This should be far more secure and privacy friendly than a Sim card of a cellular connection. Why isn’t this done more often? What are the Pros and Cons. I bet the price is similar as well.
This should be far more secure and privacy friendly than a Sim card of a cellular connection. Why isn’t this done more often? What are the Pros and Cons. I bet the price is similar as well.
I’ve been trying to work this out since the beginning of the year. This is anecdotally what I’ve done, what works and what doesn’t.
Most of my solution comes from JMP.chat for my phone number along with the cheogram app for functionality.
Basically I got a number for friends and family. I got a second number to give to businesses that don’t care about VoIP (my dentist etc). ($5 ea). Cons here are that SMS groups are limited to 10 recipients. This doesn’t work for my large family chats (I can get them but can’t respond). Another thing I dislike is since its XMPP based, all contacts are listed as their phone number if in a group, so it’s hard to tell who’s in it. (Solo texts show as names just fine). They have a premium tier that routes differently to allow more than 10 in a group text, but I’ve tried that twice now and the actual phone calling gets screwed up. So I’m still trying to get it all sorted out (and I’m not optimistic) It’s also a service only in USA and CAN.
My original number that I’ve had for 20 years and all big tech have assigned to me, I ported to google voice ($20 fee)
Since my original phone number was a carrier number it is already assigned to all the stringent companies like banks. They continue to use it without knowing its now a VoIP number. I have all SMS messages forwarded to my email so I don’t have to log into google ever. It works perfectly for 2FA. Shortcoming of this is that any group texts the email just says you got a group text, but a single source text the actual text is forwarded. I don’t use it for groups so its not a problem but just mentioning it as a potential con. Then of course, its legacy so opening new accounts won’t work the same way since its a VoIP number now.
I bought a hotspot from calyx. By far the most expensive part of my solution. But it gives me WiFi access without a standard carrier (it does use T-Mobile but calyx doesn’t track you like they do). Check them out to see if it fits your threat model. It works out to about $50/mo but the biggest issue is that its an annual lump sum.
Another option I’ve been trying is 4freedommobile. They have decent plans and are focused on privacy. Everything runs through their app for encryption. But I’ve found the app lacking both in UI and functionality. You can’t do group SMS (which is apparently coming very soon) but my biggest issue is they require google play services for notifications. They state they don’t, but they do. Hands down it just doesn’t work without it. So that’s a deal killer for me.
Honorable mention is the premium service Elfani. I haven’t used it but have considered it. Its very expensive at $99 a month but is secure. However I don’t see much on privacy so I’m not sure how different they really end up being from their base AT&T provider.
I have decided this approach is such a pain and hassle that I have had to change forms. Mostly due to modern societies infrastructure making it truly impossible.
I moved all phone related things, programs, apps, anything but dumb flip phone calling and texting to a x86 based tablet. (Even a wwan or 5g sim capable device doesn’t have a cellular modem so the easiest route is this)
Hotpot or cable tethering from sim card 5g/4Glte/volte from a smart phone, with your carrier sim of choice, best to pick a device matching their cellular band support in your part of the world. Routing calls /texts to the desktop Linux device of your choice laptop/tablet, 2in1, device of your choosing basically. Using the phone for nothing except internet period…, perhaps a backup device if ever needed worst case if your main goes down or breaks.
Secure and private as one could get, and totally power userable due to linux desktop capabilities and granular controls of literally everything, while still having the best reliable internet coverage, with traditional calling and texting for 2fa and other big corpo stuff. Yes the sim is tied to your real identity, but the actual day to day is much more private and secure than mobile, seperate device, vpn, LUKS drive, veracrypt, all desktop x86 (distro of your choice) Linux abilities. Close as one could get without living under a rock daily. Backups full and snapshots offsite sent to NAS or true cloned drives.
What do you think?
Then you harden the hardware further (so many ways to list again device dependant), and software as well (depends on your OS and needs/wants). (Qubes is too beefy to run all day as a phone replacement regardless of hardware. Batteries are the weak link) That being said pick any distro you feel good about and go.
This form is the most stable method, while being realistic to the goal. I have my own personal preferences for which devices, distros, settings, etc. That I can use daily.
I don’t see how a hotspot for internet is going to be any different from using data directly on the smartphone.
If you don’t want it always on you can just enable airplane mode when you don’t need a connection. And turn off the GPS, wifi, and bluetooth if you don’t want those used for location stuff.
Yeah that’s the thing. Hotspots are not any different require the same sim cards except if you choose satellite Starlink. That’s it. So the reasoning behind going the route i have is to completely cut out the mobile aspect and every part within except the 5g sim card since modern infrastructure doesn’t allow it basically.
All comms, apps, services, everything moved to a Linux x86 device and simply cable tether for internet. It’s still identity tied due to SIM (same with hotspots due to sim so a cell is lighter and better equipped to run lean even flashing custom ROMs add to control factor) but again it’s realistically as close and hassle free as one can get for daily use as a total phone replacement for a normal person. The entire phone is disabled aside from data and that’s behind VPN.
Anyone have suggestions on better paths or methods?
From only thinking about it for a minute I’m not sure using a Linux x86 device vs a smartphone with a custom ROM changes anything, since all the traffic from websites, chat apps, etc is encrypted with SSL already. There could be other benefits I didn’t think of maybe…
IMO the best option is grab a google pixel, flash GrapheneOS, use a VPN, and only install open source apps that aren’t full of analytics. You can throw it in airplane mode if you don’t want to be tracked by the cell carrier.
A phone with graphene is also MUCH more secure than a Linux x86 device in terms of law enforcement searches or theft of the device. And is safer against malware and having your data potentially stolen.
I happen to disagree here. I’ve used Gos for years it lacks so many fundamental features and has a lot of issues. The entire project has really silod itself into some issues they aren’t addressing. Let me explain by pulling from some of my posts.
Edit: You can’t see everything you’ve ever posted only a brief history. Basically some issues with Gos are lack of full backups/device to device, which in so many ways is a deal breaker… Seedvault works I’ve hopped from model to model phones for years the problems you run into are plentiful and haven’t been addressed in years, each profile must be backed up individually not on the same ssd either, seperate drives as the restoration isn’t possible without seperate drives due to backup limitations. The easiest I have found it to backup like usual with a flash drive for each profile which is super cumbersome to keep up with at the frequency one really should.
I’ve restored and tried everything including dev talks, and their forums, they plan to try to fix some issues but it’s been 3 years so far since we talked in depth and nothing yet, lack of granular networking controls for almost all reasons possible this is an issue most people think connect to a VPN and your solid. A VPN is a single tool in the chain of tools, compatibility and software issues are numerous. Anyone who has used Gos and really daily drove all the functionality aside from flashing a single device for years knows the pains I am talking about the power users.
The project has silo’d itself into security, when that is just one aspect of any system. It’s really not the white knight everyone thinks it is. Yes it has merit, yes it’s well done so far, but to truly utilize in all your cases you mention and average person scenarios for daily life given what people try to use it for and or avoid from say confiscation, seizure, etc etc.
There’s so many issues aside from just losing your device, your life’s data is tied into an OS that well is secure mostly, but you’ll never see your data back again once it’s stolen or lost or taken.
I can’t remember some of the things I have wrote down in my comment history and it’s late in my time zone to rack my memory that deep. But there’s a lot of reasons most people don’t know enough about, or understand why Gos is not the end all be all OS. It’s good and has great features for security but lacks most fundamental features of a modern x86 based system. Mobile attack surface is bigger and harder to control, mobile has limitation issues fundamentally on all sides. So does x86 or ARM etc. Understand your threat model and work accordingly. If you want to continue this I will update the post as I remember Gos limitations and problems.
If your internet connection is coming from hotspot tethering to your phone you’ll want to put it in a Faraday bag when not in use since your phone will be trackable at all times even if off. If you use a hotspot instead the cell signal and WiFi are still trackable but the lack of Bluetooth and GPS aids greatly in keeping the tracking to a minimum.
Sounds pretty good actually. I repair electronics, I wonder about just removing the GPS chip from the phone?
Either way with internet your going to be tracked the point is to minimize as much ss possible. Triangulation will always be an issue.
I’m not some giant target. Just a daily privacy conscious user like anyone, who wants to support FLOSS projects. I think in my use case I found the least hassle solution. I have no real use for insane amounts of solutions like a journalist or whistler. Just a normal person doing the best they can.
The GPS is usually part of the SOC.
But you can just turn GPS off in the settings.
Yeah I just seen that. GPS is literally the backbone of phones. Wild. Software is the only way to spoof and or disable the feature. Custom ROMs are the only method essentially to gain the control you need. G-OS, lineage, etc etc which means the device also runs leaner and battery lasts days. It’d really the best solution far as I can tell.
Any android phone lets you disable the GPS and use airplane mode, so custom ROMs aren’t needed for that.
But de-googled ROMs do indeed have less/no data going to google, although the apps you install will be the same either way.