[caymanjim]

It's not paranoia when it's true. While most people value the convenience of conventional phones calls and default messaging applications over true privacy, those who prefer privacy aren't being paranoid. Companies are monitoring communication to increase ad revenue; government are monitoring communication to catch criminals, enable industrial espionage, and suppress dissent. It's only paranoia if it's delusional. We know that we're being spied on, even if we're not being individually targeted. Even democracies that supposedly value freedom engage in widespread surveillance in direct violation of their own laws.

I'm in the camp of pragmatic resistance to surveillance. I use browser plugins to block ads and cookies where it doesn't get in the way of reaching the content I want; I use Signal for messaging even though almost none of my recipients do; I disable location services except for things like Maps that actually need to know where I am; I turn off all the spyware I know about that's built into operating systems; etc. I'm not a tin-foil-hat-wearer; I'm not doing anything illegal that I need to hide; I'm just trying to push back in a small way against the erosion of privacy and rights that permeates everything electronic.

But the parent isn't paranoid. They really are watching. And we shouldn't be so complacent.

[gjsman-1000]

Yes, but if you are that paranoid and worried about it, the fact remains you should not carry an electronic device.

This person is so paranoid, that they believe that a cyberweapon developed by a private company in Israel that uses previously-unknown bugs in the most sandboxed messaging system you can get on a phone are going to be deployed against them, so they should not use the calling, texting, or any other "phone-like" functionalities of a phone.

They then distrust that the End to End Encryption is in-fact End to End, and then think that using Signal or something is more secure, when if a bug in a system more sandboxed than Signal was found (iMessage, which has BlastDoor which Signal does not have), it is more than likely that Signal has it's own zero-days in it, so you shouldn't be using that either.

That's paranoid, and if you are that paranoid (which, maybe you have a reason to be), your solution isn't well thought-through. You shouldn't be using a phone if you can help it.

[fsflover]

You could carry a device with kill switches and only turn them on when you need a connection. See: Librem 5 and Pinephone.

[sneak]

> I disable location services except for things like Maps that actually need to know where I am

Fun fact: having systemwide location services on, even if you don't enable it for any apps, means that your location is sent in realtime to Apple/Google at all times (via Wi-Fi triangulation data). It's not just passive GPS reception.

If you want actual location privacy, you'll want to leave location services off systemwide on your smartphone, and consider getting an offline GPS receiver device. Good car satnav devices from China are like $60 now, and include continent-wide maps, though you lose realtime traffic info, being offline.

[commoner]

There is a way around this. If you use an Android distribution with UnifiedNlp (part of microG) and without Google Play Services, you can install only the location providers that you want to use for Wi-Fi and cell tower triangulation. Google would not be monitoring your location queries. Provider options include:

- OpenCellID (offline): https://f-droid.org/en/packages/org.gfd.gsmlocation/

- Radiocells.org (optionally offline): https://f-droid.org/en/packages/org.openbmap.unifiedNlp/

- Déjà Vu (offline cache using Wi-Fi and cellular data): https://f-droid.org/en/packages/org.fitchfamily.android.deja...

- Mozilla Location Services (online): https://f-droid.org/en/packages/org.microg.nlp.backend.ichna...

UnifiedNlp is preinstalled on Android distributions that include microG. CalyxOS is the only one of these that supports relocking the bootloader with the developers' key:

https://calyxos.org

[caymanjim]

This falls under "close enough" for me. Even with systemwide location off, cell providers and your ISP still know where you are; there's simply no way to stop them from knowing. If I fire up an app and Android gives me a popup saying it won't work with location off, then at least I know which apps are asking for it, and can enable the very few that I want to share that with because I get something out of it (like navigation).