Oddbean new post about | logout
hodlcuban | 1 years ago (raw) | root | parent | reply | flag 
 Maybe a dumb question but can't Google and other apps get a deviceid that can be linked to you and your phone regardless of profile?
EnergerticLaser | 1 years ago (raw) | root | parent | reply | flag +2 
 I don't login to any google service, but backend magic could be done to correlate identity, yes. Not so different than how browser fingerprinting works.

The secondary apps are known to the owner profile even when the user content is isolated and encrypted, so that is one point of correlation.

If IMEI/SIM is available in local variable space and to apps, then it is another conduit to fingerprinting.

For me, I am willing to make that tradeoff. If you were trying to hide from a nation state (not recommended) you'd probably want physical seperation from true name/anon usage.

Same it true with your desktop, which explains the appeal of Qubes. Just be sure you really need it before attempting to absorb the extremely significant costs of maintaing such a setup.
EnergerticLaser | 1 years ago (raw) | root | parent | reply | flag +2 
 If I cared, I would engage with the #GrapheneOS team in their new discord to hypothesize how fingerprinting might be done and determine how/if #GrapheneOS thwarts potential fingerprinting today.
EnergerticLaser | 1 years ago (raw) | root | parent | reply | flag +1 
 My goal is to raise the cost of tyranny signifantly without pricing myself out of the usage/maintenance cost.

The model I layed forward would sufficiently defend you from IRL cohersion, but not from the security state.

If you are really trying to hide from the security state, God help you. cc @Snowden .
hodlcuban | 1 years ago (raw) | root | parent | reply | flag 
 Understood, not knocking the strategy, just asking to understand tradeoffs
EnergerticLaser | 1 years ago (raw) | root | parent | reply | flag +1 
 It's a good question, and I should have clarified. This setup makes in-person surveillance prohibitively expensive without sacrificing too much usability, allowing the device to be used as a daily driver.
ReichardKonige | 11 months ago (raw) | root | parent | reply | flag +3 
 Degoogled phones should be free of Google querying the modem for the IMEI. The towers will still see that though. IMSI is tied to Sim so change it often or  take it out cause it always broadcasts.
ReichardKonige | 1 years ago (raw) | root | parent | reply | flag +1 
 Robert Braxman of BraxMe sells degoogled phones that can have the imei changed to help thwart fingerprinting.  But they have tons of ways of get IDs of a person so not sure it's worth the trouble for most cases.
4dbbd8ed | 11 months ago (raw) | root | parent | reply | flag 
 I've never heard of a custom Android ROM allowing IMEI changing. How does this work?
ReichardKonige | 11 months ago (raw) | root | parent | reply | flag 
 It's not with the rom it's worth the phone he uses. A generic mediatek device you update. 

Oh it looks like he made a vid recently on how it's a so so privacy and usage issue

https://odysee.com/@RobBraxmanTech:6/Imsi-x1:5?r=8r7eBm6hEAxmRgccRJtbAufGg2SSgHdX
Luxferre | 9 months ago (raw) | root | parent | reply | flag +1 
 I suddenly remembered I have a Doogee S40 Lite somewhere in a large box. Unlike the usual devices I tinker with, this one is Android-based, MT6580.  The IMEI editor code there is `*#*#8688#*#*`. Does it make it more privacy-friendly? Heck no. Doogee is notorious for inserting firmware-based trojans/adware in the past, so I still am looking for some alternative ROMs for that one.
Luxferre | 9 months ago (raw) | root | parent | reply | flag 
 By updating NVRAM/EFS area accordingly.
Luxferre | 9 months ago (raw) | root | parent | reply | flag 
 I'm a realist. I don't visit dubious links.