this post was submitted on 14 Oct 2023
43 points (95.7% liked)

Privacy

32165 readers
255 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I see a lot of recommendations for various services and products which are respect privacy, but I don't think I have seen any discussion around cell phone carriers (service providers). I am aware of some of the advantages of using VOIP as a phone service. However, if VOIP is not desired, what are good options for an US phone carrier which provides a physical SIM or eSIM?

I am guessing I have not seen this discussed because phone calls and SMS texts come with inherent insecurities and can always be associated to your phone number. However, I would assume some carriers sell users data more heavily than others. If anyone knows some recommendations, or can explain what to look for, many thanks.

all 26 comments
sorted by: hot top controversial new old
[–] [email protected] 24 points 1 year ago* (last edited 1 year ago) (2 children)

There is no such thing as a private carrier anywhere in the world I think. Cellular networks are tracking networks.

[–] [email protected] 2 points 1 year ago

Closer to, cellular networks were never designed for privacy but ensuring you have a signal in the first place.

It’s a horrible coincidence that a system that can beam data to your location also knows your precise location. Almost like laws should have been passed for privacy decades ago, but the lawmakers at the time were still complaining about nobody using telegraphs anymore.

[–] [email protected] 1 points 1 year ago

You actually can setup your own private 4g/5g network, it's more targeted for IoT though

[–] [email protected] 13 points 1 year ago

Just do everything on Signal or something maybe?

[–] [email protected] 13 points 1 year ago* (last edited 1 year ago) (3 children)

I don't have anything particularly useful to your point, but in the US text messages (edit for clarity: SMS messages) are considered public record and nothing is needed to snoop around in them. Call records and recordings at least require a warrant.

[–] [email protected] 4 points 1 year ago (1 children)

That's interesting, wow.

I don't want to imagine the reactions from people who think they're having a "private" green bubble conversation, only to realise it's a public record 😳

[–] [email protected] 1 points 1 year ago

If it's not e2e then even if not public it can be purchased with no notification as well.

[–] blackberries33 3 points 1 year ago

Good to know!

[–] [email protected] 1 points 1 year ago

The term "public record" usually refers to records that a government is required to maintain and make accessible to the public. In most states, I believe SMS messages sent by government employees while conducting official business are considered in-scope (though there may be other laws that make certain messages private).

As far as whether your SMS messages can be accessed by law enforcement without a warrant, it gets more complicated.

Older than 180 days? Fair game. A court or government agency can subpoena your provider without any requirement to notify you, per the Electronic Communications Privacy Act of 1986.

Newer than 180 days? A warrant is required, but there are exceptions. For example, administrative subpoenas are allowed in cases of national security.

Records of incoming/outgoing calls require only a subpoena, same with cell tower geolocation data and IP addresses. However, wiretapping of actual calls requires a warrant.

The reality of how and when the government accesses your data in the real world is probably different than the laws as written, so of course take everything with a grain of salt. The best solution with text messages is at least E2E encryption so that the provider cannot store them. (Accessing messages stored on your device itself does require a warrant).

[–] [email protected] 12 points 1 year ago* (last edited 1 year ago) (1 children)

CREDO is a US carrier which donates lots of money to progressive causes, advocates for user rights, and is run by a non-profit. You may not love all their politics, but I think this is about as close to a privacy-preserving carrier as there is. Keep in mind all carriers use the same infrastructure, so the only additional benefit you can receive from a "privacy-aware carrrier" is that they personally won't sell your information more than it's already sold.

[–] [email protected] 2 points 1 year ago

Do they require KYC?

[–] [email protected] 11 points 1 year ago* (last edited 1 year ago) (2 children)

Privacy on cell phones is kind of ~~impossible~~ unrealistic.

Ideally you'd use signal, an always on VPN, and a privacy centric OS.

That's about the best you can reasonably do. Also buy your phone directly from the manufacturer.

Assume everything is tapped by the NSA, because it probably is.

[–] [email protected] 2 points 1 year ago

Well, I can happily check all those boxes

[–] [email protected] 7 points 1 year ago

What carriers do with our data is a black box and changes all the time. They must do whatever the government compels of them. No opensource baseband options are available. Therefore I would not trust any of them.

It is best if you can decouple the phone number you use from the provider of the SIM card.

  1. Get a SIM card for data only with no KYC such as Mint Mobile or Ting for physical prepaid cards or jmp.chat or PGPP for pay as you go ESIM. Your voice and location give away your identity. So for maximum privacy, never make calls with the number associated with the SIM card nor activate cellular near your home.

  2. Transfer your number to a VOIP provider such as voip.ms or jmp.chat. Of course use encrypted messaging and calling as preference whenever you can.

For years I have been paying less than $20 a month and have a few phone numbers. Governments and corporations have no idea where I am. Because my phone is anonymous, they would have a hard time deploying malware onto it if they wanted to target me. Most data goes through a VPN.

[–] [email protected] 6 points 1 year ago (1 children)

Just as a heads-up: VOIP is more difficult to tap than conventional GSM calls are. What are your issues with VOIP?

What costs privacy in mobile networks is that the mobile operator has to know where you are (roughly) by design. They need to route your traffic to the antenna that's communicating with you after all. That's something that can't be mitigated.

[–] [email protected] 3 points 1 year ago (1 children)

Voip call quality is terrible, it is near unusable over mobile data IME, it adds latency etc.

I guess an intermediate measure might be to make all your phone calls through a forwarding proxy (e.g. implemented with Twilio API) so that all the mobile carrier sees is that your phone calls all go to the same number. Similarly you'd give out a VOIP DID number that forwards to your mobile, so all your incoming calls would appear to come from the same number.

[–] [email protected] 5 points 1 year ago (1 children)

Voip call quality is terrible, it is near unusable over mobile data IME, it adds latency etc.

Oh boy, welcome to the whacky world of phone telecom.

It's not an inherent VoIP issue, you can select any audio codec you want, including lossless CD quality if you want. The issue is you need to make sure your call will end up using the best supported in common from your VoIP provider and the carrier you're calling to. Some carriers try to make people believe other carriers are crap by restricting the good codecs to themselves and their customers, so everytime you call someone on the other carriers, it sounds like crap, and makes the users feel like clearly the other carrier has to be crap because it's fine when it's with the same carrier.

My VoIP calls show up as HD calls and sound identical to other VoLTE HD calls just fine though. I'm using Linphone for Android and voip.ms as the provider, no issues other than navigating all the settings on their website is... a bit of a mess. But hey, they let you configure near everything so.

[–] [email protected] 2 points 1 year ago

The codecs are built into the client (I'm using linphone) and they all sound like crap. Provider is vitelity.net but I have a twilio account so could try that. Also, they only work at all when the phone is online by wifi. Using the phone's mobile data is total fail. Too many dropouts etc.

[–] [email protected] 4 points 1 year ago

They're all pretty much the same privacy wise so fake info plus any prepaid carrier that has what you're looking for would be your option. I suggest mint since they're one of the few that offer totp as a 2fa method. I believe tello and possibly usmobile does too but I'll have to doublecheck that. Best bang for your buck if you want truly unlimited data (I'm looking at you mint) would be visible but no totp sadly and heard customer support sucks.

[–] [email protected] 4 points 1 year ago

I'm using US Mobile. You can choose between using their GSM network (T-Mobile) or their CDMA network (Verizon). Their prices are fantastic and it's all prepaid, so you can limit how much personal information you give them. They've worked out a deal with Verizon so your data isn't deprioratized even though you're not a primary Verizon customer, so there's no speed penalty. I've been very happy with them

[–] matlag 3 points 1 year ago

Don't know if that covers your need, but at least their angle is privacy:

https://puri.sm/products/librem-awesim/

[–] [email protected] 1 points 1 year ago
[–] [email protected] 1 points 1 year ago

Straight talk or similar services that you can buy in store for cash.