I’ve had an interesting time the last few days.
It started with Verizon and my cell phone sporadically not having any signal at all for days; at home, at church, at a lot of places. I’d thought maybe it was my phone reaching EOL End Of Life, or that Verizon was shutting down 3G antennas.
Looking on line, Verizon has a lot of folks complaining about reduced coverage. It isn’t just me. It isn’t my old phone (folks with iPhone 6 phones have the same problem) and it isn’t that 3G is being shut down. Verizon intends to continue 2G and 3G until December 2019. Whatever is the problem, it is all over the place in the Verizon network.
My suspicion is that they have added 4G and perhaps are adding 5G to their towers and in some way this has reduced the 3G signal strength.
I looked into getting a signal range extender, but at about $200 for all of a year of use, that’s a bit more than I wanted to spend. Then the used ones at about $100 “had issues” in that they were often still registered to someone else and could not be used until that was resolved.
So I decided to just keep the Verizon phone for the rest of the 1 year of life it has left and set up a “Kludge” via forwarding the Verizon phone to my “burner” phone when headed to home. One of the forwarding option, *71, rings the Verizon phone first, then does the forward, so it can be left on “when in doubt”, going to *72 when I know I just want it to forward immediately. (*73 ends the forward).
The Burner Phone was bought a couple of months ago with the intent to do a couple of things. First off, have a reliable alternative phone. Second, get some experience with Anonymous Android limits (what you can do without giving Google your data and identity). Third, play around with what can be done with the hardware “someday” with alternative software and providers. It is a “Tracfone” so is very hard to “root” and typically you must spend a year+ of money with them before you can “unlock” the phone. So that third bit can at most be done in a year (as I’m just not that interested in becoming a master of phone unlock foo…)
1st Reliable Signal / Phone
Back at the first point: I did the activation at their web site, using a $19 “service plan” card also bought without ID for cash. Technically this “plan” was for a non-smart phone, but it worked anyway. I’d bought it intending to activate my old burner phone (which I’d mentioned before had a dead SIM card as they expire with lack of use… and getting a replacement required identity information – which defeats the idea of a burner phone…) So instead I dropped about $80 for a Samsung J3 Galaxy with a new SIM card – cash at Best Buy so also anonymous.
All up I’m into this about $100. In theory, for another $135 or so I can get a year of active use with something like several GB of data plan and 1500 text messages plus some larger talk time than I typically use.
Throughout the activation process they try at several points to get you to “set up an account” and hand over identity information or a credit card (to avoid the ‘bother’ of those cash cards…). At one point it demanded a name for the phone – I gave it a pseudonym I developed in Dramatic Arts class in college. (We had to develop a full ‘back story’ and character – and I respond to the name as I spent weeks “in character” as him.) Other than that, the whole thing was set up without any PII Personal Identifying Information.
I’ve tested it with a call to the spouse, text messages to the Florida Friend, and then forwarded my Verizon phone to it (and tested that). So now the first part is also a done deal. Plus I have a workaround for whatever is wrong with Verizon.
Oddly, shortly after it was working, I started getting signal on the Verizon phone while at home, so was able to test the forwarding and stop-forward processes from home. I have no idea if the “fix” is temporary or if Verizon had some antennas out of service for upgrade and finished the process, or what. In any case, I’ve also solved the problem of reliably getting Verizon calls to complete. That’s the *71 setting – ring then forward if no answer. That’s now my default for a few days, at least. I don’t need to tell 50 people my number is temporarily changed…
2nd Anonymous Android
That just left on the “now” ToDo list, the question of what all can be done with an Android Phone without handing over all sorts of incidental information to Google. From the Tablet I’d already learned that to use the Google App store you need an identity, so had set up a “never used” Gmail account. Now I wanted to find out what could be done without that behaviour. Without putting that tracking beacon on the phone.
There are some apps already install. Fairly limited set though. An open issue is how many of them “tattle” too. It may be that I need to remove some of them to be truly anonymous. Then there is Android itself. I’ve turned off auto-updates, but it did one update already. So to some extent this phone is “known” now to Google as an existing active device.
There are a lot of places to turn off various automatic updates and notifiers and “stuff”. Took me about 1/2 hour wandering through settings to get them all ( I hope I got them all… on a fixed small size data plan all the auto-everything will drain your bytes in no time for nothing you wanted.)
The default apps included the usual things like an email interface, a ‘gallery’ app for looking at pictures, a camera, a chatty weather app that wanted my location and constant weather data downloads (I think I got it turned off…), a clock, calculator, settings, “messenger”, phone, a browser called “Internet”, Samsung “My Files” file viewer & their app store, a calendar and contacts; then Google apps: Chrome, Maps, Youtube, Drive (cloud storage), Duo, and Photos. A pretty good list that provides lots of basic functions for that $80.
I turned on WiFi and connected via that (so as to conserve the very limited ‘data’ on my ‘service plan’ with Tracfone). Once the phone is mated to WiFi a whole lot of interesting things become possible, and a lot cheaper. The WiFi identity might well also be “tattled” to Google, so in a really serious use case, you would not want to do that from home but instead from some public WiFi (such as at the local library).
I find it interesting that so much can be done over a WiFi connection. Essentially this is a tiny tablet for nearly nothing once WiFi is enabled. I’m fairly certain this will work even if the phone is not activated as a phone. I’ve not tested that, though, as I activated it first. Worth testing “someday” if anyone buys one of these again… or my “plan” runs out.
After Android updated, I tried the App Store (Google Play). It still insists on an account and handing over an identity / email address. Similarly the Samsung App Store also wants an identity. So you are stuck with the apps pre-installed if you want to remain anonymous OR you must have a false ID for setting up the accounts. But is their something else?
Looking around, I found via some web searching an alternative. F-Droid. I’m sure it stands for “Free” Droid and not some other F… ;-)
Seems that a whole lot of other folks have already gone there ahead of me and set up a nice place for Free Software and Privacy folks to make their own alternative world.
What is F-Droid?
F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.
F-Droid is a robot with a passion for Free and Open Source (FOSS) software on the Android platform. On this site you’ll find a repository of FOSS apps, along with an Android client to perform installations and updates, and news, reviews and other features covering all things Android and software-freedom related.
F-Droid is operated by F-Droid Limited, a non-profit organisation registered in England (no. 8420676).
Looking around, it generally follows the FOSS world way of things. Source available. Lots of opportunities to verify who they are while you stay private. A LOT of apps that are also open source and non-tracking. Nice. Very nice.
While exploring and downloading a lot of their Apps, I ran into a fascinating one that lets you download Google Play store apps via their application credentials. Essentially a bypass on that whole identity thing and without the need to invent your own pseudo-you that then is also a unique thing, so might be trackable if you are un-careful.
Called Aurora Store, it’s your access point for Google Play apps without identity:
Download apks from Google Play Store
Aurora Store is a fork of Yalp Store by Sergey Yeriomin It lets you download apps directly from Google Play Store as apk files. It can search for updates of installed apps and lets you search for other apps.
Aurora Store provides a Material UI to Yalp Store.
Using it, I downloaded an example app just to prove it worked reasonably well. It did.
I’ve now downloaded a variety of interesting apps, but not tested nor configured them all. Just some quasi-random choices to play with “later”. In no particular order they are:
Termux – a tiny terminal window. Fun, but I started a “ping” and then discovered the keyboard had no CNTL key so no CNTL-C to kill it… Had to shut down the phone to stop it from running forever ;-) I’ll need to look at the docs to see if there’s a magic chord for CNTL…
RasPi Check – a neat little app that connects to your Raspberry Pi via ssh / sudo and reports things like temps of cores, CPU use, and more. Unfortunately, the command it uses is not on the Alpine Linux running my DNS server, and my other Pi machines are on the backside of the firewall in the WiFi router and it blocks the connection. I’ll need to turn on the other WiFi (internal) and try it again on that WiFi network.
Elementary – a nice Periodic Table where you click on an element to get more data or a Youtube video about that element. As I often pop up a periodic chart to ponder things like elements in semiconductors, this is quicker than opening a tab in a browser and hitting Wiki…
Book Reader – now I just needsome books…
Torrent Client – for torrent downloads
Privacy Browser – that claims to protect my browsing
SolitaireCG – for those airport hours
PocketMaps – downloadable maps for offline navigation (Google Snoop not included)
OpenVPN for Android – VPN service provider required. I think I need to raise priority on that home VPN server…
Baresip – for minimal SIP phone exploration. Now I need an SIP provider for an IP phone number.
Ring – a more advanced form of SIP phone
There were a whole lot more. Their “Browse” tab for F-Droid has 30 items / page and 57 pages. That’s about 1700 apps. Then the Google Play store has God Only Knows how many thousands. The Aurora Store app has a filter to block those that don’t run on your device AND a filter for those with bad actions – like ads, or that are too snoopy. You can turn that filter off if you like.
FWIW, there’s another source for FOSS Android apps.
I know nothing about them yet. More exploring…
I’m quite happy with what has turned out to be an $80 mini-tablet with optional telephone. I’m intending to explore setting up IP Telephony on it. At least one Email app advertizes that they are encrypted and dedicated to security ‘end to end’ (there is also a specific encryption app for documents and several for email). All this on a platform where so far the only “identity” information it has on me is a fake name and what IP address I used for some downloads. (Had I set up the phone in a library, then configured and turned on a VPN client while there; even using it at home would not give up the home IP address…)
I’m pretty darned sure it would work as such a cheap tablet even if you never did activate the phone service. OTOH, for $25 you get an emergency phone service too… so why not? Once I get the IP phone stuff figured out, then using it for all sorts of VoIP calls or video calls – some via VPN or encrypted for security – becomes nearly free and reasonably secure, even from public locations and probably from home too (IF you choose your VPN provider wisely and NOT in the USA).
One side note: I had a problem with my first incoming phone call. Phone lit up. Red button to decline. Green button to accept. I’m pressing, tapping and all kinds of things that green button. Nothing happens. Press red, call ends. WT? Seems you must “wipe right” on the green button to answer. Had to consult the dinky manual for that one… Sigh. Guess it avoids “butt answering” the phone.
I now realize I have days to weeks of “work” to do on this little distraction. Setting up IP telephony. Figuring out what various communications apps are really private and secure. Deciding do I want the Aurora Store (Google Play) Whatsapp? that’s supposedly private (but likely has account and tracking issues) or finding the FOSS (Free and Open Source Software) alternative on F-Droid? Repeat that process for 20 or so categories of apps… and a dozen offerings in each of them. I’ll likely knock off one / week (or month for the hard ones) when not swamped with other things demanding attention.
3rd: The “someday” Future
Phone service has worked just dandy at home. Given that, and given that I’ve decided to keep the phone active for at least a year to be able to unlock it “someday”, I’ll likely buy that 1 year “plan” for $135 (or whatever it was). I do need to verify that even if bought anonymously, the active phone is enough to get to the unlock allowed point. Why unlock? Because there are 2 alternatives I’d like to explore “someday”. One is a non-Google Android. Basically Android for folks who hate the Google Track Me experience. I know almost nothing about it other than that is their goal. The other is a Real Linux ™ port might be possible. They exist for my Samsung Tablet, so ought to be at least “in the works” for this thing that’s almost identical in concept.
There are several alternatives, but for the Still Android experience this one looks decent:
Your data, your rules. With powerful tools such as Privacy Guard, you are in control of what your apps can do whenever you want.
Trust will help you understand the security of your device and warn you about possible threats.
We take security very seriously: that’s why we deliver security updates every month to all our supported devices.
And to make your device more secure, lock everything behind an enhanced lock screen.
LineageOS extends the functionality and lifespan of mobile devices from more than 20 different manufacturers thanks to our open-source community of contributors from all around the world.
likely at least 1.5 years away for this phone (though maybe on my Tablet that is near or at EOL for software updates… ;-).
This article has several annoying “features” like popups and a nag box ad at the bottom that grows upward as you scroll downward (so hitting the X is mandatory), but lists some other alternative Linux like OSs:
Most interesting being eelo that’s a fork of LineageOS:
eelo is an upcoming Android distribution based on LineageOS. It is being created by the developer of Mandrake Linux. The idea is to have an open source mobile operating system free from Google.
eelo promises to have its own cloud and email services to give you an Android free experience. eelo is in very early phases of development.
In devo, but maybe in 2 years…
Then PostmarketOS is interesting to me as it is aimed at keeping old hardware alive for a 10 year horizon. Near free “obsolete” phones anyone? Then roll your own burner phone.
postmarketOS (pmOS), is a touch-optimized, pre-configured Alpine Linux that can be installed on smartphones and other mobile devices. The project is at very early stages of development and is not usable for most people yet.
Based on Alpine (a small and security oriented release – running my DNS / Proxy server) so likely secure. Also WIP Work In Progress – but at my 1.5 to 2 year target date? I’d be happy with a ‘touch optimized Linux’.
My intent in any case is to push this particular device and all the applications I put on it, as fully into Anonymous Land as possible. At NO TIME will I give it any real identity information, any credit card or PII, any “account” with Google to get apps. The only thing it will every “share” (with my permission…) is my IP address – and even that is only until I get a VPN set up and running, then everything will be sent through that or though public WiFi HotSpots. As I learn things, I’ll put them up in articles. Don’t know that I’ll catch everything, but I’ll post what I do catch.
Oh, and one other Fun Point: I chose a Florida Phone Number for it ;-) So while it geolocates me in California via GPS and ISP (Internet Service Provider) information at the moment, the phone claims to be from Florida. Why? Because it will be soon enough! I’m planning another trip back “soonish” and at the start of the new year, the Spouse is retired and we start the move process in earnest. Figuring out where to be, how to get there, what to move, sell, or toss out in earnest, and when to just visit for a while.
Once I reach the end of the Anonymous Line, then what?
I’m also looking at a “cloud provider” of docker systems that provisions some standard Linux based VMs for something cheap like $36 / year where I might set up my own globally visible VPN and DNS services. They need a name, billing address, and phone number.
I already have an address.. and a debit card filled at Walmart (so abuse opportunities are limited to the cash I put in any given month) but didn’t have a bogo-phone number. Once I’ve got SIP going, I can either use this number, or put one on a R.Pi PBX and then have a full set of pseudo-me “identity” to go into that very public identity leakage space of Domain Name registration and such. Figure about 6 months more for that one. (I need to flesh out the virtual me a bit more first – and finish my ‘fully anonymous’ exploration before the VMe is rolled out to the world).
At that point, I can VPN from some public place to my own VPN server where I KNOW there are zero logs kept, then use it to browse the world or get encrypted email, all with my own filtering DNS service; and anyone fingering it finds a PO Box, a VMe name, and a phone number to a SIP phone exchange… and billing information that leads back to a pre-paid debit card loaded with cash at Walmart… IF I can get it all set up and maintained ;-) All while moving…
Ambition, can’t live with it, can’t live without it ;-)