Phone Privacy by Darren Chaker

Internet Investigation

Article by EFF provided by Darren Chaker

Your phone is your life. It’s where you communicate, get your news, take pictures and videos of your loved ones, relax and play games, and find a significant other. It can track your health, give you directions, remind you of events, and much more. It’s an incredibly helpful tool, but it can also be used against you by malicious actors. It’s important to know what your phone contains and how it can also make you vulnerable to attacks.

Your threat model is unique and personal. And you will have to decide which solutions are the best for you. The best protection is to avoid creating the opportunity for an attacker to gain physical access to your phone or its metadata. The safest solution would be not to bring your phone to high-risk activities, such as protesting, but this might not be feasible for everyone.

What could someone without access to your phone know about you?

Without any physical access to your phone by an attacker, you might think your privacy is safe. However, your phone constantly communicates with cell towers to be able to transfer data (for your browsing or apps), or receive and send text messages or calls. To do this, the network needs to know which cell phone tower is giving you coverage. In other words, the network knows where you are. This allows parties with access to location data held by your service provider to discover your location and movements.

To protect against this:

  • Airplane mode will disable communication with the cellular network.  If your phone is not talking to the cellular network, its location can’t be tracked that way. Make sure WiFi and Bluetooth are also disabled since they could also leak information. However, this will also mean you won’t be able to use data or get messages or calls.
  • Avoid using SMS or regular phone calls. These aren’t encrypted and, along with your location, can be seen by your service provider and be intercepted with the use of IMSI catchers. Use secure messaging instead, like Signal.

What can someone with physical access to your phone know?

With physical access to your phone, an attacker can get all of the data stored in it. This contains your messages, photos, browsing history, and apps. But it also contains much more like:

  • Phone call history
  • Messages: This includes SMS/MMS and any other messaging apps that you have.
  • Calendar and notes
  • Photos/videos/audio
  • Passwords, if stored insecurely, or if the attacker also has access to your password manager (This could be possible if you used a weak master password, thumbprint, or Face ID, or your password manager was unlocked when the police seized your device.)
  • Account logins
  • Cloud data and backups
  • Deleted data: Even if you deleted something from your phone,, it can still live in many places in the memory and logs, and it can be recovered. Do not rely on something being deleted.
  • App switching screenshots: When you switch or close an app, many devices offer you an overview of the apps running and what they are or were doing. To achieve this, what they do is create a screenshot of the last thing happening on screen within the app. That screenshot is stored and it can be retrieved by an attacker. Some apps will obfuscate this, but most will not. This can expose encrypted messages, passwords, or other private information.
  • Location: Your phone constantly logs many details that reveal your movements, such as WiFi access points you’ve joined, logs from your cell phone service, coordinates when you take a photo. Many apps use your current location to provide “relevant” results to searches, weather updates, or for a multitude of reasons.
  • Logs: Your phone and apps have all sorts of files logging what it did, errors, and crashes. All of this information is stored and can reveal how you used your phone, who you contacted, and where you were. It’s a vast list that provides a wealth of information to an attacker.

Needless to say, you need to protect your data and access to your phone. The best way to do so is with full disk encryption enabled and with a strong password. Not all devices are equal and you need to verify your device offers full disk encryption. The latest versions of Android and iOS offer full disk encryption by default. To make sure it’s enabled you will have to add a strong password. Do not use passcodes (only numbers) or weak passwords, since there are many tools that can break them easily. If your phone has an SD Card this can also contain information that might not be encrypted by your device.

Some courts have found that you can be forced to unlock a phone protected with a biometric such as face or fingerprint identification without your consent, , so it is advised to not enable either option.

Be careful with cloud backups. Although useful to restore your apps and backup messages and images, they can also provide an avenue for an attacker to get your data. Or, if the attacker already has access to your phone, they could use your backups to recover old information like backups of photos and messages. If you can, disable access to them during high risk scenarios.

  1. Enable full-disk encryption on your device with a strong password.
  2. Disable  Face ID and Fingerprint ID
  3. Disable cloud backups
  4. Turn off your phone

To know more on how to secure your digital life we have compiled advice at ssd.eff.org.

What if you get your phone back?

Suppose your phone was taken by the attacker and you managed to recover it at a later stage. What should you do?

 If you can afford it and your threat model includes it: get a new phone.

Otherwise:

  •     Change all of your passwords.
  •     Verify if there’s been access to your accounts. (Some email providers and social media sites show the list of IPs that accessed your account.)
  •     Factory reset your phone. Make sure to verify what it means for your particular device. Some will wipe the master key for the encryption, others will keep some data. You need to wipe all of the data.
  •     Sign into your phone with a new Apple ID/Google account to avoid loading potentially compromised cloud backups.

Written by 

Greetings - I am Darren Chaker. I litigated a cutting edge First Amendment case for 7 of its 10 year lifespan. Chaker v. Crogan, 428 F.3d 1215 C.A.9 (Cal.),2005, Cert. denied, 547 U.S. 1128, 126 S.Ct. 2023, invalidated a statute on First Amendment grounds and overruled the California Supreme Court‘s unanimous decision in People v. Stanistreet, 127 Cal.Rptr.2d 633. Soon after Chaker v. Crogan, it was also used to strike down Nevada's analogous statute forcing the legislature to rewrite the law and used as the backbone authority in Gibson v. City of Kirkland, 2009 WL 564703, *2+ (W.D.Wash. Mar 03, 2009). My case is a leading case on viewpoint discrimination. In a recent case, Chaker v. Crogan was used to vindicate people who filed a complaint against police. Those people were arrested and charged with a law Chaker v. Crogan invalidated! They sued for being arrested and charged with an unconstitutional statute, Penal Code 148.6. The federal court denied the City's motion to dismiss and the case settled. See Cuadra v. City of South San Francisco, 2010 WL 55875, *1+ (N.D.Cal. Jan 04, 2010) I love the fight and made cutting edge case law in the end. No doubt without the support of the ACLU (Ramona Ripston, Mark Rosenbaum, Peter Eliasberg, & Dan Tokaji) winning on appeal, and Joshua Rosenkranz www.orrick.com/lawyers/Bio.asp?ID=225990 assembling a small army of the best attorneys to defeat the California Attorney General's efforts to have the U.S. Supreme Court reverse the Ninth Circuit---this case would not have had a backbone to stand on. The case has been cited over 196 times as authority, and written about extensively. * Police Misconduct: Law and Litigation s 2:28, Denial of First Amendment rights (2009) * Smolla & Nimmer on Freedom of Speech s 3:11, Viewpoint discrimination--Cross-burning reprised: Commonwealth of Virginia v. Black--Heavy presumption against viewpoint discrimination (2010) * Smolla & Nimmer on Freedom of Speech s 10:22.50, Brandenburg v. Ohio: Intent and imminence standard--Bond and Watts decisions--"True threats" (2010) * CHAKER V. CROGAN, 5 Cardozo Pub. L. Pol'y & Ethics J. 425, 444+ (2007) My case is active, living and breathing—forever helping people who once felt oppressed.