this post was submitted on 27 Oct 2023
72 points (87.5% liked)

Privacy

31876 readers
739 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
all 17 comments
sorted by: hot top controversial new old
[–] [email protected] 60 points 1 year ago (2 children)

So let me get this, phone was wiped and a new SIM installed. That article is a piece of garbage. Phones have a IMEI that won't change, so when she puts the new SIM card it will be identified as the same phone. We also know that Google - let alone authorities - was ways and deals to get IMEIs from Android phones and carriers so... so much for taking a phone off the grid.

[–] [email protected] 21 points 1 year ago* (last edited 1 year ago)

It's not a great guide, but it's a decent article. The journalist doesn't understand enough to give advice, but to tell their story. Their adversary was identifying them by phone number, they got a new number and that worked for them. So it worked for their threat model.

They just don't realize there is so much more to the story.

[–] [email protected] 5 points 1 year ago

One key part you missed was that she got used phone, so the IMEI is not tied to her identity. It's far from perfect execution, but for the stated goal of not being able to be identified by the phone number, it's adequate.

[–] [email protected] 28 points 1 year ago* (last edited 1 year ago) (1 children)

It's a fun article, the author trying to dip their toes and removing their identity from the phone.

I think one key here, that the original authors missed, if you don't want the phone to be traceable, don't tie it to the cellular network, leave it in airplane mode all the time, don't even put a SIM card on it. Just use Wi-Fi only with Mac randomization and a always on vpn.

Additional reading:

https://ssd.eff.org/en/playlist/privacy-breakdown-mobile-phones

https://blog.torproject.org/mission-improbable-hardening-android-security-and-privacy/

[–] [email protected] 11 points 1 year ago (1 children)
[–] [email protected] 25 points 1 year ago

It's a portable pocket computer, when attached to a network, it can send and receive messages on encrypted platforms like signal. It could even engage with a VoIP phone service like Google voice or VoIP.MS. it could be the gateway to the world. But it doesn't have to be tied to your personal identity.

The cell phone network, IMEI, IMSI, whatever, trivially gives your location away. With just a phone number there's data brokers that will sell your location within meters. We're not even talking about government surveillance yet.

If you have a phone tied to your identity, and you use it at home, which most people do, and then you get a phone that's not tied to your identity, but you also use it at home because again it's a phone and that's where you are. It's pretty easy to say oh this is your phone, it's at the same locations as this other phone many times. It must be the same person.

All of this comes down to your threat model and how much you want to distance identities.

If you use the pocket computer, only over a VPN, only over Wi-Fi, it makes it a lot harder to say oh this is you at this location. Especially if your VPN is a popular one

[–] [email protected] 15 points 1 year ago

Privacy on a device that's connected to the internet and cellural network is bit of an oxymoron. There's ways to configure it to be slightly less intrusive but not by much. These tweaks are equivalent to taking off your hi-vis vest; you no longer stand out from a mile away but you're still visible.

[–] [email protected] 6 points 1 year ago (4 children)

you can't get a sim card anonymously here, and i believe that's the situation in other places. and even individuals selling their phones make some ownership transfer papers.

it's very hard to stay anonymous on mobile. our best bet is still desktop/laptop.

[–] [email protected] 3 points 1 year ago

Try silent dot link

[–] [email protected] 2 points 1 year ago

Where is here?

You can always get a esim and pay with crypto or a prepaid credit card. Airalo etc

But even getting the sim is only the start of the battle. Being on the cellular network builds up a time and location profile of the phone which can highly correlate to an identity / house / activities.

Not to mention once the phone is logged into the network it's phone IDs won't change even if you change the sim card / esim.

[–] [email protected] 2 points 1 year ago

you can’t get a sim card anonymously here, and i believe that’s the situation in other places.

It varies by country: https://en.wikipedia.org/wiki/Prepaid_mobile_phone#Privacy_rights

In the US you can still get a prepaid mobile without showing ID and pay with cash.

[–] [email protected] 2 points 1 year ago

Here you can't do so legally either, but in some places (one I hear most often is train stations, but seen some in random kiosks) you can get a "gray" simcard registered to another person (I don't fully understand how, but apparently it's either sims from other countries or just those purchased in bulk "for a company"). But your ownership of it is dubious, and it wouldn't really be as reliable as a legal prepaid one.

[–] [email protected] 1 points 1 year ago

She doesn’t mention turning off location services. That shit is granular and used as part of the way companies track us.

And even if you turn it off, your location can still be derived by triangulating via cell towers; I’m not sure if that access is widely available or just for law enforcement…. But it I absolutely would not be surprised if it was for sale.

If I were doing this the phone would be turned off when I’m at home, and only used in public or moving in a car; nowhere near my home.

[–] [email protected] 1 points 1 year ago

I use InVizible Pro and don't use apps from Google Play, review and adjust the Permissions of all installed apps (see also Exodus privacy) and put it to the minimum needed. It is very limited the possibility to make a Phone private, less without Root access. Because of this i don't use it with important data (eg. banking or medical threats)