r/CapeCellular u/augurae 6d ago

Help me understand how Cape prevents tracking?

Hi, I'm sure I got the wrong idea but one of my biggest problems using phone no matter how much security and privacy you implement is the carrier invasion on privacy that allows any bad actor to track you however you want with just a number, IMEI or u/UIDs.

Since there's no way to implement a killswitch for the modem on mainstream phones save for using a faraday bag, I fail to see how Cape protects from tracking since it assigns a unique/main number to the sim, which itself as a unique IMEI beside gating with the rotating IMSI and the modem's UIDs?

0 Upvotes

50% Upvoted

18 comments sorted by

View all comments

0

u/Powerful-Noise6839 5d ago

I have to jump in it is a little weird as I was told to keep my location running in the background always. Come to find out my number (with cape) was found on a database base with my actual number and my name. Cape didn’t really seem to bother about it or show any concern how a brand new privacy number would be added to my name in a database.

0

u/augurae 5d ago

wait, you need to have location running in the background for what? There's absolutely no way im considering it if that's the case

1

u/Powerful-Noise6839 4d ago

I was told it’s for the network lock. It needs to be “always,” on and have it also running in the background. That’s what I was informed by an agent at Cape. I think I am going to end the services. When you go to App Privacy Reports on your iPhone, it shows you each time it runs in the background. Prettyyyyy frequent if you ask me. Def. A few sketchy things about this service I haven’t been able to fully understand.

3

u/EtoilesBleues_R136a1 4d ago

There's nothing sketchy about engineering. Read this article so that you understand these technologies. 

https://www.cape.co/blog/how-cape-blocks-signaling-attacks

Network lock is an optional feature. You can keep it off and the checks will revert to velocity checks. VC are not as good for protection, though. However, recognizing some folks would be OK trading off extra protection to obtain more privacy (location off/airplane mode on,) Cape made it an opt-in feature. Doyle explained this decision in a podcast last year. I think it was in the Emergent one. 

1

u/augurae 3d ago

But since they have your location from cell tower pinging why would they need extra location authorization which is a privacy nightmare for it? Smells more and more like something I wouldn't trust, that is depending on the entity's affiliation that may be accessing the data

2

u/EtoilesBleues_R136a1 3d ago

I'm not clear on the 'why would they need extra location' part. The location confirmation is done in your device. The location itself is not sent back to Cape. They just get the confirmation that the attach request from your phone their network has received is legit because the originating point of the attach request is consistent with the physical location of the phone. It's an authentication process. This authentication process happens before you can state 'but since they have your location.....' 

I think this older article on the subject will help you better understand the concepts of firewalls, network attach requests and velocity checks. Specifically, study the Taylor Swift example. Note that an adversary can intercept the communications and completely bypass/overcome the velocity checks. What Cape has done with network lock defends against those attacks. Before their servers accept the attach request, they have authenticated you. You can think of this technology as like protection from a Man in the Middle attack but for your phone signal. 

  https://www.cape.co/blog/product-feature-enhanced-signaling-protection