The case for stealth: Should you buy a privacy pouch for your phone?

9 Comments

A couple weeks ago, a British clothing company called The Affair sent me a sample of one of its “1984” blazers, along with the so-called “UnPocket” that clips into it. As the line’s name suggests, the theme here is surveillance, and the UnPocket is a Faraday cage that heavily hampers the ability of the mobile device held inside it to receive or send a radio signal.

Inner Party Blazer (not worn by me)

Inner Party Blazer (perfectly fitting some other guy)

The $45 UnPocket can be bought seperately, though it also comes with the $250 blazer. Apart from its denim-ish look — pictured at the top with my [company]Sony[/company] Xperia Z1 Compact poking out of it — the pouch is nothing particularly special. There are many other Faraday cages for mobile phones out there, such as the Off Pocket, the SilentPocket, and bags that are intended for use by digital forensics teams (when seizing a mobile device as evidence, law enforcement often want to ensure it cannot be remotely wiped.) Nonetheless, the UnPocket and other bags like it have their uses, in certain circumstances.

Privacy pouch rationale

The purpose of privacy pouches such as the UnPocket is, as mentioned above, to stop the phone from being a phone. We didn’t need Edward Snowden to tell us that our movements are constantly trackable when we’re carrying a mobile device – that’s how mobile networks allow us to receive calls – but he did provide a useful reminder of how this tracking can be hijacked for other purposes.

There are many case-specific reasons for wanting to kill your phone’s phoneliness. Perhaps you’re a journalist trying to protect the identity of a source, or an activist in a repressive regime trying to surreptitiously associate with fellow activists. Maybe you’re paranoid about being tracked for some other reason – it doesn’t really matter; the mechanics are the same.

If your mobile operator can track you, the resulting data can potentially be made available to spies or law enforcement through legal means, such as data retention mandates, or through gray-area means such as government-grade cellular tracking tools (which are available to way more buyers than they should be) or hacking into the carrier’s systems.

So why not just turn your phone off or put it into flight mode? This is where an element of tinfoil-hattery comes into the picture: Most people in the mobile industry will swear blind that off means off, but Snowden made visiting journalists in Hong Kong put their phones in the fridge — a heavy-duty Faraday cage.

Activists at the EFF recommend removing a phone’s battery for true privacy, as many devices don’t fully turn off otherwise (good luck doing this with most modern smartphones, though). Some surveillance software can fool targets into thinking their phone is turned off when it isn’t. We’ve heard suggestions for years that law enforcement has the ability to remotely activate the microphone in certain mobile devices, even when they’re “turned off.” There’s certainly cause for suspicion here.

Always-off doesn’t work

However, privacy pouches should be used sparingly, for a number of reasons. Firstly, when the device can’t find a cellular base station to latch onto, it will keep trying to do so nonetheless. In other words, if you leave your phone in a Faraday cage for extended periods of time, it will run down the battery.

You are also presumably carrying your phone around with you for a reason — otherwise you might as well just leave it at home. You do want to be able to make a call or check your email from time to time. If so, then the privacy pouch is best used in spurts – slip your phone into it before you head off to meet that source or activist or whoever, then pull it out once you’re back where you started, or in some other innocuous location.

If you really suspect you’re being monitored, to avoid the break in connection looking suspicious it would be a good idea to use the privacy pouch frequently, even when you don’t need it, so that the pattern of your timing is less apparent. (This operational security tactic applies to other anti-surveillance tools too, by the way, such as the anonymous browsing system Tor.)

But again, that doesn’t mean using it constantly.

The sometimes-off experience

The privacy pouch plays the part of a hardware switch for killing or reviving all the handset’s radios in one go – cellular, Wi-Fi, Bluetooth, GPS, RFID and so on. And, rather than placing trust in the provider of the phone’s hardware or software, the user gets complete control over this function. In that sense, I found the experience quite empowering.

Even if one assumes that an off phone really is off, turning the device off and on again is more time-consuming than slipping it into and taking it out a privacy pouch. Putting it into airplane mode is less time-consuming, but it does mean activating the device and going through menus – again, more bothersome than using a pouch, and less satisfying in a tactile sense.

Funnily enough, I found one of the most positive side-effects of privacy pouch usage to be one of behavioral adjustment. Like many of you, no doubt, I find myself using my handset compulsively – partly because I’ve disabled most buzz notifications in order to preserve my sanity, I keep checking my phone every time I have a spare moment.

There’s something about having the device wrapped up in a pouch that discourages this behavior. Not only does it take a short while for the phone to hook up to the cellular network again, but it also introduces a minor but meaningful extra step into the getting-it-out-and-looking-at-it process. It makes that process more conscious and less compulsive, though perhaps that effect would lessen over time.

In the end, the use of a privacy pouch is quite an individual thing. Apart from the level of your interest in privacy, it depends quite a lot on what kind of mobile user you are. If you need to be able to receive calls at all times, for example, then you can pretty much forget about it. If, like many people today, your handset is an internet terminal that barely ever gets used as a “phone,” then it’s a lot more viable.

Faraday cages for mobile devices are cheap (though less so when they come out of a fashion house) and effective, and can even be made as a DIY project. They’re not for everyone, but many people will find a use for them – as long as they can come to terms with the fact that they’re buying or making a tinfoil hat for their phone.

This article was updated on October 9 to remove a bit about the pouch fixing an annoyance around Google’s location services — I realized that the bothersome T&Cs acceptance prompt when you turn Android location on again can be deactivated, reducing the annoyance.

9 Comments

Hildy J

It’s not just the government. An ad company got permission to put 100s of trackers around New York (http://www.thedailybeast.com/cheats/2014/10/06/trackers-are-hidden-in-nyc-phone-booths.html) and many retailers are starting to install them in their stores (http://www.tomsguide.com/us/Wi-Fi-tracking-Nordstrom-Cisco-RetailNext,news-17167.html)

Depending on the size of the pouch, it would also be a good place to store passports and chipped cards (e.g. credit cards and ID badges, etc.) which can be read remotely.

Remember, just because you’re paranoid, it doesn’t mean people aren’t out to get you.

Anonymous

“If you really suspect you’re being monitored, to avoid the break in connection looking suspicious it would be a good idea to use the privacy pouch frequently, even when you don’t need it,”

Lastly, if you suspect you’re being monitored YOU ALWAYS NEED IT. So the “even when you don’t need it” clause is pointless.

David Meyer

That depends on what you’re trying to achieve. If you’re trying to pretend you don’t exist, then by all means keep your phone in the pouch permanently, or don’t have a phone at all. I was thinking more about cases where you want to tactically drop off the radar in order to protect yourself or others. But really, each case is different.

Anonymous

“However, privacy pouches should be used sparingly, for a number of reasons. Firstly, when the device can’t find a cellular base station to latch onto, it will keep trying to do so nonetheless. In other words, if you leave your phone in a Faraday cage for extended periods of time, it will run down the battery.”

So turn your phone off before placing it in a Faraday cage. It’s not going to be used while in a Faraday cage anyways. Only an idiot would keep it on.

“You are also presumably carrying your phone around with you for a reason — otherwise you might as well just leave it at home. You do want to be able to make a call or check your email from time to time. If so, then the privacy pouch is best used in spurts – slip your phone into it before you head off to meet that source or activist or whoever, then pull it out once you’re back where you started, or in some other innocuous location.”

Yes. In case I need it for an emergency, at which point I can remove it from the Faraday cage and turn it on.

You aren’t security-minded and are extremely short-sighted if you see either of these as issues.

Dave

As a part time criminal, terrorist and spy, and someone who generally has reason to be paranoid from protectors of the civilian population from coming down on me, I appreciate you taking the time to write this article. I hope to put this information to good use. Thank you.

David Meyer

I think you need to work on your opsec.

Jokes aside, this is how things are with digital security: you can’t make tools to protect good people without giving the same tools to bad people. But, as the alternative is to leave good people vulnerable (whistleblowers, dissidents etc), that’s a trade-off I’d argue we have to make. Same applies to government-mandated backdoors – if we condone them in order to aid good law enforcement, we leave the same doors open to criminal hackers and bad regimes. Again, trade-off.

Dave

I would imagine the vast majority of GigaOm’s audience is the English speaking tech world who likely have elected governments of the people, by the people and for the people, among which this type of article has more benefit to those of an anti-society persuasion. While I agree that dissident may benefit, I would speculate that represents very little of GigaOm’s readership. You’re attempting to help the ~0.01% population, at the cost of the other 99.99%.

C

Sure, but that’s a very important 0.01%. The next Edward Snowden, for instance. Additionally, though the governments of English-speakers are largely more or less freely chosen, at some future time they may cease to be representative. Given the indefinite data retention policies of NSA and the like it may still make sense to conceal certain behaviors in case a future oppressor wishes to trawl through old data looking for scapegoats to crack down on.

Comments are closed.