Whenever people ask about ways to make their smartphones more private or which is the most privacy-respecting phone to get, there’s always a few people confidently asserting “all smartphones are spy tools, get a dumbphone with no apps if you want to be private”. Which is ridiculous advice for a few reasons
Dumbphones usually run either proprietary operating systems or outdated forks of Android. They’re almost never encrypted. They rarely get security updates. They’re a lot more vulnerable than even a regular Android phone
With dumbphones, you’re usually limited to regular phone calls or SMS/MMS messaging. These are ancient communication standards with zero built-in privacy. Your ISP can read any text message you send and view metadata logs of any phone calls you make. In lots of places (like Australia where I live) ISPs are actually required to keep logs of your messages and phone calls
With even a regular Android phone you at least have access to encrypted messaging apps like Signal or Session so your conversations aren’t fair game for anyone who wants to read them. Of course there are better options. iOS (not perfect but better than most bloatware-filled Android devices) and a pixel with GrapheneOS (probably the best imo) are much better options; but virtually anything out there is going to be better for privacy than a dumbphone
OC text by @[email protected]
Thank you!!
I get so frustrated seeing privacy advocates saying “I will just go back to a dumb phone”. Dumb phones had no concept of privacy ever, it is just rose colored glasses all the way down.
The police literally didn’t need access to your phone because every call and text was logged by the phone company and they just hand it over without question.
Hell, when I was a teenager and got my first dumb phone, my parents could request a copy of every single text I ever sent.
You can’t put matrix or signal on a dumb phone, the only benefit is no GPS, and some also have that. Plus as the author said, they are either not encrypted or have some old version of software that probably has dozens of CVEs.
IIRC there is at least one dumbphone that runs signal, https://www.punkt.ch/en/products/mp02-4g-mobile-phone/, but that’s expensive and not something you’d usually get if you think dumbphones.
But yeah, the point of having a dumbphone is not security or privacy, at least for me and most of the people I spoke with about it. The point is you have your phone as a backup emergency comms, and just learn not to use and rely on instant communication and internet access. Maybe an occasional “I’m running late” messages, but other than that, the point is you just wait until you get to a PC.
And even for emergency comms, I had a dumbphone that can make a 4G hotspot, and had a GrapheneOS smarthphone without a sim or internet powered off in my bag. And if I needed to sort out anything, I just fired up a hotspot and turned on the second phone.
The fact that it was annoying several steps was the point, so you do it only when absolutely neccessary, and eventually quickly learn not to do it. It has improved my life by a lot, getting rid of this “always online” addiction/reliance.
Besides this, there were several times when noname dumb phones do several things you don’t want or expect them to do:
- Use your SIM or internet to “track sales”, sending out your IMEI
- Send SMS to paid numbers
- Steal authorization SMS
So technology being easily attacked is not even a real problem when you have a bunch of trojans right from the start. Those stories are from 2021, so of course this might not happen any longer.
I think the point of people saying they’ll go back to a dumb phone is that they’ll have it in case of an emergency or if they need to talk with someone that can only be contacted via phone (e.g. job interview, company support), but they won’t use the phone otherwise. In other words, they’d use XMPP or Matrix or whatever on their computer instead of their phone when they want to talk to someone they know.