Everybody, everybody - what's up.
I have a question, that I'm sure the answer to already might be, "No, it doesn't help anything". With all the stuff about 'Stingray' devices used to sniff cell data and to triangulate a cell phone's location regardless of GPS signal or if powered on (in some cases), I started thinking about what would be necessary to protect oneself from such a blatant misuse of authority and violation of our bill of rights.
First, let me preface this off with - but shouldn't even need to say that - I have nothing to hide. The fact that my privacy should be, private, is enough for me to ask the question and consider what can be done by us without buying the $3500 CryptoPhones. This is a complete intrusion of everyone's privacy, our basic rights, and shows the blatant disregard for our privacy our authorities have. I am all for finding ways we can find terrorists and ways to keep us safe. But you know they're abusing the ability to use these devices before they even obtain a warrant. They're just trying to cover appearances. I'm not a conspiracy theorist and no I'm not paranoid. This is just too much power for any group of authorities (what happened to checks and balances?).
Ok I'm off my tirade. Back to the technical question:
Is there a way we can protect our privacy without the need for a CryptoPhone? Some carriers, like T-Mobile, offer a wifi calling app that will switch off your radio when connected to wifi to make calls. If you happened to have your phone rooted and used the SSHTunnel app to set up a socks proxy to route all traffic through an encrypted SSH tunnel with the use of a carrier's wifi app, or through using your own SIP / VOIP service, would you be protected? What about if your weren't on wifi and routed all calls/data through the same socks proxy, encrypting your data over the carrier's 3G/4G towers?
My concern to the above questions is that some articles have stated your antenna can still be tracked even when 'not connected' to the towers. I'm sure that even with a socks proxy over cell towers that agencies could still triangulate a cell phone's signal by checking which towers it is connected to. I am not as concerned about my location being triangulated as I am with my banking info, etc, being made available through this infrastructure of 'security'. My largest concern is of a good group of hackers who know how to create a Stingray device that can snoop my data while authenticating to my bank, email, work, etc.
So to reiterate:
1. Can we protect ourselves at all without a special OS like the one from CryptoPhone?
If so:
2. Will a socks proxy over cell 3G/4G protect you?
3. Will wifi calling with a carrier like T-Mobile help when the cell antenna is disabled?
4. Will using your own voip / sip service through Flowroute, etc over data with wifi / 3G / 4G using a socks proxy help?
My largest fear is that the answer to 1 might be no, in which case we can fork out a lot of cash for a CryptoPhone to be protected. Or wait for a law to be passed so that our government can abide by it... yeah... right... like that ever happens...
What are your thoughts?
More info:
http://www.computerworld.com/article/2600348/mobile-security/are-your-calls-being-intercepted-17-fake-cell-towers-discovered-in-one-month.html
http://en.wikipedia.org/wiki/Stingray_phone_tracker
https://www.aclu.org/node/37337
https://www.aclu.org/blog/national-security-technology-and-liberty/victory-judge-releases-information-about-police-use
http://www.cryptophone.de/en/products/mobile/cp500/