Thanks! I’ve tried editing it.

You have to trust someone. There’s no way around this. But trusting some app written by some unknown person that has nobody overseeing it is probably the worst place to put your trust.

So, decide. You either trust some unknown app developer, your ISP, or a VPN provider. You must choose one. Which one do you choose? Choosing none means you are off the Internet.

I have more trust in Proton VPN, Mullvad VPN, Mozilla VPN, and some other reputable VPN providers than I do in my ISP, some cheap VPN run by unknown people, or some app making crazy claims. I strongly doubt that a reputable VPN provider is doing any tracking of user traffic. But I bet MockTraffic is telling someone all the websites you’re visiting.

I think if you are worried about your traffic being tracked, you are safest with a reputable VPN provider.

I see so much wrong in these claims.

1. Anyone analyzing your traffic is not just doing so based on DNS queries. They use Deep Packet Inspection (DPI) and they track packets across the Internet to find out what you’re doing. A fake request won’t fool them.
2. Similarly, they use machine learning and behavioral analysis, which won’t be fooled either by a bunch of DNS queries.
3. The increased noise could be detected as malicious activity, like a DDOS attack. You can find yourself rate limited, and your network performance can drop substantially.
4. If the fake requests are real websites, your IP address can become associated with a wider range of interests, leading to more targeted advertising.
5. Instead of using a simpleton’s approach that won’t work, use real protection. Use a paid-for VPN, or at least a reputable free one (not many) with built-in ad and tracker blocking to bypass your ISP.

**The App sounds fishy, actually. ** Many apps come out claiming to provide some unique security, and they eventually turn rogue and start stealing information. This one sounds ripe to go rogue, especially since it can’t make it into the standard store. I expect to read about MockTraffic someday being caught stealing information.

I wouldn’t go near it.

Depends on the application for me. For Mastodon, I want to allow 12K character posts, more than 4 poll question choices, and custom themes. Can’t do it with Docker containers. For Peertube, Mobilizon, and Peertube, I use Docker containers.

The headline is nuts. There’s no hidden universe on the ocean floor. I’ll fix the headline:

“Scientists Found Evidence of Distant Cosmic Events Using a Detector on the Ocean Floor”

Peertube is run by volunteers who pay with their own money and time for the convenience of others to use it for free. People generally run it to give people social media options outside centralized corporate control.

Why would someone put themselves in legal jeopardy and host pirated content, knowing their arrest is imminent? You can’t hide your site easily.

Porn would be overwhelmingly expensive to run because of the sheer amount of traffic, storage, and numbers of people. It would have legal exposure too and require huge moderation problems, with no return for the effort.

Yes, well stated. This is why I usually skip reading people’s comments. The vast majority see everything through their own agendas and just echo words they hear.

It’s worse than you think. An IMSI catcher is not even needed to find out what phones are in an area:

Section 3.4.1: Presence Testing in LTE
https://www.eff.org/wp/gotta-catch-em-all-understanding-how-imsi-catchers-exploit-cell-networks

Passive Presence Testing

The simplest way to do presence testing in LTE doesn’t actually require someone to have what we usually consider a CSS (e.g. a device that pretends to be a legitimate cell tower). Instead, all that’s required is simple radio equipment to scan the LTE frequencies, e.g. an antenna, an SDR (Software Defined Radio), and a laptop. Passive presence testing gets its name because the attacker doesn’t actually need to do anything other than scan for readily available signals (Shaik et al, 2017).

RRC paging messages are usually addressed to a TMSI, but sometimes IMSI and IMEI are also used. By monitoring these unencrypted paging channels, anyone can record the IMSIs and TMSIs the network believes is in a given area . In the next section, we’ll see how an attacker can correlate a TMSI to a specific target phone, as right now collecting TMSIs simply means recording pseudonyms.

There are descriptions in the article of other ways to find phones without using an IMSI Catcher or fake tower.

Wow! Well done!!

I see good points in this comment, even if the analogy of their being like hashtags might be a little off.

gup.pe groups have a 1-word description. Most of them I’ve been unable to assign a topic to because I didn’t know what the word means or it has ambiguous meanings. Most have no posts. So they land in the “unknown” topic.

I always wondered what I would do if someone started posting porn or hate to them. It would be a nightmare. I’d just have to block the group, I suppose.

Frankly, instead of someone creating a gup.pe-like group, I think they ought to create a community in PieFed, MBIN, or Lemmy. gup.pe was an early experiment when there wasn’t a threadiverse.

I’m fine without gup.pe or gup.pe replacements.

Edward Snowden claims the NSA knows how to do it.

https://www.cis.upenn.edu/wp-content/uploads/2019/08/EAS499Honors-IMSICatchersandMobileSecurity-V18F.pdf

It doesn’t mean they are wrong. Anyway, here:

“Based on documents leaked by Edward Snowden, the National Security Agency (NSA) had already developed a technique in 2004 to locate cell phones even when they were turned off, called “The Find”, mostly used to locate terrorist suspects [36]. This was accomplished through the use of IMSI catchers, which could wirelessly send a command to the phone’s baseband chip to fake any shutdown and stay on [37]. The phone could then be instructed to keep just the microphone on, in order to eavesdrop on conversations, or periodically send location pings. The only hint that the phone was still on was if it continued to feel warm even though it had been shut off, suggesting that the baseband processor was still running. IMSI catchers used by London’s Metropolitan Police are also reportedly able to shut down targeted phones remotely [38].”

https://www.cis.upenn.edu/wp-content/uploads/2019/08/EAS499Honors-IMSICatchersandMobileSecurity-V18F.pdf

Seems to depend on what you read: https://godarkbags.com/blogs/news/imsi-catchers-the-hidden-threat-to-your-mobile-privacy-and-how-to-stop-them

Quote:

Can I Be Tracked With My Phone Off?

Yes, even when your phone is turned off, it’s not entirely inactive. The radio system, controlled by a separate subsystem called Baseband, can still transmit signals. This design allows for features like remote device tracking but also means that simply turning off your phone doesn’t protect you from IMSI catchers. Using a Faraday bag completely isolates your device from any external signals, providing robust protection.

The most effective defense against these threats is to block the signals that IMSI catchers rely on. This is where Faraday bags come into play. These specially designed bags create a barrier that prevents radio waves from reaching your device, effectively neutralizing IMSI catchers and other surveillance tools.

They can triangulate from the 8 readings that they did and know my location. They also know it’s T-Mobile and they can subpoena T-Mobile and Google to get the information (the IMSI code will identify the dealer) to identify who bought the phone and what phone account pays for the service.

IOT, your utility company, sensors that report information …

I think T-Mobile still has 2G service in some parts of the U.S. https://www.androidpolice.com/t-mobile-2g-network-is-still-active/

In the U.S. it’s illegal to do anything that would interfere with these devices because it also cuts off emergency services. Sort of like using a hospital to store weapons during a war?

A cell phone repeater is a passive device. It just extends the range of an existing signal. They don’t act as cell towers. They don’t read information from the phone.

My understanding is that the phone requires a modem that supports version 3.0 of Android’s IRadio hardware abstraction layer (HAL). Older phone’s modems do not support version 3.0.

According to the documentation, turning off 2G will not block emergency calls. But, yeah, having said this, definitely, it’s best to remember how to switch it back on, just in case.