00:00:00
There's a bit of an elephant in the room
00:00:02
when talking about mobile phones. While
00:00:05
I emphatically tell you that you should
00:00:07
get an open- source phone for your
00:00:08
privacy, someone is bound to make a
00:00:11
video comment saying that phones are
00:00:13
unsafe. And then these people will
00:00:15
school me on the security problems with
00:00:17
phones. And admittedly, these people are
00:00:20
not wrong. So, one would ask, why would
00:00:23
you listen to me talking about privacy
00:00:25
phones when I cannot even assure you of
00:00:28
safety with threats like that? More
00:00:31
aggressive aspects of phone security is
00:00:32
not the area I focus on a lot since I am
00:00:35
more targeted towards big tech and
00:00:37
government mass surveillance, which I
00:00:39
believe is the greater threat way more
00:00:42
than individual targeted attacks. We all
00:00:45
want and need privacy and we need some
00:00:48
level of security on our phones, though
00:00:50
we are just average everyday users.
00:00:53
However, some people like Edward
00:00:55
Snowden, Julian Assange, whistleblowers,
00:00:57
journalists, politicians, and people who
00:00:59
live in the underworld of spycraft or
00:01:02
likely even criminals like drug dealers
00:01:04
need a level of security that's above
00:01:06
and beyond.
00:01:08
Then there are the famous people who get
00:01:10
blackmailed because of their nude photos
00:01:13
like Jeff Bezos or those who get
00:01:15
assassinated when speaking against the
00:01:18
Saudi government like Jamal Kosigible.
00:01:21
Both supposedly powered by a Pegasus
00:01:24
hack from the NSO group.
00:01:27
Or if you're a criminal, a spy, or an
00:01:30
enemy of the state, then when you are
00:01:31
arrested, they can take your phone and
00:01:33
extract your files and photos using
00:01:35
advanced tools. or someone could hack
00:01:38
you remotely.
00:01:40
Let me be clear, the average person
00:01:43
doesn't really need to worry too much
00:01:45
about these threats because these are
00:01:47
focused on high value targets. However,
00:01:50
I need to explain it to you so you can
00:01:52
judge for yourself if these are things
00:01:54
you need to worry about or not. I don't
00:01:57
want to give you an incomplete picture
00:01:59
with phone. So, stay right there.
00:02:07
In this video, I will delve primarily
00:02:09
into security issues on phones and we'll
00:02:12
skip the privacy threats of big tech. I
00:02:14
want to stress that the average person
00:02:16
is not a security target and phones are
00:02:19
generally very hard to attack. The
00:02:22
strong focus on security like on iPhones
00:02:25
and security features being pushed by a
00:02:27
graphine OS is based on the premise that
00:02:30
you should put all your data on your
00:02:33
phone.
00:02:34
and now you must spend all your time
00:02:36
guarding it. This is in contrast with a
00:02:40
privacy focused person who I encourage
00:02:43
not to put too much data on the phone to
00:02:45
begin with. So heavy security is not so
00:02:48
much the focus. However, if you put your
00:02:50
life on the phone, then yes, you will be
00:02:53
super interested in security and this
00:02:55
will concern you more. So today we will
00:02:58
focus on the security side and the
00:03:00
threats that you need to be aware of.
00:03:04
A state with physical access, data
00:03:07
extraction. If you're at the airport and
00:03:09
the authorities stop you and take your
00:03:11
phone, can they access your data? And
00:03:14
the answer is yes. And the amount of
00:03:17
data they can capture depends on
00:03:19
acronyms like BFU, AFU, and FFS. This is
00:03:23
important, so learn this with me. Newer
00:03:26
phones have a feature called the
00:03:28
filebased encryption or FBE. When you
00:03:30
put in your PIN code, password, Face ID,
00:03:33
fingerprint, or whatever on your device,
00:03:36
the device uses that to generate long
00:03:38
encryption keys, which are then used to
00:03:41
encrypt your files. As long as your
00:03:44
phone is unlocked once, but your device
00:03:47
is on the lock screen, the files on your
00:03:50
phone remain unencrypted. This state is
00:03:53
called AFU after first unlock.
00:03:59
Companies like Celbrite, which I
00:04:00
mentioned in a recent video, have tools
00:04:03
that can extract a majority of data from
00:04:05
a device if the device is in AFU mode.
00:04:10
And if your unlocked device is not on
00:04:13
the lock screen, they can extract the
00:04:15
entire data contents in a full transfer
00:04:18
mode called FFS. How do they extract
00:04:21
data for FFS? A company called Gray
00:04:24
Shift has a program called Graykey that
00:04:27
can brute force the password on a phone
00:04:30
and thus completely unlock it.
00:04:32
Apparently, this uses a zeroday
00:04:34
vulnerability and it can bypass the
00:04:36
protections of both iPhones and
00:04:38
Androids. These are tools used by law
00:04:41
enforcement. Now, interestingly, if you
00:04:43
reboot your phone, you are in a state
00:04:45
called BFU or before first unlock. In
00:04:48
this state, the data that can be
00:04:49
accessed is very minimal. So in this
00:04:51
kind of emergency just make sure to
00:04:53
reboot your phone before it can be taken
00:04:56
though you cannot be protected against
00:04:59
great key. Some forensic people have
00:05:01
stated that if you freeze the phone
00:05:03
memory it would ensure that the contents
00:05:06
of memory remain fixed and this would
00:05:08
allow it to be accessed later. These are
00:05:11
just examples of techniques used to
00:05:13
extract data like encryption keys and
00:05:15
memory.
00:05:18
A state with physical access
00:05:20
surveillance. When a state gets access
00:05:23
to your phone, they may return the phone
00:05:25
to you and at that point the phone is
00:05:28
likely tainted. There are very many ways
00:05:30
to insert malware into a phone or leave
00:05:33
it temporarily in memory when there's
00:05:35
physical access. Again, this is state
00:05:38
level stuff, not something the average
00:05:40
hacker can do. They can install secret
00:05:42
system apps directly modify executables
00:05:45
in Linux, root the phone, possibly put
00:05:48
key loggers and Trojans on the phone
00:05:51
since they can brute force the password.
00:05:53
They can get the same access as you can.
00:05:56
So all of this is possible. But the only
00:05:59
solution possible from here is at best
00:06:02
to reinstall the custom ROM from
00:06:04
scratch. But to play it safe, I just
00:06:07
sell the phone and get another. Now,
00:06:09
some of you will claim that your
00:06:11
ex-husband or ex-girlfriend did this to
00:06:14
your phone. Well, we'll get to that
00:06:16
later, but it is possible only if they
00:06:19
know your password. But in the
00:06:21
government case here, they can brute
00:06:23
force the password using gray key.
00:06:29
Physical attacks by people, you know.
00:06:32
There's an equivalent physical attacks
00:06:34
possibility in cases when someone you
00:06:36
know like an X had physical access to
00:06:39
your phone. The difference here is that
00:06:41
this person likely knew your password
00:06:43
like a pin code or pattern that is
00:06:46
easily noticed. If there is a potential
00:06:49
risk of this kind, I would probably rely
00:06:51
more on fingerprint protection as that
00:06:54
can not really be noticed. Some phones
00:06:56
can be fooled with a Face ID, so that's
00:06:59
not 100%. But if the only way to access
00:07:02
the phone is via fingerprint, then it is
00:07:04
more protected from others in your
00:07:06
house. There's some issue though with
00:07:08
fourth amendment rules pertaining to
00:07:10
biometric password. So just be aware of
00:07:12
that. The problem is that once someone
00:07:15
gets access to your phone with a valid
00:07:18
password, then they have complete
00:07:20
control and can route the phone, insert
00:07:23
the same key loggers, Trojans, and
00:07:25
advanced spyware. However, I failed to
00:07:29
imagine an average hacker with this
00:07:31
skill set. The most likely tools they
00:07:34
can install are commercial spyware apps
00:07:36
with subscriptions, and there are many
00:07:40
like location trackers and tools that
00:07:43
parents use to spy on their kids social
00:07:45
media use. This is the likely low tech
00:07:48
way, and these can be hidden if you're
00:07:50
not looking for them. Many of you assume
00:07:53
that everyone has some advanced skill
00:07:56
set in hacking here. Extremely wrong.
00:07:59
Most hackers are actually just crackers.
00:08:02
They copy what others have done. Very
00:08:04
few people have sophisticated hacking
00:08:06
skills and most of them will have
00:08:08
highpaying jobs in their fields or paid
00:08:10
highly for criminal activity.
00:08:13
Reinstalling the ROM should solve this
00:08:15
kind of case. A factory reset may not be
00:08:17
sufficient here depending on whether the
00:08:20
device was rooted. Although a factory
00:08:22
reset should be the first line of
00:08:24
defense when in a rush. Just note though
00:08:27
that modifying the root level files will
00:08:30
often break verified boot. So you will
00:08:33
likely get a warning as well. So if your
00:08:35
phone comes with a verified boot OS like
00:08:38
on a Bra 3 or a Graphine OS, then you
00:08:41
should pay attention to changes in
00:08:43
warnings on boot.
00:08:45
This does not apply to installations
00:08:48
like Linux OS that do not have verified
00:08:52
boot.
00:08:55
Internet attack full decryption. This is
00:08:58
likely the most common threat affecting
00:09:00
the most people and I would imagine this
00:09:03
to be applicable to countries that do a
00:09:05
heavy surveillance of their population.
00:09:07
Examples of countries in this category
00:09:09
would be China, Russia, Iran, Saudi
00:09:11
Arabia to name a few. The attack method
00:09:14
here is based on requiring citizens to
00:09:17
download some app to access some
00:09:20
government service. Then the app
00:09:22
installs a fake root certificate on the
00:09:25
device. I discussed the mechanics of
00:09:27
root certificate attacks in an old
00:09:29
video, but just in general, a fake root
00:09:31
certificate breaks the TLS encryption on
00:09:34
the internet. Whoever has a private key
00:09:36
to that root certificate meaning in
00:09:39
country internet routers and such can
00:09:42
then read the content in plain text and
00:09:44
use that to perform mass surveillance.
00:09:48
The other possibility which crosses into
00:09:50
a physical attack is that someone could
00:09:53
physically just insert a fake root
00:09:55
certificate on your device. This will
00:09:57
not leave any app to look at. So you may
00:09:59
not be aware of this change. And the
00:10:02
other approach here is that it can be
00:10:04
installed as part of an anti virus
00:10:06
project. Avast is an example of an app
00:10:08
that installs fake root certificates. So
00:10:11
if someone has access to that private
00:10:13
key, then any device with a VAS could be
00:10:16
spied on. So this could be used either
00:10:19
for mass surveillance or a targeted
00:10:21
attack.
00:10:24
Remote hacking attack.
00:10:27
Now let's get into remote attacks. This
00:10:29
is the kind of attack that involves
00:10:31
something like a Pegasus from the NSO
00:10:33
group. This kind of attack is beyond the
00:10:36
skill set of a normal hacker. This is
00:10:38
for those with deep pockets. The NSO
00:10:41
group does not provide hacking tools for
00:10:43
free and typically they market to
00:10:45
governments, though I imagine big
00:10:46
corporations could afford it, too. I'm
00:10:49
guessing that a Pegasus hack will have a
00:10:52
$1 million price tag. Are you worth 1
00:10:56
million to your opponent? So, if you're
00:10:58
expecting your ex to have access to a
00:11:00
Pegasus attack with remote hacking, then
00:11:03
you really need to move on to more
00:11:04
realistic concerns. Pegasus is based on
00:11:08
some toate unknown zero day, which I
00:11:11
imagine cost the NSO group a lot of
00:11:14
money to discover. It would be their
00:11:16
most protected asset. Pegasus is a
00:11:19
no-click attack. So, apparently, this
00:11:21
will not require you to take action to
00:11:23
embed the malware, which can extract
00:11:25
data from your phone. The most common
00:11:28
reason for zero days is a memory leak
00:11:30
which allows some root level code to be
00:11:32
inserted and then the phone becomes
00:11:35
vulnerable. And mostly it's been used
00:11:37
heavily against journalists and
00:11:39
anti-government people speaking against
00:11:41
certain iron fist regimes. At least in
00:11:45
publicized cases, it does not appear to
00:11:47
be used by the US. Though it wouldn't
00:11:49
surprise me if they had similar access.
00:11:52
From my research, the likely element
00:11:54
containing the malware payload is an
00:11:57
attachment. Either an attachment to
00:11:59
email, SMS, or iMessage. So, Apple
00:12:02
attempted to counter it by having a mode
00:12:04
where all attachments are eliminated.
00:12:09
Remote hacking attack SS7.
00:12:12
This requires a separate video on its
00:12:14
own and it is the SS7 architecture of
00:12:17
the phone network. Your phone has the
00:12:20
modem processor or otherwise called the
00:12:22
bassband modem and this device can be
00:12:25
remote controlled using SS7 commands and
00:12:27
even custom modem commands sent through
00:12:31
SS7. SS7 is the channel used by the
00:12:34
public switch telephone network the PSDN
00:12:38
to control phone functions like dialing,
00:12:40
forwarding and texting. It is basically
00:12:43
the language used to initiate phone and
00:12:45
texting traffic. But your phone can
00:12:48
secretly receive control messages as
00:12:51
made known by the SIMJER hack. And this
00:12:54
can activate an interface on your SIM
00:12:56
card that can do things like intercept a
00:12:59
call and text or initiate a call and
00:13:01
text. Just in general, this attack is
00:13:04
focused on phone related functions and
00:13:06
is not really connected to intercepting
00:13:08
your internet traffic or accessing your
00:13:11
files. Some things this threat can be
00:13:13
used for is to turn your phone on to
00:13:15
call someone without your knowledge.
00:13:17
Obviously, this turns on the microphone
00:13:19
and thus allows someone to listen in.
00:13:22
The commands to the phone are sent with
00:13:23
silent text over SS7, so there is no
00:13:26
indication that it has occurred. The
00:13:29
other threat here is that someone can
00:13:31
use this to intercept text messages,
00:13:34
which obviously can be problematic for
00:13:36
two-factor authentication. Someone could
00:13:38
control your bank accounts and social
00:13:40
media accounts. This way, the attacker
00:13:42
could also query your device for the
00:13:45
nearest towers. So, your location could
00:13:47
be approximated with tower
00:13:49
triangulation. Not super precise, but
00:13:52
could be useful for general
00:13:54
surveillance. The attacker has to know
00:13:56
your number to perform this attack. And
00:13:58
generally, this attack is not at the
00:14:00
skill set of the average hacker because
00:14:02
of authentication requirements to SS7. I
00:14:06
would expect that credentials from a
00:14:08
carrier employee or government access
00:14:11
would be required.
00:14:13
There are some theoretical attacks made
00:14:15
on the bassband modem itself to see if
00:14:18
it can be used to access the main OS,
00:14:21
meaning iOS and Android. I read in one
00:14:23
case where someone transferred a file to
00:14:25
the phone with a Samsung Exynos SOC. So,
00:14:29
this could be an advanced way to
00:14:31
transfer malware that has some zero
00:14:34
days. This is possible because the main
00:14:36
OS and the modem share memory and the
00:14:38
main OS interacts with the modem OS to
00:14:41
make calls. So there could be triggers
00:14:43
for the action. Another threat in my
00:14:46
mind is that some parts of the bassband
00:14:49
modem could receive custom code often
00:14:51
referred to in embedded systems as FPGA.
00:14:55
Some of you may have experienced the
00:14:58
automatic overthe-air OTAA update of
00:15:01
your phone modem with a carrier update.
00:15:05
Since this could load new software on
00:15:07
the phone, it could possibly be a vector
00:15:10
for introducing spyware at the modem
00:15:12
level and can be used to attract people
00:15:14
who approach certain sites like the NSA
00:15:17
site in Fort Me.
00:15:21
Supply chain attack.
00:15:24
There's another level of vulnerability
00:15:26
on a phone that is possible. Though
00:15:28
discovering these kinds of attacks may
00:15:30
be quite difficult. Phones even those we
00:15:34
classify as open source such as those
00:15:36
using Android open source project still
00:15:38
has programming that is not visible to
00:15:40
us. This is referred to as closed source
00:15:44
blobs meaning they are executable
00:15:46
binaries and we don't know what's in
00:15:48
them. A big source of these are device
00:15:51
drivers from Broadcom or device drivers
00:15:53
for cameras, sensors, power management,
00:15:55
and so on that do not come from Linux
00:15:58
itself. On an Android phone, these would
00:16:01
be files found in vendor system or
00:16:04
system liv 64.
00:16:06
Here's a theoretical example. Let's say
00:16:09
that the manufacturer of the camera
00:16:11
module modified the driver so that a
00:16:14
live shot could be monitored on the
00:16:16
phone by an external party.
00:16:19
likely the device driver for the camera
00:16:21
is close source and we don't know who
00:16:23
made the device driver. But if a device
00:16:26
driver is made to capture camera images,
00:16:29
then there is a feature in Linux that is
00:16:31
built into phones called SE Linux. This
00:16:34
means that each process has to be
00:16:36
assigned allowable behaviors by the
00:16:39
builder of the phone OS. For example, if
00:16:42
the camera driver is connecting to the
00:16:44
internet by itself, then SE Linux would
00:16:47
be the way to stop that since a camera
00:16:50
driver would not normally be given
00:16:52
internet rights or network rights. Now,
00:16:54
it is possible that someone modifying SE
00:16:57
Linux policies may screw up here, but
00:16:59
since SE Linux is outside of the control
00:17:02
of the driver programmer, then it would
00:17:04
be a long shot to get such a threat
00:17:07
activated. However, if some camera
00:17:09
driver interacts directly with the
00:17:10
network driver using secret
00:17:12
communications, then the collusion
00:17:13
between the two may not be within the
00:17:15
scope of what SE Linux can control in
00:17:18
its security policies. So, I state this
00:17:21
as a possibility and we should be on
00:17:24
guard that this could be an avenue for a
00:17:26
zero day. The other potential source of
00:17:29
threats is if someone embedded an
00:17:31
engineer at Qualcomm, MediaTek, Samsung
00:17:34
or TSMC to inject hardwarebased
00:17:38
functionality. These kinds of threats
00:17:40
are generally known as hardware supply
00:17:42
chain attacks. And the problem is that
00:17:44
they are very hard to discover inside
00:17:47
complex SOC's or even device drivers.
00:17:50
Now, some cocky custom ROM OS maker will
00:17:52
likely claim that their OS is
00:17:54
invulnerable. And with some of these
00:17:56
threats I mentioned, it becomes clear
00:17:58
that it is impossible to guarantee a
00:18:01
completely safe phone. Supply chain
00:18:03
attacks are, in my opinion, at the level
00:18:06
of three-letter agencies and embedded
00:18:08
engineering spies. There's already a
00:18:11
history of this having been done,
00:18:13
particularly on router equipment from
00:18:15
Cisco and others. This is something that
00:18:18
would be used very sparingly to keep it
00:18:20
a secret and likely reserved for high
00:18:24
value targets.
00:18:27
MZ catcher attack.
00:18:30
An old favorite attack was the use of
00:18:32
the stingray device which is just
00:18:34
generally called an MZ catcher. This is
00:18:37
a radiobased attack and is basically a
00:18:40
man-in-the-middle method of intercepting
00:18:42
your cell traffic. In theory, this
00:18:44
attack is well documented enough that
00:18:47
even hackers can use it to some extent.
00:18:50
However, personally, I think this is no
00:18:52
longer as important to use for law
00:18:54
enforcement purposes. Mostly, it is used
00:18:56
to wiretap someone and listen in to
00:18:59
conversations if you didn't know the
00:19:01
phone numbers of the parties. But if you
00:19:04
know the phone number, law enforcement
00:19:06
can just wiretap the number directly
00:19:08
from a browser over the internet. They
00:19:10
don't even need to be present. This is
00:19:13
because of the Kalia law, but this is
00:19:16
useful to know who's gathered at a
00:19:18
particular location. This device can run
00:19:21
in passive mode and just record images
00:19:23
of devices in the area and thus is a
00:19:26
proximity sensor. You can sense who's
00:19:28
near a particular location, which is
00:19:31
really geoencing. Again, this has been
00:19:34
replaced by an easier tool like Fog Data
00:19:36
Science, Anomaly 6, or the Google Sensor
00:19:40
Vault. All of which are heavily used by
00:19:42
law enforcement and have been used in
00:19:44
court cases.
00:19:47
What is the real life risk? Knock and
00:19:50
wood, my phones have never been hacked
00:19:53
and I'm of course a targeted person,
00:19:56
though typically I'm targeted by
00:19:57
hackers, not state level operatives. So
00:20:01
certain things I do must make me less
00:20:03
vulnerable to an attack. But on the
00:20:06
other hand, as I said, the bulk of the
00:20:08
attacks you see are from state sponsored
00:20:10
hackers, and I'm not that kind of
00:20:12
threat. The main lifestyle difference
00:20:15
that protects me is that I've learned to
00:20:19
not put much of my data on the phone.
00:20:21
Photos on my phone are recent, and then
00:20:24
I transfer them to my backup server,
00:20:26
which is Synology.
00:20:28
I not only limit the apps I use, but I
00:20:31
have a long-standing policy of not
00:20:33
opening attachments. As you all have
00:20:36
heard, the new phone technologies are
00:20:38
focusing on AI and the AI companion. And
00:20:41
the main feature of these new operating
00:20:43
systems is to see what you see. Apple
00:20:47
and Google both currently do client side
00:20:49
scanning to capture what you're doing on
00:20:51
screen, and Microsoft is doing the same
00:20:53
on a Windows PC. Fortunately,
00:20:56
open-source oss do not have this kind of
00:20:59
AI or AI agents that analyze your
00:21:02
content. So if someone physically takes
00:21:05
my phone, this kind of historical
00:21:07
information will not be on it. The
00:21:09
biggest risk to most people is from
00:21:11
physical access to the phone and the
00:21:14
threat is then either using government
00:21:16
tools like gray key to brute force a pin
00:21:18
code or your ex knowing your pin code.
00:21:21
Once someone unlocks your phone, then
00:21:24
all hell can break loose. But government
00:21:26
access aside with simpler protections
00:21:29
like using fingerprint or just being
00:21:31
aware of who can access your phone is
00:21:33
enough to prevent attacks. Having given
00:21:36
you all the security issues with phones,
00:21:38
it is crazy to be obsessing with all
00:21:41
this as some people do while ignoring
00:21:44
the main issue which is affecting 99% of
00:21:47
all people and that is having Apple,
00:21:50
Google, Facebook and others have
00:21:52
complete access to all your data. It is
00:21:54
not even important to look at your phone
00:21:56
as they already have your data remotely
00:21:59
or at least a profile of your data. And
00:22:02
this is why I focus on the privacy issue
00:22:04
more because it is more pressing. Only a
00:22:07
fraction of 1% of you may experience a
00:22:10
security attack. But 99% of you are
00:22:13
already subject to a privacy attack.
00:22:16
When I push you to use open-source
00:22:18
phones, I know that it really eliminates
00:22:21
you from being in the 99%. You will be
00:22:24
in the 1% of people safe from privacy
00:22:28
issues. Then at that point, working on
00:22:30
security issues makes you feel more
00:22:32
secure, and it is icing on the cake.
00:22:36
So, please put my teachings here in
00:22:38
balance. A good number of you claim that
00:22:41
you've been hacked, but to be honest
00:22:43
with you, you may not know you're hacked
00:22:46
until someone actually shows you
00:22:48
information that they've acquired from
00:22:50
you.
00:22:52
And don't assume that the information
00:22:54
came from your phone. It could have come
00:22:57
from the internet. But I'm 100% certain
00:23:00
that big tech already has a ton of your
00:23:03
data. In a follow-up video, I will go
00:23:06
deeper into some of the issues I
00:23:08
outlined here using my Bra 3 partner
00:23:11
Dominic Gingris as a resource. He has a
00:23:14
long history of building secure phones
00:23:16
mostly for governments and we can learn
00:23:19
some of the challenges of hardening a
00:23:21
phone against attacks.
00:23:28
Folks, while other channels sustain
00:23:30
themselves via sponsorships, we are
00:23:32
actively funded directly by this
00:23:34
community, hopefully one that benefits
00:23:37
directly from the education we provide.
00:23:40
Thank you to those who provide donations
00:23:42
to us through Patreon, locals, and
00:23:45
YouTube memberships.
00:23:47
Our long run approach is just to offer
00:23:50
services and compete in the open market
00:23:53
to generate your trust and patronage.
00:23:55
This makes me feel like I'm always
00:23:57
offering you value rather than feel like
00:24:00
I'm begging.
00:24:02
For those interested in the BRA 3
00:24:04
project that is handled by the site
00:24:06
bratech.net and you can see the current
00:24:09
status of the project there which
00:24:11
currently started shipping. We have
00:24:13
other products that you will find on our
00:24:16
community area on Brax.
00:24:18
There are over 120,000 users that are
00:24:22
part of our community and that discuss
00:24:24
security and privacy issues in a safe
00:24:26
environment. Many of you believe in us
00:24:29
and so this community is growing. Some
00:24:32
have been involved for more than 10
00:24:33
years. In our store there you will find
00:24:36
products like the Google phones, Brax
00:24:38
virtual phone, BrakesVPN
00:24:41
and Bra router. These are an essential
00:24:44
base to building your personal privacy
00:24:46
and of course support the creation of
00:24:48
content on this channel. Thank you for
00:24:50
watching and see you next time.
00:24:55
[Music]
