this post was submitted on 29 Mar 2025

36 points (95.0% liked)

Privacy

36386 readers

637 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

Is it possible to redirect WhatsApp and Signal calls to a landline? (lemmy.dbzer0.com)

submitted 2 days ago by marauding_gibberish142@lemmy.dbzer0.com to c/privacy@lemmy.ml

23 comments fedilink hide all child comments

I've been thinking about this for a bit but I couldn't come up with anything.

The idea is that you have a VOIP number and some self-hosted VOIP infrastructure connected to a landline phone. WhatsApp, Signal and voice traffic from other apps would be redirected to this landline phone instead of your mobile phone.

Is there a way to do this? How do I get started?

Reasoning: I can now keep my phone isolated, wrapped in a thick towel and inside a solid box to prevent it from eavesdropping on me inside my own house.

Please do not respond with messages like "you're too paranoid", it doesn't help.

Thanks

top 23 comments

sorted by: hot top controversial new old

[–] stupid_asshole69@hexbear.net 2 points 20 hours ago (1 children)

I don’t think you’re too paranoid, but it seems like this idea is kinda unexamined and needs to be bounced off someone else first:

Wrapping your phone up and putting it in a box won’t be nearly effective enough to prevent audio recording. If you want to try this yourself, start your voice recorder app, wrap up your phone and set it in the box, say some stuff at a normal volume then play it back. It’s been a while since I used that function on android, but a long time ago ios had variable gain automatically applied so in quiet situations (like being wrapped up in a box, or night time in the woods) recordings would contain the information you’re trying to capture.

If you do this (or have already done it), and feel like it’s good enough for your needs, export the audio to a program like audacity and run some of the voice filters there on it. Even in situations where your voice is, to human ears, completely covered up in background and room tone often these free, open source tools can automatically pull them up out of the noise floor.

Imagine what a professional using purpose built software is capable of.

But even if you had a perfect towel and box: your computer has a microphone and camera on it.

Now you might be able to comfortably disconnect both of those and only connect them when someone calls, but if you’re forwarding the data stream through the device you want to treat as compromised there is a good chance that your communication data will have to be decrypted on the device before retransmission.

But if somehow your preferred platform can maintain perfect forward secrecy while handing off between clients (it shouldn’t, because this is a feature used by surveillance organizations), going through voip is a security downgrade because the encryption used from your pots ata (the box that goes Ethernet to phone) to the pc running the pbx software is less strong than that used by your communication platform.

In addition, surfacing your communications to the whole network like this would do opens you up to attacks on your ata and the ones for soho that you’d use are incredibly insecure to the network they are on. They’re worse than those consumer routers you always see with internet facing management pages.

So the next logical step, assuming you have the aforementioned perfect towel and box, is to just use the native pc programs for the communications software you want to make and receive calls through.

Of course, theres nothing preventing your assigned agent from compromising your pc, and in some ways thats an easier job than with a phone.

So I want to ask this as a person who has been surveilled: what kind of eavesdropping are you trying to avoid?

[–] marauding_gibberish142@lemmy.dbzer0.com 1 points 20 minutes ago* (last edited 19 minutes ago)

Thank you for your comment. Your response had me thinking for a while, and yes I think you uncovered it: I had a theoretical idea without actually considering the practical outcome.

I do not have a 3-letter agency targeting me to my knowledge. I quickly realised that sending signals over VOIP is a bad idea, I won't be doing that.

You are again correct: I run Debian as my daily driver, and it would be foolish to not consider my computer to have been compromised already. I have removed the built-in camera and microphone but I haven't attempted to clean out Intel ME from my system.

All of this makes my question look pointless since there's already so many attack vectors. In which case, I'd be interested in your opinion in physically cutting off attack vectors from an Android phone as an academic question.

Thank you for the wonderful comment.

[–] James_Ryan@discuss.tchncs.de 1 points 22 hours ago

Why not use the clients for Pc?

[–] Firipu@startrek.website 1 points 1 day ago (2 children)

Not to argue about the privacy issue, but aren't there better options than a towel? Get a phone without camera? Get one of those phones with physical switches for sensors? Get graphene OS and don't install anything but signal? I feel the towel wrapping is not the best solution for your privacy issue.

[–] marauding_gibberish142@lemmy.dbzer0.com 2 points 1 day ago

The issue is cost. Purchasing a pixel just to keep it lying around for one app is a bit too expensive. I'll just use my of phone instead

[–] accideath@lemmy.world 1 points 1 day ago

Yep. Look at something like the PinePhone. It has hardware switches that can disable camera, microphone and all types of wireless communication, respectively. And no need to degoogle, since it’s not googled in the first place (runs either Manjaro, PostmarketOS, Mobian or whatever you put on there yourself). Only drawbacks: it’s not really cheap for the specs and a little hard to find these days. But there are probably comparable devices out there.

[–] solrize@lemmy.world 10 points 2 days ago

You can bridge it through e.g. Twilio but it will add latency that makes the voice calls less pleasant. You're better off with a phone that has a microphone kill switch, or physically remove the microphones (hack the hardware) and only use an external mic. Or power down the phone altogether.

[–] featured@lemmygrad.ml 4 points 1 day ago (1 children)

As somebody else mentioned, using a computer and just taking calls there would work and give you solid control over microphone activation etc. If you really want the landline experience, look into adding a USB handset to that setup. It’ll just act like a mic and headphone from your computer but in the classic phone form factor

[–] pineapplelover@lemm.ee 1 points 1 day ago

Yeah, Snowden himself says he desolders microphone and camera on his devices. I'm sure a pc with no mic and cam would do just fine. Or go the desolder route. You can use Signal on a burner phone for the initial setup and then take the battery out so now you just have Signal on your presumably private linux pc with nothing on there.

[–] anamethatisnt@sopuli.xyz 14 points 2 days ago (1 children)

You could use a computer with a headset as a linked device, that's the closest I can think of.

[–] marauding_gibberish142@lemmy.dbzer0.com 1 points 1 day ago (1 children)

Hmm, do you think there's a way to have the ringing happen on the speakers but the conversation on the headphones? TBH if this is possible then I don't need to use such complicated measures

[–] pineapplelover@lemm.ee 1 points 1 day ago

If you're on the pc you can just switch audio output to your speakers, then run to your pc and switch audio output to headphones to proceed with the call

[–] Dropper_Post@lemm.ee 1 points 1 day ago (1 children)

Wrapped in towel inside solid box? Would wifi or 4g work then reliably?

[–] marauding_gibberish142@lemmy.dbzer0.com 1 points 1 day ago (1 children)

I'm not putting it in a Faraday cage, just preventing it from listening and seeing anything. I'll place it closer to my WAP if it needs it

[–] Jason2357@lemmy.ca 2 points 1 day ago

Might be easiest to just drill out the mic and camera, and use a usb headset for calls. I also suggest specific threat modelling and learning about opsec as that may help you feel more in control. After that, please look after your mental well-being. We all should.

[–] harcesz@szmer.info 8 points 2 days ago

Interesting concept. There's https://github.com/AsamK/signal-cli which specifically allows piping messages from Signal to another process, but at a glance its not clear if it allows for that with audio calls.

[–] jet@hackertalks.com 2 points 2 days ago (1 children)

This would be a cool gimmick

If you want to maximize paranoia, don't forwarded end to end encrypted communication over unencrypted systems

[–] marauding_gibberish142@lemmy.dbzer0.com 2 points 1 day ago (1 children)

Yes I realised that after I posted, sorry. Do you have any other ideas I could look at? I just want to keep my phone locked up and away from me when I'm in the house but still be able to talk to family over the chat apps they use (they are not very technically literate so Simplex is out of the question; it took a lot of convincing to get some of them in Signal)

[–] jet@hackertalks.com 2 points 1 day ago (1 children)

use a house phone with only signal installed on it.

use a different phone user with only signal installed on it (you can use molly to share the same account on multiple phones)

[–] marauding_gibberish142@lemmy.dbzer0.com 2 points 1 day ago (2 children)

It's still the same problem no? If I can't DeGoogle a phone then I don't know what and how much data is being captured. Honestly I really liked the idea to just keep the desktop app running on a separate PC with headphones plugged in. I'm wondering if USB landline converters exist so I can have it ring when a call comes but then I can speak like when I'm wearing headphones.

Thank you for the suggestion though

[–] pineapplelover@lemm.ee 1 points 1 day ago

You can use some voip service to have regular phone calls go to your pc.

[–] jet@hackertalks.com 2 points 1 day ago

Why can't you degoogle a phone?

You can use GrapheneOS, or lineageOS... or a iphone, or a chinese phone...

Since its your home network you can block all network access except to signal for the phone.

[–] Deello@lemm.ee 2 points 2 days ago

Haven't had landlines in a long time but when I did I remember looking at cordless phones with Bluetooth to connect to your cell phone so you can answer both phones (cell phone and landline) on the handset. Beyond that look into pbx.