In practice, most people use lots of unencrypted calls and messages. That's why I clearly recommended using encrypted calls and messages. It doesn't even need to be end-to-end encrypted to counter this. Transport layer encryption with pinning is more than enough to counter this.
Conversation
An 'anonymous' SIM card is not going to stay anonymous for long if you are actually being targeted. They can correlate it with your location and start tracking you directly once they've identified your phone. I don't understand why you think IMSI catchers are a counter to that.
1
If they have access to the carriers, they can see which devices are active in your house or where they know you go, and then figure out which one is your phone. Local interception mostly serves the purpose of bypassing working through carriers, if they don't have that access.
2
Replying to
so this would only be used for unlawful tracking. But I got it. There is no real value adding this to the OS and lowering security with it.
1
Replying to
They want those devices to intercept *unencrypted* data without getting warrants. In many cases, companies grant access without a warrant anyway. The solution is not sending / receiving sensitive unencrypted data. The carrier has access no matter what and likely logs it all.
1
They are often required by law to keep logs of call metadata and SMS metadata and content at a minimum, for a certain amount of time. They could keep more and can keep it for longer in most cases if they want. You are trusting the employees at that company, their partners, etc.
1
If you're in a position where having the data intercepted locally is concerning, then you're already doing it wrong and should be concerned since the data is inherently visible to the carrier and anyone with access to their network. Law enforcement is one possibility among many.
1
Here's an example:
techcrunch.com/2018/11/15/mil
This data became public. A carrier could leak their entire database of sent / received SMS messages. You should already be treating it as if that's going to happen. Employees can likely browse this kind of data, etc. They don't care.
1
Carriers often sell access to people's location and other sensitive data. They don't just give it to law enforcement without a warrant. They'll happily sell it to advertising firms, etc. for various purposes. Local interception shouldn't concern you much. It changes very little.
1
Replying to
Hey Daniel. What is your opinion on Shelter f-droid.org/app/net.typebl
Is there any benefit really? I remember you said that work profiles are not in scope for copperheados. Was there any special reason for this decision?
1
Replying to
Work profiles are a standard Android feature implemented in the Android Open Source Project. The app you're linking simply acts as a device admin to use work profiles for something they're not well suited to doing. I'm not really a fan of half-baked implementations of features.
It simply makes no sense to implement this kind of isolated profile via a device admin along with the massive limitation of only being able to have one isolated profile per user profile. It won't mix well with the proper use case for the feature either since you can't use both.
1
When I said it wasn't in scope, I meant using the standard feature (work profiles) as a half-baked sandbox implementation. This isn't how I approach things with my work. I don't think it should be done at all if it's not going to be done well. User profiles work better for this.
2
Show replies