## Smartphone -- ## Less control Compared to a computer, it's more complicated: - to replace the operating system - to investigate the presence of malware - to uninstall default programs, see branded phones - to prevent monitoring -- ## Obsolescence Furthermore, the phone manufacturer, by declaring it obsolete, stops providing software updates, leaving vulnerabilities out in the open -- ## Geolocation When a phone is on, it connects to a cell of the phone network, which cell and which phone are marked by the operator, who keeps this information for a long time -- ## Geolocation It is possible to triangulate a device by estimating the signal strength received from nearby cells, it is activated by calling 118 and kind of like if you are under surveillance. There is no way to avoid this attack other than leaving the phone at home :) -- ## Geolocation - IMSI IMSI Catcher, a simulated mobile phone tower definitely [used](https://www.ilfattoquotidiano.it/2015/06/13/con-limsi-catcher-cellulari-a-rischio-attenzione-il-cacciatore-ti-ascolta/1770363/) [in Italy](https://duckduckgo.com/?q=capitolatotecnicoradiomobili+site%3Apoliziadistato.it). It can answer questions like: "give me all the phone numbers present in this area, on that day" without the need to request them from the magistrate. It is [widespread](https://github.com/CellularPrivacy/Android-IMSI-Catcher-Detector/wiki/Unmasked-Spies), if you want to have fun you can build an [IMSI Catcher Detector](https://seaglass.cs.washington.edu/) -- ## Geolocation - The wifi, when ON, broadcasts a unique identifier - Same for bluetooth - 2G, 3G and roaming decrease security - The geolocation services also uses the list of WiFi networks near you -- ## Good practices - Does my phone listen to my conversations? - Even when it's off? - Should I remove the battery? For sensitive discussions, leave your phone in another room. If 20 people simultaneously turn off their phones in the same location, the operator knows. -- ## Physical attacks - Don't use fingerprints and facial recognition - Encrypt the phone - Most of the time, if you phone changed hands, you lost -- ## Anonymous sim cards - Mostly snake oil, except a few providers of eSIMs - When possible buy with cash at supermarkets - If you have personal informations on the phone, the sim card is not anonymous anymore - The more you use, the less you are secure