diff options
Diffstat (limited to 'posts/2011_04_replicant-lacks-tracking-antifeatures.md')
| -rw-r--r-- | posts/2011_04_replicant-lacks-tracking-antifeatures.md | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/posts/2011_04_replicant-lacks-tracking-antifeatures.md b/posts/2011_04_replicant-lacks-tracking-antifeatures.md new file mode 100644 index 0000000..0cc1bdb --- /dev/null +++ b/posts/2011_04_replicant-lacks-tracking-antifeatures.md @@ -0,0 +1,85 @@ +date: 2011-04-27T10:35:55+00:00 +title: Replicant lacks tracking antifeatures +authors: GNUtoo +tags: Privacy/security, GNUtoo +licenses: CC-BY-3.0 OR CC-BY-4.0 +--- +Recently there was a lot of hype about mobile operating systems spying the +users: [Apple iOS][1], [Palm WebOS][2], [Google Android][3]. + +Since Replicant is based on Android someone could be concerned about our +operating system too. + +According to [Magnus Eriksson on github][3]: + +> The files are named `cache.cell` & `cache.wifi` and is located in +> `/data/data/com.google.android.location/files` on the Android device. + +**Well we are proud to confirm that on Replicant (tested both on htc dream and +nexus one) those files are missing** , even with `"Settings -> Location & +Security -> Use wireless networks" enabled.` + +The directory that should contain those files( +/data/data/com.google.android.location/files ) doesn't even exist in +Replicant. + +But beware: even if Replicant itself doesn't track its users' position, this +doesn't mean that the phone can't spy on you. + +A smartphone usually has two components that talk to each other: a cpu and a +modem. If the modem gets a call, it tells the CPU about it and viceversa for +outbound calls, the CPU will order the modem to make a call (if you are +curious about how it works there is a [paper about how mobile phones +work][4]). + +The modem and the CPU running Replicant are separated, and while we are trying +to do our best to ship a fully free mobile os, the code running on the modem +is proprietary software and **can't be changed**. Since we don't know what it +does, we have no way to be sure that it doesn't spy. + +Also note that on the HTC Dream and the nexus one mobile phones, GPS and audio +parts are controlled by the modem. + +[The cellphone network can also spy][5], in fact in order to work it has to +know your location. + +This is just to remind you that **every mobile phone is a tracking device** +and if you don't want to be spied at all you should not use one. + +So why do people invest time on Replicant? + +Here are some reasons: + +* The modem or the network has no access to the CPU where replicant is + running. That opens up some possibilities such as [VPN][6], + [TOR][7],[SSH][8], etc... + +* If mobile phones become the computers of the future we want to run [free + software][9] on them. + +Edit: I learned that the Modem's CPU has access to the memory(the RAM chips) +of the CPU running replicant, in other words the modem CPU can spy replicant's +CPU. + +That will force us to port replicant to some devices that don't have this +problem, such as the nokia n900 for instance. + + [1]: <http://www.guardian.co.uk/technology/2011/apr/20/iphone-tracking-prompts-privacy-fears> (IOS(iphone/ipad OS) spying its users) + + [2]: <http://laforge.gnumonks.org/weblog/2009/10/14/#20091014-palm_pre-privacy> (Palm doing the same) + + [3]: <https://github.com/packetlss/android-locdump> + + [4]: <http://laforge.gnumonks.org/papers/gsm_phone-anatomy-latest.pdf> + + [5]: <http://en.wikipedia.org/wiki/Mobile_phone_tracking#Network-based> + + [6]: <http://en.wikipedia.org/wiki/Openvpn> + + [7]: <http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29> + + [8]: <http://en.wikipedia.org/wiki/Openssh> + + [9]: <http://www.gnu.org/philosophy/free-sw.html> + + |