Default avatar
npub1wq8a...xxan 5 months ago
this is a great write up and I love @GrapheneOS I would love your take on mobile privacy from the actual network provider. from what I understand, there are two major attack surfaces here. 1: your IP address and all your traffic metadata, which can be 'easily' solved by running a good VPN. 2: your SIM is constantly pinging cell phone towers and building a constant historical record of your whereabouts with quite good accuracy that your SIM provider has. this is tied to the SIM card phone number (or other SIM related identifiers). while one can purchase a SIM non-kyc, linking a phone number to a person is usually trivial to a large actor given most people's contacts upload your phone number and name into various databases (either apps like whatsapp or into contact backup/sync solutions) Fighting number 2 is what I'm most concerned about and it seems to be harder to do on graphene than on iOS. Largely because a high quality, cost effective, reliable VoIP app (which solves problem number 2) is hard to get to work on graphene. Do you have any thoughts or solutions about this concern? Perhaps the concern itself is just overblown and I shouldn't worry about that?
↑ Parent

Replies (5)

GHOST's avatar
GHOST ghost@nostrplebs.com 5 months ago
I have no idea what your threat model is. You would have to decide what amount of friction you are willing to live with. The most effective fix is to not own a phone in the first place. This is a bit extreme if you are just trying to avoid surveillance capalism but absolutely necessary if a state actor is after you. You are right that there are more and easier apps for iOS than graphene but NOT for the right reasons. If you are looking for a magical app or device to accomplish this it is just not possible. Even if you cloak your traffic with a perfect VPN chain, your radio modem still screams your location to the nearest towers every few seconds. That signal is tied to your IMSI (SIM identity), and your IMEI (device ID) gets swept up too unless you've spoofed or blocked it somehow (which most phones won’t let you do without deeper firmware-level games). If you are a activist and doing activist things or going to meetings then do not take your phone with you. Only communicate with burners on secure channels. Most people don't need to worry about this but if you have a elevated threat model then Compartmentalize. Have a personal phone at home that's wifi only and a burner that stays in a faraday bag. I have a old article on how to use a burner phone posted on nostr. I will dig it up and put it on the blog.
GrapheneOS's avatar
GrapheneOS GrapheneOS@grapheneos-social.mostr.pub 5 months ago
@npub1wq8a...xxan @GHOST You can buy a non-KYC eSIM from several companies to avoid it being inherently tied to your identity. There are data-only eSIMs rather than using calls/texts at all and we also plan to provide support for disabling calls/texts for attack surface reduction. Most VoIP apps work fine on GrapheneOS and there's an open source app/service you can use for it.
2 replies ↓
GHOST's avatar
GHOST ghost@nostrplebs.com 5 months ago
I agree with your other responses on wifi + VOIP. But I am not a fan of the non-kyc SIMS and never recommend them. They are too easily compromised and linked by the users behaviors. Tower triangulation is permanent history. It’s logged, stored, and retroactively searchable. Even non-KYC SIMs don’t help if your social graph doxes you passively. They are a illusion of safety for people who don't really need that level of threat protection and too big a risk for those who do need it. Compartmentalization is the easier and safer route.
2 replies ↓
Default avatar
npub1wq8a...xxan 5 months ago
I agree, the social graph is the easiest dox that happens. That is why something like a mysudo seems like an easy way to compartmentalize (using up to 9 identities) Do you compartmentalize using voip or some other way?