Privacy by design: smartphone vendors make security a selling point
There are more mobile phones on the planet than people, and many users will be within arm’s reach of their devices 24 hours a day. Smartphones put internet connectivity in the palm of our hand, which is incredibly useful and – one could argue – makes the world run a little smoother. But there’s a privacy angle to consider too, which has given rise to a new class of device – the security and privacy-focused smartphone.
If asked to be fitted with a GPS tracker with multiple microphones and cameras, many of us would refuse the offer. Yet, we don’t hesitate to carry our mobile devices, which contain all of these hardware elements (not to mention movement sensors and a host of digital breadcrumbs), more or less wherever we go.
The cautionary phrase ‘if something is free, you’re the product’ was originally aimed at watchers of ad-funded television in the 1970s, but today it serves as a warning for smartphone users. Our data adds value to search engine and social media giants, providers of mapping services, and many more free-to-use apps.
With the rise of wearables linked to mobile devices, app developers can get to know their users like never before. And while it’s possible to dive deep into the privacy settings to control how much information smartphones and their accessories are sharing, the user experience isn’t ideal.
Far better to have a hardware switch or two (or even three in the case of the Librem 5 privacy smartphone by Purism). And that’s exactly what some device-makers have added to their designs. The Murena Two, which we’ll be looking at in more detail shortly, has two physical switches – one to disconnect cameras and microphones, and another to disable connectivity.
Interestingly, Apple has added a multi-functional ‘action button’ to its latest range of iPhones, which could be seen as a vote for the convenience of having a hardware switch. But let’s be clear, Apple’s action button isn’t a security switch. Plus, there’s operating system behaviour to take into account as well.
Apple, with it’s ‘Privacy. That’s Apple’ campaign, is keen to position itself as a privacy leader. And while iOS users may have some protection, they are still sharing data with Apple. On its website, Murena highlights that – on a typical day of use – a regular iPhone device is requested 51 times per hour, with several megabytes of data leaving the device every day.
A regular Android smartphone, according to the same source, is requested 90 times per hour. But while iOS and Android may dominate the smartphone market, users have other options, which include a number of mobile operating systems that aim to offer a suite of superior security and privacy features.
Examples of privacy smartphones that don’t track you:
- Murena 2
- Fairphone 5 (running “deGoogled” /e/OS or CalyxOS)
- Purism Librem 5
- Google Pixel 5 and above (running privacy-focused GrapheneOS, CalyxOS or /e/OS)
- Bittium Tough Mobile 2C
To discover what it’s like to switch from a mainstream iOS or Android device to a privacy smartphone, we get up and running on a Murena 2 (which was kindly sent to TechHQ for review).
Getting started with a privacy smartphone
Turning on the Murena 2 for the first time brings up the /e/OS welcome screen, which features a link to the accessibility settings menu (where users can adjust the display size and text and zoom in on the screen). Other options are the ability to make an emergency call and – likely to be of most interest – a start button to initiate the device.
Pressing start takes users to a list of supported languages. Once a selection has been made (US English in the case of TechHQ), the device checks for the presence of a SIM card. Also, if you’re curious about the small grey triangle at the bottom of the privacy smartphone screen – it’s the back arrow.
Connecting to the internet over Wi-Fi is as straightforward as you’d expect, and – if you don’t have a SIM card inserted – allows the device to pick up the current date and time. Users then have the option to enable or disable location services, including whether satellite assistance data is downloaded when location is on.
The three-button navigation scheme feels the most intuitive, but users have other options and can select a two-button format instead or use gestures if preferred. Similarly, there are three choices for unlocking the screen – swipe pattern, PIN, or password.
Setting up the fingerprint scanner (not available on the review device) is next on the list. And it’s good to see that /e/OS provides a useful explanation of what’s happening under the hood – for example, pointing out that actual fingerprints are not retained by the device. Biometric passcode information, derived from the user’s fingerprints, is stored locally.
The on-screen instructions also note that activating fingerprint unlock means that somebody could unlock your phone by holding your finger up to the device. Biometric data may be unique, or at least rare, but it’s not secret.
There’s the option to sync to a cloud account (for example, if you have an e.email or murena.io ID). And once new Murena Two owners arrive at the home screen, the OS provides a couple of useful notifications. The first explains how to assure the device is safe (using the Trust icon, which only shows when page contents have been verified) and another describes advanced privacy options.
If you want the ability to deny trackers, hide your real location (by providing fake data), and enable the TOR network to obscure your actual IP address, then advanced privacy options are your friend. They let users see which trackers (pieces of code hidden in apps) are active and block them.
In our case, when TechHQ selected the option to use a random plausible location, the privacy smartphone settings chose Quezon City in the Philippines.
Installed apps include a web browser with a choice of five search engines (/e/ spot, DuckDuckGo – light and full versions, Mojeek, and Qwant) and Magic Earth – a non-tracking navigation and maps app. Incidentally, Magic Earth can also be downloaded for iOS and regular Android devices.
Multiple app stores in one
There’s more clever privacy-preserving software when it comes to getting other applications on the device. Rather than having an app store, /e/OS features an ‘APP LOUNGE’, which – digging into the terms of service – only works locally on the user’s phone and without transmitting any personal data to E Foundation.
Launching APP LOUNGE, users have the option to sign in with Google, continue in Anonymous mode (which we’ll soon get to), or show only progressive web apps (PWA) and open source apps. Open source apps have the advantage of being open to scrutiny, and PWA titles are served through the browser.
We downloaded ‘Warehouse Rating’ – a PWA title that may appeal to those with supply chain interests – as part of our device test, and the app downloaded and ran without any issues. Likewise, open source apps were easy to install through APP LOUNGE, which includes titles on F-Droid and other repositories.
Returning to those APP LOUNGE sign-in options, anonymous mode lets users access native apps from the Google Play Store catalog without needing a Google account.
Reasons to try the Murena Two privacy smartphone
One of the strongest use cases for the Murena Two privacy smartphone is giving mobile users the chance to experience life in a deGoogled world. The setup process is quick and mobile users will discover in no time whether they are capable of surviving on privacy-focused apps alone.
There’s also device fingerprinting to keep in mind. By having a Murena Two phone and running /e/OS, users will stand out against a crowd of mainstream Android and iOS devices. However, there are those location faking and obscuring features to help blur the truth and hang on to anonymity.
6 December 2023
5 December 2023
4 December 2023