• General
  • Are cell identifiers leaked on first Android boot before installing GrapheneOS?

Before installing GrapheneOS, a Pixel phone must first boot with stock Android to connect to the internet to enable OEM unlocking. It's not possible to enable airplane mode to turn off cell radios before this first boot. Airplane mode can only be enabled after the first boot and after answering the initial Android setup questions.

If this boot process is completed without ever inserting a SIM card and over a wifi connection, are any cell identifiers like IMEI leaked to cell carriers or towers? I wonder if this first boot could leak the location of first boot to nearby cell towers and carriers.

I haven't been able to find details on what interactions cell phones have with cell towers even when a SIM card is not present. In this case with stock Android on first boot, are there any IMEI-leaking interactions such as preparation for 911 calls, time syncing, determining which basebands are available, etc?

If someone wants to avoid leaking a particular location (such as their home) with IMEI, should they perform the first Android boot in a remote location and immediately turn on airplane mode? Maybe even the GrapheneOS installation should be done in a remote location as well?

Similarly, the first boot after installing GrapheneOS happens with airplane mode disabled. Does the first boot on GrapheneOS without a SIM card leak anything to cell towers before airplane mode can be enabled? The documentation doesn't discuss this case.

I'm not worried about the wifi part since there are ways to limit the privacy leaks (like VPN configured on router to hide IP address). This discussion is kind of related but it doesn't talk about the cellular details when a SIM card isn't inserted.

If the threat model requires concealing your home location from service providers, best to do all of this in a faraday cage, or a remote location. I would expect that the factory Pixel OS can dial 911 before setup is complete.

    It will still leak those "identifiers" after you're switched to graphene.

      Harald That's what I was figuring too.

      I wonder if it's sufficient to just turn on airplane mode in a remote location on the Pixel first boot and then install GrapheneOS later at a home location.

      I imagine that booting into the bootloader interface for the GrapheneOS installation doesn't activate the cellular modem. But there's still a question of what happens with GrapheneOS during the rest of the installation and during the first boot without a SIM card before airplane mode can be enabled. Maybe IMEI is still exposed during those events?

      abcZ I plan to keep airplane mode enabled 100% of the time especially at my home location. The FAQ says:

      Activating airplane mode will fully disable the cellular radio transmit and receive capabilities, which will prevent your phone from being reached from the cellular network and stop your carrier (and anyone impersonating them to you) from tracking the device via the cellular radio.

      and

      Airplane mode is the only way to avoid the cellular network tracking your device and works correctly on the devices we support.

      How would GrapheneOS still leak cell identifiers such as IMEI if airplane mode is always enabled?

      • abcZ replied to this.

        I will try to clarify my specific question/post:

        The end goal is to have a wifi-only GrapheneOS phone in airplane mode at home. I don't want my home associated with IMEI, so I don't want to leak my IMEI to cell towers. I am wondering which of the three options below achieves that. All options have two assumptions: 1) this is a brand new Pixel phone that has never been turned on and 2) there is no SIM card involved in the entire process.

        1. At home location, boot stock Pixel with stock Android, enable OEM locking over router-configured VPN, and hope stock Android doesn't automatically leak IMEI to cell towers on first boot. Install GrapheneOS as normal and turn on airplane mode as soon as possible to prevent cellular tracking.

        2. Boot stock Pixel at a remote location, immediately turn on airplane mode, and enable OEM locking over a remote wifi connection. Then at home location, continue installation of GrapheneOS and turn on airplane mode as soon as possible.

        3. Enable OEM locking and install GrapheneOS at a remote location. Turn on airplane mode at the remote location. Then use phone as wifi-only device at home.

        Option 1) may likely leak IMEI+location since both stock Android and GrapheneOS boot once without airplane mode enabled.

        Option 2) is unclear. The stock Android part should be covered by airplane mode (if Android's airplane mode can be trusted), but I don't know if GrapheneOS will expose IMEI to cell towers on first boot (before airplane mode can be enabled) even if a SIM card is not inserted.

        As @Harald mentioned, Option 3) is clearly the safest here.

          surfwatch without a cellular connection, its a paperweight. Kinda pointless to have a phone that cant... Phone.

            surfwatch I think you've answered your own question. Option 3 is the only option that pretty well guarantees that your IMEI won't immediately become associated at or near your residence.

            A large faraday cage would also work, but unless you've just got one lying around for this purpose then option 3 is the way to go.

            The problem with using a faraday cage is that you need to provide internet access inside it in order to enable OEM unlocking on stock Android.

            There are faraday bags that both have an USB port (so it should be possible to place a Wi-Fi dongle inside and open a throwaway AP) and allow the user to operate a touchscreen, but they are expensive.

            I am curious about, how do you keep in contact when away from wifi?

            For me personally, I am away from wifi during my work day. My child has certain serious health concerns, what if her school needs to contact me? I do not see how it can be done away from wifi, without using the cellular network.

              Harald as recently as 20 years ago, many if not most folks simply weren't within constant reach of others when they stepped outside their door. Yes, cell phones have been around since eighties, but almost no one in my circles carried them even into the late nineties unless it was for work, and even then it was usually a pager.

              Obviously, if you have family with special health needs then it is great to have that technology at the ready, but most people can get by with not talking on the phone while they commute to and from work, and many can even go their entire shift without a cell phone.

              I am fortunate enough to have wifi just about everywhere I go, but I also don't bother to take my phone everywhere I go. Health issues withstanding, it is okay to be incommunicado from time to time. It can even be liberating.

              In many ways, I feel that we, as a society have come to rely on technology for far too much. My own kids won't even consider trying to find an address without GPS in their vehicle, and some even share their locations with their partners 24/7.

              I probably just sound old, but I feel like many have forgotten (or have never known) what it means to live independently.

                mythodical

                Ditto!!

                I am amazed at the potential compromises made to get a stand-alone app/mail client of unknown quality along with google software involvement, just so one can get an immediate notification of a new email (push notification?)
                Especially when one can use vanadium - a known secure and hardened app - to check for mail when curious.

                abcZ without a cellular connection, its a paperweight. Kinda pointless to have a phone that cant... Phone.

                As I posted elsewhere, you can easily make phone calls without cell connection, by using a VOIP app and connecting to the network over wifi.

                I have done so for years. The main difference is that you cannot be reached at your phone number without a wifi or other net connection. If your phone is for your convenience and not for others to spam and bug/interrupt you, that might even be a feature :-)

                If you are super afraid of IMEI leaks you can remove your IMEI addresses from your pixel phone permanently by rooting your phone and using AT commands, you will lose your IMEI addresses forever and you'll never be able to use GrapheneOS with a locked bootloader + IMEI addresses. You will only be able to use your phone with a locked bootloader with GrapheneOS without IMEI addresses (which is what you want?). After that you can use airplane mode (double safe) and you can use WiFI. And if you want to have also i-net outside of your house you could buy a 4G router and use i-net outside your house.

                  surfwatch

                  Hi, why you don't want your home associated with IMEI when you using your phone wifi-only?

                  I have set up my phone with your 2. option, and i am curious if option 3. would have been nessesery for me.

                    Hathaway_Noa you can remove your IMEI addresses from your pixel phone permanently by rooting your phone and using AT commands

                    I wasn't aware that this is possible for Pixels specifically. Can you post some more details, or maybe a link?

                    But anyway, one would have to enable the OEM unlocking toggle first, so...

                      bartenderstoneware why you don't want your home associated with IMEI when you using your phone wifi-only?

                      For one thing, to reserve the option of using the cellular network in a pinch somewhere some day.

                      Also, if you accidentally disable airplane mode while you're out (which is way too easy with the combined Internet tile), it would be good not to have the IMEI already associated with your home.