It should be possible to protect oneself. It is extremely difficult only because there are basically only two options if you want to have a smartphone: either iOS or Android. The immense power of nation-state adversaries is focused on just two targets.
And there are are no commercial off-the-shelf security solutions that can “protect” you. You have to do your own security. This is why Snowden had to painstakingly teach the journalists on how to use GPG to receive his cache. No other way would be trustful enough.
Though I'm not sure it's even worth trying to bring up in the opinion filled noise of these threads, there is no way to secure current generation mobile devices sufficiently to withstand nation-state attackers. Full stop.
The processors, basebands, MMUs, all of them lack the tools necessary to create a chain of trust with also sufficient isolation at the application level to run normal applications. When everyone is saying "of course the FBI could get into the terrorist cellphone, just take it to TAO," this same thing applies to Blackberries and Android phones when applied by opposite numbers in China or Russia.
It is not possible to secure a mobile device from a nation-state attacker due (at least) to gaps in the hardware capabilities
We all have had, but in the past. it isn't feasible now.
I mean, you can buy "safe" smartphone, but first you can't prove beyond reasonable doubt that it is actually safe and private, and second, you attract more attention because the same phones are being bough by the criminals.
As others have alluded, the attack surface on a smartphone is too large to ever be secure against sophisticated and wealthy adversaries. The regimes most inclined to spy are the same ones who spend the most on point-and-shoot exploits to own your phone.
Best answer from a US perspective is Michael Bazzell's work, with product specific to mobile phones having just been released: https://inteltechniques.com/book7a.html
I really don't get the security model for smartphones. It seems horribly brittle. I mean, the fundamental protection is using apps from trusted sources, basically Google or Apple. Anything not trusted can't install, unless you've rooted the phone. And so old-school Windows-style malware is blocked.
However, when trusted apps are installed, they often demand all sorts of privileged access. And if they're malicious, there's no way to protect against them. Except that they get reported to Google/Apple and become unavailable. But that doesn't help people who already got pwned.
You're missing the point. When OP says "How do I protect myself against this, if I am an Android user?" it's clear that the more relevant point is meant to be "if I am not an iPhone user".
He won't be participating in the network, but he's also unable to be warned of being tracked which does seem unfortunate.
Technically capable person can easily protect himself. It's not that hard. At least from ordinary threats. Use dedicated firewall device, use software firewalls, periodically check out running services.
Issue is with rest 99.9% of people who will share whatever you say, because their phone happened to be nearby and you can't really do anything about it.
I agree with you in theory, but in practice half the population are never going to become security experts and it's impractical to force them to learn through necessity. If a hacker can get root on your smartphone, they can probably get access to your bank account (and the 2FA), your email, your private/intimate photos, your medical issues, your sexual secrets, and so on. A smartphone is far higher stakes than anything else which has come before it.
To be clear, I think our right to have a smartphone we control is an absolute. It's extremely important. I would march on the street to protect that right. But I'm equally protective of my right to have a smartphone I cannot control no matter what button I press. I'm glad for devices like the iPhone where the manufacturer works damn hard to make sure that it's always under the manufacturer's control.
Of the smartphone OSes and hardware currently available, only RIM has what I'd consider good security, and Apple iOS is pretty good. Android and WP7.5 have basically no hardware-based protection, and given the UI/UX of the phone, it's unreasonable for people to use passphrases resistant to offline brute force attacks -- all the work factor stuff with scrypt/bcrypt/etc. doesn't apply when you have a huge asymmetry between normal use hardware (slow, cheap, low power phone) and attacker (general purpose CPU attached to the wall).
It’s not so much that you as a HN user and presumably very computer literate person can protect your own device. It’s more about others who are not like you, and what an evil version of you can install on their devices while tricking them to think there is no problem.
If the phone owner is not knowledgeable about the dangers, they should not be required to become a security expert and download special apps in order to deserve protection from those who would install privacy invading apps on their devices.
The only secure option is using an external WiFi or cellular data router for Internet connectivity. The router can of course be geolocated. And adversaries may gain some access. But it should be possible to prevent access through it to the phone. That is, it's a firewall.
Then do end-to-end encrypted Internet stuff, messaging and VoIP. And by using some mix of VPNs and Tor, adversaries won't even see most metadata. Except for communication timing, of course.
Edit: But this still doesn't protect from some third party with root rights on the phone. For Android, the Copperhead OS might be enough. But I don't know enough to know. And for iOS, I suspect that you're stuck trusting Apple.
Anyone with physical access and lots of money to pay for a bespoke exploit (assuming you're using a phone where that's possible), sure they have can have access if they're willing to put in the time and considerable money it would take.
If you're ok with the risk posture of not locking your phone that's your decision, but you're quite wrong about the level of access granted merely by possession of a modern smartphone.
So no one really is safe. Android users have to contend with secret keyloggers, RIM, Nokia and Apple have secret backdoors, and from what I've heard even the fabled "security" of BlackBerry messenger is just a global cypher, it's not even an encryption...
When will be masters of our own devices? When everythign is fully open source and free?
Respectfully, can you have meaningful privacy with a (mainstream) smartphone? How? On a desktop you could tor everything I guess, but on an android/iOS device, everything down to the keyboard is compromised by design...
So it's impossible for that mechanism to be insecure? There is a 0% chance it could be exploited to load software onto my phone? There is a 0% border guards at a country won't make me install an app to come into the country? I can understand you valuing tradeoffs different from me but not acknowledging that there is any risk (when it's already shown to be a risk on android) just comes off as zealotry or bad faith
There’s only so far you can go with this. Few people will go for a libre phone, for example. Even as a tech-literate person, current state of PinePhone and LibrePhone just doesn’t enable me to rely on either as a daily driver.
Also, you might protect yourself like this, but what about people you message and share data with? Gmail sees the emails of its own users and their conversations.
Injecting sanity into things like Apple’s CSAM scanning matters to everyone.
I never cease to be surprised by the low security of protecting phones and smart gadgets, which are positioned by developers as the most reliable product protected from hacking. Apple has long lost its trust. Smartphones with support for Google services are out of the question at all. I think that most of us understand that today we are an ordinary consumable material and are very cheap, as information, as a consumer of advertising. I even installed https://ajax.systems/, I still think that everyone wants to cash in on us.
I can't disagree with your point of view; I merely point out that a world where everyone who wants a secure smartphone needs to own their own smartphone factory isn't a very practical world.
And there are are no commercial off-the-shelf security solutions that can “protect” you. You have to do your own security. This is why Snowden had to painstakingly teach the journalists on how to use GPG to receive his cache. No other way would be trustful enough.
reply