This is an opinion editorial by Anthony Feliciano, a Bitcoin event organizer and consultant.
Now to part two of my series on how our smartphones spy on us. You can find part one here.
In this part I’ll talk about:
- De-Googling your mobile OS.
- Getting around SIM, eSIM and IMEI while still using your phone
- Bitcoin and Lightning Network apps that can be used on a de-Googled phone.
- Steps to build your opt-out plan.
CalyxOS And GrapheneOS
GrapheneOS offers a sandbox Google Play:
"GrapheneOS has a compatibility layer providing the option to install and use the official releases of Google Play in the standard app sandbox. Google Play receives absolutely no special access or privileges on GrapheneOS as opposed to bypassing the app sandbox and receiving a massive amount of highly privileged access. Instead, the compatibility layer teaches it how to work within the full app sandbox. It also isn't used as a backend for the OS services as it would be elsewhere since GrapheneOS doesn't use Google Play even when it's installed.”
CalyxOS offers an option in practice as well with their Aurora Store. The premise behind Aurora Store is that the Google Play service is replaced with microg:
“[It] replaces some functions of Google Play Services while maintaining much more anonymity and privacy.”
This allows you to download the apps you know and already use everyday.
I am a current user of GrapheneOS and have been for a few years now — this is my opt-out plan when I’ve had enough of Big Tech and draconian government overreach. I have tested out many features of GrapheneOS and tools I can and can’t use. In my following article I will share what you can do as well.
SIM, eSIM And IMEI
Every time you purchase a new phone from a provider, you are complying with KYC (know your customer) protocols, handing your information over to the cell service provider. In exchange you get a new smartphone with a SIM card (or on some newer phones an eSIM), and assigned an IMEI number that allows access to the provider's cell phone network. That information can be a part of a subpoena to a provider for the records, along with all your data, text, web history etc., as well. So what can you do? You still want to communicate with friends, family, have internet access and be connected to the rest of the world.
You can still walk into Best Buy today and buy unlocked phones in cash. Purchase the cell phone outright, and it won’t be tied to a provider such as Verizon, ATT or T-Mobile. There is no personal information given out, and you can take your phone to whichever provider you need access to by purchasing a SIM or eSIM card.
*Bitcoiner pro tip: you can purchase eSIM and pay via BTC or Lightning.
Bonus Bitcoiner pro tip: before purchasing, make sure when visiting any website, you are using a VPN and/or Tor to further reduce your online footprint. If you are going to purchase via BTC, please make sure you use post-CoinJoin BTC via JoinMarket. For Lightning, make sure the funds you use to open channels from your base layer BTC are from a post CoinJoin to make Lightning payments. One example of a website offering eSIMs for BTC is Silent.Link.
This is the extreme step of my opt-out plan. When purchasing a SIM card, the choice is yours. When you purchase a SIM in cash, the phone IMEI number will be given as part of activation to make sure it is not blacklisted (stolen). My opt-out phone has never been activated via SIM, and my phone is an older model so there is no eSIM option. I use Wi-Fi hotspots to access the internet along with a VPN and Tor. There is an advanced technique called IMEI spoofing — I have not tried this method out, but the goal is to get around IMEI that have been blacklisted from accessing network providers. Changing the SIM will not help either, because the IMEI is still blacklisted.
*Note - When using Wi-Fi, very little information about the device is recorded, namely the MAC address, device model, browser used and OS — your SIM and IMEI number are not recorded. However, if your phone pings a cell tower, then information is recorded and records can be easily obtained by simply tracking down the IMEI number.
Bitcoin And De-Google Smartphone
Now to the Bitcoiners out there who are finally fed up with all the spying and tracking, let's add some Bitcoin and Lightning Networks apps to really make your phone optimal for your opt-out plan.
What follows is a list of Bitcoin and Lightning Network apps put out by developers and companies who release them as Android Package Kits (APKs). APKs are of vital importance when using de-Googled phones because the developers behind them allow them to be installed on your phone without the need of Google Play service and all the tracking behind it. As Samourai found out, having your app in the Google Play Store means you have to comply with their request to remove security features. Samourai did the next best thing — direct download via APK.
Below are the Bitcoin and Lightning Network apps I use and where to get their APKs, but there are probably more.
- Zeus: Right on their main page is the APK download. A perfect app to use to connect to your node.
- Breez: From their Github page: “Breez is a Lightning Network mobile client and a hub. It provides a platform for simple, instantaneous bitcoin payments.”
- Electrum: Download the APK for Android. **Note: connect Electrum to your node network’s .onion address, do not use automatic servers when connecting**
- Tor: Download the APK. This is the Tor Browser used for connecting to the internet.
- Samourai Wallet: Download the APK. Connect to your Samourai Dojo or use it for Whirlpool.
- BlueWallet: BlueWallet is an easy to use custodial wallet for both Bitcoin and Lightning.
- SBW: A simple and easy Bitcoin and Lightning app
- ProtonVPN: This is the VPN service I use — they have a free client with limited country connection options, but also offer pay tiers. Find a good quality VPN service that offers their app via apk.
- Telegram: You can buy a SIM/eSIM with bitcoin to get a phone number to use as one-time verification via SMS. (You will probably want to make a new Telegram account, since you may have used your own personal number to verify your account)
- Element: A chat app used by many. Some heard of Matrix, element is the app you can download on your phone.
Anyone using APKs should only utilize those found on a project’s main website or Github page. It is highly recommended to avoid websites that offer APKs for an app you can't find — I do not trust them, they are rebuilt by the sites and who knows if you are getting the real app or one loaded with remote access to any info you enter in there. So, if you can't find the project's APK easily on their site, contact them directly and ask.
Steps To Build Your Opt-Out Plan:
- Pick a de-Googled OS.
- Load Bitcoin and Lightning apps at home.
- Add security apps like a VPN and Tor browser.
- Leave your home, take your backup phone with you.
- Find out what works/doesn't work for you.
- What apps can you “not live without?”
- Ask yourself, “What security gaps did I miss?”
- Gain confidence in being able to use Bitcoin privately.
I hope you found this article helpful. For me, this is just another rung as you climb down the ladder of the Bitcoin rabbit hole. Using technology doesn’t mean we have to give up freedoms for the easy and convenient options. It means we can develop an opt-plan and still use Bitcoin. If you enjoyed this, give my two other articles a read, “Is This Mobile Banking — Bitcoin On The Go” — where I make my Lightning node mobile and take it on a road trip. Then read, “How To Make To Make Your Lightning Network Node Mobile” — that’s the technical guide on how to make the node mobile. If you can combine all three topics, you’ll be on your way to truly opting out.
I have included three photos to depict the end goal.
This is a guest post by Anthony Feliciano. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.