I can give guesses/probabilistic answers to these questions ...
On 20/05/19 10:17, Fil Lupin wrote:
Hi,
I forward a question concerning Information known by a cellular network
provider while using and not using internet asked on the forum
(https://redmine.replicant.us/boards/33/topics/15152) :
------
This topic is not related to replicant but as it related to privacy, I
am posting here.
I am trying to guess what a cellular network provider (or just network
provider) would know while using and not using internet.
I am using the term static content for details that don't change often
and dynamic content for details that change often. The content in bold
is which I am not sure whether it is known by the network provider.
1. While I am not using the internet:
The network provider would know Non-internet based static content such as:
personal information including address
Probably
, occupation,
Possibly if data is linked
proof of identity,
Possibly and if data is linked
etc (if given/required during purchase)
sensitive personal information including as bank account details
Possibly
, etc,
device details such as *IMEI number?,
Likely
Serial number?,
Dunno
operating system?,
Dunno
type of device (smartphone, tablet etc.)?, MAC address of the device?*
Probably
etc.
[Note: I am not sure whether content such as IMEI number, operating
system, type of device (smartphone, tablet etc.), MAC address of the
device would come under non-internet based content or internet-based
content]
The network provider would know Non-internet based dynamic content such
as network-based location (which cell towers I use),
Yes
call detail records
Almost certainly
(who you called and when),
V. Likely
text message details (who you texted and
when),
V. Likely
text message content,
V. Likely
payment history
Extremely Likely
etc.
2. While I am using the internet:
The network provider would know Internet-based dynamic content such as
IP address,
Probably
bandwidth consumption
Probably
, location via GPS (if GPS is turned
on)
Possibly, though not sure.
, *browsing content and history (including the date, time and
duration of the internet session)?
Probably. If the site uses SSL/TLS then cannot see the content on the site.
, the apps running on the device?,
Possibly, if they wanted to.
data sent and received by the apps?*.
Probably
3. While I am using the internet via a VPN:
The network provider would know Internet-based dynamic content such as
the VPN's IP address, bandwidth consumption, *location via GPS?*.
I think VPN, they'd know the IP address of the provider.
They'd know the bandwidth, though it'd be obscured.
Within reason, they shouldn't know GPS.
A VPN is pretty much just shifting the responsibility of trust.
Ie. from the ISP to the VPN provider.
There are technologies such as VPN chains, proxy chains and other which
can technically remove some of the responsibility of trust in third parties.
Some info I got from another forum is that *apps created using
technologies/terms such as JSON, TNA, SDK and GPS would receive/send
data while using the internet i.e. Internet-based dynamic content*
(JSON = JavaScript Object Notation, SDK = Software Development Kit, TNA
= Truly Native Apps)
Feel free to comment for any modifications if required for the above
details.
------
I gave a first answer about IMEI local storage.
- Fil Lupin.
_______________________________________________
Replicant mailing list
Replicant@osuosl.org
https://lists.osuosl.org/mailman/listinfo/replicant
Cheers,
Josh
_______________________________________________
Replicant mailing list
Replicant@osuosl.org
https://lists.osuosl.org/mailman/listinfo/replicant
