If Graphene gets their own phone, could they separate the SIM?

graphy00

(I heard Graphene was talking with OEMs to maybe get a phone that's not Pixel).

One of the longstanding privsec issues with GrapaheneOS is that you have to put a SIM into the phone, and we all know zero clicks work because there's a SIM for them to use.

If you could separate the SIM to just be afor a wifi hotspot, which the phone would just connect to, you could get much more security.

This would either be a separate little screen to set up the hotspot on the SOM, or it could be it just pipes into the phone's regular screen.

Then if any hacker sent a zeroclick to your SIM, it wouldn't really matter.

Maketrades

graphy00

You are free to not put any sim in the phone and buy a hotspot or mobile router nobady is forcing you to use a sim on grapheneos

de0u

graphy00 One of the longstanding privsec issues with GrapaheneOS is that you have to put a SIM into the phone, and we all know zero clicks work because there's a SIM for them to use.

Do we all know that? At least I, personally, don't think I know that.

Perhaps I am confused, but my sense is that the majority of recent phone penetrations are via:

Physical access to USB port,
Vulnerabilities in non-SMS/MMS messaging apps,
Tricking people into installing malware

Is there an organized list somewhere of recent phone vulnerabilities, and is it the case that cellular data / voice calls / SMS / MMS are the majority of zero-click entry points?

Stayjuice

Maketrades interesting reply how does one make calls on a hotspot given that WiFi calling won’t work without a SIM card installed?

M_2_Sade

Stayjuice it works on certain routers.

phone-company

Stayjuice you could also use SIP Software with a phone Number.... Then you don't need any SIM

Hathaway_Noa

You could use an eSIM or SIM 4G/5G router and use your GrapheneOS phone in airplane mode + wireless.

But, there is always a need for data, and data comes from a transmission tower which is owned by large phone companies, and in order to communicate with a transmission tower there is always a need for some identification (IMSI, IMEI etc). So there is no way around this, you could use an LTE router but the LTE router will just do the same (communicating with the tower).

M_2_Sade

Hathaway_Noa you can swap SIM cards and change the IMEI

neel

My spare Pixel 9 never had a SIM card or eSIM, and yet I got GrapheneOS on it.

graphy00

You're right that you don't need a SIM to run GrapheneOS, obviously.

There's a list of vulnerabilities on our devices. Privsec community is working to check off each one, and there are various solutions possible.

Outstanding vulnerabilities include the need to have a SIM (for regular use like having internet, getting a SIM card in other countries when you travel and having internet, and even occasionally getting phone calls/SMS, such as to confirm an app login, which we still need to do so long as 99% of the world is stuck on WhatsApp/Signal. Basically, we still need a SIM card, and a SIM card is a simple and easy solution, if only the threat that comes with a SIM could be negated.

Not allowing the SIM to reach your actual hardware would be a simple and certain way. I don't actually know of another way (there are eSIMs and carrying portable hotspots, but I'm talking only about solutions that can be adopted by the 99% which means 0 effort and already done for them).

graphy00

de0u

The majority of hacks are usb, just the owner plugging a bad usb in or clicking a link, as far as I've heard. That's not the type of attack having a separate SIM would protect you from.

A SIM based attack, a zero click, is a type even a perfect phone user who has a perfectly secure device is still vulnerable to. It is how, famously, heads of state and journalists and activists have been hacked over recent years, and we don't know the extent it has been used.

From the sound of your argument it seems like you might have been assuming I said SIM attacks are the most common, something I never said, but I've responded anyway.

de0u

graphy00 From the sound of your argument it seems like you might have been assuming I said SIM attacks are the most common, something I never said, but I've responded anyway.

The original statement was "One of the longstanding privsec issues with GrapaheneOS is that you have to put a SIM into the phone, and we all know zero clicks work because there's a SIM for them to use".

That statement appears to have two significant issues:

As others pointed out, using GrapheneOS does not require a SIM card. Some things that some people want to do may require a SIM card, but that is not the same thing as "you have to put a SIM into the phone", which, as originally phrased, is false.
Some zero-click attacks do not require a SIM card, so it is not true in general that "zero clicks work because there's a SIM", which, as originally phrased, is false.

It would be possible to rephrase the original statement in a variety of ways, such as, perhaps, "Because some things that some people wish to accomplish on GrapheneOS require a SIM card, and because some fraction of zero-click attacks in the past have used a SIM card as an entry point, it would be good to look into hardening the hardware and software related to SIM cards".

MetropleX

Regarding hotspots our advice:

Using another GrapheneOS phone as a hotspot device instead of a dedicated hotspot device is much more secure and doesn't stand out since it's a regular phone. Those hotspot devices have poor security and are basically just a very crippled phone.

Using a very badly secured hotspot device far less secure than a typical Snapdragon phone which stands out from everyone else on the network is not giving you privacy and security. Using a decent common low-end phone with a non-KYC eSIM is far better, a GrapheneOS device even more so.