Your phone is more than just a communication tool; it’s a powerful tracking device, and the SIM card inside is a key reason why. I don’t actually have a SIM ...
Very interesting video about the tracking of cellular networks.
I’m by no means an expert, but how is it the phone can still make emergency calls if it has zero contact with the network if it’s simless? Seems like a solution that isn’t actually one, especially if you consider stuff like IMIE numbers.
And I’m sure if I could be bothered to look into this solution I would be right.
Plus most tracking and privacy violations work just as well if not better via WiFi.
Simless phones can make emergency calls because the towers are configured to accept a request for an emergency call to any device that handshakes sufficiently (in Europe and most of Asia anyway, I assume also true of USA because it does work).
The phone is able to contact the nearest tower and initiate a call because it scans for the nearest towers in the boot process in order to go to the next step (check sim details and connect to configured provider). In the process of determining available towers it provides the IMEI to each of them.
If you live in a country where you have to provide ID to buy a handset then this definitely isn’t anonymous, but even if you are in a country that doesnt, all the manufacturers track where every IMEI is shipped, and sku numbers on POS will easily allow determination of exactly when the device was sold. Even if you paid cash there will be CCTV footage of the purchase.
TL;DR this will work mostly until you make a mistake against corporate tracking but will absolutely not protect you from three-letter-acronyms and law enforcement.
Consider your threat model carefully before relying on it
But it doesn’t work. The phone just says “NO NETWORK” and you can;t make any calls,
You can make emergency calls on a phone with an expired SIM card whose phone number has been re-used. So that would not be traceable to the number, but they can still triangulate your position.
If you’ve never used that phone with a SIM card, there’s no connection between the IMEI and you or your internet traffic. Assuming the phone never pings towers, network operators could only track the location of your phone location over time without you associated. I don’t think it’s accurate enough to determine where you live to identify you.
A phone without a SIM card hypothetically also shouldn’t ping cell towers, but who knows if it does. It should only connect to the cell towers when you make an emergency call.
When she saids no sim I am thinking we can assume she also means your turning off the cellular radio. (Why would leave that one if you don’t have service?) Just wasting battery and I am pretty sure you are still hanging out your location to carriers.
But she explains why that is different in the video.
The idea is the hotspot is an entirely separate device, that just provides Internet access/VPN access. Your not logging in to your VoIP provider or your messaging applications using that hotspot. You can also purchase the device and service anonymously making it much harder to connect to your identity to the hotspot.
This separates the baseband processor from our sensitive data that is stored on our phone.
This also forces your phone to actually use the VPN. (There has been reports that Apple and Google bypass the VPN in some cases if you use a VPN on your phone.)
While the gist of it is correct, and physical OSI layers separation is indeed better for control (there is a valid reasons for “hardware” firewalls to exist), a lot of what she says is vastly extrapolated at best, or arguably wrong at worst.
And then, yes, regardless of the content, I’m pretty sure YouTube videos will be downvoted here.
Downvoted? Why? I’m curious to know.
I’m by no means an expert, but how is it the phone can still make emergency calls if it has zero contact with the network if it’s simless? Seems like a solution that isn’t actually one, especially if you consider stuff like IMIE numbers.
And I’m sure if I could be bothered to look into this solution I would be right.
Plus most tracking and privacy violations work just as well if not better via WiFi.
Simless phones can make emergency calls because the towers are configured to accept a request for an emergency call to any device that handshakes sufficiently (in Europe and most of Asia anyway, I assume also true of USA because it does work).
The phone is able to contact the nearest tower and initiate a call because it scans for the nearest towers in the boot process in order to go to the next step (check sim details and connect to configured provider). In the process of determining available towers it provides the IMEI to each of them.
If you live in a country where you have to provide ID to buy a handset then this definitely isn’t anonymous, but even if you are in a country that doesnt, all the manufacturers track where every IMEI is shipped, and sku numbers on POS will easily allow determination of exactly when the device was sold. Even if you paid cash there will be CCTV footage of the purchase.
TL;DR this will work mostly until you make a mistake against corporate tracking but will absolutely not protect you from three-letter-acronyms and law enforcement.
Consider your threat model carefully before relying on it
Thanks for elaborating. This was an interesting read.
In germany for example is it not possible to perform an emergency call without a sim card. But this is thanks to a law and not the technical side.
But it doesn’t work. The phone just says “NO NETWORK” and you can;t make any calls,
You can make emergency calls on a phone with an expired SIM card whose phone number has been re-used. So that would not be traceable to the number, but they can still triangulate your position.
deleted by creator
If you’ve never used that phone with a SIM card, there’s no connection between the IMEI and you or your internet traffic. Assuming the phone never pings towers, network operators could only track the location of your phone location over time without you associated. I don’t think it’s accurate enough to determine where you live to identify you.
A phone without a SIM card hypothetically also shouldn’t ping cell towers, but who knows if it does. It should only connect to the cell towers when you make an emergency call.
When she saids no sim I am thinking we can assume she also means your turning off the cellular radio. (Why would leave that one if you don’t have service?) Just wasting battery and I am pretty sure you are still hanging out your location to carriers.
She puts a sim card in another phone that’s used as a hotspot. The title suggests she doesn’t use a sim.
But she explains why that is different in the video.
The idea is the hotspot is an entirely separate device, that just provides Internet access/VPN access. Your not logging in to your VoIP provider or your messaging applications using that hotspot. You can also purchase the device and service anonymously making it much harder to connect to your identity to the hotspot.
This separates the baseband processor from our sensitive data that is stored on our phone. This also forces your phone to actually use the VPN. (There has been reports that Apple and Google bypass the VPN in some cases if you use a VPN on your phone.)
Not arguing against the logic but it very much is a disappointing click bait
Probably because of the YouTube link. I will try to post a more private alternative next time.
Yeah, posting google links on Privacy community, hahaha. You can use this https://redirect.invidious.io/watch?v=RyirQOCUUK8
The video has many inaccuracies.
While the gist of it is correct, and physical OSI layers separation is indeed better for control (there is a valid reasons for “hardware” firewalls to exist), a lot of what she says is vastly extrapolated at best, or arguably wrong at worst.
And then, yes, regardless of the content, I’m pretty sure YouTube videos will be downvoted here.