1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
tags: Privacy/security, GNUtoo
licenses: CC-BY-3.0 OR CC-BY-4.0
date: 2011-04-27T10:35:55+00:00
title: Replicant lacks tracking antifeatures
authors: GNUtoo
---
Recently there was a lot of hype about mobile operating systems spying the
users: [Apple iOS][1], [Palm WebOS][2], [Google Android][3].
Since Replicant is based on Android someone could be concerned about our
operating system too.
According to [Magnus Eriksson on github][3]:
> The files are named `cache.cell` & `cache.wifi` and is located in
> `/data/data/com.google.android.location/files` on the Android device.
**Well we are proud to confirm that on Replicant (tested both on htc dream and
nexus one) those files are missing** , even with `"Settings -> Location &
Security -> Use wireless networks" enabled.`
The directory that should contain those files(
/data/data/com.google.android.location/files ) doesn't even exist in
Replicant.
But beware: even if Replicant itself doesn't track its users' position, this
doesn't mean that the phone can't spy on you.
A smartphone usually has two components that talk to each other: a cpu and a
modem. If the modem gets a call, it tells the CPU about it and viceversa for
outbound calls, the CPU will order the modem to make a call (if you are
curious about how it works there is a [paper about how mobile phones
work][4]).
The modem and the CPU running Replicant are separated, and while we are trying
to do our best to ship a fully free mobile os, the code running on the modem
is proprietary software and **can't be changed**. Since we don't know what it
does, we have no way to be sure that it doesn't spy.
Also note that on the HTC Dream and the nexus one mobile phones, GPS and audio
parts are controlled by the modem.
[The cellphone network can also spy][5], in fact in order to work it has to
know your location.
This is just to remind you that **every mobile phone is a tracking device**
and if you don't want to be spied at all you should not use one.
So why do people invest time on Replicant?
Here are some reasons:
* The modem or the network has no access to the CPU where replicant is
running. That opens up some possibilities such as [VPN][6],
[TOR][7],[SSH][8], etc…
* If mobile phones become the computers of the future we want to run [free
software][9] on them.
Edit: I learned that the Modem's CPU has access to the memory(the RAM chips)
of the CPU running replicant, in other words the modem CPU can spy replicant's
CPU.
That will force us to port replicant to some devices that don't have this
problem, such as the nokia n900 for instance.
[1]: <http://www.guardian.co.uk/technology/2011/apr/20/iphone-tracking-prompts-privacy-fears> (IOS(iphone/ipad OS) spying its users)
[2]: <http://laforge.gnumonks.org/weblog/2009/10/14/#20091014-palm_pre-privacy> (Palm doing the same)
[3]: <https://github.com/packetlss/android-locdump>
[4]: <http://laforge.gnumonks.org/papers/gsm_phone-anatomy-latest.pdf>
[5]: <http://en.wikipedia.org/wiki/Mobile_phone_tracking#Network-based>
[6]: <http://en.wikipedia.org/wiki/Openvpn>
[7]: <http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29>
[8]: <http://en.wikipedia.org/wiki/Openssh>
[9]: <http://www.gnu.org/philosophy/free-sw.html>
|
