Welcome to the Calyx Institute

Mobile Advertising Is A Nightmare

Two recent studies in 2021, one from Oxford and one from University of Edinburgh, have attempted to develop metrics for how much advertising-related tracking of personal information and behavior actually happens on Android and iOS devices.

Shocking no one, the answer is: a lot. The first study compares the apps in iOS and Android, looking at the level of tracking and personal information that is gathered by these apps, much of it likely in violation of various privacy laws in the EU. The authors conclude that consolidation in the tracking industry means that few a companies (particularly Google, Apple, and Facebook) have extensive access to user activities, and Apple and Google have no incentive to reduce bad behavior among apps.

The second study examines various distributions of Android OS itself: how the different device manufacturers such as Samsung and Xiaomi include all sorts of tracking in the stock operating system that is included with their devices. CalyxOS has zero trackers built into the OS, although CalyxOS was not included in this study.

The Future of Mobile Advertising

Both Google and Apple have designed their operating systems to facilitate the process of turning your personal information into a revenue stream, for apps you have installed and ultimately for carriers, device manufacturers, and Google or Apple. This is not simply a question of advertising: the extent of the personal data accumulated for the purpose of marketing is truely staggering, and has increasing consequences in our everyday lives, including health care, insurance, credit, immigration, and incarceration.

After years of public criticism, both iOS and Android have gradually made it harder for app developers to track users without going through the recommended hoops. While it was once possible for normal apps to track users with immutable identifiers related to the device, such as the IMEI number, this is no longer possible.

For both iOS and Android, major changes are coming soon (or newly deployed) to make tracking user behavior across apps and platforms more difficult.

In iOS 14.5, users now have to opt-in to being tracked on a per-app basis (previously they could opt-out). In Android 12, the ability to opt-out of tracking will actually be enforced on a per-device basis (previously, the opt-out was just a flag sent to the apps, now the apps won’t get the tracking identifier).

The operating systems can enforce these changes because there are basically three identifiers that the vast majority of advertising networks and data brokers use to correlate user behavior and personal information:

• Apple Advertising Identifier (IDFA): provided to each app by the OS on Apple devices and shared among all the apps.
• Android Advertising ID (AAID): provided to each app by the Google Play Services on stock Android devices and shared among all the apps.
• Facebook App User IDs: An additional unique identifier for a Facebook user account that can be used by the Facebook ad network if the app is privvy to the user ID (for example, if you used Facebook to authentication for the app or if you linked your account in any way).

The Google advertising network uses AAID (on both stock Android and iOS devices), Apple’s network uses IDFA (on iOS only), but most third party networks (including Facebook’s) can use all three. If you supply an app with an email address, or other unique identifier, that is certain to be used as well.

With the changes made by Google and Apple, there is likely to be attempts recover some of the lost revenue. As with websites, many apps may stop working if you have interest-based advertising disabled. Or, apps may attempt to track users by other means, such as building a unique fingerprint of the hardware by measuring slight variations in the sensors. Some website do this already with web browsers, allowing a website to uniquely identify a visitor even if all cookies are turned off (although this practice is not common). The use of any hardware-based identifiers for advertising tracking is strictly forbidden by the Google Play terms of service, but enforcement has always been lax.

Lest one think that Google and Apple are making these changes because of a sudden change in heart, the new privacy enhancements in their respective platforms have the consequence of limiting the information that advertisers have about your personal information, but not limiting how this information is retained by Google or Apple themselves, potentially increasing their strategic leverage over competitors.

How Does All This Relate to CalyxOS?

In CalyxOS, the Android Advertising ID (AAID) is always random, every single time an app requests the value. There is no way to turn off this behavior. Like it or not, CalyxOS prevents all tracking with the AAID, which has the effect of preventing most tracking by all ad networks and data brokers.

However, you will still see ads, and CalyxOS doesn’t do anything to prevent tracking through the Facebook ID.

With Android, if you want to block ads themselves you have two options:

• rooted devices: install an app that modifies your system to block certain domains known to be used for tracking. This is a bad option, because running a device with root privileges completely undermines the security of your device. CalyxOS does not support this.
• unrooted devices: install an app that sets up a fake VPN that filters out certain domains. This is also a bad option, because then you cannot run a real VPN.

For apps available in F-Droid, TrackerControl supports the VPN approach, and AdAway supports both rooted and VPN approaches. Additionally, there are numerous similar commercial apps available in Aurora Store.

In the future, CalyxOS will incorporate a simple way to block ads and tracking in apps, but in a way that does not require a rooted device and still works with VPN. This will allow you to both not see advertising in apps, and also prevent tracking that uses other networks that don’t rely on AAID.

One additional note: mobile carriers still have access to the hardware identifiers on Android and can use this to correlate hardware information with advertising IDs that might be reset. Verizon, for example, directly owns one of the largest advertising networks and is also the largest mobile carrier in the US. I have not seen research or reporting that answers the question of how Verizon uses it privileged position as a mobile carrier to enhance it’s ad network, but chances are they do. CalyxOS does not allow carrier apps with special access to hardware identifiers to be automatically installed (as is usually the case on stock Android), but these apps can still be installed manually through Aurora Store. The carrier obviously always knows most of the hardware identifiers, because that is how you connect to the mobile network, but the carrier only can tie this to your advertising identifier if they additionally have an app installed on the device.

We're so excited about the tremendous interest that the world has shown in our CalyxOS phones, which we offer as part of our CalyxOS Privacy Defender membership. We're currently waiting for our next shipment of phones to arrive, so we expect to have them back in stock and available again as as part of our membership program soon!

In our work developing free digital privacy technologies and partnering with other organizations who protect privacy and free speech, we often find ourselves at the right place at the right time to get "the inside scoop" on cybersecurity's cutting edge.

We're excited to bring that info to our members in the form of our Medium page, where we'll be posting deep-dive articles written by our staff about the tech, policy and people who are at the forefront of the digital privacy movement. It's a great place to learn about a new app to stay connected during an internet blackout, tools to make Tor accessible in countries experiencing extreme censorship, and much more!

As always, many thanks to our Calyx Institute members, whose generous donations make our mission of preserving and expanding digital privacy possible!

Our annual report is officially here! You can read about what we've been up to this past year here.

Some highlights include: tremendous growth in membership program, further development on CalyxOS, and an expansion of our Microgrants and Small Projects program.

"We were driven by two ideas over the past year...making it simple and supporting those around us." - Nicholas Merrill, Executive Director

This past year, we made it a priority to put the privacy and security of CalyxOS in the hands of the people by making it simple enough for anyone to use. Inspired by the mutual aid of our neighbors and friends, we expanded our Micgrogrants program to provide more financial aid to struggling organizations and projects in our Internet Freedom community. Of course, none of this would have been possible without our members.

Thank you so much for your continued support!

Thank you so much for your support and patience throughout this busy season! Our office will be closed this coming Monday, May 31 2021, in observance of the Federal holiday, and at low staff capacity in following days while a few staff take time off. If you reach out to us during that time, our response may be slower than expected.

We have been surprised and delighted by the tremendous response to our new Sustainer memberships. We are packing and shipping as fast as we can to make up for the delay we experienced when our latest shipment of hotspots was delayed. If your M2000 hotspot has been delayed, don't worry! We'll be extending the memberships of all new and newly-upgraded Sustainer members to make up for the delay. If you have an existing Calyx hotspot that is set to be replaced by an M2000, your existing hotspot will continue to work until your M2000 arrives.

We really appreciate your enthusiasm for our mission, and the patience you have shown our small team. As always, if you experience problems with your hotspot or wifi service please call tech support at 877-216-9603 for help. If there are any questions we can answer for you, or anything we can do to improve your membership experience, please don't hesitate to reach out at help@calyxinstitute.org

Thanks so much for your tremendous response to our new Sustainer memberships, which include the 5G-capable M2000 hotspots! We're already running low on our initial stock of the M2000, but we expect to have more arriving in the next few days. If you're not able to sign up for a Sustainer membership or order an M2000 as your preferred replacement device, please stay tuned to this page and to our social media for updates about when the M2000s will be available again!

We're pleased to announce that we're now offering our first ever 5G capable hotspot, the Inseego M2000, as part of our new Sustainer level membership. The M2000 hotspot has max theoretical speeds of 2.5 Gbps down and 316 Mbps up, can support up to 30 connected devices, and has USB tethering capability. As with all Calyx Membership hotspots, wifi data is unlimited and unthrottled.

The yearly dues for our Sustainer membership are $750 for the first year, with a discount to $500 per year for subsequent years. The Sustainer level membership is not available as a quarterly membership.

Before deciding if a Sustainer membership is right for you, we strongly recommend calling Sprint for an up-to-date, personalized coverage assessment at 888-211-4727 and/or checking cellmapper.net to see if 5G signal in your area is good.

5G is a relatively new technology, and we want to be transparent about the fact that 5G capability may not be a "silver bullet" for all connectivity and service issues. This device may not be right for everyone. 5G service is still not available in all areas where our other hotspots operate, because 5G infrastructure is still being built and refined throughout the US. Service, speed, and performance depend on many factors which The Calyx Institute does not control, including carrier network capabilities, device configuration and capabilities, network traffic, location, signal strength, signal obstruction, and more. Actual results may vary.

As with all our memberships, The Calyx Institute cannot offer test hotspots, or offer refunds if service is inadequate or non-existent. Our wireless hotspots and data plans are offered as a thank-you to member donors who sustain our research into privacy protecting communications technology, and are not a commercial transaction.

You can read more about the Inseego M2000 hotspot here: https://www.rvmobileinternet.com/gear/5g-mifi-m2000/. If there are any other questions we can answer for you about our memebrships or the hotspots we offer as membership premiums, please let us know at help@calyxinsitute.org

If you have a hotspot as part of our Contributor or Contributor Plus memberships, we have big news for you! We are pleased to let you know that another roaming update will take place this weekend for our mobile hotspots. In order to receive this latest Preferred Roaming List (PRL) update, please restart your hotspot this Sunday (05/02/21) and keep it powered on this Tuesday (05/04/21).

Once your hotspot accepts the PRL update, your service will continue on the Sprint network as normal. With this update, your device will also have improved roaming capabilities on the T-Mobile network. Roaming on the T-Mobile network will only occur when your device is no longer on the Sprint network, and where the T-Mobile network is available. For those of you who have been our members for a while, you may remember that a similar PRL update happened last fall to expand our hotspots' access to the T-Mobile network when Sprint is not available. We expect the effects of this PRL to be similar to the previous one in terms of increasing access to T-Mobile's network as a result of the merger between Sprint and T-Mobile.

Your Calyx Institute membership benefits will still include unlimited 4G data and no throttling, as always.

If you are having questions about this PRL update, we recommend reaching out for additional info to Sprint at 877-879-5031 and tech support at 877-216-9603. If your device experiences any issues, please call tech support at 877-216-9603 to troubleshoot and get started on a warranty replacement if needed. Don't hesitate to email us at help@calyxinstitute.org if there's anything we can do to make your Calyx Institute membership great!

We're hiring a systems administrator / systems developer at The Calyx Institute! This role will become responsible for developing and maintaining parts of The Calyx Institute’s infrastructure. We are looking for someone to help modernize, update, and properly document these services and their setup as Calyx continues to grow. Our digital services include our instances of Jitsi, CalyxVPN (running on the Bitmask platform), Mumble, XMPP/Jabber, Mail, Tor servers and Onion services, our website, DNS, and mirror servers for partner organizations (such as the Tor Project).

The Calyx Institute is a not-for-profit education and research organization devoted to studying, testing, developing, and implementing privacy technology and tools to educate the public and promote free speech, free expression, civic engagement and privacy rights on the internet and in the mobile telephone industry. Calyx offers a range of tools and technologies for secure communications and censorship circumvention to users around the globe.

We think a successful candidate for this role would join us with the skills and experience to be able to:

• Git: forking, branching, merging, reviewing, and rebasing. Ansible: writing ansible playbooks, deploying and maintaining servers using ansible, and troubleshooting problems.
• Interest in containers: building and registering images, deploying containers, upgrading containers.
• Use SSH: generating keys, validating host keys, installing authorized keys.
• Ease and comfort using command line tools and shell scripts in a Linux environment.

Bonus points if you have experience with or an interest in:

• Security planning: some previous exposure to information security basics, such as inventory management, upgrade and security patch management, and threat modeling.
• Container orchestration: some previous exposure to any container orchestration system, such as Kubernetes, Docker Swarm, etc.
• Debian: experience with Debian or another apt-based Linux distribution.
• Networking: some previous exposure to topics in network administration, including network optimization, isolation, BGP routing, DDoS mitigation, and so on.
• Working on other privacy, security, or censorship-circumvention technologies or projects.

We know that there are amazing candidates that won’t match the job description as we’ve written it. We don’t expect you to meet all of the above requirements. If you feel that you meet several of these requirements or could meet them with a little support, we would love to hear from you. At The Calyx Institute, we all wear many hats, but we don’t expect anyone to wear every hat.

In the coming year, we expect that you would be able to:

• System Administration: manage Calyx Institute servers using best practices such as infrastructure-as-code, regular backups, failure recovery plans, timely updates and security patches, data minimization, and privilege isolation.
• System Development: lead the design and automation of Calyx's public and private digital services, currently including CalyxOS build pipeline, voice conference, VPN, chat, email, DNS, Tor gateways, support tickets, and various web services.
• Information Security: coordinate regular assessments of Calyx Institute's security profile, including practices for signing builds, maintaining keys, use of email, patch management, safeguarding data, and privilege assignment.

In the long term, we expect that you will be able to:

Help us to design and deploy the next generation of Calyx Institute infrastructure, including containerization, continuous integration, centralized logging, privacy-respecting analytics, threat detection, high availability, single-sign on, and scalable storage for CalyxOS user backups and data synchronization.

We think this role might be an especially good fit for someone who:

Wants to be engaged in our mission of educating the public about privacy and surveillance, and our work in providing privacy-by-design services and working support users who are disproportionately targeted by surveillance and censorship.

This is a full-time, salaried position located remotely within the United States or at our Brooklyn, NY office, beginning mid-June.

Salary and Benefits We are offering a salary of $75,000 - $100,000, commensurate with experience and qualifications. Calyx offers health, vision, and dental insurance, sick leave, three weeks vacation time, and holidays off.

How to Apply

Please send the following to jobs@calyxinstitute.org with a subject line that includes “Systems Developer / Systems Administrator”:

• A cover letter in PDF format.
• A 1-2 page resumé in PDF format.
• 2 professional references with contact information.

The Calyx Institute is an equal opportunity employer. Calyx encourages applications from all qualified individuals without regard to race, color, religion, gender, sexual orientation, gender identity or expression, age, national origin, marital status, citizenship, disability, veteran status and record of arrest or conviction.

We think a strong candidate will exhibit competencies in technical project management, clear communication, and trust building.

All interviews will be held remotely. We will respond to all applicants to inform them of whether we would like to schedule an interview. If you have not heard back from us within two weeks of your application, please reach out.

Candidates who are selected for a second-round interview will be asked to complete a questionnaire or short assessment exercise before the interview. This will take no more than two hours, and is intended to better understand how you might approach challenges similar to those you would find in this role. This will not include work that can be used in the real world, and is not a test, but rather is intended to help better inform the interview process.