• TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    61
    arrow-down
    1
    ·
    1 year ago

    So let me get this, phone was wiped and a new SIM installed. That article is a piece of garbage. Phones have a IMEI that won’t change, so when she puts the new SIM card it will be identified as the same phone. We also know that Google - let alone authorities - was ways and deals to get IMEIs from Android phones and carriers so… so much for taking a phone off the grid.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      22
      arrow-down
      1
      ·
      edit-2
      1 year ago

      It’s not a great guide, but it’s a decent article. The journalist doesn’t understand enough to give advice, but to tell their story. Their adversary was identifying them by phone number, they got a new number and that worked for them. So it worked for their threat model.

      They just don’t realize there is so much more to the story.

    • BrikoX@lemmy.zipOP
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      2
      ·
      1 year ago

      One key part you missed was that she got used phone, so the IMEI is not tied to her identity. It’s far from perfect execution, but for the stated goal of not being able to be identified by the phone number, it’s adequate.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    29
    arrow-down
    1
    ·
    edit-2
    1 year ago

    It’s a fun article, the author trying to dip their toes and removing their identity from the phone.

    I think one key here, that the original authors missed, if you don’t want the phone to be traceable, don’t tie it to the cellular network, leave it in airplane mode all the time, don’t even put a SIM card on it. Just use Wi-Fi only with Mac randomization and a always on vpn.

    Additional reading:

    https://ssd.eff.org/en/playlist/privacy-breakdown-mobile-phones

    https://blog.torproject.org/mission-improbable-hardening-android-security-and-privacy/

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        27
        arrow-down
        2
        ·
        1 year ago

        It’s a portable pocket computer, when attached to a network, it can send and receive messages on encrypted platforms like signal. It could even engage with a VoIP phone service like Google voice or VoIP.MS. it could be the gateway to the world. But it doesn’t have to be tied to your personal identity.

        The cell phone network, IMEI, IMSI, whatever, trivially gives your location away. With just a phone number there’s data brokers that will sell your location within meters. We’re not even talking about government surveillance yet.

        If you have a phone tied to your identity, and you use it at home, which most people do, and then you get a phone that’s not tied to your identity, but you also use it at home because again it’s a phone and that’s where you are. It’s pretty easy to say oh this is your phone, it’s at the same locations as this other phone many times. It must be the same person.

        All of this comes down to your threat model and how much you want to distance identities.

        If you use the pocket computer, only over a VPN, only over Wi-Fi, it makes it a lot harder to say oh this is you at this location. Especially if your VPN is a popular one

  • RVMWSN@lemmy.ml
    link
    fedilink
    arrow-up
    15
    ·
    1 year ago

    How to Take Your Phone Off the Grid: “I set up accounts with […] Apple”. How does this combine?

  • Thorny_Insight@lemm.ee
    link
    fedilink
    arrow-up
    17
    arrow-down
    2
    ·
    1 year ago

    Privacy on a device that’s connected to the internet and cellural network is bit of an oxymoron. There’s ways to configure it to be slightly less intrusive but not by much. These tweaks are equivalent to taking off your hi-vis vest; you no longer stand out from a mile away but you’re still visible.

  • atomkarinca@lemmygrad.ml
    link
    fedilink
    arrow-up
    7
    arrow-down
    1
    ·
    1 year ago

    you can’t get a sim card anonymously here, and i believe that’s the situation in other places. and even individuals selling their phones make some ownership transfer papers.

    it’s very hard to stay anonymous on mobile. our best bet is still desktop/laptop.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      1 year ago

      Where is here?

      You can always get a esim and pay with crypto or a prepaid credit card. Airalo etc

      But even getting the sim is only the start of the battle. Being on the cellular network builds up a time and location profile of the phone which can highly correlate to an identity / house / activities.

      Not to mention once the phone is logged into the network it’s phone IDs won’t change even if you change the sim card / esim.

    • EngineerGaming@feddit.nl
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Here you can’t do so legally either, but in some places (one I hear most often is train stations, but seen some in random kiosks) you can get a “gray” simcard registered to another person (I don’t fully understand how, but apparently it’s either sims from other countries or just those purchased in bulk “for a company”). But your ownership of it is dubious, and it wouldn’t really be as reliable as a legal prepaid one.

  • nick@midwest.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    She doesn’t mention turning off location services. That shit is granular and used as part of the way companies track us.

    And even if you turn it off, your location can still be derived by triangulating via cell towers; I’m not sure if that access is widely available or just for law enforcement…. But it I absolutely would not be surprised if it was for sale.

    If I were doing this the phone would be turned off when I’m at home, and only used in public or moving in a car; nowhere near my home.

  • Zerush@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    I use InVizible Pro and don’t use apps from Google Play, review and adjust the Permissions of all installed apps (see also Exodus privacy) and put it to the minimum needed. It is very limited the possibility to make a Phone private, less without Root access. Because of this i don’t use it with important data (eg. banking or medical threats)