Whenever people ask about ways to make their smartphones more private or which is the most privacy-respecting phone to get, there’s always a few people confidently asserting “all smartphones are spy tools, get a dumbphone with no apps if you want to be private”. Which is ridiculous advice for a few reasons
-
Dumbphones usually run either proprietary operating systems or outdated forks of Android. They’re almost never encrypted. They rarely get security updates. They’re a lot more vulnerable than even a regular Android phone
-
With dumbphones, you’re usually limited to regular phone calls or SMS/MMS messaging. These are ancient communication standards with zero built-in privacy. Your ISP can read any text message you send and view metadata logs of any phone calls you make. In lots of places (like Australia where I live) ISPs are actually required to keep logs of your messages and phone calls
With even a regular Android phone you at least have access to encrypted messaging apps like Signal or Session so your conversations aren’t fair game for anyone who wants to read them. Of course there are better options. iOS (not perfect but better than most bloatware-filled Android devices) and a pixel with GrapheneOS (probably the best imo) are much better options; but virtually anything out there is going to be better for privacy than a dumbphone
Edit: Thanks everyone for giving your thoughts. Some really good points I hadn’t thought much about
You can make a smartphone (more) private, but out of the box and loaded with standard apps (eg Google), its a privacy nightmare. So I get where they are coming from. Sure using SMS isn’t private, but dropping all that app addiction is.
It comes down to the hostile actor you are trying to defend against. If you are Jason Bourne and you have been burned by your agency so multiple nation-states are looking for you, then you have to go fully off-grid and live a quiet life without ever communicating with anyone in your prior life again. It doesn’t matter if you are using Signal, or SMS, or even a dial-up BBS. If you are communicating with people that are also under heavy surveillance, you cannot hide.
If you want to reduce your “digital footprint,” then not using google/facebook/other social media is the most worthwhile thing you can possibly do. Your phone doesn’t matter. Use iOS, never install any of the social apps, use Safari in incognito mode, and you’ll never be tracekd across websites again.
“Use Safari in Incognito mode.” I remember when they said the same thing about Firefox.
What happened with Firefox?
I think OP meant use Safari with the Apple’s Privacy Relay thing that hides your IP and generalizes location data into a larger area, not just regular “private mode” that Safari has. Too bad it’s subscription only on iCloud+, and who knows if it actually works as well as Apple claims it does.
I wasn’t referring to the privacy relay, though if you want to use it that’s fine too. More of just easy ways to reduce your digital footprint.
Switching from a smartphone to a dumbphone is usually not about increasing privacy in the first place.
People tend to make the switch for mental health reasons, rather than privacy ones. When your phone goes back to being a direct communication tool rather than a passtime, you tend to realize just how much time you spend during a day doing basically nothing.
I think you’re conflating security with privacy. Not that they are unrelated, but something can be e.g. unencrypted but lack telemetry.
Not that dumbphones are inherently private, but I don’t think they’re less private either. They’re just what you use if you have no need for all the smartphone functions.
Idk, being locked in to using only communication protocols that are known to be roughly wide open seems like kind of a privacy non-starter, right? Sort of fails the attempt before you even start, no?
Edit: a wiser person than me reads the rest of the thread before a comment like the above, but I’m not them sadly. (AKA, plenty of good points made by others)
I suppose that begs the question of whether or not privacy (as used by this community) inherently means private in the colloquial sense, like the way a diary is private. Because to me, a e.g. public static website with no kind of profiling of its users is privacy-respecting, but obviously not private in the colloquial sense—it’s a public resource.
I do use SMS sometimes and I use it strictly for things that I’m happy to be basically public. Same for using other protocols like unencrypted email.
A stock smartphone is also locked in to mandatory telemetry, like a stock dumbphone. The practical difference is that there’s a much smaller community for installing custom FOSS OSes onto dumbphones compared to smartphones.
If you’re willing to live with a dumb phone, you’re willing to live with a Linux phone (Or an open ROM without Google apps). AFAIK they can call and text just fine without installing anything else so any Linux apps you like are just a bonus.
Good point. Linux phones, even in their current state, might be a good middle ground for people with low needs.
Although there’s two things I’d mostly be worried about.
- Battery life. Smartphones, including Linux ones, aren’t exactly known for amazing battery life. A dumb phone would likely last several times longer on a single charge.
- Physical durability. Even after all those years of structural improvements, smartphones remain fairly fragile. Usually I use high durability cases with my smartphones (ideally Otterbox Defender), though I don’t think anything similar is even available for any Linux phones. And of course, we all know dumb phones are generally durable enough.
I remember the need to reload my old Nokia brick sometimes and that it had a better reception strengh than my current smartphone, apart of the bulletproof finish.
I guess the idea is that you wont be able to do a lon with a dumbphone, so it’s basically a paperweight that sometimes receives calls and with too much luck, an SMS. You have a tool for emergencies or specific events, but you don’t have your life on it, so you keep most of your privacy from ever reaching it. That’s my take, at least.
Your ISP can read any text message you send and view metadata logs of any phone calls you make. In lots of places (like Australia where I live) ISPs are actually required to keep logs of your messages and phone calls
Why would my Internet Service Provider have anything whatsoever to do with my dumb phone?
Yes, texts and calls aren’t hidden from your mobile phone provider, they never were. I agree it’s not great, and the government is likely spying on you as they have been for decades.
But alas, I don’t see a solution without using a non dumb phone and encrypted apps, which will require the internet and at that point you’ve not got a dumb phone any more.
My Nokia 3310 still works great. Sure, the government could spy on me, but I don’t discuss anything sensitive over the phone (traditionally one doesn’t, for this very reason, wiretaps and the like). It’s a tool for casually staying in touch and arranging to meet up _
Exactly, taking away tools which enable you to enhance your digital privacy, or the ability to use such tools, is fundamentally a flawed way to enhance your privacy in the long term.
Same for security with rooting, and it’s the same reason why the argument that “rooting makes your phone less secure” is a fundamentally flawed argument.
Yes! I hate that companies are trying to make people think thar rooting=unsafe. Then make it work safely. Root user is safe on Linux, then why it isn’t on phone?
That’s just boils down to user not giving root access to every app.
Because they don’t know what could potentially be running with root access and they’d rather block everything they don’t know.
Earlier this year my accountant asked me to install an app on my phone to give them access to some banking details and that app would not open the login screen without the gboard keyboard enabled, because they considered custom keyboard apps = bad. It also would not let me use password managers, so I was forced to put my banking details beyond a weaker password than any of my online accounts for random sites.
Exactly!
Ultimately rooting empowers users with control, and many company profit from users not having control, like Netflix, like Google with their ads, etc., so they love to make people think rooting is somehow unsafe lol
GrapheneOS or nothing. We have to support them whenever we can more than ever. The battle against mass surveillance will become increasingly difficult. Many countries are heading towards neo-fascism and will use all state power to end privacy at all costs
Yes but you also have to get your phone from a hardware manufacturer who you trust, so not google or Samsung or huawei or… etc.
Fair phone maybe?
Fair phone maybe?
Outdated HW and doesn’t have graphene support.
I figured that the point of using a dumb phone would be that there hopefully wouldn’t be meaningful accounts, information, and communication to really get at. Regular calls and SMS were already fair game, and there is basically nothing else on there. Nothing for evil megacorps to siphon up, no social media, not much of anything.
Linux Phones are a thing… 🥺
From my limited research it looks as though the Punkt mp02 is the best bet for a private dumbphone. It does use a propriety OS but at least it supports Signal.
Pretty sure the Punkt is my next phone and a Raspberry Pi 500+ is my next desktop.
Take me back to the start of the millennium. I’m tired of this shit.
Nice thing is, usually the dumb phones have removable batteries. So just remove the battery when you’re not using it. Problem solved.
If you have to connect to an intermediary to make a call, you can be heard and traced. GPRS is only marginally better if you and the one you call are on the same uncommon frequency
Yes, sim calls and sms are not private, both on dumb and smart phones. They also connect to cell towers so your location might be found. Anyway, I think the hardware and software of a smartphone is more capable of surveillance you than a dumbphone. The only realistic way is to leave the phone home and keep a paper list of your contacts at you. And call them from a stranger if you need to. I did this and the biggest inconvenience is that I can’t take pictures or videos (I might buy a camera, I don’t know if they have location system incorporated).
With dumbphones, you’re usually limited to regular phone calls or SMS/MMS messaging.
That’s kind of the point.
Sure, you can’t do much with them, but by that very fact you also won’t have nearly as much data to be spied on.
Likewise, you can do much more with a smartphone, but that comes with a much higher surface of attack, and you also have to work a lot harder to keep all the data away from spying.
And your keystrokes are logged on phones where you use Signal…
Dumbphones are more private. Privacy is on a scale, and you have less apps and systems that track you and profile you on a dumbphone.
Do you want true privacy? Don’t use a phone…
