this post was submitted on 22 Mar 2024
174 points (89.2% liked)

DeGoogle Yourself

8845 readers
46 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 4 years ago
MODERATORS
 

The technical mechanism:

https://play.google.com/store/apps/details?id=com.google.android.apps.devicelock

update


To be clear, I am not the OP who experienced this problem. I just linked them from here.

you are viewing a single comment's thread
view the rest of the comments
[–] Blaster_M@lemmy.world 64 points 8 months ago (4 children)

Don't buy a phone on collateral credit (like from a cell provider that "gives" you a phone with service). If you must, ebay a phone and use paypal.

If you can't afford a $1200 phone by paying for it in "cash", you need to aim lower.

[–] electricprism@lemmy.ml 22 points 8 months ago (1 children)

Comments from the last post indicated it made no difference to having the killswitch on their devices as per screenshots.

Still I agree, buying on credit is not a good idea.

[–] coffeeClean@infosec.pub 8 points 8 months ago

The real problem with @Blaster_M@lemmy.world’s comment was to blame the victim. It may be sensible to blame the victim, but let’s not lose focus on the perp.

[–] coffeeClean@infosec.pub 12 points 8 months ago* (last edited 8 months ago) (2 children)

I must say Paypal shares customer data with over 600 corporations among other scummy things, so I boycott them. I also boycott eBay because the javascript required to use their website port sniffs your LAN and feeds that back to them, apart from other evils.

But most importantly, I’m not necessarily worried that I would personally get burnt by this. But just like my unwillingness to buy an Intel CPU with a management engine (or AMD’s flavor of this), I am unwilling to buy a product that was designed to work against me. I do not want to finance anti-consumer suppliers. ATM I don’t know how to check whether my version of AOS has this “feature”.

(BTW, I’m not the OP; I just linked their post here)

[–] Blaster_M@lemmy.world 13 points 8 months ago* (last edited 8 months ago) (1 children)

Sniffs your local pc to look for remote desktop and vnc ports on it. I can see this being useful in finding RAT risks, but the portscan thing is something the browser should be blocking or sandboxing.

As for PayPal, well, your cc / bank also shares lots of data.

If your threat modelling is that severe, your best bet is Tor Craigslist, a couple blokes packing heat and a briefcase of money in a place with no parking lot surveillance.

But then at that point security and safety is on you and your mates to implement.

[–] coffeeClean@infosec.pub 3 points 8 months ago* (last edited 8 months ago) (1 children)

As for PayPal, well, your cc / bank also shares lots of data.

Paypal is not a bank. Paypal is an additional MitM. Using Paypal adds another surveillance capitalist to the chain along with your bank and credit network. But indeed, the banks and credit cards are shit so I am fighting the war on cash quite hard. I’ve already been dragged into court for insisting on paying a creditor in cash. I won that case and will continue insisting on cash payments.

If your threat modelling is that severe

My threat model simply includes mass surveillance. Which is in the threat model of everyone who understands and embraces privacy. It’s worth noting that it’s not purely and infosec stance. I also object to feeding a supplier who is acting against me. The moment I detect that a supplier is working against me, I walk on ethical grounds. They have failed to earn my business. The snooping just happens to be the manner in which they are working against me.

your best bet is Tor Craigslist,

I was doing that at one time but something pushed me off. I don’t recall what.. whether it was SMS verify or CAPTCHAs or phone numbers or fussy email address verifiers... something drove me off.

[–] Blaster_M@lemmy.world 4 points 8 months ago (1 children)

Can't help you there. Buying stuff isn't anonymous, even brick and mortar stores have cloud surveillance cams now.

[–] coffeeClean@infosec.pub -1 points 8 months ago (1 children)

Most of my shopping is done at street markets. When a big parking is filled with vans and portable tables on a weekly basis, there is no surveillance. But if I need something very particular then the cash option gets threatened. E.g. I would like to have a Flipper Zero but these are never at street markets and not even on any shelves anywhere.

[–] Synnr@sopuli.xyz 2 points 8 months ago* (last edited 8 months ago)

I have a Flipper Zero (and case and the extra components) that I'll 99.99% likely never use. I'd love to get cash for it but I'd be asking twice what it's worth because I like having it on 'what if' grounds.

But I feel you, it's unfortunate about the state of things. The EU just banned privacy coins. US is soon coming I'm sure. They won't allow people to legally use them after the release of a central bank coin.

[–] deur@feddit.nl -4 points 8 months ago (1 children)

So you just don't buy anything? Get over yourself and your unhealthy obsessions.

[–] coffeeClean@infosec.pub 3 points 8 months ago* (last edited 8 months ago)

Ethical consumers patronize the lesser of evils, and go without if it’s feasible given only quite shitty options. Affluenza-driven OCD consumption is the unhealthy obsession that ethical consumers manage to avoid.

[–] MisterFrog@lemmy.world 7 points 8 months ago (1 children)

I'm OOP, I bought this Pixel 6 phone outright directly from Google. This system app has no business being on my phone.

And even IF it was purchased on credit, this is such an unfair power dynamic which hurts the most vulnerable in society.

Miss a phone payment, get locked out, haha have fun trying to access your bank account (many people have a phone as their primary computing device to access banking, and further, many banks might have SMS 2FA).

I say, there is no excuse for this. There were repo methods before software locks, and we'd ought to keep it that way.

It doesn't appear to actually be used, at least in Australia, but having the functionality built in at all should be straight up illegal in a caring society.

[–] BleatingZombie@lemmy.world 1 points 8 months ago

(/s)

You're THE object oriented programming?! I'm always asked questions about you. I'm downright starstruck!

[–] cm0002@lemmy.world 4 points 8 months ago (1 children)

I don't think any of the major (I know someone will probably come in here and tell me about some tiny provider that's only in like 2 states that does) US carriers that do phones on secured credit, they default to unsecured credit. Maybe, they have an alternative plan for people with not so great credit, but I doubt it.

[–] coffeeClean@infosec.pub 0 points 8 months ago (1 children)

Someone in the original thread said this swindle does not apply to the US. Though I’m a bit surprised.. it’s the first place where I would expect this to happen.

[–] halcyoncmdr@lemmy.world 2 points 8 months ago

The US carriers install their own software loads onto phones they sell, with similar functionality, they don't need to use this mechanism.