Richard Stallman of the GNU project is famous for his absolutist stand on software freedom.  But he also takes a maximalist stance on privacy, resisting any attempt to gather his personal information, including his refusal to own a cellphone.

This choice is a bit hypocritical, because he states in his “RMS personal FAQ“:

When I need to call someone, I ask someone nearby to let me make a call. If I use someone else’s cell phone, that doesn’t give Big Brother any information about me.

So as long as other people have cellphones and their personal information is being surrendered, he doesn’t mind piggy-backing.  Sort of like saying “I refuse to own a car because they pollute the environment, so I take Uber instead.”

His refusal to own a cellphone is partly because they run non-free software.  I think the Purism Librem 5 would overcome this objection.  Their site states that “PureOS is a Free Software Foundation endorsed operating system”.  I’m sure Stallman might object to the modem firmware, which likely is closed source, but he did use a laptop with a non-free BIOS for many years until he was able to find a laptop that had a free BIOS.  This FAQ, however, was written before Purism existed.

Regardless, that’s only part of the issue.  One of the striking things in the other part of his rationale:

Nearly every cell phone has a universal back door that allows remote conversion into a listening device.

Starting at about 1:19:02 in this video, Stallman lays out more about this.  He starts by saying he has occasionally used cellphones but doesn’t own one.

Then he talks about how cell phones track users, which is a function of how the technology works.  Landlines POTS systems do the same thing.  If you make a call, the phone company knows that you called from 1-310-555-1234 to 1-212-555-5678.  How could they not?  You’re using their equipment and their lines.  What would Stallman propose as an alternative?  A system where there are no companies, only a nonprofit that runs international telephony?  Even if that was somehow possible (in 190-odd different countries), you’d still have the case where the nonprofit would know about all your calls.

At 1:20:07 he starts talking about how every cellphone has a “universal back door”.  The software can be “replaced remotely”.  It’s the “modem processor” that has this back door.

In this video, he says “I urge everyone to reject mobile phones” because they can be “remotely converted into a listening device” where the phone listens “all the time and transmits all conversation”.

But Is This True?

In a word, no.

His statements are like a conspiracy theory where the origin has a grain of truth, but it’s taken out of context.

Over the years, there has been leaked information about powerful state actors who have exploited flaws in cell phones to surveil.  For example:

• FBI “roving bug” surveillance against organized crime suspects
• NSA/GCHQ malware tools described in Snowden leaks
• Commercial spyware like Pegasus
• Malware that activates microphones/cameras remotely

But there is no evidence that all or nearly all phones contain a deliberate universal secret access mechanism intentionally built for governments, which is what Stallman is claiming.

It’s like saying “all laptops can be remotely converted into remote surveillance devices”.  It’s true that some laptops that are running insecure, unpatched software might be vulnerable to hackers taking control of the laptop and activating the camera, microphone, etc.  But that’s not by design and in cases where bugs/vulnerabilities have been discovered, they’ve been swiftly fixed.

What is true is more nuanced:

• Cellular baseband processors are extremely privileged and opaque
• Carriers can push firmware/configuration updates
• Phones often contain exploitable vulnerabilities
• Intelligence agencies have demonstrated advanced remote exploits

If Stallman had said he was concerned about security vulnerabilities, he’d be on more solid ground.  But he said “universal back door that allows” not “is vulnerable to exploits”.  I think it’s completely fair to judge Mr. “You Must Call It Gnu/Linux!” on his words with a very literal interpretation.  He means either

• a designed, universal back door to give the government access, and it’s used to record every conversations on every cell phone in the world, or
• a vulnerability that permit this, which the phone manufacturer has declined to fix, which is then the exact same thing.

There is no evidence of this.

raindog308

raindog308 is a longtime community LETizen, technical writer, and self-described techno polymath. With deep roots in the *nix world, he has a passion for systems both modern and vintage, ranging from Unix, Perl, Python, and Golang to shell scripting and mainframe-era operating systems like MVS. He’s equally comfortable with relational database systems, having spent years working with Oracle, PostgreSQL, and MySQL.

As an avid user of LowEndBox providers, raindog308 runs an empire of LEBs, from tiny boxes for VPNs, to mid-sized instances for application hosting, and heavyweight servers for data storage and complex databases. He brings both technical rigor and real-world experience to every piece he writes.

Beyond the command line, raindog308 has a life-long love of German Shepherd Dogs, high-quality knives, target shooting, theology, tabletop RPGs, playing guitar, and hiking in deep, quiet forests.

His goal with every article is to help users, from beginners to seasoned sysadmins, get more value, performance, and enjoyment out of their infrastructure.

You can find him daily in the forums at LowEndTalk under the handle @raindog308.