- Edited
Heraclius oh I didn't see it. Thanks for that! I may have a look into that.
Heraclius oh I didn't see it. Thanks for that! I may have a look into that.
Pretty sure you can register a prepaid SIM with a credit card alone in Australia. You could then get a burner cc to register that and use that for mobile access.
There are some VoIP providers that provide Australian mobile numbers which you can then use to give out as your main number.
You could always emigrate.
We welcome Aussies here, but we do try to encourage them to take English lessons.
redfoxjumper how does one get a burner CC? I've tried before with a pre-paid vanilla visa but they are now recognised and blocked across all carriers.
Blastoidea hahaha I'm not moving for a prepaid data plan, but appreciate the offer
DeletedUser84
You don't, legally. At least assuming that pre-paid cards are blocked.
Well not at any reasonable price. I mean if you are willing to set up a Belize trust with a Nevis LLC using nominee directors for everything, have that own a UAE company, and then get a Swiss bank account for the UAE company along with getting corporate credit cards for the UAE company. You can do it.
Assuming that the Australian government wants to find you, they will get the info from the CC company and then have to get the UAE to cough up records, before getting Nevis and then Belize to do the same. And for true privacy you use a stolen identity to hire the lawyers to set it all up in the first place.
JollyRancher that sounds really overkill for my situation. Thanks I guess.
DeletedUser84 I pestered MySudo in the past about .au numbers. Nothing changed. I used a UK +44 number for a while through MySudo, but it was somewhat awkward giving it out to people (what? +44?), so when I swapped from Very Leaky Android to Graphene, that went away.
My set-up is basically as much as I can get working of the techniques MB talks about in Extreme Privacy (mostly 4th & 5th edns) as well as those in the PDF e-books on computers and phones. This includes EteSync and Protonmail. But I eventually took Pop!OS off and went back to plain Debian Linux for both computers since I liked it more. I had used other de-Googled Androids before, but it was Extreme Privacy: Mobile Devices that pushed me to come to Graphene, and I have never looked back.
LunaticBuzz that sounds great! With your phone number situation, are you using your SIM number for communication or a VoIP number? And what about for data?
I saw a guy on the forum here using a Crazytel VoIP number with a regular KYC SIM for data?
Governments, especially anti-freedom ones like Australia, really don't like monetary anonymity.
A credit card not tied to an identity is the very definition of that.
If you want a CC that can't feasibly be tied to your identity and are unwilling to violate the law then you are looking at a complicated chaining of legal entities across multiple selected jurisdictions.
It is expensive and doing it right will cost you tens of thousands of USD in initial setup fees and thousands more each year in maintenance fees.
Or you find some homeless guy with a government issue ID who is willing to be your front man for a hundred bucks and hope he doesn't tell the government about the arrangement.
Because if the government knows the ID or CC that was used then they can search for all SIMs linked to that ID/CC and mark any that can't be explained for detailed investigation. Note that doing this is likely a crime, consult an Australian legal professional for a detailed analysis.
You may also be able to get a physical prepaid SIM card at the airport. Or convince a tourist to let you use their identity for one. Some dude flying back to Brazil and unlikely to ever come back to Australia may well be willing to use their passport to buy you a reloadable prepaid SIM. Just wait a few months to start using it.
Re anonymous payment cards, you can always buy visa gift cards from Coles or Woolies with cash.
Heraclius I've tried that one lol, but it didn't work unfortunately.
Would there be a privacy benefit of me using a KYC Data-Only SIM, and then just using VoIP numbers for normal communication on occasion? I barely use calls/SMS and mainly use Signal with VPN always on anyways.
I've seen someone else on the forum running this setup, and they're from Australia too. I guess one of the benefits would be calls/texts are not attached with location information, because they're done over a VPN. And I wouldn't be giving out my primary number attached on the SIM card, so technically, it would be unknown (to all companies apart from the provider itself and probably government).
Anyone got any opinions on this setup?
Anyone?
DeletedUser84 I'm not an expert but this is a topic that interests me so I've been trying to learn as much as I can about it.
There's a good section in "Practical GrapheneOS for the paranoid" on cellular privacy, which has some footnotes referencing posts by the official GrapheneOS Twitter account.
Even if you buy the phone and SIM with cash and no KYC, the best you get is a persistent pseudonym. Over time, unless you are extremely cautious and in particular unless you avoid having the phone connected to the cell network anywhere near your home, the government/police/cell companies/anyone they sell their data to will be able to infer that the phone almost certainly belongs to you.
The cell network will know your location pretty precisely at any time you are connected to it. I've seen different figures quoted for this, but in urban areas I think easily to within a few hundred metres. 4G might be slightly less precise than 5G - again, I have seen conflicting opinions. So if you're always connected and using a KYC SIM, this means the cell network is trivially building up a location track for you at all times. If you're always connected but using a no-KYC SIM/phone it is not hard to do the same but it requires a modest bit of data analysis to label the track with your real identity, and if you're just some random guy I don't know if anyone is going to do this analysis routinely.
If you haven't already seen it you may want to check out The Hated One's video on not using a SIM card.
If you are concerned about your location being tracked and can afford not to be in contact 24/7, you can try keeping your phone in airplane mode most of the time, using wifi where available and just turning on the cell radio when you really need to be contacted/get in contact. By limiting the time the cell radio is on, you reduce the amount of location tracking data available to third parties - if you're just trying to be more private, it might not matter to reveal it intermittently. In urban areas, you may be surprised how often wifi is available - you could extend this by occasionally patronising businesses with customer wifi in areas you frequent, which means you can trivially use their wifi from the street as you pass (and may even be able to get notifications about incoming messages or missed calls just as you walk past). Businesses with "normal" wifi that has a password they give out to customers is best - those with open wifi which makes you navigate through a web-based portal to get internet access are much less useful for this kind of casual, brief walk-by access.
There is definitely some privacy benefit to only using mobile data and avoiding calls/SMS, whether or not your SIM/phone are KYCed. Calls/SMS are not encrypted so the contents are likely to be routinely monitored. The metadata is not protected either so it's easy to build up a pattern of who you contact and when. If you're using VoIP to interact with people using "normal" phones, there might not be much advantage because you are still interacting with the regular phone network, but it's unlikely to be any worse. If you and the person you are contacting are both using VoIP there may be some increase in privacy, although you're trusting the VoIP operators for this.
If you use something like Signal your calls/messages and associated metadata are likely to be kept private. Yes, "they" could compromise the devices used by your contacts, but if you're just a random guy who wants some privacy, this is unlikely. So this is the best option, and is completely compatible with using a KYC SIM for data only, but I appreciate you may need the convenience of having access to the normal phone network.
Skype offers the ability to make calls to normal numbers over a data connection at a pretty decent per-minute rate - it isn't particularly private, but if this is enough for you it may save you money on VoIP services. (Maybe you can nearly get by with just Signal and this would fill in the gaps.) You can also rent a phone number through Skype for receiving calls, but I don't know how affordable or reliable this is.
It's important to bear in mind who you are trying to be private from and why. I know I often succumb to the temptation to think of a unified "they" who are constantly snooping on me. If motivated attackers are after you specifically, it is hard. But even if it might be nice to be a ghost, if what you really want is just to reduce the amount of data being built on you so you can be advertised to and generally influenced, every little helps and perfection is not needed.
PS (the edit timeout expired) It may help a bit to keep the phone number (if any) of your KYC-ed SIM confidential. If you don't plan to use the call/SMS features of your SIM, no one needs to be given the number. The cell network etc unavoidably know it, but if you avoid giving it out to anyone else, that reduces the chances of them being able to use it against you. While it may be dated in many respects, you might like to read JJ Luna's "How to be invisible" for some insights. Your phone number can be used in social engineering attacks, for example, so keeping it confidential adds an extra hurdle the attacker has to jump over if they don't have privileged access to the KYC-ed data.
sr967 Thank you so much for your long and detailed response. It really helps me understand more of this and I can see clearly that you're quite knowledgeable of this stuff.
I'm thinking of opting for a KYC data only sim for mobile data and then using VoIP numbers for phone calls. But because I don't really use phone calls/sms, and instead use Signal, those VoIP numbers will barely get used anyway.
This is a question I have, even after reading Michael Bazzell's privacy guides.
Would it be better to just get a mobile data KYC SIM that has no phone number attached, or to just get a normal KYC SIM that has a phone number on there but never use that or share that phone number with anyone?
Thank you so much.
DeletedUser84 Thanks for your kind words!
I think all SIMs have a phone number anyway, even if it doesn't actually work in the traditional sense. The silent.link data only SIMs do - it is mentioned in their FAQ - and I've seen 5G data only SIMs used in 5G home routers with numbers too. There's also this admittedly rather old stackexchange post saying the same.
It probably makes little difference in practice if you don't plan to give the number out anyway.
If you can get a better price on a SIM with calls+text+data and just not use the calls+text compared to specifically buying a data-only SIM, that is probably just as good from a privacy point of view and obviously a win financially. Depending on your precise threat model, having a SIM capable of calls+text as well just might come in handy in some kind of emergency (I need to call X right now and mobile data isn't working), even if you plan never to use it.
(The "practical guide for the paranoid" I linked to does say there may be a reduction in attack surface from not having calls or texts, but that it doesn't particularly matter otherwise.)
sr967 Thanks again for your response, I really appreciate it.
Here in Australia, at least with the carrier I'm interested in, the data only SIM is actually cheaper and offers more data compared to a regular SIM with data, calls and SMS.
So I'll think I'll go with the data only KYC SIM, thanks again for your help and guidance. And if you have anything else to share, feel free to because I'd love to learn more.
I believe that if you think you can hide ….. you’re probably wrong, and will likely trip over your own feet.