Sep 3, 2013

How To Prism Break Your Android Device

User big brother 1984
User big brother 1984
(Photo credit: Wikipedia)
If you have been reading Bauer-Power for the last few months, you know I have been feverishly trying to Prism-proof my devices as much as humanly possible. I've removed Windows from all of my computers, including my work laptop and replaced them with either Bauer-Puntu Linux or Lubuntu. I've gotten rid of Gmail, and setup my own email server with encrypted storage. I've switched away from Google Search and started using Start Page. Basically I've done my damnedest to rid myself of all things Google.

There are two things that I just haven't been able to get rid of until now. One is this blog which is hosted on Blogger. I am not going to stop using Blogger though because by it's very nature the Blog is public, so I'm not concerned if the NSA is reading my posts. The other thing I can't quite shake is my Android phone.

As the Network and Security Manager for a technology firm in California, I need to have a smart phone so I can read email, get alerts and generally be available 24/7. The options in the smart phone market though are very limited when it comes to being free of the NSA's Prism program. Apple, and Microsoft are the other major contenders in the smart phone realm, and both were named in the Prism program. I could switch to Blackberry I suppose, but having been a Blackberry user and Administrator in the past, I think I would rather gouge my eyes out first.

Nope, I will be sticking with my Android for the time being until the Ubuntu Edge comes out, or perhaps the Firefox OS devices hit the market. That doesn't mean I'm going to take things lying down.

I got the idea for this post from Prism-Break.org. Under their Android section they recommended using the mostly open-source alternative to the stock OS that comes with most Android devices known as CyanogenMOD. They also recommended Replicant, which is made up of 100% Free and Open Source Software (FOSS) however its device support is limited, and my CDMA Galaxy S3 from Sprint wasn't one of them. They do support the International version of the Galaxy S3 though.

CyanogenMOD is pretty good though, the only proprietary things they still use are the hardware drivers. Also, they now come with Privacy Guard built in so you can keep applications from accessing your personal information. That's key if you value your privacy. Finally, CyanogenMOD does not come with any Google Apps installed by default, including Google Play. This is perfect if you want to avoid being tracked by Google which is a big player in the Prism program.

NOTE: Make sure you backup your important information. This process will wipe all your settings and data. Also, this may void your warranty. Proceed at your own risk.

So here's how you do it:
  • Install the latest ClockwordMod Recovery image using Heimdall on Ubuntu. Here's a video that explains that process pretty well. The only difference is you don't need the cache.img part that he mentions, and for the Galaxy S3 it's --RECOVERY not --recovery:

  • Next you will want to download the latest stable CyanogenMOD ROM and save it to your SD card
  • Next boot into recovery. On the Galaxy S3 you do that by pressing the up volume + home + power, and letting go when you see the "Booting to recovery" in the upper left of the screen
  • Select Install from zip > Install from External SD
  • Browse to the CyanogenMOD ROM you downloaded and select it then follow the prompts to install
  • After installation reboot your phone and you should see the CyanogenMOD splash screen. If it gets stuck on the splash screen, you may need to go back into recovery and wipe your cache and start over
  • When your device is booted up you will notice how bloat free your phone is. You may also notice that you don't have any Google apps installed!
  • Before you go any further, I recommend enabling Privacy Guard by going into Settings > Security > Privacy Guard. Select the option to enable it by default for all new applications
  • I also recommend encrypting your device by going into Security > Encrypt Phone. You can follow my instructions here. With CyanogenMOD you can encrypt your device with either a pin number or a passphrase
  • Now you need some apps. Instead of Google Play I recommend the following alternative app stores which should give you most of the applications you would want. All can be downloaded and installed from the browser on your device: Amazon App Store, SlideME, and F-Droid
  • From F-Droid you can install K-9 Mail and APG so you can send and receive PGP encrypted emails
  • Download and install TextSecure and RedPhone for encrypted text and phone calls. They are not available via the alternative markets, so I made the APK files available here for download: (TextSecure and RedPhone)
  • Instead of Google Maps for navigation, install the Mapquest Maps GPS & Traffic app from the Amazon App Store
  • Install Orbot and Orweb from the F-Droid app to browse anonymously over the Tor network
  • Install Gibberbot from the F-Droid app to chat over IM with OTR encryption
  • Install DroidWall from the F-Droid app to enable and configure IPTables Firewall

That's about it, and frankly all you can do to opt out of the NSA's illegal surveillance of Americans under the Fourth Amendment to the Constitution on your Android device. In the end, even the open source version of Android that CyanogenMOD uses is still made by Google, so there is no guarantee that they didn't put something into the code that allows the NSA to have backdoor access.

Still though, limiting the Google applications you install and enabling Privacy Guard should prevent Google from collecting a lot of the information they would normally collect on you to turn over to Big Brother. Also, the addition of end-to-end encryption enabled applications, as well as Firewall protection will increase your chances of avoiding the NSA as well.

For those who scoff at the idea of being able to avoid the NSA's vast surveillance with encryption, just remember that Edward Snowden himself said that encryption is effective at thwarting the NSA.

Do you have any other suggestions or tips for opting out of Prism on your Android device? If so, sound off in the comments!
Enhanced by Zemanta



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | spam filter in the cloud