Encryption / pre-encryption

I hope this is the right place for this…that the pureos community is already ahead of this…https://www.youtube.com/watch?v=c52pKpYeZ74
"Capturing everything.

Soon Apple will scan all digital content pre-encryption. Microsoft already can. That’s the reading of your WhatsApp, Signal, and SMS messages before you even send them. Windows will soon start keylogging and taking screenshots of anything you do every 5 seconds on your devices. By the end of 2024, AI will be monitoring your every virtual action … After this, it’s planned that AI will be watching you physically in your home and office space via a holographic image - telling you what you can and can’t do"

is the librem phone and laptop going to be *safe from ths type of pre encription monitoring??? Or the receipt of texts before receipt?

NPU tech, etc… how can we protect our devices from such tech…?


So, an old problem we had from years back is that everybody wanted to believe their phones were doing GPS, but if you get into the code of what’s happening the phones actually send all the names of nearby wifis and cell towers into a server in California [or some such place] – thus sending your location – and the server sends back your lat/long or something you can use to know where you are more accurately than how GPS actually works.

But unlike GPS, because this is 2-way, it means that the powers that be can build a database of everyone’s location. That also leads to systems like “Location History” on Android, which I think is probably server based and not local to the phone’s hard drive, so that’s obviously creepy to someone who is paying attention.

What I find with the Librem 5/Librem 14 is that if you buy one, by default it has the same feature(s) because the 3-letter agencies or their ways of thinking infected GNU/Debian. So even though the Librem 5 has a literal GPS hardware, if you ask the software for your location frequently it will skip past GPS and instead ask a server hosted on AWS where you are by sending your nearby WiFi names, nearby cell towers, etc, etc.

What separates the Librem 5 from other phones by default is not their ability to escape the influence of the 3-letter agencies in the contents of their software, but rather the ability for individual users to learn and to look at what the device is doing, and what is inside the code of the device hiding in plain site, and then to remove it. On an Android, if your phone is sending all this data about your location to a server, you can only really wonder if that might be happening. Or you can use some Chinese hacking tool called MAGISK or whatever, whose name sounds like it is making fun of you, to hack you device and maybe, after hours of pain and getting kicked off of your provider plan, you can re-flash the device with a new image where you are the boss, and maybe on that new image you can ask the system questions about what it is doing without having your own device deny you access and maybe at the end of that long journey, you might discover that the Android is sending home your location data.

So, on Android, I never did those steps. It sounded too much like a mad hack that would break everything. But on Librem 5, there are not such steps to take. I can, at any time, ask my device what it is doing. And that is how I came to understand the the Librem 5 was sending my location (wifi names, cell towers nearby, etc, whatever) to the server of someone. This is independent of the very real, but separate problem, that the cellular providers and their towers can triangulate where I am simply by me using the cellular modem at all. On top of that triangulation, there was a second thing, where the software of the Librem 5 was sending data to the Location Services web server, supposedly to better identify where I am. [So, notably, even if I turn off the Cellular Modem switch and only enable the WiFi switch on the Librem 5, on a default device configuration the device would most likely still be sending this location information over WiFi.]

And what separates the Librems from Windows and Androids an iPhones is not that Purism has enough billions of dollars to rip out the government agencies from our common codebases – wherein it is hiding in plain sight – but rather than the Librems (and most GNU / Linux in general) allow the user to be the ultimate root user, who administrates the device. You can break it, but you can also change it to better serve your needs. And so for example, after chatting here on the forums and by the advice of @irvinewade, I changed my Librem 5 so that it doesn’t send my location to the Location Services anymore. I made this administrative decision for the device not to know where I am, other than from its GPS hardware which is one way incoming (but supposedly less accurate). So, that’s on me, that I will have to find my own way, and I will have to know where I am by some other means.

In a similar way, given 10 or 20 years if people say that GNU / Linux systems like what we run on the Librems “do not work” and are “completely unusable” because they do not screenshot what you are doing every 5 seconds and do not upload the records to AI, it is quite likely that a user contributor frustrated with the sense that these systems “do not work” will most likely create a pull request against their public, open source codes, and then a different person will approve it and merge the “periodic screenshots” and the “upload to AI” instructions to be the new future of the Linux and GNU software stack, because of the extraordinary pressure to change what these systems are to make you want to use it.

At that point, the Librems will receive an update to add this snooping feature because of its apparent necessity and benefits. And then, in that day, it will be on you as the administrator of your device to rip out and expunge these features, if that is what you choose to do, like how I disabled the Location Services submissions using @irvinewade’s advice on the Librems that I have in the present day.

Because of all this, I think the fundamental difference between running some freedomware Linux variant versus all those other corporate systems is that at the end of the day, on Linux the user is administering their computer whether for good or for ill. So we can break our devices, but we can also change our devices to better align with our desires for what the technology should be doing.

When you lose that power – when you are using a Linux system where you ask the system in a technical way if it is screenshotting your every activity, and the system replies, “Access denied”, and then you try to disable the screenshotting, and the system again replies, “Access denied” – then this will be a good indication that you should entirely stop using or replace such a system.


I’ve turned that off. You probably should too.

(Given Purism’s emphasis on the power of defaults, I don’t understand why this is seemingly on by default.)

By definition the endpoint device is always vulnerable to pre-encryption monitoring, whether it’s disk content or network traffic. So the question becomes: who controls the endpoint device?

If the device runs blackbox software then Big Tech (Apple, Google, Microsoft) really owns the endpoint device and you are just renting it.

The benefit of a device running 100% open source / a Purism device is that you control the device. Either it wouldn’t have pre-encryption monitoring in the first place or if it ever did then someone would discover it and remove it.

Well, texts are hopelessly insecure no matter what your endpoint device is. Texts can easily be read in the network by a range of mobile service provider companies and are probably mirrored off to the government as well. If you are concerned about privacy then you don’t ever use texts (SMSs).

Instead you would use an end-to-end encrypted (E2EE) messaging app - but you have to do so on a trusted endpoint device otherwise there’s not much point in having E2EE. Of course, you also have to trust the other party with whom you are exchanging messages.


Thanks guys for your comments…so much to learn here…I think I turned off the sending of location data…but will check this out.

1 Like