Hello guys, I am considering buying a Pixel phone and install grapheneos on it.
I want the best level of privacy and security that I can achieve so I thought I could also buy a Mudi V2 router and putting a sim on it so I could use the Pixel aimless.
My question is: would I gain any privacy/security benefits doing this or does graphene does what Mudi would do already on my phone directly?
Thank you for your time and have a nice day.
Mudi V2 router
Giocco There is a possibility to change IMEI with the Mudi v2 and the Blue Merle package on top of Openwrt that you cannot do with a pixel.
This is most likely illegal in most jurisdictions. Also note that you need to aquire anonymous SIM cards and practice very tight opsec to be able to gain anything from that setup. You would also be very well read up on the functionality of the cellular networks. I would not bother. Better to consider cellular insecure as explained in the GOS docs.
Giocco would I gain any privacy/security benefits doing this
Depends what are you trying to gain by this. Privacy isn't something you can just buy and switch on.
Yes it can have it's benefits, you can change IMEIs, put VPN on it that the phone can't bypass by design,
rotate SIMs/eSIMs without worrying about hardware identifiers, and so on.
But it's a bulky device that you will have to carry along with your Pixel, unless you have a threat model
that justifies hardware level separation between your phone and the world, you can consider it.
TrustExecutor
If I can change IMEI and spoof most of the data with the Mudi, wouldn't it be fine using a non anonymous sim?
- Edited
https://www.srlabs.de/blog-post/blue-merle-v2
Under "Disclaimer and Call for Action" there is a link in the first paragraph titled " our whitepaper." I suggest people take a look at this to understand how it works. (FYI: The link is a download link.)
On Mudi website it says:
*The cellular feature in Mudi V2(GL-E750V2) is restricted in Russia, Belarus, Cuba, Iran, North Korea, Syria, and the Crimean Peninsula due to modem limitations.
Does that mean the device isn't going to work in this areas for some hardware restrictions? Or is it just a firmware limitation that goes away with OpenWRT?
TrustExecutor This is most likely illegal in most jurisdictions
theoretical question - But how can an operator detect changing of IMEI (as opposed to SIM card being inserted into a different phone)?
I understand the generated IMEI follows some realistic pattern, like keeping the manufacturer?
Also using Mudi+OpenWRT (that supports changing IMEI) alone is not illegal, only actual changing of the IMEI is, correct?
traveller Does that mean the device isn't going to work in this areas for some hardware restrictions? Or is it just a firmware limitation that goes away with OpenWRT?
It is a limitation of the cellular modem inside of the unit. There may be other Quectel cards supported that work in those countries and allow IMEI change via AT commands.
traveller theoretical question - But how can an operator detect changing of IMEI (as opposed to SIM card being inserted into a different phone)?
I understand the generated IMEI follows some realistic pattern, like keeping the manufacturer?
I speculate here but they may very well utilize analytics that detect suspicious behaviour and trigger an alarm, like changing IMEI with the same SIM, changing IMEI too often at the same location etc.
traveller Also using Mudi+OpenWRT (that supports changing IMEI) alone is not illegal, only actual changing of the IMEI is, correct?
No of course not, it is a off-the-shelf consumer product designed for legitimate use. It just happens to be suited for these kind of modifications since the Quectel modem supports changing IMEI. Those cards support changing IMEI via special AT commands you can send to the card via serial console, and the research team behind Mudi has made a graphical UI in OpenWrt to facilitate it for the end user. If you are handy with IT DIY stuff you can theoretically use the Mudi software with any router supporting OpenWrt router if you use a mPCIe to USB adapter, and the correct Quectel card purchased off Ebay. Just try to find out what AT commands are supported in datasheets for the specific card.
TrustExecutor It is a limitation of the cellular modem inside of the unit. There may be other Quectel cards supported that work in those countries and allow IMEI change via AT commands.
I wonder why they disabled it for these areas (sanctions? or legal regulations?) and how they detect the country in general.
Can Mudi LTE router also work as a wifi-proxy, being a VPN gateway between a public WiFi network and a private Wifi network that it creates for my gadgets connected to it?
And if not, are there such devices that can also work as an LTE router?
traveller in short: Yes.
Check out the official manual to see details and setup options: https://docs.gl-inet.com/router/en/4/interface_guide/internet_repeater/