reorder FAQ

2020-03-02 05:16:55 -05:00 · 2020-03-02 05:16:55 -05:00 · 70fc36a6e2
commit 70fc36a6e2
parent 77b304c92e
1 changed files with 40 additions and 40 deletions
--- a/static/faq.html
+++ b/static/faq.html
@ -62,10 +62,10 @@
                    <ul>
                        <li><a href="#hardware-identifiers">Can apps access hardware
                        identifiers?</a></li>
                        <li><a href="#default-connections">Which connections do the OS and
                        bundled apps make by default?</a></li>
                        <li><a href="#cellular-tracking">What does GrapheneOS do about cellular
                        tracking and silent SMS?</a></li>
                        <li><a href="#default-connections">Which connections do the OS and
                        bundled apps make by default?</a></li>
                        <li><a href="#default-dns">Which DNS servers are used by default?</a></li>
                        <li><a href="#custom-dns">How do I use a custom DNS server?</a></li>
                        <li><a href="#private-dns-ip">Why does Private DNS not accept IP
@ -255,6 +255,44 @@
            <p>GrapheneOS only makes a small change to remove a legacy form of access to the
            serial number by legacy apps, which was still around for compatibility.</p>
            <h3 id="cellular-tracking">
                <a href="#cellular-tracking">What does GrapheneOS do about cellular tracking and
                silent SMS?</a>
            </h3>
            <p>GrapheneOS always considers the network to be hostile and does not implement weak
            or useless mitigations. Therefore, it does not have the assorted gimmicks seen elsewhere
            providing privacy/security theatre to make users feel better about these issues. One
            of the core tenets of GrapheneOS is being honest with users and avoiding scams/frills
            based around marketing rather than real world privacy/security threat models.</p>
            <p>Activating airplane mode will fully disable the cellular radio transmit and receive
            capabilities, which will prevent your phone from being reached from the cellular
            network and stop your carrier (and anyone impersonating them to you) from tracking the
            device via the cellular radio. The baseband implements other functionality such as
            Wi-Fi and GPS functionality, but each of these components is separately sandboxed on
            the baseband and independent of each other. Enabling airplane mode disables the
            cellular radio, but Wi-Fi can be re-enabled and used without activating the cellular
            radio again. This allows using the device as a Wi-Fi only device.</p>
            <p>Even if interception of the connection or some other man-in-the-middle attack along
            the network is not currently occurring, the network is still untrustworthy and
            information should not be sent unencrypted. Legacy calls and texts should be avoided
            as they're not secure and trust the carrier / network along with having weak security
            against other parties. Trying to detect some forms of interception rather than dealing
            with the root of the problem (unencrypted communications / data transfer) would be
            foolish and doomed to failure.</p>
            <p>Receiving a silent SMS is not a good indicator of being targeted by your cell
            carrier, police or government because <em>anyone on the cell network can send
            them</em> including yourself. Cellular triangulation will happen regardless of whether
            or not SMS texts are being sent or received by the phone. Even if an SMS did serve a
            useful purpose for tracking, a silent SMS would be little different than receiving
            unsolicited spam. In fact, sending spam would be stealthier since it wouldn't trigger
            alerts for silent SMS but rather would be ignored with the rest of the spam. Regardless,
            sending texts or other data is not required or particularly useful to track devices
            connected to a network for an adversary with the appropriate access.</p>
            <h3 id="default-connections">
                <a href="#default-connections">What kind of connections do the OS and bundled apps
                make by default?</a>
@ -338,44 +376,6 @@
                </li>
            </ul>
            <h3 id="cellular-tracking">
                <a href="#cellular-tracking">What does GrapheneOS do about cellular tracking and
                silent SMS?</a>
            </h3>
            <p>GrapheneOS always considers the network to be hostile and does not implement weak
            or useless mitigations. Therefore, it does not have the assorted gimmicks seen elsewhere
            providing privacy/security theatre to make users feel better about these issues. One
            of the core tenets of GrapheneOS is being honest with users and avoiding scams/frills
            based around marketing rather than real world privacy/security threat models.</p>
            <p>Activating airplane mode will fully disable the cellular radio transmit and receive
            capabilities, which will prevent your phone from being reached from the cellular
            network and stop your carrier (and anyone impersonating them to you) from tracking the
            device via the cellular radio. The baseband implements other functionality such as
            Wi-Fi and GPS functionality, but each of these components is separately sandboxed on
            the baseband and independent of each other. Enabling airplane mode disables the
            cellular radio, but Wi-Fi can be re-enabled and used without activating the cellular
            radio again. This allows using the device as a Wi-Fi only device.</p>
            <p>Even if interception of the connection or some other man-in-the-middle attack along
            the network is not currently occurring, the network is still untrustworthy and
            information should not be sent unencrypted. Legacy calls and texts should be avoided
            as they're not secure and trust the carrier / network along with having weak security
            against other parties. Trying to detect some forms of interception rather than dealing
            with the root of the problem (unencrypted communications / data transfer) would be
            foolish and doomed to failure.</p>
            <p>Receiving a silent SMS is not a good indicator of being targeted by your cell
            carrier, police or government because <em>anyone on the cell network can send
            them</em> including yourself. Cellular triangulation will happen regardless of whether
            or not SMS texts are being sent or received by the phone. Even if an SMS did serve a
            useful purpose for tracking, a silent SMS would be little different than receiving
            unsolicited spam. In fact, sending spam would be stealthier since it wouldn't trigger
            alerts for silent SMS but rather would be ignored with the rest of the spam. Regardless,
            sending texts or other data is not required or particularly useful to track devices
            connected to a network for an adversary with the appropriate access.</p>
            <h3 id="default-dns">
                <a href="#default-dns">Which DNS servers are used by default?</a>
            </h3>