| We have at least five different kinds of problems with mobile device privacy here: - Apps that intentionally identify you and your location to somebody (like apps that have permission to use location services, supposedly for some user benefit, and tell the app developer that location) - Apps that intentionally reveal your presence in a physical location to other devices nearby - Apps that unintentionally identify you to a network operator or wiretapper (because of unencrypted unique identifiers like cookies) - Aggregate device profiling because of a unique combination of observable behaviors (e.g., this person has this OS version and this combination of apps) - Observability of hardware and subscriber identifiers in the RF protocols All of these are bad for privacy, but the way of fixing them is different. Tor helps a lot with the third one. To deal with the others, apart from somehow getting that software not to exist or not to be installed on people's devices, it could be sufficient to make some of the software not communicate on the network at certain times or in certain ways, like if the OS could say "maintain radio silence, except for Tor-aware apps". For the device RF identifiers, we need the ability to change those identifiers, which is kind of sort of there for wifi on some devices (except there was just a paper showing it often doesn't succeed in protecting you), and not there at all for mobile network interfaces. |