The code is inherently in the ~~firmware~~ (edit: kernel) no matter how you acquire the phone.
If you don’t control it, you don’t own it.
Most of my shopping is done at street markets. When a big parking is filled with vans and portable tables on a weekly basis, there is no surveillance. But if I need something very particular then the cash option gets threatened. E.g. I would like to have a Flipper Zero but these are never at street markets and not even on any shelves anywhere.
I wouldn’t choose a custom rom on the sole basis of anti-theft. My ½-baked suggestion was simply disable the playstore framework (so it’s present but just dead code) and installing an app on the side.
Anyway, I have no interest in anti-theft bricking myself. I don’t envision ever having a phone where i would care about the hardware and would not likely spend more than $50 on a phone. Exceptionally I could one day get a Fairphone. But remote bricking does not tempt me. Making the phone a brick more quickly gets the phone into a landfill as it becomes useless for everyone.
It’s worth noting why phones get stolen. Even cheap phones are getting stolen. It’s not for the hardware. It’s because SIM registration makes it hard for criminals to get anonymous burner chips. So they steal phones just for GSM chips that are registered to someone else.
I think Fairphone did not exist when I last bought a phone. But you make a good point; I overlooked that. It will probably be my next phone whenever I reach a point where open street maps no longer updates on my phone.
I think I read somewhere it’s normally 13, and that’s what worked for me. Thanks for the 'list users' command.. that confirmed it on my phone.
This has nothing to do with Google.
Google welded anti-consumer logic into the kernel. Of course that’s on Google. Just like Intel started making CPUs with a management engine that can only work against non-corporate consumers, basically saying fuck the individuals’ needs.. putting individuals at unconscionable risk without their knowledge or consent.
Consumers have decisions to make. Is a consumer happy to feed a supplier who sells them something that works against them? Some are. I’m not. Going forward they fail to earn my business because they have too many masters.
You going to ditch Linux because they support remote management too?
Linux is not locked down. Users can remove anything they want from it.
as for the curl call, i tried to open the url in a browser,
I scrambled it for my own privacy… so that would not work. But I preserved the structure well enough that your insight was helpful.
I think the author said he was in Australia.. but he felt like it’s an encroachment by the US in some way.
What does referencing mean exactly?
Sometimes HTML email comes with the logos and objects needed to render it, sometimes not. When the objects are included it’s possible to render the message while offline. In the case at hand, the logo was not included and the HTML body defined a logo with that unique URL inside img tags.
In the very least, if we assume the tracking is appropriate and that it’s consistent with the privacy policy and ToS I agreed to, I would still find it objectionable that a government would conceal the fact that they are using a tracker pixel/image by withholding the content-length header. The gov should be transparent about what they are doing. They should even disclose in each such message “we have a tracker pixel in here”, for transparency which should not be an issue if it’s legit. I personally need the content-length header because I’m on a shit internet connection and have a need to know how big something is before I fetch it. So I’m disturbed that all Cloudflare sites (which is like ½ the web now) withhold the content-length header. The agency at hand is sloppy with privacy and probably sloppy with everything. It’s not necessarily malicious but nonetheless I’m not going to lower the standard by which they should be held to.
That’s cheating. I wish it were that easy but I really can’t create another account for this. I will ask around if anyone else has an account so we can compare notes. But I was just wondering if there is anything else I can do in a solo investigation to get more clues. It would generally be a useful skill to detect messages from other senders as well. ~~I did a search on the domain to see if it’s a known service that sells tracking capability but that came up dry.~~ nvm.. it seems mailjet.com is behind this and they appear to be pitching analytics services.
↑ corrected that for you.