You’re right. Fake switch is easy. It can be even worse than that.
Even it we test that switching GPS location off causes that various apps start complaining that they don’t get the location from the system it doesn’t mean that it is really off. The switch can disable the location to your eyes and the apps installed on the phone while still provide the location to Google and Apple servers in the background, which you cannot see.
Apply the same to microphone, 24/7 voice recording, real-time voice to text recognition, text to server constant reporting, etc. Our phones are really powerful, faster than servers that system admins dreamed off 15 years ago. Constant real-time surveillance would only require campo % of the mobile phone CPU.
You can only know it if the system is open source, but then you still don’t know: maybe the source code that’s open source is from the system A while the actual binary code of the system in use is generated from the system B (modified version of A, which adds a surveillance bit).
We will never know until we will be able to compile the code to binary and install it ourselves. And even if we get there there will always be a layer that controls this process and while we think we generate the system ourselves - that compile/update layer can actually cheat as too and add the components we don’t want. They will always tell us: “The layer is to help and make it easier for you”. Unless one is a proper hacker doing it without any suspected tools - McAfee is right.
You’re right. Fake switch is easy. It can be even worse than that.
Even it we test that switching GPS location off causes that various apps start complaining that they don’t get the location from the system it doesn’t mean that it is really off. The switch can disable the location to your eyes and the apps installed on the phone while still provide the location to Google and Apple servers in the background, which you cannot see.
Apply the same to microphone, 24/7 voice recording, real-time voice to text recognition, text to server constant reporting, etc. Our phones are really powerful, faster than servers that system admins dreamed off 15 years ago. Constant real-time surveillance would only require campo % of the mobile phone CPU.
You can only know it if the system is open source, but then you still don’t know: maybe the source code that’s open source is from the system A while the actual binary code of the system in use is generated from the system B (modified version of A, which adds a surveillance bit).
We will never know until we will be able to compile the code to binary and install it ourselves. And even if we get there there will always be a layer that controls this process and while we think we generate the system ourselves - that compile/update layer can actually cheat as too and add the components we don’t want. They will always tell us: “The layer is to help and make it easier for you”. Unless one is a proper hacker doing it without any suspected tools - McAfee is right.