Description

Sudo tackles the "Can I have a phone?" dilemma, dismantling the Apple/Google duopoly. We analyze the OpenAI breach, supply chain risks, and "Impractical" defenses: GrapheneOS, SIM swapping protection, app sandboxing, and mitigating hardware threats like baseband spyware.

In This Episode:

• Supply Chain Attacks: Lessons from the OpenAI/Mixpanel breach.
• False Dichotomy: Why iOS and Stock Android both fail on privacy.
• SIM Swapping: Physical vs. eSIMs and killing SMS 2FA.
• Custom ROMs: Comparing GrapheneOS, CalyxOS, and LineageOS.
• Banking & Integrity: Navigating Google’s Play Integrity API barriers.
• App Containment: Using Shelter/Work Profiles to cage hostile apps.
• Forensics: Why GrapheneOS defeats Cellebrite extraction.
• Hardware Risks: Baseband processors and LANDFALL spyware.

Featured Quote: "This is how you survive the modern world. You don't boycott the apps; you put them in a cage." — Sudo

Links & Resources

• OpenAI/Mixpanel Incident: https://openai.com/index/mixpanel-incident/
• Pixel Vulnerabilities (Ars Technica): https://arstechnica.com/gadgets/2025/10/leaker-reveals-which-pixels-are-vulnerable-to-cellebrite-phone-hacking/
• LANDFALL Spyware (Palo Alto): https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/
• Baseband Processors Explained: https://www.thelasttech.com/android/what-is-baseband-processor-in-android
• GrapheneOS: https://grapheneos.org/
• CalyxOS: https://calyxos.org/
• LineageOS: https://lineageos.org/
• Apple Privacy: https://www.apple.com/privacy/

Connect

• Support: https://patreon.com/cw/SudoBurnToast
• Newsletter: https://impractical-privacy.beehiiv.com/
• Twitter: https://twitter.com/The_IP_Podcast
• Instagram: https://instagram.com/impracticalprivacypodcast
• Email: SudoBurnToast@Protonmail.com