Well, these measures are a bit outdated. To be tracked now you don't need to access someone's personal devices. You can be tracked with flock cams, ring cams, or any other thousands of cams out there that are already recording you and logging your car and your details. That grocery store you went to yesterday? Yep, you are logged from the moment you are in the parking lot till you leave. Oh, you used paid parking a day later? Your car is logged too, same goes with bus/trains tickets. Neighbors cams or building CCTV? That too. Your home address is also logged through many ways but primarily your tax filing and driver's license. Your home internet can be logged one way or another too, at router level (think of the many exploits against that). What about your laptop hardware? Definitely it isn't open source. Plus, have you checked your hardware if it's bugged? I personally know someone who ordered a laptop and an XYZ agency bugged his laptop (man in the middle) before it was delivered. A new laptop you order online and your bank info will trigger someone to intercept it and alter it in the middle. And many more details, like, are you sure someone won't stick an AirTag somewhere in/beneath your car to track you? FBI and DEA already used modified AirTags that won't notify anyone with an iPhone around to track drug dealers precisely. What about personal connections like friends and family or work that could be a weak link? and many ways without going into further details. So while your measures might work against some random internet attack or random stalker, against a surveillance state it won't. If they want to track you, they have all the resources (technical, legal, etc.) needed to do so.
>FBI and DEA already used modified AirTags that won't notify anyone with an iPhone around to track drug dealers precisely.
Don't Airtags now notify the nearby user if they are being tracked? I have heard of airtags getting modded to remove the speaker but Apple bypassed this with software updates that alert you out of band(as far as I know). Your assertion would require government to have special Airtags that iOS ignores no?
At least one (and I assume all) manufacturers of network hardware have backroom code sharing deals with the NSA, and likely only highest leadership and a single release engineer knows about it.
I personally know a trustworthy release engineer that described in detail they were the person that had to send all new source code for each release to an NSA owned FTP server.
Does that mean Apple is actually doing this too? Hard to say, but when there is no accountability it is best to operate under the assumption the worst is happening. Particularly given Tim Cook is very publicly sucking up to the president every chance he gets.
If apple really wants to (and put their money where their mouth is when it comes to those stupid "Pro Privacy" ads they run), they can start by filing a CFAA lawsuit against said agencies.
The same Apple whose CEO actively kisses the ass of the president buying tickets to be close to him and making him fancy gifts? The same Apple that voluntarily gave the CCP control of all the HSMs controlling the supply chains of all apple hardware in China?
Any claims of privacy or consumer advocacy at Apple are completely just marketing to gullible consumers.
If Apple actually cared about accountability, which is a prerequisite for privacy, they would open source everything so security researchers could reproduce all binaries and easily inspect their sources.
Privacy is like diet, it is not a zero sum game. The less data we give to advertisers and governments the better. The point is to increase the expense of tracking and create as many holes in their databases as possible.
> You can be tracked with flock cams, ring cams, or any other thousands of cams out there that are already recording you and logging your car and your details. That grocery store you went to yesterday? Yep, you are logged from the moment you are in the parking lot till you leave. Oh, you used paid parking a day later? Your car is logged too, same goes with bus/trains tickets. Neighbors cams or building CCTV? That too.
E-Bikes do not require license plates and allow most of this to be mitigated when I use one of those and are what I would recommend for targeted individuals and demographics, but at some level the movements of my vehicle are tracked unavoidably but they certainly cannot remotely control the car or access microphones when they do not exist so these tactics still have value.
> same goes with bus/trains tickets
I pay cash for these and use them short term so little tracking value here.
> our home internet can be logged one way or another too, at router level (think of the many exploits against that).
I significantly reduce the chance of this by using VPNs and Tor for most personal traffic depending on use case, and layers of simple open source linux/freebsd etworking hardware I setup myself.
> What about your laptop hardware? Definitely it isn't open source. Plus, have you checked your hardware if it's bugged? I personally know someone who ordered a laptop and an XYZ agency bugged his laptop (man in the middle) before it was delivered. A new laptop you order online and your bank info will trigger someone to intercept it and alter it in the middle.
I full source bootstrapped my own operating systems and compilers and very often firmware (https://stagex.tools). I mostly use desktops, among them a Talos II which is open hardware/
firmware.
As the lead author of AirgapOS I recommend sensitive use case laptops be purchased randomly from retail locations with cash and document tamper evidence tactics in detail. These tactics are regularly used to move billions of dollars of value around by large financial institutions we advise, but I also recommend these tactics for targeted individuals like journalists as well, along with QubesOS depending on use case.
> And many more details, like, are you sure someone won't stick an AirTag somewhere in/beneath your car to track you?
If I force them to target me in person where I am much more likely to notice, my tactics have done their job and are good to recommend to the general public since they cannot do this type of targeting at scale and thus the tactics can protect most people. I really hope they try something this, because if they do, I am going to waste a lot of their time and have a lot of fun at their expense. I have quite an arsenal of radio forensics hardware and if my vehicle if ever transmitting anything, it is for sure something I did not put there.
> What about personal connections like friends and family or work that could be a weak link?
I do not share sensitive information with people with opsec significantly worse than my own. Everyone at my job uses the same opsec tactics I do for anything work related. We self host everything including E2EE encrypted chat, everyone uses qubesos, etc etc.
> So while your measures might work against some random internet attack or random stalker, against a surveillance state it won't.
My tactics create massive holes in surveillance capitalism and government tracking databases they would need to deploy agents in person to fill. If thousands of people use my tactics, suddenly they run out of agents to stalk people.
My goal is not to make tracking impossible, it is to make myself mostly invisible to surveillance capitalism and blackhats who are my most likely threats, and as a nice bonus require a government to get a warrant and spend a lot of money to track me or anyone using my tactics.
Maybe in US but in various parts of Europe this ain't true, you cross certain threshold for power or speed and license plate is required, with corresponding insurance - same for e-scooters.
Ie in Switzerland thats 20kmh so basically all of them since they often cut off at 25kmh. Almost nobody does that for weaker ones and thus police keeps taking them and then you see police guys riding around say Geneva on various e-scooters.
At least by reading all of the above, it seems they have something like Genode (running on https://sel4.systems/ , amongst others ), but instead of some academic research thing, widely deployed commercially, running on consumer ready devices of all sorts.
Lately all based on that HongMeng kernel thing, comparable in performance to SEL4, utilizing containerized Linux-drivers by way of compatibility-shim, still fast.
I really appreciate the scorched earth efforts to redo computing with security from the start, but personally I have reached the conclusion that compatibility is key to adoption, and that desktop focused linux distros like ubuntu with yolo security being used for servers is the practice causing the most harm we must end as soon as possible.
QubesOS falls really short in supply chain integrity, and server solutions, but IMO the overall hypervisor/IOMMU isolation architecture is the most practical and compatible way forward though nowhere near as elegant as some of the ideas in Genode.
In EnclaveOS my team and I chose to focus on remote attestation and best available security isolation technologies available to most server CPUs while still using (hardened) linux kernels. We talk about this here: https://distrust.co/blog/enclaveos.html
> What about your laptop hardware? Definitely it isn't open source.
On some older Thinkpads you can install Coreboot/Libreboot. Or even buy them with that, if flashing the firmware seems to complicated/risky, or necessitating buying equipment one does not have at the ready. Same goes at least for some routers, with OpenWRT, or the likes, or depending on the used connection technology going 'full personal computer' with some Linux/BSD again, with even more options regarding Core-/Librebroot/Dasharo underneath. There are always some paths for at least some aspects of that stuff. Most funny thing, if you don't trust your switches is something like https://www.apalrd.net/posts/2025/network_smartsfp/ <-that's not the only one. Imagine a cluster of firewalls in your ports!1!!
The question is if it's worth it? Or maybe more like a hobby with the benefit of staying technologically fit, but at the end of the day more like LARPing 'prepping'?
I suspect the people who have jobs that have made them capable of building and flashing their own firmware are exactly the sorts of people the NSA would be more likely to target and thus these tactics become all the more important.
Things like Intel ME are a straight up backdoor in consumer CPUs though, which is a bigger problem that is hard to disable. Government workers buy special laptops from Dell etc that disable this for security reasons, but difficult to get consumer laptop CPUs as a civilian that do not have ME or a similar technology enabled.
Thankfully ME Cleaner is a thing for many consumer CPUs to defang it, though you want this done at the firmware level, and that is where coreboot becomes all but a hard requirement.
I am convinced it is critical for preservation of our basic freedoms that digital sovereignty becomes the norm.
