|
|
|
|
|
|
by gruez
2367 days ago
|
|
|
>GPS matters because it's important that the phone doesn't know where it is. I mean, if it doesn't know where it is, there's no need to worry that adversaries will access the information. So your threat model is that you can't trust the device itself? If that's your threat model, you'd probably need a phone with hardware kill switches. Also, if you can't trust the device itself, why would you be carrying the device around? What would you use it for? >No, but it generates location information that could leak. And if the phone uses WiFi to supplement GPS, it necessarily communicates with some remote server. On android you can explicitly disable that ("device only" in location settings). There's no such option on ios, although you could still disable wifi/bluetooth and still have working gps. |
|
|
Yes. I don't trust a phone OS where I lack root privileges. And I entirely don't trust the baseband.
> If that's your threat model, you'd probably need a phone with hardware kill switches.
Yes. Or with disabled GPS, baseband and WiFi. And with Internet connectivity via external WiFi router, or cellular modem/router.
> Also, if you can't trust the device itself, why would you be carrying the device around? What would you use it for?
I'd use it as a phone. Albeit just using VoIP.
And if I had all the iffy stuff in a separate device, connected via USB, I could trust the phone as much as I trust the host machine I'm using now.
I mean, I'm working in a Debian VM that hits the Internet through a nested VPN chain. And the Debian host has no access to GPS or WiFi. So I'd want to replicate that on a phone.