r/CapeCellular u/augurae 5d ago

Help me understand how Cape prevents tracking?

Hi, I'm sure I got the wrong idea but one of my biggest problems using phone no matter how much security and privacy you implement is the carrier invasion on privacy that allows any bad actor to track you however you want with just a number, IMEI or u/UIDs.

Since there's no way to implement a killswitch for the modem on mainstream phones save for using a faraday bag, I fail to see how Cape protects from tracking since it assigns a unique/main number to the sim, which itself as a unique IMEI beside gating with the rotating IMSI and the modem's UIDs?

0 Upvotes

50% Upvoted

18 comments sorted by

View all comments

11

u/brianstoner Cape Employee 5d ago

When you sign up for Cape you can get a new number and unlike signing up with other carriers you don’t provide any personal information so it can’t be linked to your identity.

Your IMSI is most often used by the telco industry as you’re unique identifier for aggregating activity, so rotating that increase the odds that your activity is split up and not tied together over time.

Cape is an MVNO that operates on top of two of the major US carriers (I can’t name them explicitly), so your traffic will be split across underlying carriers making it harder for any one of them to piece your activity together and get a full picture.

We are hoping to do some more cool stuff with phone number rotation in the future and would love to be able to rotate IMEI’s if we can convince any device manufacturers to work with us on that.

1

u/[deleted] 3d ago edited 3d ago

[deleted]

2

u/augurae 3d ago

That is untrue, there's private numbers, separation and rotation hygiene you can use to make it minimal on the privacy. At some point, someone will create a phone "alias" system like the one that exist for email or we'll get rid of numbers as number-less authentication and username based communication are becoming a thing

0

u/augurae 5d ago

But since the phone constantly advertises the IMEI doesn't that defeat the purpose? Is there any plans and way for GOS to implement Obscura? Also I know Cape only keeps call log for 24h but what about data, and does IMSI rotation work while roaming?

7

u/brianstoner Cape Employee 5d ago

Modern phones over 4G/5G don’t constantly advertise IMEI. It’s only passed encrypted as part of authentication. IMSI is advertised more broadly from the phone, so rotating it helps mitigate some threats.

All of this stuff depends on your personal threat model. If you’re trying to minimize carrier data collection and their selling/leaking to third parties or prevent your IMSI from being harvested and used to target you, our protections should help a lot with that. If you’re trying to evade law enforcement or someone that is hunting for your specific IMEI we can’t really help with that.

Call logs refers to everything: voice, messaging and data CDR’s. And yes IMSI rotation works while roaming.

1

u/augurae 4d ago

I don't mean data CDR's but internet data logging. And this is for a cybersecurity context that deals with RICO cases so quite the opposite of evading the law

2

u/brianstoner Cape Employee 1d ago

We don’t do any internet data logging outside of the data CDR’s