Back to Stories

Burner Phone 101

422 pointsby CharlesW28 days ago190 comments(rebeccawilliams.info)

Comments (29)

schoen25 days ago
When I was working at EFF, I started writing (but never finished) a couple of essays along the lines of "the degree of trackability of mobile phones is an unfortunate accident, and we should fix it".

It basically comes from routing requirements (especially to receive incoming phone calls) combined with billing requirements (to make people pay for their connectivity) combined with the empirical requirement to see which base station a device is connected to, and which other base stations can see it at a given moment.

If you aggregate all of that data, then you know a (geographically moderate-resolution) complete history of where almost all people have been at almost all times, and patterns of their habits and whom they probably recurrently spent time with.

Not all of this data has to be collectable, because these things could be disaggregated by introducing different protocol layers. For example, you could pay the mobile company for data connectivity, but use cryptographic blinding mechanisms so that it doesn't know which specific subscriber obtained connectivity at a particular place and time. (Those blinding mechanisms could be implemented inside of SIM cards, so the SIM card's task is to cryptographically prove "I am a SIM card of a current paying subscriber of carrier X" rather than "I am SIM card number 42d1b5c0".) You could have device hardware IDs be ephemeral rather than permanent. Actual messaging and call services could all be "over the top" (as phone industry jargon puts it), provided by people who are not the phone company itself.

This disaggregation is a straightforward improvement from a privacy point of view because it prevents companies from knowing things about you that they didn't need to know in order to provide services.

Meanwhile, in the world we live in, we see governments trying to make it harder to make phones less trackable, by putting legal restrictions on changing hardware addresses, or requiring legal ID in order to establish service. I imagine that an additional cryptographic indirection layer in SIMs to prevent carriers from linking a permanent identifier to a network registration (or specific data use) would also be banned in some places if it were invented.

This shouldn't be inevitable. One thing that made me think about this was when there was a little scandal (which I was a small part of) about companies tracking device wifi MAC addresses for commercial purposes. There was a little industry that would try to recognize people and build commercial profiles based on recognizing that the same device was present (in fact, at the time, even if it didn't actually connect to the wifi -- because a typical wifi-enabled mobile device was sending broadcast wifi probe packets that included its MAC address). So Apple was like "this is a bad use of MAC addresses, which only exist to distinguish devices that happen to be on the LAN at the same time, and perhaps to allow network administrators to assign permanent IP addresses to specific devices", and they made iPhones randomize wifi MAC addresses for some purposes, mostly fixing that particular issue.

We could think just the same way about GSM networks: "these identifiers exist for specific protocol reasons; using them for device or user tracking is an abuse that should be mitigated technically".

eduction25 days ago
Stellar reasoning.

Did you ever get to the point of hypothesizing good ways to align incentives to make this happen? It is hard to tell (having not thought much about it) whether this is a “smart well meaning engineers need to make new standards” problem, a “we need to harness the power of corporate greed problem,” or something else.

codethief24 days ago
I seem to remember a discussion here on HN a few years back about a paper which outlined ways to decouple technical identifiers from personal identifiers on mobile networks.

My memory is a bit hazy but maybe it was the whitepaper for PGPP[0] that OP mentioned?

[0]: https://invisv.com/pgpp/

thfuran24 days ago
I don’t think it’s possible to align incentives in favor of rolling out such a statement in the US without another coup.
coderatlarge24 days ago
isn’t detailed information about the user equal to additional billing power? perhaps the only disincentive that exists to having that information would be such overwhelming risk/liability that it would outweigh the profit potential of having it in the first place. it seems to me the relative incentives have reached a oretty stable equilibrium…
Terr_24 days ago
> combined with billing requirements

There's a certain flavor of US libertarian that complains that they should only be taxed for exactly the road-surfaces they personally use in proportion to how much they use them.

In response, I like to point out to them that their dream of "fair billing" can't occur without a nightmare of surveillance, making it easy for the government (or road-owners, and indirectly the government) to track and remember everybody's movements in excruciating detail.

Is that worth it? Perhaps a "sloppy" billing system (e.g. fuel/mileage taxes for roads) is actually an extraordinarily good deal in terms of the privacy we take for granted.

schoen24 days ago
There's a potential family of cryptographic methods where people prove that they paid for things without revealing who they are.

https://www.eff.org/files/eff-locational-privacy.pdf (2009)

The technical paper mentioned is now at

https://web.ma.utexas.edu/users/blumberg/vpriv.pdf

(I guess Andrew Blumberg moved from Stanford to the University of Texas.)

There might be an inherent tradeoff where you need at least one of {tamper-resistant trusted meters, at least slightly noisy measurements, potential deanonymization}. For example, the short paper mentions that "point tolls" are easy to make anonymous using any form of anonymous digital cash (or blinded tokens issued by the tolling authority!), but the exact usage billing you mention people wanting is much more detailed than a point toll like that. It might indeed be inherently impossible to get all the way there without detailed surveillance.

m46324 days ago
I though gnu taler sounded pretty interesting:

https://www.taler.net/en/features.html

don't know anyone who uses it though. (is it usable?)

teekert24 days ago
Agreed, I always think that all these taxes should indeed just go through fuel. Want a bigger, heavier, more polluting car? Want to drive like a F1 driver? Fine, you pay more. Want to drive a long distance? You'll pay per distance*car_size. Want to go electric? You'll pay tax on electricity in concordance with it's economic price and influence on the planet.

One problem in the EU is is that this would need to be rolled out across the EU, because we already have large difference in price ranges for fuel leading to weird situations neer the border.

Terr_24 days ago
> Want to go electric? You'll pay tax on electricity in concordance with it's economic price and influence on the planet.

The problem is that generic electrical consumption is not (unlike gasoline pumped at a gas-station) a decent proxy for how heavily the purchaser occupies and wears-down roads.

In turn, it makes it harder to connect fair (proportional) amounts to fix the roads.

teekert24 days ago
That is true. Idk how to tax that. Through the tires? Would also stimulate going for durable ones. Although electric cars produce much less breaking dust, contributing to clean air again. Okok, it's complicated. Just tax anything based on it's environmental impact, then add some percentage for the roads?
Terr_24 days ago
Given that odometers are already tamper-resistant for other economic reasons, a "mileage this year by vehicle weight class" might work.
FireBeyond23 days ago
> Agreed, I always think that all these taxes should indeed just go through fuel. Want a bigger, heavier, more polluting car? Want to drive like a F1 driver? Fine, you pay more.

That already happens in some states. I have a performance car, and in Washington that came with a "gas guzzler tax" built in to the purchase breakdown, so I paid a lump sum (in addition to the ongoing higher fuel costs).

lan32124 days ago
I don't see the issue?

Get on a toll road, pay for a ticket, done. Drive on a normal road, pay for gas, done.

I guess you could make it extremely specific, but then the problem isn't the surveillance, but the price of the cost analysis of driving 1,7 miles on a road in bumfuck nowhere with a J lbs vehicle, exerting X pressure on the road at a standstill going at [Y] speeds, thus generating Z total pressure over time H. In addition the road was I% wet due to rain the day prior.

Terr_24 days ago
> I don't see the issue [...] pay for gas

"Them durn politicians are taxin' mah gasoline to build roads clear on the other end 'o town!"

markus_zhang24 days ago
Thanks for sharing. I figured it is extremely difficult to spoof or disaggregate the data by ourselves, given the SIM tracking wifi tracking thing basically 7/24, or is there a way to fix it?
BLKNSLVR24 days ago
I have no technical knowledge about these, and being cryptocurrency related there will be lots of exasperated huffs, but there are a couple of alternative mobile network related projects: World Mobile and Helium.

World Mobile claims 99% coverage of the US, although I think it uses existing networks where there's no native coverage.

They're "interesting", but only early days, and I don't know how close they come to what you describe for privacy and opposition to data aggregation. Large-geographic-area comms coverage isn't something that there's ever going to be a lot of options for.

schoen24 days ago
I was imagining mobile operators that cooperated to some extent with the changes I was proposing, or at least didn't obstruct them. If it's using existing GSM protocols, the IMEI would have to be rotated frequently (and it's not that obvious how to do that without making the connection between the old IMEI and the new IMEI apparent), and the SIM technology would have to change. (What it's trying to prove in a privacy-friendly communications system is more like subscriber entitlement, not subscriber identity!)

There's also the "netheads and Bellheads" theory from the 1990s which can be taken to say that phone companies would never make technical changes to make themselves collect less data, or to be less helpful to government surveillance. Sometimes I think this is right. I still remember how I took part in a meeting with a mobile phone industry association or industry consortium of some sort about a year before the Snowden stuff. Someone on my side said "so, let's talk a bit about surveillance issues", and someone on the other side replied "sorry, that's something we don't talk about". Imagine an industry meeting with privacy advocates where the industry people are completely precommitted to not talking about surveillance!

toast024 days ago
> There's also the "netheads and Bellheads" theory from the 1990s which can be taken to say that phone companies would never make technical changes to make themselves collect less data, or to be less helpful to government surveillance.

You've got to sell them on something that's useful for them. Present the case that eliminating data collection simplified their network, saves money, reduces staffing, and reduces interaction with government.

giggyhack24 days ago
I absolutely understand the sentiment and the goals that citizens should, by default, not be tracked. However, how do you square that with the proof, time and again, that truly secure and encrypted networks are primarily use by criminals (drug/human traffickers, and plenty of other people) who, through their trade, make the world a shittier place for the rest of us?
xethos24 days ago
If we accept that the right to privacy is real, that not being followed, watched, and monitored every hour of my life, is something democratic societies should strive for:

Why do criminals have more rights than I do?

soulofmischief24 days ago
That's very easy to square by just accepting that people are allowed to have private communications.
alisonatwork24 days ago
That's only the case because the truly secure and encrypted networks are not the default.
Moru24 days ago
This has changed before. HTTP used to be just fine. Only your bank used HTTPS. Now everyone uses HTTPS. It's the default, if you don't support it on your webserver, customers will have troubles reaching it.
kome24 days ago
Your reasoning is so biased that it is hard for me to wrap my head around it, but at the same time it's very common because it confuses the tool with the crime. Criminals use cars and phones, too, but we don't ban them for everyone.

The argument ignores the catastrophic cost of the solution: destroying privacy for all of us. Creating a backdoor for police doesn't just hinder criminals; it makes everyone's data, from journalists to your medical records, vulnerable to hackers and abuse.

I believe we stop crime with good policing, not by building a system of total surveillance that sacrifices the very freedom we're trying to protect.

Levitz24 days ago
But this has been "squared" already. Can the police enter your home without a warrant? No? Why? I bet criminals are pretty secretive around their stuff too, no?
wraptile24 days ago
I'm unconvinced that secure communications is the bottle neck when it comes to criminal prosecution. We can expand police power without sacrificing our communications like that.

Anecdotally, take a look at China where privacy doesn't exist and yet Chinese syndicates are responsible for a major chunk of the issues you've listed. So clearly lack of privacy doesn't even correlate with decreased criminal behavior.

wildzzz24 days ago
Probably because any successful Chinese crime syndicate has the backing of both the government and big business.
wraptile23 days ago
Which happens due to totalitarian control of CCP which prohibits self correction mechanisms we have in democratic societies, so what's the Goldilocks area of authoritarianism here? My bet is that compromising all secure communications is all the way in the big bears bed, if we're sticking to the Goldilocks analogy. It's just a fundamental dead-end without fantasy scenarios like benevolent dictatorship which we all know doesn't exist in the real world.
miki12321124 days ago
This is the "witch hunt" problem.

If you have two networks, one encrypted and one not, and the unencrypted network is significantly easier / cheaper to use or has better network effects, that's where most people will naturally flock. The only ones who will put in the effort to use the encrypted one are criminals and a few principled technologists / civil libertarians. In such a world, the mere fact of using the encrypted network is suspicious in itself.

We define "criminals" here as "anybody the government doesn't like." In the US, this is mostly child predators, drug traffickers, thieves, and maybe a few (legal) sex workers. In other places, this is mostly homosexuals, human-rights activists, journalists and the opposition.

The way to fix the "witch hunt" problem is to make all networks encrypted and secure.

While cryptocurrency is mostly used by criminals, as the traditional financial system is just good enough for most people, TLS is used by everybody, as it is just the default way to do things on the internet nowadays. This is despite the fact that TLS makes wiretapping criminals' communications much harder.

The US and Europe[1] should use the influence they have over standards bodies to make prosecuting the latter group of "criminals" much harder, recognizing that this comes at the expense of also letting some criminals in the EU/US sense of the word run free. It is just the morally right thing to do.

[1] I mostly mean American and European companies and organizations which participate in the process of standard setting, not governments, which mostly cannot do things for complicated political reasons.

jjkaczor24 days ago
Historically in the US - yes.

However, with the current "regime change", the targets of tracking are expanding exponentially to basically anyone who says or does anything the current leadership does not like.

This has been warned about repeatedly with this type of tracking for decades - when "bad actors" take power and abuse that power, then everyone becomes a target. Fascists love data collection, aggregation and data-based decision-making.

ygritte24 days ago
So get ready to be legally bound to leave your front door unlocked because some people store stolen loot behind locked doors!
_Algernon_24 days ago
Better remove the locks on your house and bathroom and set up a public webcam while you're at it. After all, I'm not sure you're not a criminal, and to be sure of that I — and the rest of society — need to be able to observe you in your bathroom.

"innocent until proven guilty" exists for a reason.

neilv24 days ago
> However, how do you square that with the proof, time and again, that truly secure and encrypted networks are primarily use by criminals

Do you have a URL for this proof?

(If it's true, that would be good to know.)

01HNNWZ0MV43FF24 days ago
Me and the government have slightly differing opinions of what a "criminal" should be. I am a gender outlaw in many states
esseph24 days ago
You ready to drop encryption between you and your bank?
Terr_24 days ago
... They said, on a forum where everyone is posting and reading using connections encrypted by TLS/HTTPS.

I don't see how you've become a criminal just because you don't want somebody in the same coffee shop to see what you're posting or browsing.

Is it fine because it's not "truly" secure? How secure is so secure that it crosses the line and becomes evil?

wpm24 days ago
It’s quite easy to square: your argument is nonsense through and through, barely deserving an iota of rebuttal. I could justify absolutely appalling invasions of privacy with what you’re saying.

We are not beholden to ruining everything for almost everyone to stop a small fee from doing bad things. It’s not any more complicated than that.

24 days ago
tmpfs24 days ago
This is nonsense. By your logic me and the majority of people using Signal are criminals.

As the other commenter mentioned please provide proof for these hyperbolic claims.

Arainach24 days ago
>By your logic me and the majority of people using Signal are criminals

False. "The majority of X are Y" does not imply that any particular X is Y.

I don't have data for Signal. I use it extensively. Even setting aside that the American legal system makes everyone a criminal several times a day so that the laws can be selectively enforced against anyone who becomes a target, I have no data on whether the majority of Signal users are criminals, but given that criminals have significantly higher interest in secure communications than the general population it wouldn't shock me if evidence came out that it was the case.

esseph24 days ago
How long before UK VPN users are criminals?

How long before US states that are enforcing online ID laws will be doing the same?

coderatlarge24 days ago
maybe we need a law against selective enforcement of laws. together with the comprehensive statistics collection agency that would be required to enforce it.
Ccecil25 days ago
One thing I didn't see covered is to never have your "real phone" and your "burner phone" on you (or in the same location) at the same time while powered.

Easy enough to say "Gee...these 2 phones are always together or nearby when activated" or "this phone shuts off right before this one powers up".

Although, I suspect there are a few other ways to determine identity easier. Such as tracking the device identifier and then looking up nearby public facing cameras.

qingcharles24 days ago
So many online services use the proximity of phones to determine things like related persons and related accounts. Facebook is notorious for this. In one building I lived at Facebook would constantly show me the names of everyone coming in and out as "You might know this person" even though I had no idea who they were.
aspenmayer24 days ago
Airbnb as well, at least in principle, if not in implementation.

Airbnb Is Banning People Who Are ‘Closely Associated’ with Already-Banned Users - https://news.ycombinator.com/item?id=34983871 March 2023 (119 comments)

h/t HN user dmitrygr

Mistletoe24 days ago
I have no idea how this isn’t illegal. I’ve experienced the same horrifying loss of anonymity before. People I met long ago and definitely do not want knowing my real name showing up as Instagram suggested friends.
mcny24 days ago
Or people who stay next door at an Airbnb and I had a quick chat with in person, like I didn't give them any contact information nor did they give me theirs so how ...
bigiain24 days ago
Also, never power up or down, or switch in or out of airplane mode on your burner while at home (or work). Cellular network disconnection and connection events are rare and hence notable.
2rsf24 days ago
Isn't buying a SIM traceable by itself? if for example the shop has CCTV recordings or the email where you got the eSIM
bigiain24 days ago
Normally, unless (as I mentioned in another reply) you buy your SIM at a going-away party for a foreign student or backpacker who's leaving the country and doesn't need a local mobile number any more.

(Then you just need to worry about the CCTV recording of the place where you pay cash tor the pre paid Visa cards you use to top up the prepaid SIM...)

jajko24 days ago
That would be properly dumb thing to do, giving trivial-to-track thing very much tied to your identity to some random folks... why on earth would anybody smart ever do that?

Then you suddenly end up locked by ICE or worse when having layover stop at Miami for example.

bigiain23 days ago
> why on earth would anybody smart ever do that?

Because they're leaving the country tomorrow and don't plan on ever coming back. And you offered them a round of drinks or two for them and their other friends.

(Thinking about it, you're probably right - I still feel that's "safe" in Australia, I doubt I'd be prepared to do that in 2025 USA. But then I'm not intending to visit the USA in the near/medium term future, or possibly ever again.)

fuckaj24 days ago
Basic police work gets you. They know the sim owner. Know its a backpacker. Find their last location. Interview who was there at the party. Etc.
bigiain23 days ago
If you become of enough interest to the sort of people who will interview everybody who was any a party at a bar to try and identify who someone that's left the country gave their SIM to, you're probably well beyond fucked already.

Amateur opsec can help prevent you getting identified if you leave footprints in dragnet surveillance - like if you were at or near a protest. If you're planning on committing crimes serious enough to have "basic police work" set loose attempting to identify you individually? Good luck with that. I hope you're getting better advice than posts from randoms on internet forums.

fuckaj23 days ago
True. Replace "crime" with "things that motivate the government to investigate you". They arent the same but overlap alot of course. In 2025 the non intersecting area got larger.
bigiain23 days ago
> "things that motivate the government to investigate you"

Yeah, as I wrote elsewhere in this discussion: "running a global drug cartel, or criticising Saudi Royal Families, or defending the rights of Palestinian children to not be bombed"

dfc24 days ago
I am not sure I agree with this. I don't think that running out of battery or rebooting a phone is that rare.

But more importantly, if these events are noticeable and Alice does what you suggest she is probably going to highlight her location. Especially if she naively waits till she is 15 minutes from home to switch her burner on. Over time there will be a circle around her house of no burner phone network attach events.

bigiain23 days ago
I'd be surprised if my daily driver phone ran out of battery more than once or twice a year. It probably only ever reboots in exactly the same 24 hour time window as every other iPhone during iOS updates.

If Alice's threat model doesn't include NSA/KGB/MSS/MOSSAD, just being slightly less naive and switching on the burner at (or within a set distance from) some location other than her home is likely fine. I describe in another comment here: https://news.ycombinator.com/item?id=45009042 how I used to automate turning on a phone (well, a 3G WiFi hotspot) at a set distance from a nearby library.

But don't follow my advice if you're running a global drug cartel, or criticising Saudi Royal Families, or defending the rights of Palestinian children to not be bombed.

(I just realised my phone goes into and out of airplane mode when I get on and off planes, which narrows it down to one in a couple of hundred people for one flight, and likely uniquely identifies me with only two or perhaps 3 flights. But this is my daily driver phone with proper KYC identification, not a burner.)

dfc23 days ago
What about elevators, parking garages, basements? Network Attach messages are fairly common in the mobile device logs I have seen.

Your "Recreational Paranoia" should include rebooting your iPhone more often.

bigiain23 days ago
> What about elevators, parking garages, basements?

If Snowden was an ex-colleage of mine, I suspect I or my co workers probably combine location data with network attach/detach messages, and can filter out "known blackspots" on a per network/carrier basis.

> Your "Recreational Paranoia" should include rebooting your iPhone more often.

Ah ha! But my recreational paranoia hobby includes having a perfectly normal "daily driver" phone - which gets left at home way more often than other people's phones.

charlieo8824 days ago
"If you're going to keep your phone in a bag of potato chips, then keep your phone in a bag of potato chips" --Terminator: Dark Fate (2019) Carl the T800.
mrheosuper23 days ago
I Thought the point of burner phone is you destroy it immediately after you finish business with it.
theothertimcook28 days ago
In many countries you need a valid government ID document to activate a mobile service which means burners do not really exist in those places.

Unless you bought a pixel, graphene’d it and then paid a homeless person to activate a pre-paid data only sim which you would top up with vouchers paid in cash and used a von and international voip service…

A lot of effort though

tim33328 days ago
Silent link esims are quite good for getting your phone to work on any country or network. I have one, not for privacy but more for better phone coverage and it works pretty well. No ID and you pay in crypto - btc/monero etc. (https://silent.link/)

For me the main use is that I'm on o2 in the UK, but if in some dead spot with no signal I can flip the sim settings and connect via EE or whatever.

CryptoBanker27 days ago
>For me the main use is that I'm on o2 in the UK, but if in some dead spot with no signal I can flip the sim settings and connect via EE or whatever.

Why not just get an EE SIM if that's your main use?

asyx25 days ago
Not from the UK but in Germany we have the same issue where there is T-Mobile (best coverage), Vodafone (good coverage) and o2 (worst coverage) and there are simply some remote areas where anything but T-Mobile doesn’t have coverage.

And the easy answer is that T-Mobile, or rather the parent Telekom, is a terrible company best known for right now for getting the government to agree that they can cancel your existing internet contract to make switching easier when they want to catch you as a fiber customer but actually all they’re doing is sending a marketing company around Germany (Raider Marketing) to lie to your grandma to sign contracts for the Telekom or just cancel your existing internet contract because they think with a bit of pressure they can get you to sign up with them.

Alternatively, they are also known for the worst peering on existence because they have the crazy idea that they can charge tenfold what other ISPs take for peering because they are the Telekom…

In summary, the Telekom is such a terrible company that I’d rather not give them any money and if I needed T-Mobile coverage I’d rather get a foreign eSIM and rely on roaming than giving them a single cent.

avh0225 days ago
I'm happy to give them (telekom) money because their service works. Vodafone was constantly inferior in my experiences (dsl vs cable as well as their mobile networks). At least i don't have to call vodafone every month like my neighbors do when the internet is down, worth every penny.
bgnn25 days ago
Don't they get paid at the end when you are roaming?
toast024 days ago
It sounds like their need is to be on multiple networks. Where I live (not UK), all carriers have dead zones, some dead zones are dead for all carriers, but most aren't. Being able to use multiple networks sounds lovely.
raybb24 days ago
Are you able to select which mobile network you use? At least in the US the price for tmobile is about triple that of att so it would be pretty hard to predict your spend if it switches between them without warning.
raybb24 days ago
Based on this podcast episode with them it seems that you can select which mobile network or "local provider" is used. Around the 12:30 mark https://optoutpod.com/episodes/s2e13-silentlink/
4gotunameagain28 days ago
> which means burners do not really exist in those places.

This is very wrong. In Germany you can go to any shady kiosk in a big city and buy a pre activated SIM card invariably registered to some Arabic or Pakistani name.

You can buy it in cash. Completely untraceable if you take care of CCTV.

breppp25 days ago
Going to buy a prepaid SIM registered under an arabic name in europe is probably the safest way of getting traced by a government
therein23 days ago
Not anymore. They are more likely to go out of their way to avoid tracing you nowadays anyway to not come off as racist.
cedws26 days ago
IMEI + cell tower triangulation easily makes it traceable. If the authorities want to find you, they can.
lazide26 days ago
Once they know to look for you, sure, which is why you use a disposable phone and actually dispose of it before anyone has a reason to look for that specific one. That’s literally the whole point.

They might go an ask Achmed some hard questions later, but he’s long since left the country and never met you anyway.

blitzar28 days ago
Just track the hardware. A couple of days of normal usage and should be able to assign a 99% probability on you being the owner of that phone.
eptcyka25 days ago
You should never turn on your burner in a place where you use your regular phone, duh.
SoftTalker25 days ago
Even using it in the same city, would only require time and maybe a bit more correlation to identify an individual.
XorNot24 days ago
And yet realistically you also probably don't turn it on except when you're within about 50 miles of your home.

And this is while you're flagging yourself heavily by (1) using a phone which is easily identified as a burner and (2) using it intermittently which means you're trying not to be tracked.

So you've already substantially identified yourself in any dataset.

bigiain24 days ago
I'm not sure how many people would get any use out of a burner phone that they need to be 50 miles away from home top use?

One of my hobbies is Recreational Paranoia. I used to have (probably still do in a drawer here somewhere) a 3G WiFi hotspot, with an Arduino and GPS module that powered down the battery within a few km of home (actually, within a few km of a public library that's a few km from home, so plotting all the power up & down locations would centre on the library not my house). I could then leave home with that in my backpack and instead of my phone take a wifi only device - I mostly used an iPod Touch but also sometimes Android tablets. I wouldn't get actual phone calls sir SMS that way, but those are both rare for me, most of my social comms are via Signal which worked just fine.

I figure wifi cellular hotspots are "not easily identified as a burner phone" and that intermittent use of them is the most common case. It would still have been able to be tracked as being a thing that turned on and off in my surrounding suburbs, and I'm sure I slipped up last least a few times and had it with me while I also had my phone with me - but like I said this was for my hobby, not running an international drug cartel or doing journalism critical of Saudi Royal houses...

forgotusername625 days ago
I was surprised when a SIM I purchased on Amazon was not only able to connect in China but was also able to bypass the great firewall. I wonder how these travel sims get round the government regulations.
kelnos25 days ago
It's because the government regulations only apply to Chinese citizens. My first trip to China was back in the '00s, and I went for work. I was also surprised to find that my home SIM worked just fine there without any interference from the Great Firewall.

Roaming works somewhat unintuitively from what you'd expect. You do indeed connect to the local mobile network, but all of your data traffic is tunneled back to your home wireless provider's PoP. I realized this once I checked what websites I was visiting saw as my public IP address, and it was an address from a network in Texas!

So China's Great Firewall can't actually inspect or block your traffic while you're traveling, and using roaming on your home mobile network's SIM. It's all sent over the equivalent of a VPN to your home soil before going out to the public internet. This iswhy latency can be pretty bad while roaming.

lmm24 days ago
They bypass the firewall precisely because they're roaming SIMs. Their internet connection goes through the home operator.

I imagine they simply don't allow selling such SIMs in China. It would be extremely easy to track and flag any that were e.g. used for longer than a few weeks.

rtpg24 days ago
I feel like there's not much of a need. The data would be quite expensive.

My impression is that people can get VPN access (and like people working in certain domains will just get VPN access through work) pretty easily in China. Though my deeper impression is most people are just fine.

You're not begging to get onto some chinese social network right?

United85724 days ago
It's how data roaming works in general -- it's tunneled through to the SIM's home provider. Conversely, a Chinese SIM roaming overseas is still subject to the Great Firewall.
numpad025 days ago
They just don't enforce the exact same restrictions on roaming users. I suppose there are risks of tourists spilling the beans, so to speak, they just don't view that as a severe unmitigated risk.
julcol25 days ago
When you ROAM, you traffic abroad is routed to your home country ( for security reasons among other things) and then off to the internet from there. You can check that your public IP, when roaming, is an IP from your cellco.....unsure if there are any changes with 5G though.

You are not bypassing any firewall as your traffic is actually happening at home. If you access local sites, traffic is coming from home.

numpad024 days ago
Not home country, home PLMN(~=carrier). IIRC there were changes in 4G/LTE that lets the GW be at visiting carriers.

I'm suspecting that that post-4G architecture is just formalization of actual commercial deployment. Latency for roaming data was long inconsistent with the 3G diagrams, and exorbitant roaming fees that would be consistent with the diagrams also started rapidly subsiding from late 3G era.

julcol24 days ago
~carrier---> cellco.
rootsudo25 days ago
True on the Government ID document but most of the times the portal to activate would allow for any sort of numbers as long as it was in a proper format - whether or not it was valid.

These allow for self activation, have a lockout of 5 failed attempts or so and can be done via sim card codes (not SMS, but you interact with a program on the simcard and low level carrier services.)

bigiain24 days ago
> In many countries you need a valid government ID document to activate a mobile service which means burners do not really exist in those places.

Buying prepaid SIMs from tourists or foreign students returning home is a reasonable easy workaround for that - at least if you're the sort of person who meets and befriends those sort of people.

refurb24 days ago
At least where I live tourist SIMs are restricted to 2 weeks, then need to be converted to a local SIM (with ID requirements).

And anyone leaving would have their immigration status expire and the SIM is turned off then unless you provide some other proof of residence.

hopelite25 days ago
Seems like an excellent business model for the homeless.
Phelinofist25 days ago
How does GrapheneOS help in that?
kelnos25 days ago
It doesn't specifically help with obtaining a SIM without presenting ID, but it does help make it easier to avoid later leaking your true identity to Google/Apple/etc. once you start using the phone.
aaron69528 days ago
[dead]
mikeytown225 days ago
If you need to communicate with people in your area and not be tracked; MeshCore software with LoRa hardware like the this https://lilygo.cc/en-ca/products/t-lora-pager is something to consider. Text only, completely offline
XorNot25 days ago
If you need to do this then start by figuring out why you need to do it, and adjust your approach too your threat model.

Because the most significant evidence we have lately is that in-person meetings or dead drops and other low tech means are how you avoid being tracked.

Turning on any sort of radio transmitter is just turning on a big flash light into the sky.

Turning on anything relatively uncommon is even worse: normal people have cellphones and use them. They don't use LoRa devices, there aren't a lot of LoRa devices and someone who only uses LoRa devices will stand out in any dataset.

nickthegreek24 days ago
> Because the most significant evidence we have lately is that in-person meetings or dead drops and other low tech means are how you avoid being tracked.

How many cameras did you just go by? did you have your cell phone on you? how many networks did it connect too? how many bluetooth broadcasts did it passively send out? Not being tracked and being in public are slowly becoming an untenable duo.

XorNot24 days ago
Most of the threats you've identified are enabled by carrying a location enabled radio device on you when you're out in public.

But it isn't illegal to wear a hat and sunglasseses, for example, and it is common to do so.

greesil25 days ago
Yes!!! I've been wanting to make something like this for a long time. But unless the firmware is open source I wouldn't trust this for anything secure. But this looks like a dev kit so I can do whatever I want.
lm2846925 days ago
There are other alternatives https://meshtastic.org
mikeytown225 days ago
It's mostly open source. https://github.com/meshcore-dev/MeshCore They have a couple minor things that are paid features.
Eisenstein25 days ago
Except that your texts go out to everyone on the mesh network.
downrightmike24 days ago
Almost like ethernet, if only there were a way to fix that
mikeytown224 days ago
MeshCore has verified public key sharing; see what happened to the other network at defcon. Direct messages are encrypted.
supersour25 days ago
These look pretty fun, have you played with them much? What kind of range can you get?
bronco2101625 days ago
I’ve tried them on snowmobile trails. With the vegetation the range was about a mile.

Range can be 100+ miles though if you can establish line of sight. Depending on the scenario, a high elevation repeater could give several mobile devices pretty significant range.

mikeytown225 days ago
Range is line of sight. If you can see it, even if 100 miles away, odds are it'll work. Seattle area has one of the better networks for MeshCore. Tacoma to Vancouver BC is the range for semi reliable messaging
hypercube3324 days ago
Don't the different frequency bands change that a lot? iirc these are all lower frequency so they can cut through foliage better than say 5ghz wi-fi
mikeytown224 days ago
Yes you can get decent reception inside buildings. It operates in the 915mhz band. Similar frequencies to old school pagers. Lora is an interesting RF protocol, it has really good properties for operating below the noise floor.
firesteelrain24 days ago
Or just ham radio (not anonymous though)
ivanjermakov24 days ago
And illegal to obscure/encrypt: http://www.arrl.org/part-97-text
booleandilemma24 days ago
It's a shame how neutered ham radio is.
youainti24 days ago
not really. The prohibition on encryption/obfuscation is how you keep abusers off the frequencies.

If you run into someone who is regularly

- using encryption, obfuscation - failing to identify with a callsign - using lots of bandwidth - doing some sort of commercial activity.

then you get a group together, track them down, and report them to the FCC.

The thing people forget is that the primary goal of the ham system is to promote radio experience and experimentation. That is why there is such a wide variety of frequencies available.

neilv25 days ago
Kudos to this article for:

1. starting with threat modeling (though they don't call it that);

2. mentioning that your OPSEC affects not only you but also people connected to you; and

3. mentioning that maybe you should just leave the device at home (because it's basically a surveillance machine that you pay for).

(A more common article format would be to unload a pile of supposed security&privacy measures without putting them into context, and wouldn't properly set expectations for what that gives you. Neither of which is very helpful, and can be very counterproductive.)

girvo25 days ago
> Buy phone & service in cash

Step one is already difficult here in Australia: to do so you must hand over your personal details and ID. At least that was true for anything with a SIM card for sale back in the 2010s

So the “step 0” was “find a retailer who didn’t follow the rules”, and they’d usually be a corner store selling handsets or SIM cards by the bucket load to all sorts of interesting characters

ajxs24 days ago
This was already the case in Australia as early as 2003. I distinctly remember being shocked that I had to provide ID when I bought a phone from a store for the first time.
neilv25 days ago
> Strong PIN, not biometrics

And also be aware of "shoulder surfing", which is different today in 2 ways it wasn't in the past.

In the past, the risk was something like someone looking at you type in your PIN on a bank ATM, or maybe your password on an computer keyboard.

Today, shoulder surfing is mainly different in 2 ways: (1) near-ubiquitous high-resolution surveillance camera networks, which can be places/scale and capture images that humans practically didn't; and (2) with machine learning, they don't even need to see what buttons you press, only see movements of your arm.

(Randomizing button positions on a touchscreen can help, and also help fight forensics like traces your fingers leave for where they touch. But randomization means you need to be able to see your screen, which reduces the ways you have to hide your screen from the view of others.)

pcthrowaway24 days ago
In addition to surveillance cameras and video of movement, AI can also determine what keys your pressing on a keyboard of an airgapped computer, merely by the sounds you make when you type
rollcat24 days ago
Shoulder surfing is exactly the risk factor that biometrics are meant to mitigate.

Every time you type your PIN - that's an opportunity to snoop it.

Neither will protect you against rubber hose cryptography.

thinkingemote24 days ago
This post has an obvious rewritten-by-LLM smell to it. That's okay and increasing common but it's giving me a kind of funny feeling with regards to the content which I'd like to examine more.

Firstly, What's the current opinion on using third party LLMs by the infosec community? Secondly it's more philosophical: do activists on the ground embrace this new tech or fight against it? Or is it an amoral tool, like what a phone is considered to be? Is there a distinction between the big third party APIs and local on device use?

(If it helps, the feeling is a bit like a seeing a Linux developer use an Apple mac for development)

fortran7725 days ago
The Dumphone Finder (https://josebriones.org/dumbphone-finder) referenced there is useful, too, if you need to get a phone a 90 year old person has a chance of being able to use.
torcete28 days ago
I have the feeling that whenever you are on an airport (and maybe railway stations too) they cross your IMEI with the boarding pass info. I believe that in the UK police use some middle-man towers, which name I have forgotten, to collect as much data as possible.
vaylian28 days ago
You are probably thinking of a stingray https://en.wikipedia.org/wiki/Stingray_phone_tracker
tenacious_tuna28 days ago
> Radios off (GPS/Wi-Fi/Bluetooth) unless needed

GPS is a passive technology, no?

Downloading GPS assist data obviously isn't, and plenty of phones use wifi scanning as a way to augment GPS position fixes, but this seemed a strange callout. Am I missing something?

olyjohn24 days ago
They mean turn it off so that apps on your phone can't read your location.
netrap28 days ago
if the phone is confiscated it could be saving GPS automatically, i guess
kelnos25 days ago
This stood out from me as odd from the article too, but that's definitely a plausible explanation.

I could easily see a phone with some sort of location tracking saving GPS data points internally until it can reach a network again to send them out.

commandersaki24 days ago
Always remember the three Cs of OPSEC (credit to grugq): compartmentalisation, cover, and concealment.

Most OPSEC failures are due to leakages which is a failure of compartmentalisation.

Terr_24 days ago
It's very hard to fight a big nefarious system. Especially with the democratic backsliding of the last few months in the US, it's starting to seem like a better bang-for-your-buck is to ensure the system shares your values, i.e. politics.

That's not to say technical approaches don't remain important, but even most encryption is still based on the idea that someone can't just cut off your fingers until you reveal something that satisfies them.

M95D24 days ago
> Privacy Tips for All Phones:

> Keep device & OS as updated as possible

I don't think so! Cloud rot also affects tracking servers, ad-serving servers and pre-installed apps. A phone that is never updated will, in a few years, be affected by the cloud rot and most of it's tracking will stop working.

The best burner phone is the oldest second-hand phone from a flea market that can still connect to the phone network.

> SIM rotation: Rotating SIMs manually or using PGPP eSIMs changes your IMSI, though your IMEI stays constant.

So then, why rotate them? If one phone is known to be yours, then each SIM inserted into it is known to be yours, and any other (burner) phone that SIM gets inserted into will also be known to be yours.

Pair each SIM with only one burner phone and there will be no record of a connection between them, unless they're connected to the same tower and moving at the same time.

> Do not share your email, phone number, or ID with carriers or clerks when activating service

Not possible in Europe. Buying a SIM card requires an ID.

Desk1com24 days ago
Mental Outlaw and Rob Braxman on youtube have more comprehensive overviews on how to get burner phones
aspenmayer24 days ago
How to Get a Private Phone, Number, and Cellular Data - https://www.youtube.com/watch?v=XaHWcttD0tM (Mental Outlaw)

There were simply too many possibly related videos on the Rob Braxman Tech channel to determine which one you might mean. Do you have a recommendation?

Here's his channel for folks who are new to his content:

https://www.youtube.com/@robbraxmantech

Desk1com24 days ago
This one's a good overview where he references his own deeper dives into the tech details. Disclaimer he's selling his own de-googled phone but he's transparent about it

https://www.youtube.com/watch?v=_I9bFIrFhDs

aspenmayer24 days ago
I appreciate the link. I get the sense that he is putting out a lot of content because he’s doing updates for his project, along with broad strokes videos for why folks should care about the issues, and also nuanced takes for specific topics, so I couldn’t cut through the noise to find the signal, as I haven’t followed his content closely, but I did like what I saw.
Desk1com24 days ago
yeah the definitely not as succinct as it could be. They all seem to pad out content with the same generalities. But fair enough, there is no foolproof solution looks like
aspenmayer24 days ago
Leave your phone at home. You won't need it if you plan to not have it. A simple device like this can even keep it company for you while you're away:

https://fr.wikipedia.org/wiki/Tourne-montre

Print this out and you can take notes on the back of the page, or even read it if you get bored while you're out and about without your device, to remind yourself why you don't really need your phone:

> Evil Never Sleeps: When Wireless Malware Stays On After Turning Off iPhones

> Jiska Classen, Alexander Heinrich, Robert Reith, Matthias Hollick

https://arxiv.org/abs/2205.06114 | https://doi.org/10.48550/arXiv.2205.06114

Previously on HN:

When Wireless Malware Stays on After Turning Off iPhones [pdf] - https://news.ycombinator.com/item?id=31364849 May 2022 (5 comments)

You might have already heard about this news from Mental Outlaw:

iPhones Could Still Be Attacked (Even When Powered Off) - https://www.youtube.com/watch?v=mwrjT8hxGzM

Citizen839623 days ago
I can't emphasize this enough: it is extraordinarily rare for malware to persist after a reboot on iOS. These examples are of devices that faked the shutdown sequence (in other words, the exploit did not achieve persistence). iPhones have a hardware-level reset capability: quickly press volume up, volume down, then press and hold the power button.

Enable Lockdown Mode to prevent the vast majority of exploits, then reboot using this method once a week. You'll be fine, as far as this specific threat is concerned.

cguess26 days ago
The guide recommends PGPP to rotate IMEI numbers, however, the service shut down more than a year ago. https://invisv.com/articles/service_shutdown.html
codethief24 days ago
I wish the article you linked wasn't so thin on details:

> Unfortunately, due to technical issues outside of our control, we have to shut down our subscription services.

whartung24 days ago
Are satellite phones under the same microscope as cell phones? Are they broadcasting on all the different cell/wifi/bt frequencies or do they just connect to a satellite? Are they GPS tagged?

Also if you want one-way “location less” communication, the old alphanumeric pager network is still available.

I think those messages are simply broadcast across the network (which at least in the US is national). There’s evidence of a message being sent, none about whether it was received or where it was received.

scarface_7424 days ago
Just a note, Android and iPhones have abysmal security once police have physical access after first unlock (AFU) once your phone is rebooted.

https://blogs.dsu.edu/digforce/2023/08/23/bfu-and-afu-lock-s...

Citizen839624 days ago
yeah, a phone that has been unlocked after boot is easier to get into one that hasn't...
24 days ago
kuon24 days ago
Is there any sim you can buy internationally without an ID? Here you need an ID.
lilsoso24 days ago
In Mexico you can buy prepaid SIM cards with cash, and without an ID, at convenience stores such as 7-11 or Oxxo.
kuon24 days ago
That's far, but good to know.
lilsoso24 days ago
You can buy prepaid SIM cards with cash, and without hassle, in the US as well.

You can do this in many countries, I believe, as well as online through services offered in exchange for crypto.

You didn't define where "here" is for you. Mexico is a better option than the US because the retail price of a SIM card with a number and service is around 50 pesos (maybe lower).

kuon21 days ago
Yeah, I forgot: I'm in switzerland.
wartijn_24 days ago
In The Netherlands you can buy prepaid sims without any kind of identification.
Desk1com24 days ago
UK you don't need ID and can pay in cash. They'll ask for your name and address but you can make it up
apt-apt-apt-apt24 days ago
> Buy phone & service in cash

Movies make it seem anyone can walk into any store in a trenchcoat and walk out with a burner phone ready to go. I get the service part (you can buy prepaid SIMs in cash). What about the phone?

aftbit24 days ago
The phone part is easier in many places. I've personally bought both a phone and SIM card in cash from a corner store in SF. I was asked to provide some legal information for the SIM, but they pointedly did not look at my ID or anything, so I was free to write whatever I wanted on the order form. They told me only the SIM required the info, not the phone.
therein24 days ago
You could have also just bought a T-Mobile SIM and then activated a pre-paid plan with just credits you buy with whatever you want. You can get them for cryptocurrency as well on a lot of places.
Desk1com24 days ago
phone get it from a used devices place so it already has someone else's footprint
pabs324 days ago
> in cash

Cash is likely tracked too these days, if you get it from an ATM for sure, or maybe it is for some modern tills. So learn to busk before you think about buying a burner phone.

electric_muse24 days ago
What are the latest tips and best practices for acquiring a phone and service without having to deanonymize?

For example, can you just walk into Best Buy with cash?

aspenmayer24 days ago
> without having to deanonymize

> Best Buy

Cameras are everywhere in big box stores. Anonymity is not sold in stores.

24 days ago
Havoc24 days ago
Problem is the utility of a phone is mostly in the things that are problematic. Email, cloud etc.

It’s either got too much stuff on it or not enough stuff on it.

h4ck_th3_pl4n3t28 days ago
While I like the sentiment of the article, I think most people are not aware of how hostile baseband firmwares are implemented on most SoCs that phones come with. Usually the cell tower handshakes that make you trackable can't be put off, meaning the modem will run in sleep mode even when you are in airplane mode (which is kinda funny considering the dangers of air travel, right? Right?).

Are there actually smartphones without an IMEI and with a Wi-Fi card only, preferrably not a Broadcom one?

userbinator25 days ago
meaning the modem will run in sleep mode even when you are in airplane mode

AFAIK this is not true at least for the Mediatek 65xx and early 67xx platforms; I've analysed the firmware and hardware on those. They actually power off the modem and rest of the RF system when in airplane mode. The modem only boots up and starts searching for a signal when you take it out of airplane mode, which is why it takes a noticeable time (10-30 seconds, depending on how many bands are enabled) to get a signal. If your phone goes from airplane mode to having a signal and immediately capable of calling, then I suspect it's one where the modem is not truly turned off.

I haven't inspected Broadcom, Qualcomm, or Spreadtrum in any detail to say whether they do things differently.

Are there actually smartphones without an IMEI

Look for a "tablet" or anything else without the word "phone" in it if you just want a touchscreen portable computer. An IMEI is obligatory to connect to cellular networks, in much the same way as a MAC address is to Ethernet and WiFi.

therein24 days ago
Phones with MediaTek basebands are able to change their own IMEIs. Do with this information what you will.
arendtio25 days ago
As far as I remember, the whole 'turn off your phone on a plane' was just a precautionary measure and is not a real technical problem nowadays.

The risk was that mobile networks could not handle moving many devices from one cell to another at high speeds (during takeoff and landing).

reaperducer25 days ago
As far as I remember, the whole 'turn off your phone on a plane' was just a precautionary measure and is not a real technical problem nowadays.

My memory is that it was necessary at the time when lots of people started taking phones on airplanes because the wiring/navigation wasn't shielded against a transmitter that might be actually inside the aircraft.

Since then, plane electronics are better insulated making it less of a problem.

tonyarkles25 days ago
There are another two issues that aren’t technical, which are starting to come up again now that Internet access is rapidly becoming available and good onboard aircraft:

- People not paying attention to/ignoring the instructions of the FAs during safety briefings and emergencies due to being engaged in a phone call.

- People being assholes and talking on the phone, bothering the person stuck in the seat next to them.

On all of the flights I’ve been on recently the preflight brief has been crystal clear that you can do whatever you want on the internet connection except have voice calls.

SahAssar25 days ago
How would that be different for trains? Trains would have similar numbers or more devices, moving at a similar speed (for high speed trains compared to planes at take-off/landing).
kelnos25 days ago
I think part of the issue is that cell tower antennas are designed for talking to devices on the ground or at very low altitudes (like those you'd experience in a tall building). So a cell tower's capacity for talking to lots of somethings directly above it, thousands of feet up, is much lower than talking to lots of somethings below it or adjacent to it.
KeybInterrupt28 days ago
You might be looking for an android based Media player device.

But they are likely not ideal for the use case...

goopypoop24 days ago
Sony BRAVIA
reaperducer25 days ago
Are there actually smartphones without an IMEI and with a Wi-Fi card only, preferrably not a Broadcom one?

Maybe an old iPod Touch that can still run a VOIP program?

madethemcry28 days ago
Can you please give any sources? While it sounds plausible and interesting it's nothing more than a wild conspiracy theory without some background information.
h4ck_th3_pl4n3t28 days ago
Buy a broadcom smartphone. Turn bluetooth off, and set it to airplane mode. Then Bluepwn your device, with bluetooth turned off.

Funny how airplane mode didn't work.

That's just one of the quirks. Baseband and what qualcomm is tracking is way worse.

I recommend buying an old Motorola Calypso device and fiddling with osmocomBB, you can DIY an IMSI catcher pretty easily. And you'll be mind blown how many class0 SMS you'll receive per day, just for tracking you. Back in the days you could track people's phones remotely but the popularity of HushSMS and other tools made cell providers block class0 SMS not sent by themselves.

This wiki article is a nice overview: https://github.com/CellularPrivacy/Android-IMSI-Catcher-Dete...

mjg5925 days ago
You made the assertion that basebands remain in contact with towers even in airplane mode, and so can be tracked. Someone asked for supporting evidence for that claim. You've responded with examples and links to different issues. It's a fairly extraordinary claim (it's not one I'd heard before - it's clear that other radios may remain alive for various purposes even when airplane mode is switched on, given that you can use wifi and bluetooth on planes, but you're the first person I've heard make this claim about the cellular radio), and you haven't provided any evidence to back it up at all.
kelnos25 days ago
Saying more words and then linking to a page from an IMSI catcher's wiki (where it doesn't talk about radio on/off states) isn't exactly "providing sources".
gruez24 days ago
>Buy a broadcom smartphone. Turn bluetooth off, and set it to airplane mode. Then Bluepwn your device, with bluetooth turned off.

???

aja1228 days ago
Baseband SoC running their own OS independent from Android/iOS and staying asleep (while still listening for incoming signals) is very much no longer in conspiracy theory territory and more an established fact now. I don't have the source at hand but it's in one of the standards. And the purpose is very clear: LEA like Interpol must be able to locate any IMEI at any point if in tower range, regardless of the power state of the "main" OS
escaine25 days ago
Surely this is really easy to prove by putting a phone into an anechoic chamber and using a spectrum analyser to show that it's still TXing?
joha427025 days ago
The phone isn't going to connect to a tower it cannot see.

It can't just scream out into the void and hope a tower picks it up, it needs a few pieces of timing information & cell configuration beforehand.

dahart25 days ago
I don’t doubt SoCs have their own micro-OS, but I too would love to see a reliable source showing phones connect to towers when powered off. Wouldn’t this, at a minimum, violate FAA/EASA rules? Google tells me the cellular radio in an iPhone has no power when in airplane mode or when off.
pdesi28 days ago
Even in airplane mode?
h4ck_th3_pl4n3t28 days ago
I dare you to do the following:

Charge phone to full 100%. Turn it off.

Put it into a faraday cage, e.g. a steel box, for 7 days.

Take it out again and wonder why the battery is empty.

(The faraday cage has the effect of making the modem have to switch bands constantly, which costs more electricity than sleep mode in LTE)

inportb24 days ago
Interesting, but you should probably use a control. Two phones, same hardware, same software. One inside the faraday cage, one outside, both in the same room with the same conditions otherwise.

Repeat the experiment a few times. Then cross over: liberate the caged phone, cage the free phone, and repeat the experiment a few more times. Or alternate the phones' positions between experiments. This mitigates hardware and software differences that might've been overlooked (such as a faulty battery, etc).

Analyze the results, draw your conclusions, publish, and encourage others to reproduce.

kelnos25 days ago
It would still be simpler for you to link to a credible source. A bit strange that you seem uninterested in doing so, and prefer to tell people to do their own experiments, in this case one that requires an extra phone and a week of time.
dahart25 days ago
Batteries naturally drain slowly when not used. What would this little experiment prove, exactly?
28 days ago
groby_b24 days ago
I feel like any article on burner phones that glosses over acquisition with "buy phone and service in cash" misses the point.

Buying a phone anonymously is much harder than "just cash". Most places demand name & address for sign-up, and if you're unlucky want to see an ID.

You really should think through where and how you buy, how to find the "off the back of a truck" places, where to get SIMs, how to pay for renewal in untraceable money and without a CC, etc.

matltc24 days ago
Ah sweet a schizo thread
metadat25 days ago
eSim erodes privacy? Well, that sucks, because how long until Apple, Samsung, and Google decide the Sim slot should go the way of the 3.5mm headphone jack?
bongodongobob24 days ago
That has already happened. iPhones since the 14 don't have sim slots.
spratzt23 days ago
Rubbish!

I have an iPhone 16 and it has a sim slot.

gruez24 days ago
only in US.
24 days ago
stillthat24 days ago
[flagged]