Hacker News new | past | comments | ask | show | jobs | submit login
NSA's Tips to Keep Your Phone from Tracking You (wired.com)
140 points by pcast on Aug 10, 2020 | hide | past | favorite | 95 comments



> Turn off Bluetooth and Wifi

> Turn on Airplane Mode

> Decline location-sharing or at the very least restrict it to only when the app is open

These seem obvious but I guess need repeating. The last one is only an option for Android 10+ users which apparently only account for ~25% of Android devices out there. So 75% of Android users can't even do this yet. Not sure about iOS but I know they've had it longer at least.

> Reset you phone’s Advertising ID

This one I personally was not aware of

> Don't use iOS and Android's FindMy or FindMyDevice features

What happens if I lose my phone though? I wonder what the numbers are on people who have successfully retrieved their phone using these compared to people who can see where their phones are but never got it back.

> consider using a trusted VPN provider.

I clicked on their link and just skipped straight to their "Advanced User" recommendation, because this is HN, and they recommend Mullvad. Curious to see what HN users think of that one.

https://gs.statcounter.com/os-version-market-share/android

https://source.android.com/devices/tech/config/tristate-perm...

https://mullvad.net/en/


I met one of the founders/owners of mullvad at CCC in Germany over 8 years ago. I gotta say, I've never met someone so happy to talk about how unbelievably paranoid they are about security and how much effort went into not only protecting the VPN endpoints themselves but the team's devices so they can't be used as a point of compromise. Wasn't a sales pitch, just a multi hour long discussion around privacy and tech that enables it.

I learnt a lot from that dude and have been using mullvad for years since since it's the only VPN provider I've ever personally met. Oh yeah, decent speeds etc as well :P


Can you share some of the things you learned? I'd be curious to hear about unusual measures they've taken, especially around team's devices.


Zero-trust infrastructure is what you're looking for.


Sounds like something they should blog about (if they don't already). It would make interesting reading


https://mullvad.net/en/blog/ They do indeed keep a fairly in depth blog about a wide range of technologies and topics.


> and they recommend Mullvad. Curious to see what HN users think of that one.

There is no signup information when creating an account, and one of the payment options is "cash in an envelope". Even if they're lying and do keep logs, it's as disconnected from your identity as I think is possible (assuming you do use that payment option instead of the others).

It's also what Mozilla VPN runs on.


one of the payment options is "cash in an envelope"

I was intrigued by this line in your post, and it turns out it's true. I'm not all that paranoid, but I kinda like that idea.

Also, right now there's a caveat about it:

"Cash payments are delayed due to corona

6 May 2020 NEWS

If sending cash is your preferred method for topping up your Mullvad VPN account, please plan ahead. The coronavirus is causing delays in postal delivery.

To avoid being stuck with no time on your account, send your payment well in advance. Mail coming from the US is taking four weeks longer than usual, and even post from countries in southern Europe and England are delayed."


> It's also what Mozilla VPN runs on.

Can anyone explain what the practical difference is between using Mozilla VPN and using Mullvad directly?


I recommended Mozilla VPN to my dad due to the clear simple Mozilla user interface, known (to him) and trusted brand, and accessible documentation and explainations. Other than that they use the same servers as far as I can tell.


> What happens if I lose my phone though?

If you are truly security paranoid, you write it off and get a new one. It will hopefully be secure enough that whoever got it won't be able to access it because they lack the passcodes, biometrics and bluetooth 2fa tokens you use to unlock it. If the cost of this scares you, perhaps the NSA/Mossad/whatever should not be in your threat model.


> What happens if I lose my phone though?

Years ago now, living in the US Virgin Islands, while drunk, I left the Ritz (great beach and bar) and requested that they get me a cab to my usual local bar that was stumbling distance to home. Upon arrival I realized I didn’t have my phone.

I’d left my laptop at the office, so I ran back there and used Find My iPhone. It was moving, so I assumed it was in the cab I’d been in. I locked it, added a display message, and used the office phone to call the Ritz and tell them... they called the cab company, and within 10 minutes the phone was back at the Ritz.

I’m positive that this was only because I’d used the cab company the Ritz contracts with and their drivers are terrified of losing a lucrative job, but it was a successful recovery in a territory not known for honesty.

Had I not had FMI enabled I probably wouldn’t have connected the dots, assumed I’d lost it on the beach, and lost my phone forever. As it was, I got my phone back and it only cost me an extra cab ride. I’ll never turn off FMI again, though.

Completely anecdotal, but my point is the system can actually work. At the very least I can lock the device and wipe its data.


Even when you turn off all that stuff, shit like iBeacon still makes you locally trackable. Try installing the apple store app for example, turning off everything and walking into a physical apple store, you'll still get an iBeacon induced notification on your phone from that app.

There is no way to turn off iBeacon tracking on iPhones.

At this point you need to walk around with a faraday cage evidence bag to not have your phone stop fucking transmitting & receiving radio waves.


Isn’t iBeacon a passive technology, though? I don’t think the beacons are listening for any incoming client connection, they just blindly broadcast their identifier (UUID+major+minor IDs). Unless you are assuming an app might store the beacon IDs and then report back via the Internet.


Yup, thats right!


I think the turning off FindMy one really depends on where you fall on the security-usability spectrum. For example if you want to truly harden your Mac there is a ton of steps you can take, but they get gradually more intrusive to the experience of actually using the system: https://github.com/drduh/macOS-Security-and-Privacy-Guide


I wonder what the numbers are on people who have successfully retrieved their phone using these compared to people who can see where their phones are but never got it back.

When my wife got her iPhone stolen in Rome, we were able to use the Find My Friends feature to watch it move across the country, and eventually end up in Tunisia. This was before you could remotely wipe an iPhone, so there was nothing I could do other than send angry text messages to whomever stole it.


> I clicked on their link and just skipped straight to their "Advanced User" recommendation, because this is HN, and they recommend Mullvad. Curious to see what HN users think of that one.

They're the best VPN provider, hands down. They offer the best privacy protections of any provider at a very reasonable price, and the service itself is excellent.


If you lose your phone, you lose your phone. I've personally done this before, but since I have a secondary low-end device for such contingiencies, it wasn't so much a problem. It does require some preparation, though.


The find your phone is nice, but not necessary. Especially the hassle of getting it back if it's been stolen. First - don't keep nudes on your phone. . .

Then just add your contacts and other files from your phone to a monthly/weekly (depending on your personal preference) backup schedule.

I have all of my home data set to backup automatically monthly. I just make sure my phone is plugged into my desktop the last Saturday of the month. Problem solved.


Mullvad is the only VPN provider I use and recommend.


I'm not sure I agree with turning off Find My iPhone. If it's turned off, you can't remote-erase your iPhone.


+1 for Mullvad.

It feels awesome to be validated.


>Also important to remember is that GPS is not the same as location services. Even if GPS and cellular data are unavailable, a mobile device calculates location using Wi-Fi and/or BT. Apps and websites can also use other sensor data (that does not require user permission) and web browser information to obtain or infer location information.

Wondering what kind of sensory data they meant here, I had a look at the citation[0]. If anyone else is curious:

>We describe PinMe, a novel user-location mechanism that exploits non-sensory/sensory data stored on the smartphone, e.g., the environment’s air pressure and device’s timezone, along with publicly-available auxiliary information, e.g., elevation maps, to estimate the user’s location when all location services, e.g., GPS, are turned off. Unlike previously- proposed attacks, PinMe neither requires any prior knowledge about the user nor a training dataset on specific routes. We demonstrate that PinMe can accurately estimate the user’s location during four activities (walking, traveling on a train, driving, and traveling on a plane).

[0] https://arxiv.org/abs/1802.01468


Microphones too. Signage and TVs etc can emit ultrasonic beacons your devices can hear, with applications like tracking your viewing habits and your location.

Ditto the proximity sensor: it's just a photocell and a simple room light could comprise a beacon. Flashing over, say 30hz would be invisible to us.


A lot of the cheap wifi security cameras already use sound to transmit data such as for pairing.

https://setup.smartlink.pitneybowes.com/advancedTroubleshoot...


We demonstrate that PinMe can accurately estimate the user’s location during four activities (walking, traveling on a train, driving, and traveling on a plane).

Wonder if they can track someone who is "lost in remote area without hope of being rescued."

Maybe if the phone is set on Survival Mode?


Even traveling on a plane has a transponder to piggy back on IIRC. Remote area implies a spotty network at best. The best that could be done is noting when and where contact with a network of some sort is lost or regained.


When you have a location you can also use the gyroscope to track where the device is going after the starting point.

Almost like a video stream. Once in a while a keyframe and a stream of changes in between.


Maybe also compass and step counting (accelerometer) data?


Thats the purpose of an IMU[0]. But even the best IMU have a limited amount of precision, and, has time goes by, these imprecision can accumulate to a very big margin of error in your location.

With the cheap IMU in phones, you very quickly reach the 100+ meter margin. That is why you usually combine it with other sources of localization to keep the margin down. If no other sources are available, the localization provided by the IMU become next to useless.

[0] https://en.wikipedia.org/wiki/Inertial_measurement_unit


The actual guide instead of a summary in a Wired article. https://media.defense.gov/2020/Aug/04/2002469874/-1/-1/0/CSI...


Isn’t it a bit ironic that the organisation most likely to be tracking you is giving tips on how not to be tracked?


The NSA invests heavily in its defensive role, providing guidance and awareness training both to the US privately and globally through open recommendations.

It doesn't matter. We've invested so heavily in offense that we can tell people how to defend themselves and we'll still own them.

Here's one of my favorite talks,

NSA TAO Chief on Disrupting Nation State Hackers

https://www.youtube.com/watch?v=bDJb8WOJYdA

This is the NSA Chief of Tailored Access Operations telling people how to defend themselves against the NSA (and other similar capabilities organizations), and it's all really valuable. None of it is fancy ML 0day detection or whatever, it's just about understanding your network better than an attacker can.


I suspect that the organization most likely to be tracking me, in particular, is a for-profit one rather than a governmental one.


They used to make a distribution of Linux called SELinux until Microsoft successfully lobbied the government to make them stop.

https://www.nsa.gov/what-we-do/research/selinux/

> The NSA, the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000.

https://en.wikipedia.org/wiki/Security-Enhanced_Linux


Not exactly a Linux distribution. It's a kernel security feature for mandatory access control - and it's reasonably good, if difficult to use.

Edit:

Found a source on the parent's claim.

https://linux.slashdot.org/story/02/08/19/1750212/did-ms-lob...


How about the NYTimes?

https://www.nytimes.com/2001/09/07/business/us-vs-microsoft-...

> Last year, Microsoft even hired Ralph Reed, the political consultant who was at the time a senior adviser to the Bush campaign. His job was to urge Mr. Bush to take a softer approach toward the company if elected president.

GWB dropped the antitrust case again Microsoft after elected to be the President of USA


The specific point that NSA halted SELinux development at Microsoft's behest (I had never heard of this) is more demanding of citations than Microsoft's general lobbying of the federal government (which they certainly did). There's no mention of NSA or SeLinux in that NYT article.


I only know SELinux because of how many times I've had to disable it in order to use root on android effectively.


The idea that Microsoft killed NSA work on SELinux is trivially disprovable. There are NSA developers active on the SELinux and Linux Kernel mailing lists... https://lkml.org/lkml/2020/8/5/727

And SE for Android was first proposed by a NSA employee in 2011, well after Microsoft's whinging https://selinuxproject.org/~jmorris/lss2011_slides/caseforse...


Was Microsoft nervous the government was going to legitimize Linux and lose out on selling the gov't Window licenses? Why would MS lobby to stop this?


Microsoft was worried that the tech sector would focus on Linux especially for TCO if Linux development was funded using public money. This was all explained years ago in marketing material from Microsoft.

> InfoWorld | OCT 27, 2004 3:00 PM PST

https://www.infoworld.com/article/2679783/ballmer--windows-t...


Does Microsoft receive money from the government for Windows licenses? Yes, then MS is funded using public money. You mustn't forget that whenever you point a finger, there are three more pointing back at you.


Sometimes when hackers break into a system or network, they will actually stop and PATCH the systems, to prevent others from using the same vulnerabilities or other vulnerabilities from compromising the device they now own.

Suffice to say, these attackers will already have ensured they maintain persistence even with closing their initial entry points.

Likewise, the NSA has many avenues to get into a device, or (more practically, when it concerns most of the public instead of specific users and devices they need access too) they use mechanisms that aren't affected.

As they've proven, they have a huge catalog of malware and similar, but that's for actual targets. People they already believe to be threats or targets, that they need to directly attack.

But for the majority of the public? The information will come from the companies themselves, not the user devices. Why would you spend thousands or millions on developing and maintaining an application you can put on everyone's devices, and may be removed, or even just disabled due to an upgrade (until you can patch it) when you can find and obtain data from a company that already has common apps on a device, across the public, and the public not only knows they are there, they WANT the app and will take steps to complain if access is rejected? And the companies will gather as much as they legally can (and sometimes more), put it into databases, sort it, categorize it, etc?

Why would you duplicate ALL of that, when you can just take the finished product, the sorted data that's stored, either legally and knowingly, or unknowingly from a company?

And you ensure that while you can maintain that access, either to the company or the device, you direct the users and company on how to protect themselves from random attacks, or other entities that want to target the users, often with automated software that hits the "low hanging fruit".


They're making the tips they're providing to the NSS/DoD publicly available. It's a basic training guide for government employees seemingly based on normal internet research, no reason to make it classified.


Isn’t the hint in their name?

I’m sure NSA has an important role in managing the cyber risks of US citizens, in addition to the offensive ops.


It's like in Rick and Morty episode where Scissorshand says "you can run but you can't hide" and the run ends with "since when we take advice from this guy"

https://www.youtube.com/watch?v=y5g7Z1qC7-k


Rick and morty is the best


Isn’t it a bit ironic that the organisation most likely to be tracking you is giving tips on how not to be tracked?*

"Most likely?" More than Facebook or Google or some other human profiling company?


All those companies are also supplying the NSA with anything they want to know


They truly do want government employees (and citizens) to be informed about security.

But let's be real, if you truly can evade them, you've probably already received a job offer.

Defense will always be harder than offense. The best you can do is make it extremely EXPENSIVE for an attacker. But can you outspend the NSA on your defense? (the answer is NO)

Not even Snowden thought it wise to reveal secrets related to ongoing operations. That would have been TOO expensive for him. We would not have known his name if he had done that.


Yeah, funny how the advice says nothing about the telcos. Best way not to be tracked is not to carry a mobile phone.


Best way not to be tracked is not to carry a mobile phone.

It's also surprisingly good for your mental state.

I broke my phone earlier this year, and when leaving the house to go shopping or whatever, it was absolutely liberating not to feel chained to a device. It was like a weight off my head and shoulders.

Now I'm back to carrying a phone because my wife requires it.


It's completely logical because they try to keep alarm levels lower.


Month ago I built my own android app that automatically switches on airplane mode whenever the display switches off (and vice versa). Made in 10 minutes with Tasker, it's even in the play store.

Since then I really enjoy life again without any notifications, it's just wonderful.


I just use the moderate power saving mode which disables network traffic of the background apps. Now my 2017 Samsung A3's battery lasts about 3.5 - 4.5 days / charge. If I need to be "urgently" contacted people can still call or SMS me but I don't want any realtime notifications from apps.


Which API did you use to do this? I looked into this a while ago but it looked like Android wasn't allowing programmatic access to airplane mode.


That sounds great! What's the app called, I'd like to install it.


Your phone? Ha!! Count the connected wireless devices in your home. Cellphones, Amazon Echo, garage door opener, fitness watch, Ring doorbell, cable tv boxes, tv's, computers, printers, tablets, digital pencils, modems, wifi APs, earpods, wireless speakers, cordless phones, ovens, fridges, door locks, light bulbs, automobiles, VR goggles, quadcopters... Are we there yet?


3y ago:

"Does disabling Wi-Fi prevent my Android phone from sending Wi-Fi frames?"

https://news.ycombinator.com/item?id=15141077


You all probably already knew this, but I recently discovered "airplane mode" does wonders for battery life. Then again, I'm from a generation old enough to feel no qualms about wandering about with no device whatsoever, so YMMV.


Airplane mode will always remind me of traveling with my trusty iPhone 4S or SE, whose batteries always struggled to get through a full day of maps, camera, messaging, and ad-hoc Google and Wikipedia. My workaround was to keep airplane mode on by default, using Google Maps offline data downloaded ahead of time off airport wifi, only occasionally "going loud" for a few seconds at a time to ration the 100 MB/day of roaming data that was cheap and convenient enough that I never bothered buying a local SIM card. The battery life difference was really dramatic.


Do recent phones actually honour the Airplane mode absolutely or do they still allow WiFi/BT to bypass it, or override the user and activate the mobile radio under exceptional conditions?


>do they still allow WiFi/BT to bypass it

AFAIK both android and ios disables wifi/bluetooth when you turn on airplane mode, but you can turn them back on without exiting airplane mode.

>override the user and activate the mobile radio under exceptional conditions

Not sure about this one, but to my knowledge there isn't any.


I do this at home, my phone has a WiFi Calling option, and our entire block is a near-zero cell signal area.

Airplane Mode + WiFi back on stops the battery loss from the phone hunting for a tower all day.


I've done research for forensics on this.

Airplane mode will disable all radios but will allow the user to enable WiFi and BT. Some older Androids will keep the Wifi and BT on if you're connected to something though :(


I'm interested in this too. Recently I downloaded a podcast locally and turned off cellular on my phone before going for a walk.

About halfway through my walk I looked at my phone screen and noticed that my phone was still showing cellular bars. It wouldn't communicate and the LTE symbol was gone, but the signal bars remained. Made me wonder what turning cellular off actually meant, was it still connected but data was off? Are the bars just a client side thing and no comms were going out? No idea.


I'm pretty sure the "cellular" button you were talking about was labeled and was for "cellular data".


The one I'm talking about is the green one here: https://www.howtogeek.com/wp-content/uploads/2020/02/control...

There is no label, it just looks like a cellular icon. When you press it it turns grey, indicating off like this: https://i.redd.it/76b0j4im36f41.jpg


Press and hold on that, and it'll expand to show the labels and two more buttons: https://support.apple.com/library/content/dam/edam/applecare...


Great, thanks. So I guess pressing the clearly designed cellular icon does not turn off cellular and the real action is hidden in a popup.

Very intuitive! /s Glad I wasn't doing it for a more serious reason (in which case I would have just left the phone at home, but still..).

edit: comment chain got too deep to reply to. But I think the fact that I failed to see a difference is clear evidence that the airplane mode icon is NOT an adequate indicator.

Airplane mode means turn off all wireless, everyone knows that much. But that isn't what I wanted, I still wanted bluetooth with nothing else and as such turned off the unwanted radios individually.

Airplane mode intuitively to me means just a quicker/easier way to toggle them in one swoop, not a completely different action that you can't accomplish with the individual buttons.


For most people, turning off all cellular functionality is a relatively uncommon action, and very strongly associated with the airplane mode icon. The presence of that airplane mode button serves as an adequate indicator that the cellular icon has a different function.


You might as well ask if the device honor the command to switch off or it says on a standby state.


I rarely use airplane mode outside of being on an airplane but I am always impressed with how much battery is saved in airplane mode even with continued use for a long flight.


There is the "low power mode" on iPhones which while not as effective, should also cut quite a bit of background activity and save battery.


VPN usage is problematic - my phone provider blocks the major VPN providers so I have to switch it off whenever I'm outside wifi range. About half the financial sites I visit consider VPN usage a threat and the response ranges from CapitalOne's extra authentication to Synchrony's lock out the account for 72 hours to Goldman Sach's refuse to load and ask you to call a toll free number (where the confused rep just says they block some vpns and has no real advice to offer).

There have been a number of cases where someone was a suspect in a crime because their phone was in the area. I'm thinking it might be better to keep the data service shut off all the time and just use wi-fi calling when I get to where I'm going. Phones don't work on the subway and are a distraction when driving, so maybe solve multiple problems that way.


I had the same problem some time ago (VPN providers blocked). I solved it using DNS over HTTPs


The only measure there is for the most of phones is to put them in a Faraday cage.


Did onion.com change their name?


Root and firewall?


Unless you're a spook, isn't it pointless? We're bound to make mistakes. Or just make it a bit more anon?


So, the world's most powerful surveillance agency gives me advice how to avoid surveillance? Thank you, I'll pass.


I always put my phone on airplane mode before going to bed. I just don't want the extra radiation while I sleep.


Correct me if I’m wrong, but isn’t the radiation from the WiFi and Cell towers in your bedroom regardless of whether your phone is on?


Between your handset and the base station, when your handset is active the vast majority of RF power going through you is from your own handset.

I'm not sure if it's still the majority on average when your handset is idling, but I suspect it still is on the whole. I also suspect when walking around a dense urban centre that the handsets of other people nearby (in combination) also provide more RF than the base station.

In locations where there is a poorer signal, personal RF exposure is likely to be higher, as the handset transmits at a higher power level to be "heard" by the base station far away.

Counter-intuitively, this means where people successfully campaign to remove a mobile mast in order to reduce RF exposure, people's RF exposure can actually increase in a halo region around where the mast was, though decrease closer to where the mast was.

For people who really want to reduce ambient mobile RF exposure, they need to campaign for all people in their neighbourhood to turn off their handsets (and for the remaining people who don't to not use all the freed up bandwidth). That's a tough thing to achieve though.


His phone doesn't answer, so I'd think there would at least be less radiation.


Indeed, the thing trying to reach a 2km distant tower 50cm from your head is a bit more powerful than the signal coming from 2km away trying to reach your phone.


Your comment seems intuitively entirely backwards. You think the tiny battery powered device in your bedroom is producing more EMF than the hundred foot tower hardwired to the grid actively sending the same exact type of data to thousands of devices in every direction beyond every wall that surrounds you?


Absolutely.

If you're asking about ability then yes: a grid-connected tower will both be able to produce stronger radio waves and last much longer (indefinitely versus some battery), but that's not legal, not what they do in practice, and wouldn't make sense: if the tower is so much stronger, then only your phone would be able to receive the tower. The tower wouldn't hear your phone's reply if the phone were significantly weaker. Since both generally want the maximum possible range, they'll transmit as much as regulations allow. A tower might have bigger and more sensitive antennae, but not so much that the transmissions are significantly different in power output. Both are safe to be nearby, but in case of long phone calls with the cell phone at your literal ear, your brain does heat up a measurable amount (if you have the right equipment), or so I've heard.

To confirm this "both sides need to be roughly equally strong to hear each other" story, do a 30 seconds search online, or for a practical example you could look at the dBm (decibel-milliwatt) values your WiFi devices' output (the access point versus the stations; it's not the same as cellular but in the case of WiFi both are under your control so you might be able to observe both values).


If your phone is transmitting, it is emitting radiation. If I am wrong, please explain.


Me too. I also wear a tinfoil hat and bubble wrap pajamas.


Well that’s sorta uncalled for. When at home I always have airplane mode on. Battery use and radiation reduced. WiFi calling works perfectly on T-Mobile/Mint Mobile


I'm not sure there's any science to back up the vague "radiation" concern. Unless you live in the middle of nowhere, you are awash in EM radiation. I don't think there's any reason to believe that turning off the cellular antenna on your phone while being bathed in all manner of other RF signals is likely to have any heath effects whatsoever.


It would really depend on the specifics. I was somewhat surprised to learn that my girlfriend sleeps with her phone under her pillow. That's pretty close to your head, for a fairly large portion of each day. That said, I was more concerned about battery malfunctions / fires.

EDIT> Inverse square law. Presumably those other emitters aren't right by your head.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: