When I was working at EFF, I started writing (but never finished) a couple of essays along the lines of "the degree of trackability of mobile phones is an unfortunate accident, and we should fix it".
It basically comes from routing requirements (especially to receive incoming phone calls) combined with billing requirements (to make people pay for their connectivity) combined with the empirical requirement to see which base station a device is connected to, and which other base stations can see it at a given moment.
If you aggregate all of that data, then you know a (geographically moderate-resolution) complete history of where almost all people have been at almost all times, and patterns of their habits and whom they probably recurrently spent time with.
Not all of this data has to be collectable, because these things could be disaggregated by introducing different protocol layers. For example, you could pay the mobile company for data connectivity, but use cryptographic blinding mechanisms so that it doesn't know which specific subscriber obtained connectivity at a particular place and time. (Those blinding mechanisms could be implemented inside of SIM cards, so the SIM card's task is to cryptographically prove "I am a SIM card of a current paying subscriber of carrier X" rather than "I am SIM card number 42d1b5c0".) You could have device hardware IDs be ephemeral rather than permanent. Actual messaging and call services could all be "over the top" (as phone industry jargon puts it), provided by people who are not the phone company itself.
This disaggregation is a straightforward improvement from a privacy point of view because it prevents companies from knowing things about you that they didn't need to know in order to provide services.
Meanwhile, in the world we live in, we see governments trying to make it harder to make phones less trackable, by putting legal restrictions on changing hardware addresses, or requiring legal ID in order to establish service. I imagine that an additional cryptographic indirection layer in SIMs to prevent carriers from linking a permanent identifier to a network registration (or specific data use) would also be banned in some places if it were invented.
This shouldn't be inevitable. One thing that made me think about this was when there was a little scandal (which I was a small part of) about companies tracking device wifi MAC addresses for commercial purposes. There was a little industry that would try to recognize people and build commercial profiles based on recognizing that the same device was present (in fact, at the time, even if it didn't actually connect to the wifi -- because a typical wifi-enabled mobile device was sending broadcast wifi probe packets that included its MAC address). So Apple was like "this is a bad use of MAC addresses, which only exist to distinguish devices that happen to be on the LAN at the same time, and perhaps to allow network administrators to assign permanent IP addresses to specific devices", and they made iPhones randomize wifi MAC addresses for some purposes, mostly fixing that particular issue.
We could think just the same way about GSM networks: "these identifiers exist for specific protocol reasons; using them for device or user tracking is an abuse that should be mitigated technically".
> combined with billing requirements
There's a certain flavor of US libertarian that complains that they should only be taxed for exactly the road-surfaces they personally use in proportion to how much they use them.
In response, I like to point out to them that their dream of "fair billing" can't occur without a nightmare of surveillance, making it easy for the government (or road-owners, and indirectly the government) to track and remember everybody's movements in excruciating detail.
Is that worth it? Perhaps a "sloppy" billing system (e.g. fuel/mileage taxes for roads) is actually an extraordinarily good deal in terms of the privacy we take for granted.
Agreed, I always think that all these taxes should indeed just go through fuel. Want a bigger, heavier, more polluting car? Want to drive like a F1 driver? Fine, you pay more. Want to drive a long distance? You'll pay per distance*car_size. Want to go electric? You'll pay tax on electricity in concordance with it's economic price and influence on the planet.
One problem in the EU is is that this would need to be rolled out across the EU, because we already have large difference in price ranges for fuel leading to weird situations neer the border.
> Want to go electric? You'll pay tax on electricity in concordance with it's economic price and influence on the planet.
The problem is that generic electrical consumption is not (unlike gasoline pumped at a gas-station) a decent proxy for how heavily the purchaser occupies and wears-down roads.
In turn, it makes it harder to connect fair (proportional) amounts to fix the roads.
I don't see the issue?
Get on a toll road, pay for a ticket, done. Drive on a normal road, pay for gas, done.
I guess you could make it extremely specific, but then the problem isn't the surveillance, but the price of the cost analysis of driving 1,7 miles on a road in bumfuck nowhere with a J lbs vehicle, exerting X pressure on the road at a standstill going at [Y] speeds, thus generating Z total pressure over time H. In addition the road was I% wet due to rain the day prior.
> I don't see the issue [...] pay for gas
"Them durn politicians are taxin' mah gasoline to build roads clear on the other end 'o town!"
Thanks for sharing. I figured it is extremely difficult to spoof or disaggregate the data by ourselves, given the SIM tracking wifi tracking thing basically 7/24, or is there a way to fix it?
I absolutely understand the sentiment and the goals that citizens should, by default, not be tracked. However, how do you square that with the proof, time and again, that truly secure and encrypted networks are primarily use by criminals (drug/human traffickers, and plenty of other people) who, through their trade, make the world a shittier place for the rest of us?
If we accept that the right to privacy is real, that not being followed, watched, and monitored every hour of my life, is something democratic societies should strive for:
Why do criminals have more rights than I do?
That's very easy to square by just accepting that people are allowed to have private communications.
I'm unconvinced that secure communications is the bottle neck when it comes to criminal prosecution. We can expand police power without sacrificing our communications like that.
Anecdotally, take a look at China where privacy doesn't exist and yet Chinese syndicates are responsible for a major chunk of the issues you've listed. So clearly lack of privacy doesn't even correlate with decreased criminal behavior.
That's only the case because the truly secure and encrypted networks are not the default.
This has changed before. HTTP used to be just fine. Only your bank used HTTPS. Now everyone uses HTTPS. It's the default, if you don't support it on your webserver, customers will have troubles reaching it.
This is the "witch hunt" problem.
If you have two networks, one encrypted and one not, and the unencrypted network is significantly easier / cheaper to use or has better network effects, that's where most people will naturally flock. The only ones who will put in the effort to use the encrypted one are criminals and a few principled technologists / civil libertarians. In such a world, the mere fact of using the encrypted network is suspicious in itself.
We define "criminals" here as "anybody the government doesn't like." In the US, this is mostly child predators, drug traffickers, thieves, and maybe a few (legal) sex workers. In other places, this is mostly homosexuals, human-rights activists, journalists and the opposition.
The way to fix the "witch hunt" problem is to make all networks encrypted and secure.
While cryptocurrency is mostly used by criminals, as the traditional financial system is just good enough for most people, TLS is used by everybody, as it is just the default way to do things on the internet nowadays. This is despite the fact that TLS makes wiretapping criminals' communications much harder.
The US and Europe[1] should use the influence they have over standards bodies to make prosecuting the latter group of "criminals" much harder, recognizing that this comes at the expense of also letting some criminals in the EU/US sense of the word run free. It is just the morally right thing to do.
[1] I mostly mean American and European companies and organizations which participate in the process of standard setting, not governments, which mostly cannot do things for complicated political reasons.
Historically in the US - yes.
However, with the current "regime change", the targets of tracking are expanding exponentially to basically anyone who says or does anything the current leadership does not like.
This has been warned about repeatedly with this type of tracking for decades - when "bad actors" take power and abuse that power, then everyone becomes a target. Fascists love data collection, aggregation and data-based decision-making.
So get ready to be legally bound to leave your front door unlocked because some people store stolen loot behind locked doors!
But this has been "squared" already. Can the police enter your home without a warrant? No? Why? I bet criminals are pretty secretive around their stuff too, no?
Me and the government have slightly differing opinions of what a "criminal" should be. I am a gender outlaw in many states
You ready to drop encryption between you and your bank?
Your reasoning is so biased that it is hard for me to wrap my head around it, but at the same time it's very common because it confuses the tool with the crime. Criminals use cars and phones, too, but we don't ban them for everyone.
The argument ignores the catastrophic cost of the solution: destroying privacy for all of us. Creating a backdoor for police doesn't just hinder criminals; it makes everyone's data, from journalists to your medical records, vulnerable to hackers and abuse.
I believe we stop crime with good policing, not by building a system of total surveillance that sacrifices the very freedom we're trying to protect.
Better remove the locks on your house and bathroom and set up a public webcam while you're at it. After all, I'm not sure you're not a criminal, and to be sure of that I — and the rest of society — need to be able to observe you in your bathroom.
"innocent until proven guilty" exists for a reason.
... They said, on a forum where everyone is posting and reading using connections encrypted by TLS/HTTPS.
I don't see how you've become a criminal just because you don't want somebody in the same coffee shop to see what you're posting or browsing.
Is it fine because it's not "truly" secure? How secure is so secure that it crosses the line and becomes evil?
It’s quite easy to square: your argument is nonsense through and through, barely deserving an iota of rebuttal. I could justify absolutely appalling invasions of privacy with what you’re saying.
We are not beholden to ruining everything for almost everyone to stop a small fee from doing bad things. It’s not any more complicated than that.
> However, how do you square that with the proof, time and again, that truly secure and encrypted networks are primarily use by criminals
Do you have a URL for this proof?
(If it's true, that would be good to know.)
This is nonsense. By your logic me and the majority of people using Signal are criminals.
As the other commenter mentioned please provide proof for these hyperbolic claims.
>By your logic me and the majority of people using Signal are criminals
False. "The majority of X are Y" does not imply that any particular X is Y.
I don't have data for Signal. I use it extensively. Even setting aside that the American legal system makes everyone a criminal several times a day so that the laws can be selectively enforced against anyone who becomes a target, I have no data on whether the majority of Signal users are criminals, but given that criminals have significantly higher interest in secure communications than the general population it wouldn't shock me if evidence came out that it was the case.
How long before UK VPN users are criminals?
How long before US states that are enforcing online ID laws will be doing the same?
maybe we need a law against selective enforcement of laws. together with the comprehensive statistics collection agency that would be required to enforce it.
Stellar reasoning.
Did you ever get to the point of hypothesizing good ways to align incentives to make this happen? It is hard to tell (having not thought much about it) whether this is a “smart well meaning engineers need to make new standards” problem, a “we need to harness the power of corporate greed problem,” or something else.
isn’t detailed information about the user equal to additional billing power? perhaps the only disincentive that exists to having that information would be such overwhelming risk/liability that it would outweigh the profit potential of having it in the first place. it seems to me the relative incentives have reached a oretty stable equilibrium…
I seem to remember a discussion here on HN a few years back about a paper which outlined ways to decouple technical identifiers from personal identifiers on mobile networks.
My memory is a bit hazy but maybe it was the whitepaper for PGPP[0] that OP mentioned?
I don’t think it’s possible to align incentives in favor of rolling out such a statement in the US without another coup.
I have no technical knowledge about these, and being cryptocurrency related there will be lots of exasperated huffs, but there are a couple of alternative mobile network related projects: World Mobile and Helium.
World Mobile claims 99% coverage of the US, although I think it uses existing networks where there's no native coverage.
They're "interesting", but only early days, and I don't know how close they come to what you describe for privacy and opposition to data aggregation. Large-geographic-area comms coverage isn't something that there's ever going to be a lot of options for.
I was imagining mobile operators that cooperated to some extent with the changes I was proposing, or at least didn't obstruct them. If it's using existing GSM protocols, the IMEI would have to be rotated frequently (and it's not that obvious how to do that without making the connection between the old IMEI and the new IMEI apparent), and the SIM technology would have to change. (What it's trying to prove in a privacy-friendly communications system is more like subscriber entitlement, not subscriber identity!)
There's also the "netheads and Bellheads" theory from the 1990s which can be taken to say that phone companies would never make technical changes to make themselves collect less data, or to be less helpful to government surveillance. Sometimes I think this is right. I still remember how I took part in a meeting with a mobile phone industry association or industry consortium of some sort about a year before the Snowden stuff. Someone on my side said "so, let's talk a bit about surveillance issues", and someone on the other side replied "sorry, that's something we don't talk about". Imagine an industry meeting with privacy advocates where the industry people are completely precommitted to not talking about surveillance!
> There's also the "netheads and Bellheads" theory from the 1990s which can be taken to say that phone companies would never make technical changes to make themselves collect less data, or to be less helpful to government surveillance.
You've got to sell them on something that's useful for them. Present the case that eliminating data collection simplified their network, saves money, reduces staffing, and reduces interaction with government.
One thing I didn't see covered is to never have your "real phone" and your "burner phone" on you (or in the same location) at the same time while powered.
Easy enough to say "Gee...these 2 phones are always together or nearby when activated" or "this phone shuts off right before this one powers up".
Although, I suspect there are a few other ways to determine identity easier. Such as tracking the device identifier and then looking up nearby public facing cameras.
So many online services use the proximity of phones to determine things like related persons and related accounts. Facebook is notorious for this. In one building I lived at Facebook would constantly show me the names of everyone coming in and out as "You might know this person" even though I had no idea who they were.
Or people who stay next door at an Airbnb and I had a quick chat with in person, like I didn't give them any contact information nor did they give me theirs so how ...
I have no idea how this isn’t illegal. I’ve experienced the same horrifying loss of anonymity before. People I met long ago and definitely do not want knowing my real name showing up as Instagram suggested friends.
Airbnb as well, at least in principle, if not in implementation.
Airbnb Is Banning People Who Are ‘Closely Associated’ with Already-Banned Users - https://news.ycombinator.com/item?id=34983871 March 2023 (119 comments)
h/t HN user dmitrygr
Also, never power up or down, or switch in or out of airplane mode on your burner while at home (or work). Cellular network disconnection and connection events are rare and hence notable.
Isn't buying a SIM traceable by itself? if for example the shop has CCTV recordings or the email where you got the eSIM
Normally, unless (as I mentioned in another reply) you buy your SIM at a going-away party for a foreign student or backpacker who's leaving the country and doesn't need a local mobile number any more.
(Then you just need to worry about the CCTV recording of the place where you pay cash tor the pre paid Visa cards you use to top up the prepaid SIM...)
That would be properly dumb thing to do, giving trivial-to-track thing very much tied to your identity to some random folks... why on earth would anybody smart ever do that?
Then you suddenly end up locked by ICE or worse when having layover stop at Miami for example.
Basic police work gets you. They know the sim owner. Know its a backpacker. Find their last location. Interview who was there at the party. Etc.
I am not sure I agree with this. I don't think that running out of battery or rebooting a phone is that rare.
But more importantly, if these events are noticeable and Alice does what you suggest she is probably going to highlight her location. Especially if she naively waits till she is 15 minutes from home to switch her burner on. Over time there will be a circle around her house of no burner phone network attach events.
"If you're going to keep your phone in a bag of potato chips, then keep your phone in a bag of potato chips" --Terminator: Dark Fate (2019) Carl the T800.
In many countries you need a valid government ID document to activate a mobile service which means burners do not really exist in those places.
Unless you bought a pixel, graphene’d it and then paid a homeless person to activate a pre-paid data only sim which you would top up with vouchers paid in cash and used a von and international voip service…
A lot of effort though
Silent link esims are quite good for getting your phone to work on any country or network. I have one, not for privacy but more for better phone coverage and it works pretty well. No ID and you pay in crypto - btc/monero etc. (https://silent.link/)
For me the main use is that I'm on o2 in the UK, but if in some dead spot with no signal I can flip the sim settings and connect via EE or whatever.
>For me the main use is that I'm on o2 in the UK, but if in some dead spot with no signal I can flip the sim settings and connect via EE or whatever.
Why not just get an EE SIM if that's your main use?
Not from the UK but in Germany we have the same issue where there is T-Mobile (best coverage), Vodafone (good coverage) and o2 (worst coverage) and there are simply some remote areas where anything but T-Mobile doesn’t have coverage.
And the easy answer is that T-Mobile, or rather the parent Telekom, is a terrible company best known for right now for getting the government to agree that they can cancel your existing internet contract to make switching easier when they want to catch you as a fiber customer but actually all they’re doing is sending a marketing company around Germany (Raider Marketing) to lie to your grandma to sign contracts for the Telekom or just cancel your existing internet contract because they think with a bit of pressure they can get you to sign up with them.
Alternatively, they are also known for the worst peering on existence because they have the crazy idea that they can charge tenfold what other ISPs take for peering because they are the Telekom…
In summary, the Telekom is such a terrible company that I’d rather not give them any money and if I needed T-Mobile coverage I’d rather get a foreign eSIM and rely on roaming than giving them a single cent.
I'm happy to give them (telekom) money because their service works. Vodafone was constantly inferior in my experiences (dsl vs cable as well as their mobile networks). At least i don't have to call vodafone every month like my neighbors do when the internet is down, worth every penny.
Don't they get paid at the end when you are roaming?
It sounds like their need is to be on multiple networks. Where I live (not UK), all carriers have dead zones, some dead zones are dead for all carriers, but most aren't. Being able to use multiple networks sounds lovely.
Just track the hardware. A couple of days of normal usage and should be able to assign a 99% probability on you being the owner of that phone.
You should never turn on your burner in a place where you use your regular phone, duh.
Even using it in the same city, would only require time and maybe a bit more correlation to identify an individual.
And yet realistically you also probably don't turn it on except when you're within about 50 miles of your home.
And this is while you're flagging yourself heavily by (1) using a phone which is easily identified as a burner and (2) using it intermittently which means you're trying not to be tracked.
So you've already substantially identified yourself in any dataset.
I'm not sure how many people would get any use out of a burner phone that they need to be 50 miles away from home top use?
One of my hobbies is Recreational Paranoia. I used to have (probably still do in a drawer here somewhere) a 3G WiFi hotspot, with an Arduino and GPS module that powered down the battery within a few km of home (actually, within a few km of a public library that's a few km from home, so plotting all the power up & down locations would centre on the library not my house). I could then leave home with that in my backpack and instead of my phone take a wifi only device - I mostly used an iPod Touch but also sometimes Android tablets. I wouldn't get actual phone calls sir SMS that way, but those are both rare for me, most of my social comms are via Signal which worked just fine.
I figure wifi cellular hotspots are "not easily identified as a burner phone" and that intermittent use of them is the most common case. It would still have been able to be tracked as being a thing that turned on and off in my surrounding suburbs, and I'm sure I slipped up last least a few times and had it with me while I also had my phone with me - but like I said this was for my hobby, not running an international drug cartel or doing journalism critical of Saudi Royal houses...
> which means burners do not really exist in those places.
This is very wrong. In Germany you can go to any shady kiosk in a big city and buy a pre activated SIM card invariably registered to some Arabic or Pakistani name.
You can buy it in cash. Completely untraceable if you take care of CCTV.
Going to buy a prepaid SIM registered under an arabic name in europe is probably the safest way of getting traced by a government
IMEI + cell tower triangulation easily makes it traceable. If the authorities want to find you, they can.
Once they know to look for you, sure, which is why you use a disposable phone and actually dispose of it before anyone has a reason to look for that specific one. That’s literally the whole point.
They might go an ask Achmed some hard questions later, but he’s long since left the country and never met you anyway.
I was surprised when a SIM I purchased on Amazon was not only able to connect in China but was also able to bypass the great firewall. I wonder how these travel sims get round the government regulations.
It's because the government regulations only apply to Chinese citizens. My first trip to China was back in the '00s, and I went for work. I was also surprised to find that my home SIM worked just fine there without any interference from the Great Firewall.
Roaming works somewhat unintuitively from what you'd expect. You do indeed connect to the local mobile network, but all of your data traffic is tunneled back to your home wireless provider's PoP. I realized this once I checked what websites I was visiting saw as my public IP address, and it was an address from a network in Texas!
So China's Great Firewall can't actually inspect or block your traffic while you're traveling, and using roaming on your home mobile network's SIM. It's all sent over the equivalent of a VPN to your home soil before going out to the public internet. This iswhy latency can be pretty bad while roaming.
They bypass the firewall precisely because they're roaming SIMs. Their internet connection goes through the home operator.
I imagine they simply don't allow selling such SIMs in China. It would be extremely easy to track and flag any that were e.g. used for longer than a few weeks.
I feel like there's not much of a need. The data would be quite expensive.
My impression is that people can get VPN access (and like people working in certain domains will just get VPN access through work) pretty easily in China. Though my deeper impression is most people are just fine.
You're not begging to get onto some chinese social network right?
It's how data roaming works in general -- it's tunneled through to the SIM's home provider. Conversely, a Chinese SIM roaming overseas is still subject to the Great Firewall.
They just don't enforce the exact same restrictions on roaming users. I suppose there are risks of tourists spilling the beans, so to speak, they just don't view that as a severe unmitigated risk.
When you ROAM, you traffic abroad is routed to your home country ( for security reasons among other things) and then off to the internet from there. You can check that your public IP, when roaming, is an IP from your cellco.....unsure if there are any changes with 5G though.
You are not bypassing any firewall as your traffic is actually happening at home. If you access local sites, traffic is coming from home.
Not home country, home PLMN(~=carrier). IIRC there were changes in 4G/LTE that lets the GW be at visiting carriers.
I'm suspecting that that post-4G architecture is just formalization of actual commercial deployment. Latency for roaming data was long inconsistent with the 3G diagrams, and exorbitant roaming fees that would be consistent with the diagrams also started rapidly subsiding from late 3G era.
~carrier---> cellco.
True on the Government ID document but most of the times the portal to activate would allow for any sort of numbers as long as it was in a proper format - whether or not it was valid.
These allow for self activation, have a lockout of 5 failed attempts or so and can be done via sim card codes (not SMS, but you interact with a program on the simcard and low level carrier services.)
> In many countries you need a valid government ID document to activate a mobile service which means burners do not really exist in those places.
Buying prepaid SIMs from tourists or foreign students returning home is a reasonable easy workaround for that - at least if you're the sort of person who meets and befriends those sort of people.
At least where I live tourist SIMs are restricted to 2 weeks, then need to be converted to a local SIM (with ID requirements).
And anyone leaving would have their immigration status expire and the SIM is turned off then unless you provide some other proof of residence.
How does GrapheneOS help in that?
It doesn't specifically help with obtaining a SIM without presenting ID, but it does help make it easier to avoid later leaking your true identity to Google/Apple/etc. once you start using the phone.
Seems like an excellent business model for the homeless.
If you need to communicate with people in your area and not be tracked; MeshCore software with LoRa hardware like the this https://lilygo.cc/en-ca/products/t-lora-pager is something to consider. Text only, completely offline
Yes!!! I've been wanting to make something like this for a long time. But unless the firmware is open source I wouldn't trust this for anything secure. But this looks like a dev kit so I can do whatever I want.
There are other alternatives https://meshtastic.org
It's mostly open source. https://github.com/meshcore-dev/MeshCore They have a couple minor things that are paid features.
These look pretty fun, have you played with them much? What kind of range can you get?
I’ve tried them on snowmobile trails. With the vegetation the range was about a mile.
Range can be 100+ miles though if you can establish line of sight. Depending on the scenario, a high elevation repeater could give several mobile devices pretty significant range.
Range is line of sight. If you can see it, even if 100 miles away, odds are it'll work. Seattle area has one of the better networks for MeshCore. Tacoma to Vancouver BC is the range for semi reliable messaging
Don't the different frequency bands change that a lot? iirc these are all lower frequency so they can cut through foliage better than say 5ghz wi-fi
Yes you can get decent reception inside buildings. It operates in the 915mhz band. Similar frequencies to old school pagers. Lora is an interesting RF protocol, it has really good properties for operating below the noise floor.
Or just ham radio (not anonymous though)
And illegal to obscure/encrypt: http://www.arrl.org/part-97-text
It's a shame how neutered ham radio is.
If you need to do this then start by figuring out why you need to do it, and adjust your approach too your threat model.
Because the most significant evidence we have lately is that in-person meetings or dead drops and other low tech means are how you avoid being tracked.
Turning on any sort of radio transmitter is just turning on a big flash light into the sky.
Turning on anything relatively uncommon is even worse: normal people have cellphones and use them. They don't use LoRa devices, there aren't a lot of LoRa devices and someone who only uses LoRa devices will stand out in any dataset.
> Because the most significant evidence we have lately is that in-person meetings or dead drops and other low tech means are how you avoid being tracked.
How many cameras did you just go by? did you have your cell phone on you? how many networks did it connect too? how many bluetooth broadcasts did it passively send out? Not being tracked and being in public are slowly becoming an untenable duo.
Most of the threats you've identified are enabled by carrying a location enabled radio device on you when you're out in public.
But it isn't illegal to wear a hat and sunglasseses, for example, and it is common to do so.
Except that your texts go out to everyone on the mesh network.
MeshCore has verified public key sharing; see what happened to the other network at defcon. Direct messages are encrypted.
Almost like ethernet, if only there were a way to fix that
> Buy phone & service in cash
Step one is already difficult here in Australia: to do so you must hand over your personal details and ID. At least that was true for anything with a SIM card for sale back in the 2010s
So the “step 0” was “find a retailer who didn’t follow the rules”, and they’d usually be a corner store selling handsets or SIM cards by the bucket load to all sorts of interesting characters
This was already the case in Australia as early as 2003. I distinctly remember being shocked that I had to provide ID when I bought a phone from a store for the first time.
Ah sweet a schizo thread
This post has an obvious rewritten-by-LLM smell to it. That's okay and increasing common but it's giving me a kind of funny feeling with regards to the content which I'd like to examine more.
Firstly, What's the current opinion on using third party LLMs by the infosec community? Secondly it's more philosophical: do activists on the ground embrace this new tech or fight against it? Or is it an amoral tool, like what a phone is considered to be? Is there a distinction between the big third party APIs and local on device use?
(If it helps, the feeling is a bit like a seeing a Linux developer use an Apple mac for development)
Always remember the three Cs of OPSEC (credit to grugq): compartmentalisation, cover, and concealment.
Most OPSEC failures are due to leakages which is a failure of compartmentalisation.
It's very hard to fight a big nefarious system. Especially with the democratic backsliding of the last few months in the US, it's starting to seem like a better bang-for-your-buck is to ensure the system shares your values, i.e. politics.
That's not to say technical approaches don't remain important, but even most encryption is still based on the idea that someone can't just cut off your fingers until you reveal something that satisfies them.
> Radios off (GPS/Wi-Fi/Bluetooth) unless needed
GPS is a passive technology, no?
Downloading GPS assist data obviously isn't, and plenty of phones use wifi scanning as a way to augment GPS position fixes, but this seemed a strange callout. Am I missing something?
They mean turn it off so that apps on your phone can't read your location.
if the phone is confiscated it could be saving GPS automatically, i guess
This stood out from me as odd from the article too, but that's definitely a plausible explanation.
I could easily see a phone with some sort of location tracking saving GPS data points internally until it can reach a network again to send them out.
> in cash
Cash is likely tracked too these days, if you get it from an ATM for sure, or maybe it is for some modern tills. So learn to busk before you think about buying a burner phone.
I have the feeling that whenever you are on an airport (and maybe railway stations too) they cross your IMEI with the boarding pass info. I believe that in the UK police use some middle-man towers, which name I have forgotten, to collect as much data as possible.
You are probably thinking of a stingray https://en.wikipedia.org/wiki/Stingray_phone_tracker
Are satellite phones under the same microscope as cell phones? Are they broadcasting on all the different cell/wifi/bt frequencies or do they just connect to a satellite? Are they GPS tagged?
Also if you want one-way “location less” communication, the old alphanumeric pager network is still available.
I think those messages are simply broadcast across the network (which at least in the US is national). There’s evidence of a message being sent, none about whether it was received or where it was received.
Mental Outlaw and Rob Braxman on youtube have more comprehensive overviews on how to get burner phones
How to Get a Private Phone, Number, and Cellular Data - https://www.youtube.com/watch?v=XaHWcttD0tM (Mental Outlaw)
There were simply too many possibly related videos on the Rob Braxman Tech channel to determine which one you might mean. Do you have a recommendation?
Here's his channel for folks who are new to his content:
This one's a good overview where he references his own deeper dives into the tech details. Disclaimer he's selling his own de-googled phone but he's transparent about it
I appreciate the link. I get the sense that he is putting out a lot of content because he’s doing updates for his project, along with broad strokes videos for why folks should care about the issues, and also nuanced takes for specific topics, so I couldn’t cut through the noise to find the signal, as I haven’t followed his content closely, but I did like what I saw.
yeah the definitely not as succinct as it could be. They all seem to pad out content with the same generalities. But fair enough, there is no foolproof solution looks like
Leave your phone at home. You won't need it if you plan to not have it. A simple device like this can even keep it company for you while you're away:
https://fr.wikipedia.org/wiki/Tourne-montre
Print this out and you can take notes on the back of the page, or even read it if you get bored while you're out and about without your device, to remind yourself why you don't really need your phone:
> Evil Never Sleeps: When Wireless Malware Stays On After Turning Off iPhones
> Jiska Classen, Alexander Heinrich, Robert Reith, Matthias Hollick
https://arxiv.org/abs/2205.06114 | https://doi.org/10.48550/arXiv.2205.06114
Previously on HN:
When Wireless Malware Stays on After Turning Off iPhones [pdf] - https://news.ycombinator.com/item?id=31364849 May 2022 (5 comments)
The guide recommends PGPP to rotate IMEI numbers, however, the service shut down more than a year ago. https://invisv.com/articles/service_shutdown.html
I wish the article you linked wasn't so thin on details:
> Unfortunately, due to technical issues outside of our control, we have to shut down our subscription services.
Problem is the utility of a phone is mostly in the things that are problematic. Email, cloud etc.
It’s either got too much stuff on it or not enough stuff on it.
Is there any sim you can buy internationally without an ID? Here you need an ID.
In The Netherlands you can buy prepaid sims without any kind of identification.
In Mexico you can buy prepaid SIM cards with cash, and without an ID, at convenience stores such as 7-11 or Oxxo.
That's far, but good to know.
UK you don't need ID and can pay in cash. They'll ask for your name and address but you can make it up
> Buy phone & service in cash
Movies make it seem anyone can walk into any store in a trenchcoat and walk out with a burner phone ready to go. I get the service part (you can buy prepaid SIMs in cash). What about the phone?
The phone part is easier in many places. I've personally bought both a phone and SIM card in cash from a corner store in SF. I was asked to provide some legal information for the SIM, but they pointedly did not look at my ID or anything, so I was free to write whatever I wanted on the order form. They told me only the SIM required the info, not the phone.
You could have also just bought a T-Mobile SIM and then activated a pre-paid plan with just credits you buy with whatever you want. You can get them for cryptocurrency as well on a lot of places.
phone get it from a used devices place so it already has someone else's footprint
Kudos to this article for:
1. starting with threat modeling (though they don't call it that);
2. mentioning that your OPSEC affects not only you but also people connected to you; and
3. mentioning that maybe you should just leave the device at home (because it's basically a surveillance machine that you pay for).
(A more common article format would be to unload a pile of supposed security&privacy measures without putting them into context, and wouldn't properly set expectations for what that gives you. Neither of which is very helpful, and can be very counterproductive.)
What are the latest tips and best practices for acquiring a phone and service without having to deanonymize?
For example, can you just walk into Best Buy with cash?
> without having to deanonymize
> Best Buy
Cameras are everywhere in big box stores. Anonymity is not sold in stores.
The Dumphone Finder (https://josebriones.org/dumbphone-finder) referenced there is useful, too, if you need to get a phone a 90 year old person has a chance of being able to use.
> Strong PIN, not biometrics
And also be aware of "shoulder surfing", which is different today in 2 ways it wasn't in the past.
In the past, the risk was something like someone looking at you type in your PIN on a bank ATM, or maybe your password on an computer keyboard.
Today, shoulder surfing is mainly different in 2 ways: (1) near-ubiquitous high-resolution surveillance camera networks, which can be places/scale and capture images that humans practically didn't; and (2) with machine learning, they don't even need to see what buttons you press, only see movements of your arm.
(Randomizing button positions on a touchscreen can help, and also help fight forensics like traces your fingers leave for where they touch. But randomization means you need to be able to see your screen, which reduces the ways you have to hide your screen from the view of others.)
In addition to surveillance cameras and video of movement, AI can also determine what keys your pressing on a keyboard of an airgapped computer, merely by the sounds you make when you type
Shoulder surfing is exactly the risk factor that biometrics are meant to mitigate.
Every time you type your PIN - that's an opportunity to snoop it.
Neither will protect you against rubber hose cryptography.
While I like the sentiment of the article, I think most people are not aware of how hostile baseband firmwares are implemented on most SoCs that phones come with. Usually the cell tower handshakes that make you trackable can't be put off, meaning the modem will run in sleep mode even when you are in airplane mode (which is kinda funny considering the dangers of air travel, right? Right?).
Are there actually smartphones without an IMEI and with a Wi-Fi card only, preferrably not a Broadcom one?
meaning the modem will run in sleep mode even when you are in airplane mode
AFAIK this is not true at least for the Mediatek 65xx and early 67xx platforms; I've analysed the firmware and hardware on those. They actually power off the modem and rest of the RF system when in airplane mode. The modem only boots up and starts searching for a signal when you take it out of airplane mode, which is why it takes a noticeable time (10-30 seconds, depending on how many bands are enabled) to get a signal. If your phone goes from airplane mode to having a signal and immediately capable of calling, then I suspect it's one where the modem is not truly turned off.
I haven't inspected Broadcom, Qualcomm, or Spreadtrum in any detail to say whether they do things differently.
Are there actually smartphones without an IMEI
Look for a "tablet" or anything else without the word "phone" in it if you just want a touchscreen portable computer. An IMEI is obligatory to connect to cellular networks, in much the same way as a MAC address is to Ethernet and WiFi.
Phones with MediaTek basebands are able to change their own IMEIs. Do with this information what you will.
As far as I remember, the whole 'turn off your phone on a plane' was just a precautionary measure and is not a real technical problem nowadays.
The risk was that mobile networks could not handle moving many devices from one cell to another at high speeds (during takeoff and landing).
How would that be different for trains? Trains would have similar numbers or more devices, moving at a similar speed (for high speed trains compared to planes at take-off/landing).
I think part of the issue is that cell tower antennas are designed for talking to devices on the ground or at very low altitudes (like those you'd experience in a tall building). So a cell tower's capacity for talking to lots of somethings directly above it, thousands of feet up, is much lower than talking to lots of somethings below it or adjacent to it.
As far as I remember, the whole 'turn off your phone on a plane' was just a precautionary measure and is not a real technical problem nowadays.
My memory is that it was necessary at the time when lots of people started taking phones on airplanes because the wiring/navigation wasn't shielded against a transmitter that might be actually inside the aircraft.
Since then, plane electronics are better insulated making it less of a problem.
There are another two issues that aren’t technical, which are starting to come up again now that Internet access is rapidly becoming available and good onboard aircraft:
- People not paying attention to/ignoring the instructions of the FAs during safety briefings and emergencies due to being engaged in a phone call.
- People being assholes and talking on the phone, bothering the person stuck in the seat next to them.
On all of the flights I’ve been on recently the preflight brief has been crystal clear that you can do whatever you want on the internet connection except have voice calls.
You might be looking for an android based Media player device.
But they are likely not ideal for the use case...
Sony BRAVIA
Are there actually smartphones without an IMEI and with a Wi-Fi card only, preferrably not a Broadcom one?
Maybe an old iPod Touch that can still run a VOIP program?
Can you please give any sources? While it sounds plausible and interesting it's nothing more than a wild conspiracy theory without some background information.
Buy a broadcom smartphone. Turn bluetooth off, and set it to airplane mode. Then Bluepwn your device, with bluetooth turned off.
Funny how airplane mode didn't work.
That's just one of the quirks. Baseband and what qualcomm is tracking is way worse.
I recommend buying an old Motorola Calypso device and fiddling with osmocomBB, you can DIY an IMSI catcher pretty easily. And you'll be mind blown how many class0 SMS you'll receive per day, just for tracking you. Back in the days you could track people's phones remotely but the popularity of HushSMS and other tools made cell providers block class0 SMS not sent by themselves.
This wiki article is a nice overview: https://github.com/CellularPrivacy/Android-IMSI-Catcher-Dete...
You made the assertion that basebands remain in contact with towers even in airplane mode, and so can be tracked. Someone asked for supporting evidence for that claim. You've responded with examples and links to different issues. It's a fairly extraordinary claim (it's not one I'd heard before - it's clear that other radios may remain alive for various purposes even when airplane mode is switched on, given that you can use wifi and bluetooth on planes, but you're the first person I've heard make this claim about the cellular radio), and you haven't provided any evidence to back it up at all.
>Buy a broadcom smartphone. Turn bluetooth off, and set it to airplane mode. Then Bluepwn your device, with bluetooth turned off.
???
Saying more words and then linking to a page from an IMSI catcher's wiki (where it doesn't talk about radio on/off states) isn't exactly "providing sources".
Baseband SoC running their own OS independent from Android/iOS and staying asleep (while still listening for incoming signals) is very much no longer in conspiracy theory territory and more an established fact now. I don't have the source at hand but it's in one of the standards. And the purpose is very clear: LEA like Interpol must be able to locate any IMEI at any point if in tower range, regardless of the power state of the "main" OS
I don’t doubt SoCs have their own micro-OS, but I too would love to see a reliable source showing phones connect to towers when powered off. Wouldn’t this, at a minimum, violate FAA/EASA rules? Google tells me the cellular radio in an iPhone has no power when in airplane mode or when off.
Surely this is really easy to prove by putting a phone into an anechoic chamber and using a spectrum analyser to show that it's still TXing?
The phone isn't going to connect to a tower it cannot see.
It can't just scream out into the void and hope a tower picks it up, it needs a few pieces of timing information & cell configuration beforehand.
Even in airplane mode?
I dare you to do the following:
Charge phone to full 100%. Turn it off.
Put it into a faraday cage, e.g. a steel box, for 7 days.
Take it out again and wonder why the battery is empty.
(The faraday cage has the effect of making the modem have to switch bands constantly, which costs more electricity than sleep mode in LTE)
Interesting, but you should probably use a control. Two phones, same hardware, same software. One inside the faraday cage, one outside, both in the same room with the same conditions otherwise.
Repeat the experiment a few times. Then cross over: liberate the caged phone, cage the free phone, and repeat the experiment a few more times. Or alternate the phones' positions between experiments. This mitigates hardware and software differences that might've been overlooked (such as a faulty battery, etc).
Analyze the results, draw your conclusions, publish, and encourage others to reproduce.
It would still be simpler for you to link to a credible source. A bit strange that you seem uninterested in doing so, and prefer to tell people to do their own experiments, in this case one that requires an extra phone and a week of time.
Batteries naturally drain slowly when not used. What would this little experiment prove, exactly?
eSim erodes privacy? Well, that sucks, because how long until Apple, Samsung, and Google decide the Sim slot should go the way of the 3.5mm headphone jack?
That has already happened. iPhones since the 14 don't have sim slots.
only in US.
Just a note, Android and iPhones have abysmal security once police have physical access after first unlock (AFU) once your phone is rebooted.
https://blogs.dsu.edu/digforce/2023/08/23/bfu-and-afu-lock-s...
I feel like any article on burner phones that glosses over acquisition with "buy phone and service in cash" misses the point.
Buying a phone anonymously is much harder than "just cash". Most places demand name & address for sign-up, and if you're unlucky want to see an ID.
You really should think through where and how you buy, how to find the "off the back of a truck" places, where to get SIMs, how to pay for renewal in untraceable money and without a CC, etc.