500 advertising networks and a whole pile of other parties.

It's also not accurate to within enough resolution start targeting advertising and other nuisance information at me even if there was a way to present me that (which there isn't).

I'm well aware of the power of triangulation, I used to go fox hunting.

http://www.homingin.com/


In some places, "just telcos" doesn't mean much: http://www.latimes.com/business/la-fi-lazarus-20140425-colum...

Though European laws are still mostly sane in that regard.


> especially in a city, which usually have hundreds or thousands of them (Manhattan alone has eleven, for example)

That's really quite a way from "hundreds or thousands".


Sorry, I didn't explain myself well. I'm just talking about the main towers, for each of those there are many smaller ones. Check out http://opencellid.org/ it's amazing, actually.


Location tracking is possible without GPS module https://en.wikipedia.org/wiki/Mobile_phone_tracking

What's your threat model? https://ssd.eff.org/en/module/introduction-threat-modeling

For most people mass surveillance is a more realistic threat than the NSA hacking their camera.


Corporations merging their databases. This is happening in real time, right now.

I don't have any illusions about being able to stay private from the eyes of nation state level adversaries but commercial entities can still be kept out if you try.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: