Have Smart Gadgets, Smartfone, Take controll

Forum Forums Kafeneio Chats In a Greek kafeneio Have Smart Gadgets, Smartfone, Take controll

  • This topic has 3 replies, 2 voices, and was last updated Jan 3-4:09 am by ModdIt.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #31382
    Member
    AvatarModdIt

    I am a smartphone user, meaning a data cow. Startled at the insanely low Battery life when I left the device unused at home I began to figure out why.
    One big culprit google tracking (play/or is it pay with data) store with a very short contact intervall, at times as low as 30 seconds. Second came
    manufacturer crap which uploaded large logfiles sent pings. Find device switched off but still sends data for example. Chipset is partly qualcom, they
    felt left out so also calls home. Assembly Test, calling Longcheertel, to say phone still working. Apps like wps office also pinging and uploading
    encrypted data merrily.
    My action was to remove as much crap as possible with adb, replace installed apps with others from Fdroid and a few such as messenger directly
    downloaded from main site.
    Next step Install an application from GIT called NetGuard from Marcel Bockhorst I purchased Pro feature after some testing, that guy has done
    good work. From half to one 1 day battery life improvement. I see next to no ads, the GIT version impliments ad and tracker sites blocking as well
    as allowing white or blacklisting approach. At present most applications are not allowed internet access, without real discomfort or loss of function.

    Sniffing Traffic was an interesting experience, not so easy to set up. Now the Heise Ct. German IT Magazine has an ongoing project called Raspion,
    Ras for Raspberry and Spion for spy to streamline sniffing traffic for non experts which may be of interest for users of this forum. The project may
    not be known outside of germany. Project page is http://www.heise.de/ct/artikel/c-t-Raspion-Projektseite-4606645.html.
    From the project page links for download, setup and usage as well as forum.

    Should you decide to install NetGuard do a before and after sniff, you will see it is very effective.
    Once you know which devices and apps are calling home and to which adresses the fun starts. Pi Hole blocking.

    Have fun take back your devices, as far as possible at least.

    https://www.heise.de/ct/artikel/c-t-Raspion-Projektseite-4606645.html

    #31395
    Member
    Avatarskidoo

    Blindly installing this onto a Pi attached your LAN is “fun” ?

    www.heise.de/ct/artikel/c-t-Raspion-Projektseite-4606645.html
    ^–v
    ct.de/projekte/ctraspion/raspion_legacy_v100.zip

    FYI, I retrieved and audited the zipfile contents and discovered several “red flags”:

    1) Its “mitm” is preconfigured to use GOOGLE 8.8.8.8 + 8.8.4.4 DNS

    2) The install.sh script injects a sudoers ALL:ALL:NOPASSWORD rule for “canvul.sh” but the zipfile contains no such script. Yes, a “scanvul.sh” file is provided, but… this represents either an innocent but sloppy / untested ditribution, or (???) a preseeding to accommodate a future unknown payload, to be delivered via a future “update” operation.

    3) The install script uses “wget curl | sudo bash blablah” to retrieve and install pihole.

    4) Suspiciously (IMO), pihole is not retrieved until LATE within the script (after the dns resolver & services are injected). Who the hell can guess whether or not pihole is retrieved from the actual official server?!?

    5) the installer retrieves + installs an “ntop” debfile from packages.ntop.org, via plain unencrypted http. Or, given the prospect of tainted DNS in this context… we can say “the installer retrieves and installs SOMETHING from SOMEWHERE”. Well, that’s “fun”, right? Riiiiight? (Well, apt may recognize that https is available for that repo and automatically switch to using https)

    6) Included within the zipfile payload are 4 “debfiles”:
    libgtk-3-0_3.24.5-1_armhf.deb
    libgtk-3-bin_3.24.5-1_armhf.deb
    libgtk-3-common_3.24.5-1_all.deb
    wireshark-gtk_2.6.8-1.1_armhf.deb
    WHAT HAS BEEN PATCHED?
    WHERE CAN WE INSPECT THE SOURCE CODE (AND HAVE AN OPPORTUNITY TO SELF-COMPILE) ?

    Below is a (translated) 27.12.2019 post from heise.de forum which has remained unanswered…

    heise.de/forum/c-t/Kommentare-zu-c-t-Artikeln/c-t-Raspion-Datenpetzen-finden-und-baendigen/forum-440267/

    WHERE is the project page, so Git Repo, Issue Tracker – what you know ???
    I can only see a zip file for download – is that all?
    So I mean – where is the issue tracker, the git repo, where can you collaborate properly? Only in this forum ???
    I do not think that THE German IT publishing house does not manage to set up its own Gitea or Gitlab for such projects – so WHERE is it?
    Or is there really no … no, nonsense, that can’t be right now … so I really can’t imagine such a gigantic embarrassment. After all, this is HEISE.
    So there will be at least one Gitlab Accont?
    Just a zip file to download – that’s really undignified.

    #31396
    Member
    Avatarskidoo

    .

    #31398
    Member
    AvatarModdIt

    Hallo skidoo and thanks for deeper insights, I am not an expert, thought the theme might have been of interest to others.

    On the paranoid rating, if we use internet or a phone we have already given up much of our privacy, get in a train, we are on camera.
    Digital pics on id documents can, my guess, is do, allow tying us to movement every time we leave the darkened cellar. Walk past a police station fire
    department, go to government office same applies. Drive a car, the VIN in the dash is readable in many ways along with number plate and getting driver
    and front passenger mugshot. Some of your clothes probably have integrated woven in RFID. Cards in your wallet ??. Most anti RF devices are ineffective,
    any card can id you from a distance.

    Doing nothing would have meant no control whatsoever over my phone with all google apps installed and hello google activated and listening on first
    start. Hope they heard what I said about them and the oems, with their lies. @about privacy. none left.
    XIOAMI is pretty honest compared with many others,they just state your data belongs to them. And bomb you with advertising, yes you can switch most
    of that off, in my experience not all.

    It was even impossible to boot the phone, (a Redmi Note 5) without a simcard inserted which immediately ties the device to number with all newer german
    simcards due id registration. Using an old non smart device that applies too. Both goog and apple can almost certainly pull location data from gps even
    if it is off by user settings, so means any others with interest and resources too. WLAN information is transmitted and received when you walk along the
    street. Google maps collected WLAN data, made a photo of your house or apartment block. It goes on and on.

    Why do you think batterys are in most cases non removable. Really turn off a phone with few exceptions impossible.

    I was fighting my phone which is my only personal smart gadget, I think, not so sure about my car.

    Anyway LAN was not connected except router to PI. Only phone connected to RASPI WLAN.

    Smart gadget households are using google or amazon in most cases without thinking about how much data is flowing.
    What is worse, Heise approach seems to have some flaws but if it creates some awareness seems far better than just
    waiting or giving up.

    Exhausting theme where most kids and many adults are totally uncritical.

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.