- If I'm some random person
and I wanna search for a topic, it changes the Google results when I search to try and influence me. Is that something you've said, yeah? - Yes, that is exactly what it does. And what happens is, at
least this company does. They actually have many,
many things that they do. But this one is a specific
one they published. This is something they've
actually stated that they do. They said their goal is to
affect the first page results on Google search depending
on what it is you do, or what it is you believe. So if they find that they
wanna influence your belief, they change the first
page results on Google. People ask me, what should I do? Do I need a de-Googled phone? Do I need a VPN? Do I need to do all this? I never get to explain the why, because YouTube doesn't
want me to say the why. Maybe your channel will
let me say the why. The AI can determine,
who's unhappy, who's happy? They can actually look
at his face and say, 57% of the people who looked
at this video were unhappy. I mean, that's how far it can go. I'm not telling you to be
cybersecurity gurus here. If you can stop them from tracking the identity, that's enough. ♪ Yeah ♪
(gritty rock music) - Hey everyone, David Bombal
back with a very special guest. Rob, welcome!
- Thank you for having me. - It's great to have you here. So just for people who don't know you, you've got a YouTube channel, but perhaps you can just give
us a bit of your history. You were telling me a bit
offline, where you've come from, what are your background, and
what you're doing on YouTube basically and what you're
teaching on YouTube. - Well, I'm a very techy kind of person. I started with a tech
career as a chief architect. I was just picking Bill Gates's
job title, chief architect. So I was a chief architect
in a software company, founded several companies,
and I left that, and 10 years ago, I started
going on the internet, and one of the things I
did was go on Periscope. So I was on Periscope and did
a lot of livestreaming there, and that's where I built a following. Then when Periscope was going
down, I then went to YouTube. And I've never done videos
before, so people get bored with my videos because I don't
do a lot of flashy stuff, (shutter snapping)
(air horns honking) because I came from the livestream world. And I focus on one thing,
and that is privacy. And it comes from a little
bit of personal experience, because my actual original
career was in medical systems. I designed and developed
electronic medical records, or electric health records,
as it's called now. I was one of the inventors of that. And I knew back then that anyone could look at anyone's health records if you're affiliated with any company that does health records.
- Wow. - So that was the beginning of
my sensibility about privacy, because I could look up
people, important people. I could look up stars. I had clients in Beverly Hills. I could look at stars
and see who was getting plastic surgery, as an example,
and that kinda bothered me. I said, look at what people can! - [David] That's crazy. - Right, and then the government came in and said, "Oh, we're
going to actually take "live data from the doctor's office, "and as it's being collected,
we're going to intercept it "so we can stop the flow
of the doctor's orders." So they can actually intercept and say, "Hey, you can't order
that, it's too expensive. "You can't order an MRI,"
or whatever they wanna do. So that kinda bothered me, because again, it was like a bureaucrat
getting in the middle. And this is probably the beginning of when I already knew
that it's going too far. Then when I did my
livestreaming back in the day, one of the things that
I found was the abuse that was happening with
platforms like Facebook. So I became the anti-Facebook
guy on Periscope. - You've gotta tell us the name. You've got a domain and
everything registered. Sorry, I'm jumping the gun. (Rob laughs)
- Yes, you're jumping the gun on that. Yeah, so I became famous for introducing the word "what the Zuck." I said "zucking" this and "zucking" that. This is all good on YouTube, no problem. I say this all the time on YouTube. So the algorithm knows that now. I'm completely anti-Facebook
guy, because Facebook was the true evil, the
basic evil for privacy, more evil than Google or
more evil than even Apple. It's just so evil, because of something that we will discuss
later on about privacy. So I became the anti-Facebook person. But when I went to YouTube, I found out that if I spoke about
Facebook, my views went down! - [David] Oh, wow. - So the videos weren't
being fed by the algorithm every time I attacked Facebook. This is the reason why you don't see much on Facebook in my videos. Maybe they have an
agreement; I have no idea. (David and Rob laughing) So I focus on Big Tech in general and see if there's somebody abusing it. So I consider myself a public servant. What I do is to expose people to what's being done to them
by Big Tech, government, whoever, affecting their
privacy, and that's my goal. - That's great. I mean, it's becoming a problem. I think there's a lot of interest and a lot of worry about
it, as a lot of people feel that companies and
governments are overstepping. I mean, I live in the UK. There's laws in this country
that say that all ISPs have to log every website
you go to, stuff like that, and a lot of people are
saying, "This is crazy." I mean, this is supposed
to be a democracy. You're in the US, and I
think a lot of people there feel the same way about some stuff. - The Five Eyes, as you know, are more aggressive at
taking away our privacy. They're supposed to be the countries protecting
us, the Five Eyes. And yet, some of 'em are
going to the extreme. One of the extreme countries with privacy is probably Australia, and I think they're
getting to be the worst, then followed by the UK, in my opinion, the UK is probably, as far
as government is concerned. Then US is, well, obviously
the US is leading all that. There are factors here that prevent them from
making too many moves. So fortunately, there's
guys like me that speak out. (David laughs)
- So let's get technical. I've heard you use this
term, and obviously other people have as well,
about de-Googling a phone. Can you explain why you'd wanna do that? I heard you say in other videos and interviews and whatnot about, there's like five things or
problems with using a phone, and then I wanna get to
which is your favorite, Android or iOS, and you've got some interesting views on that as well. So perhaps we can just start
with, what is de-Googling a phone, and why you do that,
and how it affects your life. - So if you actually have a normal, what I call a "normy phone,"
a normy phone in my mind is an iPhone or a standard Google Android. If you have a normy phone, they have so much spyware in there, and if you actually research
what the spyware is, for example, on the Google Android, the spyware is called Google Services. If you actually look
at the Google Services, if you actually look at the
API for Google Services, and it's actually my next video, explaining how it's being
spoofed, the Google Services, and then you can actually see
what the Google Services are. And some of 'em are very, very invasive. For example, SafetyNet is one
of the Google Service APIs. SafetyNet is supposed to
be for your protection. Your phone is being protected
from a cybersecurity point of view, as far
as Google's concerned, by not letting you load certain apps. But to run SafetyNet,
your phone has to actually report every app that you
are using at any moment, the version number, the
signature and all that. On top of that, every click
you do, every click you do that goes to any URL,
has to be filtered out and sent to Google as part of SafetyNet. Well, I mean, it doesn't take any genius to figure out what's happening here. So Google then can track
every app you're using. Already we know that. Google also knows every click you make. Now, they're in the advertising business, but it goes beyond that, because of course they're
tracking what you're thinking. If they can go to every click, I mean, what do you think's gonna happen? So that is one of the
specific things that happen on a phone, and if you actually look at the SafetyNet API, you
will see some of this. And there's so much of that. Another example is the
geolocation or geofencing and nearby features of the Google API. That's part of the Google Services. More than that, what is the other one? Exposure, exposure notifications, which has to do with, of
course, contact tracing. All of this is part of
the Google Services API, which means Google has so much control knowing your location, and the
actual technical explanation is that the phone tracks
your location 24/7. This is true of iPhones too, by the way. So they can track your location 24/7, and people are disputing
this, because they said they can go into settings
and turn off location. They don't understand the difference. They don't understand that
Google can do anything they want since there's no restriction
on that, because they actually replace the system files with
their own Google Services. Now, why is de-Googled phone different? De-Googled phone removes
all those Google Services. There actually nothing Google,
not even the notifications. There is no Google at all. You can't even install any Google app. Because there's no Google at
all, there's no telemetry, there's no notifications,
there's no nothing. You can put notifications
back, you can put some of these features back,
but through a filter using some other application framework
that will replace Google. But without the Google Services, first of all, there's immediate benefits. First of all, there is no Google ID. That's one of the worst
things that you do on a phone. Everything you do on a
phone has a Google ID. Everything you do on an
iPhone has an Apple ID. On a de-Googled phone, you never log in. - Yes, so in other words, your email, it's your identity, isn't it? That phone is locked to you, as opposed to with your credit
card, whatnot, is that right? - And you can't hide that. - So another question, Android or iPhone? - They're both bad. - So you would go de-Googled
Android, Android phone, yeah? - I probably would go Android. The tracking on an iPhone
is just so extreme for me. The one that really bothers me the most is the client-side scanning, where
they can actually find out, they can run an algorithm that says, "Let's find all the phones
with nude pictures in 'em." I mean, goodness, do we need
somebody with that capability? - Yeah, I mean, I understood the idea of why they were doing it
originally, and I wanna mention it here just to keep the
YouTube algorithm happy, but the original reason seemed
to have good intentions, but the unintended consequences of that were crazy from a privacy point of view. 'Cause like you say, if they
can scan all your photos, today they decide this, but
tomorrow, they could decide to scan for other things,
like you said, yeah. - The justification for
doing client-side scanning was that, yeah, it's hands-off. The AI does the scanning, so
we don't have to touch it. The problem is, they could do
that right now with iCloud, so why weren't they doing it on iCloud, meaning it was a solution
looking for a problem. In this case, why introduce
such invasive technology when you could have just
done it and scanned iCloud? So the only reason I can think of is they have bigger motives. They wanted to do something else. I have some ideas of what that
is from an AI point of view. I think the phone will be
able to sense our environment. That's where this is going. - Sorry, what do you mean
by sense the environment? - Because the AI, meaning
the camera, the sensors of the phone, can actually
observe and look at situations. As an example, why couldn't a phone react and determine that there's
a situation of violence? Maybe that's what they're shooting for. It's scary sometimes when I
make these kinds of predictions. (David laughs) Most of the time, they come true; they actually are thinking of that. The iPhone has that Neural Network in it. What is the Neural Network for? Obviously, it's based
on having the phone make its own decisions from AI
by putting a neural network in there and looking at the
environment and doing something. Is it really just for facial recognition? No, the way that this
client-side scanning can work, it can look at the camera
and actually say, "Oh, "I'm observing something that
Apple wants me to observe," not just a face, a behavior. The AI can determine,
who's unhappy, who's happy? They can actually look
at this face and say, "57% of the people who looked
at this video were unhappy." "They didn't smile. "70% laughed." Come on, I mean, that's how far it can go. Now, there's another thing that's actually really, really bad with the
Google Android or an iPhone, and that's the device identity. And it's based on the IMEI, the International Mobile
Equipment Identity, and that is unique to every phone. That's basically the serial
number of every phone. Now, they can take that, and
they can build another ID on Android that's called
the Android device ID, and that's built for notifications, which is also a semi-permanent ID. On Apple, there's the advertising ID. There's also a similar
advertising ID on Google. So because of these
identifiers, what happens is, they are using the phone now
as a cross-device tracker. So it doesn't matter what device you use. They say to you, "Oh, you need
two-factor authentication," 2FA, so then you say, "Okay, I guessed I'm forced to
do 2FA with my phone number." But they don't really care
about the phone number anymore. That's not really what they're doing. They want you to load the
Google app on the phone, because the Google app can see
the identifier for the IMEI, for the device IDs, and it
can have a certain match that what you do on your computer, even at work, is the
same as on your phone, that you are the same person. They can then use that to track you. A de-Googled phone
doesn't have any of that. There's actually, since Android 10, you cannot see a device
ID of any sort, IMEI, phone numbers, all of that,
unless you're a system app. Well, on de-Googled phone,
the way that the phone is de-Googled is you're using open source, Android Open Source Project. So I looked at the source code. There is no way to see any of that, 'cause that's in the basic permissions. And if you know SELinux, so SELinux, being the security
framework, limits every app. Every app has to be compiled with SELinux, and the permissions are
baked into the executable. So you can't do anything that's outside of the
permission base of SELinux. That's the way Android is set up. So in the case of a de-Googled phone, no app can come in at the system level that has any rights beyond
what is granted by SELinux. For this reason, it is impossible for an app to gain access
to the IMEI and all that, because there are no system
apps that are not open-source. Everything is open-source. For that reason, one of the
things that a phone does, that de-Googled phone does
that's really different is that the phone has no identity. That's probably the number-one
feature: no identity. So this is something I teach
people in the privacy business because they don't understand this. They're relating it to cybersecurity. In cybersecurity, you're trying to protect the input and output into the phone. You're trying to actually
block anyone seeing anything, which is almost impossible
on a phone, 'cause there's so much telemetry going
on in various aspects. So the goal that I've found works best is not to worry about what
Google can see in various places, but to take out the identity. If they can't attribute an
action to one specific device and one specific identity,
the AI cannot make use of it. So you have to go back. I have a data science background because I was doing medical information, collecting medical data,
and we were doing AI on that at the time when I was doing that. And we understand that you
gotta collect the data. In fact, in medical, you're supposed to strip
out the identifier. In Google/Apple world, that's not true. The identifiers are in there. So the solution to not allowing them to get control of us and our ideas and what we really do is
to block the identity. So just to put this in a big
picture, there is a project, and I don't wanna mention
the company name again because every time I do it I lose views, so it may be tied to
some filter at Google, but Google has a division called Jigsaw. Jigsaw has a partner in the UK, and this partner is tied
to collecting information about certain groups and
taking action against them. Originally, the original
project by this company was to find the Muslim
extremists in London. That was the original project. And that was the justification. They said, "Hey, this is a good project, "because look what we're doing! "We're saving the world from extremists!" And nowadays, that same group now actually have made a map of people, for example, who have anti-vax views in
various places in the US. Actually, they have a map. I looked at the map. I actually posted a video of the map, posted a picture in the video of that map where I picked a place like
Texas, and you can actually see the dots where people's Google IDs identify the locations of
people with anti-vax views. So you can actually count by area how many people have anti-vax views. My goodness, what an invasion of privacy! - Is this something they
just have on their website? Is that right? - It was, and then I
can't find it anymore, maybe because I published it, and they didn't wanna
promote that anymore. - I heard you say you heard something. They try and filter the
results, is that right, on Google, to try and
influence what you believe, something like that? Is that right? - Well, they do using this Jigsaw. But I'm saying that even
on YouTube, I don't know if what I say causes them
to affect my viewership, depending on the topic,
'cause most of these topics that I talk about don't get any views. I don't really know why. - If I'm some random person
and I wanna search for a topic, it changes the Google results when I search to try and influence me. Is that something you've said, yeah? - Yes, that is exactly what it does. What happens is, at
least this company does. They actually have many,
many things that they do. But this one is a specific
one they published. This is something they've
actually stated that they do. They said their goal is to affect the first page results on Google search, depending on what it is you
do, or what it is you believe. So if they find that they
wanna influence your belief, they change the first
page results on Google. Snowden I believe was
the one who said this, that the project that was done in the UK actually went further. They actually changed the internet for certain individuals in
London using this algorithm. So I don't know exactly what
that means technologically. I'm thinking of
hack-and-substitution kind of things, something to actually
intercept the packet, 'cause it's a website; you can do that. That's some of the
things that I don't know, because it's not published. But the stuff I'm talking
about is published. They actually stated that's what they do. - But it's worrying that they can change, sorry to interrupt, they
can change the results based on an identifier of who you are and seemingly what you believe, and they wanna influence
what you believe, right? - Right, so they actually have
a database of each one of us. In fact, Google was planning on doing what they call Cohorts. They wanted to change the way they tracked for advertising by assigning
every person to a cohort based on what you believe. So you may be in a cohort of
conservatives versus liberals versus sports-interested people
or computer geeks and so on. They can create as many cohorts
as possible for each of us. Then you can belong to a thousand cohorts. By doing that, they can
identify your grouping and then have the AI
judge you in some way. The judging, of course, as far
as the published information is, is that Google changes
their search results, presumably for some target. In theory, they're not doing
it for every single person. They're doing it for the target people. So some people are not affected. If they're in line with what Google wants, they don't do anything. So I've done so many
videos, well, not so many, because Google or YouTube suppresses it, but I've done several videos
and livestreams on this topic, and every time I talk
about this, 'cause this is the explanation for why you
should care about privacy. This is the why. I can't ever get to the why. People ask me, what should I do? Do I need a de-Googled phone? Do I need a VPN? Do I need to do all this? I never get to explain the why, because YouTube doesn't
want me to say the why. So maybe your channel
will let me say the why. (Rob laughs) - Yeah, I mean, I think
the whole idea for privacy, I've interviewed other
people, but it depends. Some people say, you
know, what does it matter? As long as I'm not breaking
the law, what does it matter? But I suppose the problem is laws change and perceptions
change over time. I think a lot of people would
prefer not to have a company like Google or the government
knowing everything about them. If you have any kind of privacy beliefs, then you don't want to be tracked. It's a very good why. Are there any other why's
that you wanna mention? - Well, I mean, it goes
beyond simply knowing. I mean, we always state the
example of the book 1984 and that kind of environment. And unfortunately, we're already there. It's actually even worse than that. The 1984 book said your TV talks to you, and yet, we're talking to our phone. So we're doing exactly what
the 1984 book is saying, except we're taking it with us. It's not even a fixed TV. In the book 1984, the TV is watching you. Here, your phone is watching you, and you take it everywhere. So it's like, in the book 1984, there were cameras everywhere, which is true today, but now
it's even worse with the phone. - And where do you see it going? Is it gonna just get worse and worse, where perhaps governments or companies just try and control people? - Well, yes, we are already in the situation of
the capability of 1984. Actually, we're beyond that
now, because of the phones. The problem is where it's going, and this is where on my channel,
I wanted to kind of move into machine learning and robotics and AI, because that's really where
this is going to be used. We see it in a Tesla. We can see what a Tesla
can do with environment. Now we're talking about a
machine that can actually not only observe its
environment and know what to do; it actually knows who you are,
and that's the scary part, looking at a machine that can walk around. Think about a robocop. The robocop not only knows
who is in environment; they actually know you individually. They say, "I know your
social media record. "I know what you're doing." But as you know, even in
Australia and New Zealand, you come into the border,
and they can actually look at your phone and go check
your social media account. How far is this gonna go? And then we have AI doing that. - So your concern is the governments will control the population like in 1984, but we're already there and
it's getting worse, right? - That's correct. It's gonna be worse, and
it's gonna be mechanized. And we don't have a way to stop this. I don't know if you've ever discussed the singularity on your channel. So the guy that invented
the concept of singularity was Ray Kurtzweil, and he has
a book called The Singularity. The singularity is the day when the computers are
smarter than people. Elon Musk keeps referring to this as something that he fears, and that's why he's saying
we need to prepare for this, and guys like Bill Gates say it's fine, guys like Zuckerberg saying it's fine. But when the singularity
comes in, the machine will be smarter than people,
and I actually don't know about any limit to what
a machine can learn. This is one of my big problems here, is what is the limit to
what a machine can learn? It can go beyond what people can learn. That's gonna be here, they actually forecast
it'll be here by 2040. The computer's gonna
be smarter than people. - Your concern is Skynet,
yeah, Skynet will be here? It won't be in the movies, yeah? - I have so many videos on Skynet. They're all viral because
they like the word Skynet. But it's scary to me, and
I actually believe this. It's not just because of hype. I actually believe we're
in a Skynet-like world, which is actually beyond 1984, because what is in Skynet? Machines, machines controlling us. This is actually where this can go, where somebody controls a few
machines, or the machines, and then we're just a
subservient population. - So you are an advocate for privacy, and everyone should take this seriously because the problem is
the machines are learning so much about us, and they
can change our behavior? And we will talk about it in this video. There are companies out there that are trying to influence our behavior, and you just see the slippery slope, where it's just gonna get
more and more control. - So somebody has a vision of the world, and you already know
this billionaire or that has some vision of the world,
and they're changing it to their vision, 'cause
they have the money. At what point do we give
up our freedoms and say, "Well, we want to have a choice," rather than have the
billionaires make the choice? This is what worries me, because
whoever has the billions, of course, can control the machines. The problem is, if you give
so much information to anyone as you provide a government,
a private company, you really put yourself in
danger to be manipulated, because that is so much
power to grant any person, Apple, for example, being the
largest corporation on Earth. And people actually believe when Apple says, "Oh, privacy company." (melodic harp flourish) (man laughing loudly) - Are you serious? - I laugh at that, and it's like, yeah, the privacy company
that does more tracking than any other phone, and yet
they're "the privacy company." Oh, but we don't sell your data! Okay, that's true. We don't have any proof
that they sell their data, but there's proof that they've
been sharing their data with government, because
Snowden showed that. They're part of MUSCULAR,
PRISM, all these programs. They were sharing their data. - I think the problem is
that like any company, if it's based in a
jurisdiction like the US or jurisdiction like the UK or whatever, if there's a court order, they have no choice but
to give over the data. Apart from saying, even if
they're not being malicious, it's like the governments could force a company to give over data, and I think that's another
concern people might have. - Well, that's the government
side, and I agree with you. I don't have a choice either. If the government asked me to give data, I have to give data. My solution is to not collect the data. So my websites don't have IP addresses. I don't log it. If somebody asks me for
data, I have no data to give. So many platforms do that, right? My VPNs don't track IP address. I don't have a log for it. But, Apple, on the other
hand, collects all the data. They even have client-side scanning that can check the content of your phone. - Yeah, there was a big uproar about that. - Yeah, and people were
saying, "Show me proof!" I mean, Apple stated it already. "Show me proof that they're
gonna use that in a bad way!" It's like, even if they weren't
willing to actually do it, like you said, the
government can require 'em, because they have the feature. They have the feature for tracking your phone
24/7, and why is that? This is something I discovered
on iPhones long ago, and that is your Find My Phone is actually not attached to your Apple ID. Find My Phone is actually
attached to your phone. So they can do a Find
My Phone on any phone, even if it's still in the store before anyone's ever used it. When you go into the store and say, "I'm gonna activate Find
My Phone," all you're doing is associating yourself with
the serial number of the phone. They're collecting it all the time. It's actually built into the OS. And that is extremely
bothersome, because it means they're tracking, just like
an AirTag, it's continuous. - I mean, Snowden's a good example of what was possible even years ago. I mean, what could they do today? - I didn't know about what
Apple was doing, so I said, lemme do a video, 'cause
I was asked the question, can your phone track you
when the phone is off? So that was the question I raised. Now, without any background
on what companies were doing, I typically just did a
reverse-engineering of the problem. I said, why would do that, why would they wanna do
that, and can it be done? So I theorized. I said, that technology could
use Bluetooth Low Energy, BLE, and there's already an Apple network that can do BLE, so that
would work right there. So I went into this, what benefit it might be
for a company to do this. I said, well, Apple might use
that because they can claim they can find your phone if it's stolen. So that really is the video. The video actually did not,
this was last year's video. The video was not based on any knowledge of what actually was being done by Apple, and I found out that
14.5 had that feature. They actually put it in, and the feature was that when your phone is
off, it turns into an AirTag. (Rob laughs) This is the kinds of stuff I
gotta deal with is I theorize what might happen based on
the technology they have, and in my case, all I do
is look at the technology and say, how can that be abused? And often,
(Rob laughs) actually, most of the time, I'm correct, if I say, can that be abused, and they do. So in that case, Apple
found a way to do that. - So I wanna go back to the
problems with having a phone that's tied to your identity. I mean, you said, okay, the first issue is phones have your real
identity, so it's tied to you, which means if you've got
an Apple, as an example, an iPhone or an Android phone, whatever you go, you're
being tracked 24/7, and it's tied back to
you as an individual. So a government organization,
or a company can track you. I mean, Google can track
you, Apple can track you. Every device has a fingerprint. That's the IMEI number, is that right? And you mentioned contact tracing. That became a big thing during COVID, but it just showed the capability, right? - So that is based on the
technology called BLE, Bluetooth Low Energy, which,
I have several videos, where I show this new
technology, because Bluetooth, we all have Bluetooth. We already know Bluetooth
for many, many years. But using the same
hardware, they were able to convert Bluetooth into
a long-distance tracker. If you're a hacker type,
you know that your wifi and your Bluetooth emits the Mac address. You know, it announces the
Mac address on the airwaves, and if you have the proper
radio that can intercept that, you can intercept that layer of TCP/IP, learn the Mac address, and do many things to do
with that Mac address. But if you stop just at
the Mac address collection, the Bluetooth is announcing a unique identifier with the Mac address. Well, they use that because
now Bluetooth, and wifi too, but Bluetooth is closer, so you can actually ascertain
that you're actually closer. But Bluetooth BLE now works
within a range of 200 feet. So you can actually, this is worse: Bluetooth can actually be directional. It not only knows how far you are; it can say you're within
two feet, six feet; it actually has a compass heading that says you're on the
left side of this person. Now, wifi can't do that. Location tracking uses wifi triangulation, which is accurate to six feet. BLE or Bluetooth used in
this way can actually point. That's why AirTag uses
Bluetooth Low Energy. So unfortunately,
Bluetooth Low Energy or BLE was software only, so there
was no hardware change. So if you have a Bluetooth 4.2 and above, you already have this active. So they were able to turn
this on on the phones. And one of the advantages
of Bluetooth Low Energy is that it did not use a lot of power. You can actually use
it with minimal power. Even with a small battery,
you can power BLE for a year, because it's pulses. If you're sending
information in milliseconds, you're not using that much power. So they were able to use
this then to get location, and they actually built it into the OS. So it's built into iOS
since 13-point-whatever, and then they built into Android also during that time
in 2021, or 2020, sorry. So in 2020, they added
these features to the OSes, and that bothered me already back then. Now, fortunately, people
were smart enough, they didn't go install contact
tracing apps on their phone. It doesn't stop the
capability from being there. The apps we install is basically for us to feel like we
have control over it, but in theory, how do we
know what's in the OS? How do we know what's in Google Services? How do we know if Google can't collect it? They can say, "Well, we're
not doing anything with it," but in order for it to
work, they're collecting it. This is what worries me
about these companies. What do they actually do? - You mentioned the problem with, was it the Ring doorbells ad the Alexas? Can you explain that, because it's the same kind
of issue, is that right? - This is Amazon now, so it's a little different tech problem, because Amazon itself
normally is not something that we worry about, because
they don't sell us the phones; they don't make the phones. We're not being tracked
from the phone side. We're being tracked from
our Amazon purchases maybe. We're not tracked in any other way. But what we don't know is that Amazon is one of the largest
government contractors. In fact, they provide
the back-end services in the Amazon Government Cloud. They run most of the internet
for the intelligence agencies. So, they are part of the main
part of the infrastructure, computer infrastructure, for government. And what they did was they
actually promoted this. They said, "Hey, people, promote Ring. "Government agencies, law enforcement, "promote Ring as your preferred camera, "and what we will do is give
you access to the videos." So Ring, if you're doing Ring, you're actually collecting all the videos, putting it into Amazon, and basically, you're being facially
recognized, and they can see what you do in your house by
putting the camera out there. In fact, how do I even
walk in my neighborhood? If I walk in my neighborhood,
somebody's Ring camera is gonna capture my face and do that. There's a hack, by the way. I should make a video about that. Well, you should know how to do this. You can just block the wifi
when you're walking by. Block the wifi so that the
wifis don't transmit anything while you're walking there. I mean, that's a very common hack. (David laughs) - I think you were saying the
Ring cameras and the Alexas have this BLE thing, and
they created a network. Is that right? - Right, so this is the actual, beyond just what Ring and
Alexa does, it's already bad that Alexa can collect all
your voices and listen to you. What they did was build
the sidewalk network, when can actually transmit
data to Amazon from anywhere using the network of Ring
cameras and Amazon Echoes, which, probably a good chunk
of people have an Amazon Echo. They can transmit at a fairly good range. So in theory, every metropolitan area is covered by Amazon
Echo and Alexa and Ring. And so, now we have a
network that's encrypted that's outside of the
internet that they can use for anything, and they can basically take the surveillance from a Ring camera and report it even
outside of the internet, which of course Apple also does
with the Apple Mesh network. And these are like, scary technologies, because what can they use it for? They can bypass the internet, so they can do things without a trace. - I understand the concern. These big companies know so many about us. I mean, there's so many stories where people will say they
searched for some product or they mentioned some
product, and then suddenly, they get ads for that
product or something similar. It's a huge invasion of privacy. So how do you stop it? How do you de-Google a
phone, as an example? I believe there are
multiple ways to do it, and you recommend one of the ways. Is that right? - Yeah, there's many ways to do it, but the basic way is to
have a phone that either does not have any Google
or to convert an Android into an Android Open Source Project phone. You have to reflash the phone. Back in the day, several years ago, I was promoting the use of Linux phones. Unfortunately, we can't find hardware that actually works too well
with the Linux phone today. The phone that I have is a PinePhone. I'm very supportive of that platform, but the technology just isn't there. Like for example, the power
management is not there. The phone doesn't work completely
when it comes to calling. There's some limitations. And the power lasts only like eight hours. It doesn't last the whole day. So there's some of the limitations. That's why I cannot recommend them. So I'm not necessarily
pushing any particular thing, as long as I know it's gonna run. So what I've been
recommending is using AOSP, or Android Open Source Project,
and I actually made my own. I make my own phone. So I have this one here. This is a BraX2 phone, BraX2 OS. So we made our own phone using
Android Open Source Project. I also take Pixels, and I
offer service in my company where we can flash Pixels for you. So we flash the Pixels. Either you buy one from
us, or you bring your own, and we flash your Pixels using LineageOS, and that's a service we offer. Now, one of the reasons
why I make these choices about these OSes, 'cause
there's many of 'em, is that I've chosen the
one that the average person will have the least
amount of problem with. Some of the OSes that are
used are very restrictive. You can't run any kind of app that's from Google Play, for example. I find that that will cause more rejection from my followers, which a
lot of 'em are not that techy. So I tend to go with kind of
a middle-of-the-road solution. In this case, I use
LineageOS for the Pixels. But the BraxOs is
something that we control, so we actually work on the OS ourselves. I have a dev team that
does the work on BraxOs. - Is that different to LineageOS then? - Yes, it is completely different, yeah. - You flash the phone and put
your own operating system on, or another option would be to use LineageOS to flash the phone, yeah? - And there's other ones. For example, there's CalyxOS
and Graphene and so on. So there's other options. I don't necessarily push others, because I gotta support 'em. And if I have to support
it, people will complain, and they say, "Well, why can't
I do X, why can't I do Y?" So I've made my choices. It's something that's consistent for me, and it's not perfect. Some people claim that they're not perfect because there's still some
communications with Google, for example, notifications. If you do notifications, you have to communicate with Google. When you go to any
website, there's a tracker. When you run any app, there's a tracker. Well, there's a tracker just because you have
notifications, for example. Well, how do you escape that? For a standard user, there's
no escape from a tracker. I'm not even sure you can
ever escape from a tracker, because of browser fingerprinting. The solution is, don't
let them get the identity. They can track you all you
want, but if they don't know who you are, it's basically
like wearing a mask. A de-Googled phone is a solution where it's as close as possible to a good regular phone,
but you're wearing a mask. - So let me see if I get this right. You get like an Android
phone, but you flash it with Kali Linux or Graphene
OS or BraxOs to LineageOS. So you're flashing the device. Then you don't have to have an account that's tied to that device. But what about apps? So how do you get apps? You see, that's always the concern, apps. - It's not just flashing LineageOS. You have to make sure
that you do not install the Google Services, which
is called GAPPS or GApps. So you don't install Google, 'cause standard install
for a standard Google phone is you install AOSP, and
you overlay Google on it. So you skip that step, so that's that. - So you wouldn't get
Gmail, as an example, here. - Right. So some of these OSes that you mentioned will not allow you to install
or they don't provide you with any methodology to
run any other kind of app outside of the apps
that they say are safe. And the main safe sorts of
apps on a de-Googled phone is an opensource store called F-Droid. F-Droid apps are secure, I
mean are private and secure, because they do not have
anything Google on 'em. There's no telemetry. So that's fine. Unfortunately, they're
not for your regular apps. For example, how do you get Zoom? How do you get Spotify? How do you get Kindle, you know, Amazon. Some of these typical
stuff, you cannot run. So how do you do that? Well, that's why I went with
the more moderate solution, and the solution is that
you install a spoofer, a store spoofer and a
Google Services spoofer. And the store spoofer
is called Aurora Store, so that's an open-source
project, Aurora Store, and the Google Services
spoofer is called microG. So I always install microG and Aurora Store on my de-Googled phones. So if you have those
two, you can pretty much go to the Google Play Store equivalent. The Aurora Store is
actually taking the app from the Google Play
Store without an identity. It's an anonymous account. Then it's able to download
the files, and then the apps, when they run, they think
they're running Google Services, because what happens is
the Google Services files, they're actually named
google.com.google.android.gsm, so it actually has a Google name. microG intercepts that, because
that file's actually microG, and the apps think Google
Services is on there. But in reality, many of the functions
are just stub functions, meaning they call the
function, and they don't return an error, so they say, "Oh,
Google Services is there." So they say, "Oh, geolocation, "or geofencing, it's geofencing here." They make a call, it
doesn't give an error, so they say, "Okay, it's running." So that's how you get apps to work. Now, microG, the one that
spoofed the Google Services, has the capability for actually
handling notifications. So that's truly Google. So it actually processes
notifications through Google, comes back through microG,
without your identity. And notifications is the main one that continues to work,
even with a de-Googled phone. But, not all apps work
on a de-Googled phone. For example, you can't
have Gmail, YouTube, you can't have any of that. You've gotta find
substitutes, which there are. You can't run anything
that requires payments, because there's no wallet. Other than that, believe it
or not, 90% of the apps work. - Yeah, I mean, it's always a toss-up between how private do you
wanna be, and inconvenience. Like, security, inconvenience
versus security, what are you gonna go for? I mean, if you want total
security, you don't plug your computer into any power
outlet or into the internet. You just have it off and put
it in a block of concrete. It's very secure, but it's
not gonna be very usable. And it sounds like what
you've done with BraxOs, you're trying to make a sort
of middle group for most, especially non-techy
people, is that right, because some people are
not gonna wanna go through all the hassle of buying
a phone and flashing it. A lot of this audience will,
but some people might not. Then they can just buy a phone from you that's pre-flashed, is that right? - Right, so yeah, the
people who come to me, I mean, to buy those phones, are the ones that do not
wanna invest time doing that. And some of 'em are techy too. I mean, it doesn't have to be. You don't have to be
non-techy to buy a BraX phone, 'cause these phones are inexpensive, so they can buy one if they want. Again, I found out, it
took me a lot of time to go study this and understand the issue. Since I cannot fight Google
and Facebook and Apple, they're too big to fight,
they're tracking too many things, there's no way: IP
addresses, Mac addresses, who knows what else they can track. If you stop them from collecting identity, a lot of their data science stuff stops, because the AI doesn't work
without a way to file the data. So they know what you watch on YouTube, but if they can't file it to an account, I mean, what do they know? Just imagine if your subscribers, you have a lot of subscribers. What if they did not have a Google ID? It would be hard to figure out who your market is, wouldn't it? - Exactly.
- We utilize the analytics, Google Analytics, from our channels, and we can see the age
group, the demographics, and what are their other
interests and so on. - Browser they use, yep. It's amazing how much data we
as just YouTube creators get. - Probably in my case, my Google Analytics is not as accurate, because we already know that
people hide stuff from Google. For example, according
to Google Analytics, my subscribers are 90% male. Well, I know that's false
because I can see the livestream, and I know many of those
people, and proportionally, it's definitely closer to
half than it is to 90%. - But lemme ask you some
quickfire questions. Which browser do you recommend? So on a computer, which
browser would you use? - All. - All of them, because you're saying you're hiding your
identity, is that right? You wouldn't mind using Chrome? - I have a very specific program. For anything that I'm gonna do Google login with, I use Chrome. So if I'm gonna use
YouTube, I'm on Chrome. If I'm gonna use Gmail,
Google search, whatever, well, I don't use Google
search, but I'm on Chrome. Now, you might say,
well, how is that good? Well, I have no choice. I'm a YouTube creator,
so I gotta be on YouTube. I mean, on Google with a Google ID. But, what I do is I do not do anything that's not Google on Chrome. I do not ever go into any website that I don't want Google to see. If I'm gonna do something on Chrome that I want Google to
see, I'll do it on Chrome. Otherwise, I don't do it. Actually, on the top of my
Chrome, I have my favorites, and I have a limited list of
where I will go to on Chrome. Now, if I need to go on
YouTube without a Google ID, I have a second browser. For me, my second browser is Brave. And the reason I use Brave
is Brave automatically deletes cookies when you
exit, so it's better for that. So when I go to YouTube, for
example, and I can watch, let's say videos that I don't want YouTube to see me doing on my account,
so I go on that on Brave, and then when in get done, it's gone. I never log in. Never, never, never log
into Google on Brave. Then I have a third browser. Now, again, my choice
of browsers past Chrome are completely up to you. I'm using Linux, so on Linux, I'm using Chromium as my third browser. So it's up to you. Use whatever you want;
I don't really care. So you just need a lot of
browsers, so at least three. So on my third browser, which is Chromium, that's where I do everything else. Now, the advantage of that is that there's no crossover of information, because Google cannot see
what I do on Chromium. It's impossible. So there's no connection, 'cause
I never log into Chromium. So if there's no
connection, there's no 2FA, nothing that connects Chrome to Chromium. So I go to any website, Amazon,
eBay, whatever, news sites. I'll do it on Chrome. I go to my app, Brax.Me,
I do it on Chromium. This is a technique I invented
many, many years back, I was talking about it on social media close to 10 years ago, and I
called it browser isolation. And by doing this, it stops the importance of browser fingerprinting and
all of these tracking things, because they can't track
you without an identity, and the identity in this
case is the Google ID. If you can stop the Google
ID, then whatever you do, they can track, but they
don't know who it is. - So you use Chrome for the stuff that you want Google to do
about, like go to YouTube, and then you use Brave
for general surfing? Did I understand that right? And then for private
stuff, you use Chromium, or did I misunderstood that? - I use Brave for Google not logged in. So I would never log into Gmail on Brave. But if I needed to go to
YouTube and do a search on how to fix my drain, and I
wanted to not let Google know that or YouTube know
that, I would go to Brave. But there's certain topics
that it can profile you, and I chose not to allow Google
to know which side I'm on on certain things; for example, politics. - And that's when you use Chromium or Firefox or something else, yeah? - That's where I use Brave for. - So then why the third one? Sorry, I didn't get that third one. - The third one has no
connection with Google, never touches Google. I never go to YouTube, never go to anything Google
on the third browser. The reason is the trackers for Google Analytics are on
each website, as you know. Every website with Google
Analytics has a Google ID. The moment they see a Google
ID, then they're all connected. So you've gotta stop them
from ever seeing a Google ID. - So you use your third browser to only go to specific website that
don't have Google Analytics? - Any website has Google
Analytics; I know that. But the third browser has
no experience with Google, anything that can log me in, never. - So Chrome is where you have a logged-in profile to
Facebook and YouTube; Brave is like your private browser window, but you're using a separate
browser like a private browser window, and that's
for YouTube searches as if you're doing a
private browser window, and the third one is where
you do everything else. I suppose the concern is,
can't Google track you or Facebook track you anyway
on your third browser, because Google Analytics and stuff and Facebook tracking gets
installed on lots of websites? They are tracking you, but
again, they don't have identity, so they can't connect it to a Google ID. There's no way, 'cause you've never been on Google on the third browser. If you make a mistake,
clear cookies, start again. It's not the end of the world. It's clear cookies, start again. Every time you clear cookies,
all of that resets anyway. So on the third browser, I
know Google's tracking that. I know that, 'cause every
website has Google Analytics. - Exactly, yeah. - But, they don't know anything. I mean, they don't know who it is. And I use a VPN too, so my third browser could look like anybody else's browser. - And do you use Linux
as your operating system, your main operating system? You don't use Mac or Windows, yeah? - Well, I'm a developer,
so I have to use all, but my primary one is Linux. So some computers are
dedicated for certain purposes. Like, I have a video
editing one that's like this computer here, and
this is running Windows, 'cause I gotta run Adobe Premiere Pro. But, my normal use computer is Linux. I'm using Pop! OS. - So your three browsers
are running on Pop! OS? That's where you do your surfing and your internet stuff and
then your video editing? 'Cause I like Macs just for
that reason, 'cause Mac is like, to me, the halfway
between Linux and Windows. It gives you the ability to
run editing applications, but it has some more security. It's more like Linux in many
ways than Windows would be. So that's interesting. Sorry, go on. - There's no tracking
obviously that I worry about with Windows since I'm
only using it for editing. My main activities are on Linux. - So what you're doing
is, rather than using virtual machines, you're
using separate computers for different use cases, yeah? - Right, unfortunately,
because of Adobe Premiere Pro and stuff like that, you
can't do virtual machines. They're not suited for that. The one thing, if anything, the main thing that I do is
I don't rely on the phone. I try to bring a computer
with me all the time, and my phone is just for emergency stuff. I try not to do too much on the
phone, and I use a computer. - Which search engine do you use? - [Rob] I use Startpage. In fact, it's pre-installed on my phones. - So you use that on your phone and your laptop, yeah,
or your computer, yeah? - Well, you know, I
used to use DuckDuckGo. - [David] Yeah, but there's
controversy about them now. - There's controversy about that. Startpage has their own
controversy at the time, but I am in contact with
the Startpage people, and they seem to be on the up-and-up. - What about the Brave search engine? Sorry to interrupt. - So my phone here is
running a Brave browser. - Would you use a Brave
search engine, though? - They're not that good,
so that's a problem. - You prefer Startpage, yeah? - Yeah, I mean, I'm open to that. Unfortunately, DuckDuckGo
was the only browser you could find on F-Droid
that was robust enough. There may be some smaller
browsers that you can use, but on F-Droid, I didn't have a choice. So Brave is actually not from F-Droid, which I didn't like to do, but I don't have a choice
right now with the controversy. - Do you have a VPN on the whole time, or is that just when you're
using your third browser? - One of the things I promote
is the use of a VPN router. So for example, my house
is 100% on a VPN router. For that reason, I don't even
have to worry about anything VPN-wise, 'cause the VPN
router's taking care of that. I don't think it's necessary
to use a VPN on cell data. You can hide stuff from the carrier, but most things are TLS nowadays. So I'm not sure it's as
essential to prevent tracking on cell data, even though
I might turn on the VPN because I have a Brax
router everywhere I go, I mean my VPN router, which,
that's just the brand name, I don't think about it anymore, but I don't necessarily
recommend that you worry about the VPN if you don't want
to when you're not at home. - So in other words, the reason to get a VPN router is that it's just easier. You've got one device;
all your devices are home are getting their traffic
routed through that VPN. You have your own VPN
solution, but otherwise, like Proton VPN would
be an example, right? - You can use any VPN router. I mean, there are companies
that sell VPN routers. Mine was just an inexpensive VPN routers, 'cause most VPN routers
are more expensive. The problem is, I based my
router on the Raspberry Pi, and you can't buy one now. - Yeah, that's a problem, yeah. - So I don't have a choice. So you can find something else right now, 'cause I can't sell mine,
'cause I don't have any stock. - It's mad, having to buy Raspberry Pis off of eBay and stuff like that. It's crazy how expensive they've got. Would you let them put
a chip in your brain or connect your brain to
the machine's neural net and these ideas that people are pushing? Because it sounds like we
already have a chip on us, don't we, with the phone? I think Elon Musk said it, and you've said that
as well, is that right? We're already chipped. We've just got a phone, right? - Well, Elon Musk's idea
is that we have a tool to fight the AI by having
our own AI that we control. That's more of what Elon is trying to do. He wants to enhance our capability to fight the AI by having our own AIs. - Companies can know so much about us because we've got a
chip not in an implant, even though some people are doing that, but it's basically carried
on us all the time. - Right, it's almost like society is pressing us to always use the phone. We can't even go to a
restaurant without having to pop your phone and look
at a QR code for the menu. There's this push in society that you are not normal if
you don't use the phone. And I'm trying to break away from that. - Yeah, it's mad. I mean, you can't do some banking these days without a phone. Everything's tied to an SMS or a two-factor
authentication on your phone. It's as if you can't live
today without a phone. - And the abuse of
two-factor authentication, as I talked about frequently, that instead of just being
2FA, they actually use it for what they call cross-device tracking. So actually, they don't even
anything their phone number. They just want to know
what phone you have, because they know you
can track you from here, 'cause the location is tracked on here. - Are you positive about the future? When you get into this privacy stuff and you're pushing against
this, does it kind of make you depressed that
SkyNet will be here one day? - It's very depressing,
it's very depressing. I can't say I'm winning right now. I have to say that I'm losing. My goal was, if I could
convince even one percent of the population that this is important, how many subscribers do you need to have to have one percent of the population? That's pretty big.
(Rob laughs) - There's a problem with
people that if it's privacy versus convenience,
convenience seems to win. - Because they don't think
if there's any consequence. And some of it is kind of interesting. I find some older people saying, "Well, I'm old already;
that doesn't matter. "So what if they know anything about me?" But they don't realize by giving in that they're actually
pushing their own children and their grandchildren and everybody else into the same pattern,
because they don't fight. So, unless everybody fights, we lose. And the only battle is
actually not even that hard. I'm just saying, stop them
from getting your identity. It's that simple. If you do that, data science fails. The data science fails. It doesn't have to be so sophisticated. You don't have to be a
cybersecurity expert. I'm not telling you to be
cybersecurity gurus here. If you can stop them from tracking the identity, that's enough! - Thank you for making us
aware of what's going on, and not just technical people,
but also non-technical, and talking about not just
doing this for yourself if you're an older
person, but also thinking of your children and your
grandchildren and pushing against. Any last words before we wrap this up? - This is not just about you. So you may not care, but your
children, your grandchildren, everyone after you will
have to face this world, and you have to defy this world now. - Rob, thanks so much.
- Thank you! ♪ Yeah ♪
(gritty rock music)
