[nSLUG] Facebook, Google - Why avoid and what else to use?

Joel Maxuel j.maxuel at gmail.com
Tue Apr 23 08:37:46 ADT 2019


With the discussion forked (side thread on dongles), not sure where I
should squat (my addition is regarding cellular hardware and the services
around it).

There was a remark about the division between phone hardware and carrier
subscription, that the two are not tied together with "newer" equipment
(instead a SIM card bridges that gap, allowing to move your subscription
between devices).  There are a few caveats/considerations to that:

* The GSM standard (what provides the use of the SIM card), has been around
since 1978, with a new "generation" of the standard approximately every 10
years (5G is just starting to get rolled out).
* The major competitor, particularly in North America, has been CDMA (which
maintains subscriber data to the phone), and has similar speed refreshes.
* Having a GSM phone - which is very likely, unless you have a
(namely/for-example) Bell monstrosity pushing eight years or more - far
from guarantees you can pop a SIM from another carrier into your phone and
expect it to work.  Phones supplied by the carrier are often locked to the
carrier (recent rules allow you to get the unlock code for free as long as
your account is in good standing), and carriers (particularly in different
countries) use different network "bands" (e.g. a common band pair for
Canadian carriers is 3G/"HSPA" frequencies 950MHz and 1900Mhz) - GSMArena
is a good web resource to determine the capabilities of your phone.
* Future GSM products (may have been spotted in the latest iPhone by now)
do not have a SIM card (which has seen three or four different sizes,
depending on if the largest one - the size of a credit card - is still
recognized) at all, rather a programmable "eSIM", complicating matters
further.

5G has not been deployed yet, and there are dozens of vulnerabilities
affecting it (and 4G LTE):
https://www.zdnet.com/article/researchers-find-36-new-security-flaws-in-lte-protocol/


Separately, even 3G is not immune to recent revelations (this one has the
ability for someone to collect metadata - call time; duration; et cetera -
though apparently not the actual content/conversation):
https://www.zdnet.com/article/new-security-flaw-impacts-5g-4g-and-3g-telephony-protocols/


Personally, I have rolled my phone settings back to 3G in part because of
what is happening with LTE (4G/5G).

I also rarely use the manufacturers operating system on the phone.  There
are aftermarket firmware providers for specific devices (I maintain one for
the Motorola G5) that will replace the manufacturers firmware with a
"custom" one (LineageOS, CarbonROM are a couple examples of aftermarket
providers).  This process isn't for the faint of heart, and in some cases
(Motorola) it is difficult (or impossible) to come back to a manufacturer
state fully if you don't like the experience.  It's still Android in the
end, it is just closer to the core code base known as AOSP (Android Open
Source Project).

An advantage for custom however (other than the pattern of security updates
or upgrades beyond what the manufacturer will ever provide) is that the
installation of Google services is optional (as it turns out, to have them
is an added install step).  I stay without and have experienced better
battery life and reduced network usage because of it.

Personally, I don't see the point in separating phone functionality by
having two objects (feature/"dumb" phone and hotspot stick), over one
(smartphone) as feature phones are harder to come by with the required
network requirements (Rogers may be the only provider left to do 2G), and
the two object will reveal as much about yourself as the one.  Modularity
would have been a reasonable argument, except there is a very good chance
the radios between the two do the same things anyway (too much functional
overlap).

Cannot think of much more on the subject except (further off-topic) for the
market pushing for user-replaceable batteries once more.  Apple has proved
in recent years the importance of a reasonably functional battery in a
phone, yet will not make it easy to replace (instead have costly - to their
bottom line - replacement programs when their old batteries meant stability
or performance issues).  Too many OEMs followed suit with Apple, and there
are only a small handful of devices in recent years that make it easy: LG
G5 (2016), Moto G5 (2017), Samsung J3 (2018) - for example.  If the user
base cared more about this (and be vocal about it) instead of blindly
accepting the opinions of reviewers who may only use a device for two
weeks, we may have a good start for actual longevity in the phone market
again.

--
Cheers,
Joel Maxuel

"One should strive to achieve, not sit in bitter regret."
 - Ronan Harris / Mark Jackson


On Mon, Apr 22, 2019 at 10:07 PM Robert McKay <robert at mckay.com> wrote:

> On 2019-04-22 13:32, mspencer at tallships.ca wrote:
> >> However, Mike re: what you wrote about necessity of a phone:
> >>
> >> Another line of thought here; you could keep your privacy by
> >> purchasing a cheapo non-smart phone as well as a simple cellular usb
> >> stick modem.
>
> Not really.. both the non smart phone and usb dongle can be localised /
> triangulated by the cell network. US networks recently got into trouble
> selling this location data to bail bondsman. Your phone number will
> still be uploaded to Facebook/LinkedIn etc by anyone you've ever given
> it too, also linking you to them in the social graph. Moving into 5g the
> networks may even be able to track you when not carrying any phone at
> all.. basically synthetic aperture radar / real-time remote imaging or
> imagine a city inside a giant airport scanner. Combined with machine
> learning it will likely be possible to recognize people as they walk
> around and maybe even inside buildings. In any case it's trivial if
> they're carrying a phone - which almost everyone now does.. maybe it
> would seem suspicious if someone is walking around without one and merit
> extra scrutiny.. or if it becomes really unusual a wealfare visit by the
> nearest squad car. Particularly if they were walking erratically or
> carrying a weapon.
>
> > Does the "stick modem" to which you refer just allow you to do dialup
> > over the cellular link?
>
> Not anymore.. back in the late 90s that's how it worked and I think it
> lasted into the early 2010s (so into the era of usb dongles), but it
> worked by having modem banks at the cellco (it was a straight data
> connection from the phone/dongle to the cellco) and these modem banks
> have been decommissioned on most networks.
>
> >  Or does it behave like a wifi hotspot,
> > getting you an IP address via DHCP?
>
> Most dongles support a legacy mode where it acts a lot like a
> traditional modem with AT commands, except the only number you can dial
> is *99# which will connect you to a PPP session.. however this mode
> can't really take advantage of the >100mbps speeds of a modern 4g
> network, so they also support qmi or mbim which is usually presented as
> an Ethernet interface often with a DHCP server, although the qmi
> protocol can also configure the interface.
>
> -Rob
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/mailman/listinfo/nslug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/pipermail/nslug/attachments/20190423/25129299/attachment.html>


More information about the nSLUG mailing list