I can give guesses/probabilistic answers to these questions ...

On 20/05/19 10:17, Fil Lupin wrote:
Hi,

I forward a question concerning Information known by a cellular network provider while using and not using internet asked on the forum (https://redmine.replicant.us/boards/33/topics/15152) :

------
This topic is not related to replicant but as it related to privacy, I am posting here.

I am trying to guess what a cellular network provider (or just network provider) would know while using and not using internet.

I am using the term static content for details that don't change often and dynamic content for details that change often. The content in bold is which I am not sure whether it is known by the network provider.

1. While I am not using the internet:
The network provider would know Non-internet based static content such as:
personal information including address

Probably

, occupation,

Possibly if data is linked

 proof of identity,

Possibly and if data is linked

etc (if given/required during purchase)
sensitive personal information including as bank account details

Possibly

, etc,
device details such as *IMEI number?,

Likely

 Serial number?,

Dunno

 operating system?,

Dunno

type of device (smartphone, tablet etc.)?, MAC address of the device?*

Probably

 etc.

[Note: I am not sure whether content such as IMEI number, operating system, type of device (smartphone, tablet etc.), MAC address of the device would come under non-internet based content or internet-based content]

The network provider would know Non-internet based dynamic content such as network-based location (which cell towers I use),

Yes

 call detail records

Almost certainly

(who you called and when),

V. Likely

 text message details (who you texted and
when),

V. Likely

text message content,

V. Likely

payment history

Extremely Likely

etc.

2. While I am using the internet:
The network provider would know Internet-based dynamic content such as IP address,

Probably

 bandwidth consumption

Probably

, location via GPS (if GPS is turned
on)

Possibly, though not sure.

, *browsing content and history (including the date, time and
duration of the internet session)?

Probably. If the site uses SSL/TLS then cannot see the content on the site.

, the apps running on the device?,

Possibly, if they wanted to.

data sent and received by the apps?*.

Probably


3. While I am using the internet via a VPN:
The network provider would know Internet-based dynamic content such as the VPN's IP address, bandwidth consumption, *location via GPS?*.

I think VPN, they'd know the IP address of the provider.

They'd know the bandwidth, though it'd be obscured.

Within reason, they shouldn't know GPS.

A VPN is pretty much just shifting the responsibility of trust.

Ie. from the ISP to the VPN provider.

There are technologies such as VPN chains, proxy chains and other which can technically remove some of the responsibility of trust in third parties.


Some info I got from another forum is that *apps created using technologies/terms such as JSON, TNA, SDK and GPS would receive/send data while using the internet i.e. Internet-based dynamic content* (JSON = JavaScript Object Notation, SDK = Software Development Kit, TNA = Truly Native Apps)

Feel free to comment for any modifications if required for the above details.

------
I gave a first answer about IMEI local storage.

- Fil Lupin.


_______________________________________________
Replicant mailing list
Replicant@osuosl.org
https://lists.osuosl.org/mailman/listinfo/replicant


Cheers,

Josh
_______________________________________________
Replicant mailing list
Replicant@osuosl.org
https://lists.osuosl.org/mailman/listinfo/replicant

Reply via email to