One of the questions I am getting asked a lot is: "what cellphone can I use and still be private? I could use Apple, right?"
In an Orwellian world, the best you can do is not using a cellphone at all. No kidding, you're basically bringing an ankle monitor along with you wherever you go. Apple and Google tracking you, every step of your way. But if that wasn't bad enough, they're then sharing and selling your data.
Of course, we have seen the recent advertisement for Apple's new iOS promising not to do so and heard the stories about how private they now are and admittedly iOS 14.5 and onwards has done a lot right.
Watch this video, it sums it up:
However, in reality, Apple is making sure it's building and improving its eco and ad-system. Do not believe for a moment Apple has become the holy grail when it comes to privacy. The problem with Apple is a closed-source ecosystem. You can’t install apps that are not Apple approved and you need to accept every decision Apple makes to secure your phone.
Whilst 'out of the box' Apple is probably better than most other vendors, once you look deeper and try to make things safer, using more open-source products you realize fast how limited you are within Apple's ecosystem. Yes, you can use DNS, and can even use an AdGuard with DNS combo, and even some VPNs are working with a combination of both, however, AdGuard doesn’t come with a firewall like it does on Android.
Apple has also been outed by Edward Snowden as a PRISM partner of the NSA. Okay, so some time has passed, but as we know it is a closed garden and with Apple's new M1 chip, which is incredible fast and frankly amazing, yet you have another closed-source hardware.which, just as with the Intel ME/AMT disasters, can be built in from the ground up. I am not saying that the M1 chip has a backdoor, but keep in mind we can't verify anything until someone discovers something ;) or they open up the garden to the public!
In fact, even though the chip is only around for a short while, some experts have already found an 'unfixable' flaw. Nothing to worry about yet but perhaps more to come.
It's maybe worth reading up on some other articles that DT has done on Apple, if you\re interested.
But not everything is entirely negative when it comes to Apple.
And keeep in mind that we just covered Apple again in another EXPOSED! piece, as part of our 'Orwell's Blueprint mini-series.series
So what are your alternatives?
FairPhone, the world's most sustainable smartphone, is pretty good when it comes to privacy 'out of the box'. No known spyware installed and no telemetry. FairPhone is open-source, which gets them one of the top spots. With e/foundation and LineageOS you can also install ungoogled Android versions. Linux versions are already popping up around FairPhone, and it is considered one o the top choices when it comes to today's list.
Asus has an almost stock Android version and apart from Google, we don't find much to worry about on the phone itself.
Sony also has a pretty much stock Android experience, and it's the same for Google, so you don't need to worry too much.
Motorola has an almost stock Android experience, not much bloatware and all you need to worry about is Google.
LG is out of the Cellphone business, but had an almost stock experience.
Nokia (is that still a thing?) has been caught with some shady things in the past.
They collected some telemetary and sent it to China.
Xiaomi has been cleared lately by the USA of not being a spy agency for the Chinese Government, yet it has a lot of telemetry in it which is an absolute privacy disaster. Xiaomi also tracks in incognito mode, which is not what you expect when using that feature!
OnePlus is known for its cheaper line cellphones. The company collects and sends some telemetary.
Oppo also collects some telemetary, but overall has some decent setups. The OS is not bloated with too many useless apps.
Vivo is also running some telemetary in the background but a decent setup otherwise.
Realme, is a decent phone, I never used one to be honest, but didn’t find anything negative when it comes to spyware.
Huawei, yes! Known as the monster from China that eats your soul and sells it to the devil (Chinese government). However, I written in the past about a little love story I had with Huawei, and until today I cannot confirm the evidence (which was never provided by the USA) against Huawei. Futuremore, Huawei devices come DeGoogled! This means you need to worry less about Google and its data kraken than with most other brands 'out of the box\.
I, for one, believe Huawei is one of the better phones, regardless of what that earns me on social media by admitting this.
We have covered Huawei before in EXPOSED!
Even though the article is not 'fresh off the press' I used a Huawei Phone in the past and had a Cinderella story to share
Samsung, one of the flagship manufacturers, and we covered the dark side of the Galaxy in the past.
Samsung is known for a lot of shady stuff, but we believe, just like any other Android brand, it can be transformed into a really decent phone. With RethinkDNS, fire-walled off all apps you don’t really need, a decent amount of ADB tweaking, and you can make Samsung a decent daily drive when it comes to privacy.
Google's own product. They claims a lot, including the Titan M chip which is, on paper, pretty impressive when it comes to security. However, as with the M1 chip, it is just a black box, and we need to take Google's word for it!
Where the Pixel phones shine is on the software side. It comes as stock as Google makes it and gets updates fast.
Even better, you can install CalyxOS which is much better than Google's Android with security and privacy in mind. CalyxOS comes with a built-in firewall and has everything Google removed. Yet with MicroG as a pre-selection you gan even have push notifications and apps with Google services working.
If you want even more privacy you can go to GrapheneOS which is second to none when it comes to hardening Android, and have a private setup. If you are up for an Android Phone and want maximum privacy you'll probably get it on a Pixel with GrapheneOS as your best bet - which just leaves the chip from Google to worry about!
Kirin (Huawei), M1 (Apple), the Titan M (Google), and of course Intel ME are all impressive chipsets as are Snapdragon and all the others listed today.
However, no one knows what is going on inside these chipsets. Can you trust Apple, can you trust Google? Of course not! It’s an ankle monitor, and I highly recommend not having your phone around all day. You will never have full privacy with a cellphone around. But in today’s guide at least we've given you some ideas on what to do.
There is a great DeBloating solution which does most of the job right on almost every phone manufacturer listed here.
I, personally, remove also Google Services and Google Framework on my devices. However, some devices can have a boot-loop when doing so. So try to check if that happens, and remember you can always master reset the device.
The biggest advice I can give you and this makes life for every user pretty simple, is that unlike on iOS you can actually use a firewall which can lock down the entire phone.
NetGuard and AdGuard come to mind. Both can block access to every single app, including system apps, close access to everything and only open the apps which make sense. This would include your messaging apps. Do not use the Google Playstore but F-Droid apps. Lock all Google services out of your internet connection, and you are one step ahead of the enemy.
An app I strongly recommend and use now as my firewall is RethinkDNS which combines a firewall, DNS and even blocks IPs. It takes the VPN spot just like NetGuard and AdGuard. All three allow tunneling apps via Tor (Orbit) so you can have one more layer of privacy built in. The beauty of RethinkDNS is not just that it's simple, but that they're already planning for the integration of Wireguard into the setup.
One device blocklist can be configured and downloaded as well so if you use any of the three firewalls and the right blocklists, including NoGoogle, you can block Samsung, Huawei and the likes and you can have a great cellphone with a lot more privacy than you would get on an iOS device. Again, iOS is great by itself and some features released are step in the right direction.
The point today is that you can, after all, have a phone that spys on you less, as long you remember that a cellphone will never be 100% private.
Stay safe, treat your Phone less as a friend, and consider to lock down via a firewall everything you don’t need! Allow access to Signal, Threema, SchildiChat, the daily apps you use permanently. And lock down everything else, or do you really believe that your calculator, your camera and your gallery need internet access?