What do we think about this threat model?

banjo45673

The threat model that I want to discuss is if there is any known way that law enforcement (LE) can successfully backtrack location of someone who was using certain apps and websites during a certain time of 20-30 days prior or more.

Physical devices used: 1) a portable router with anonymous roaming sim card, 2) a Mac/windows laptop, and 3) a pixel with graphene.

The anonymous sim card being used in the portable router would be a roaming sim card and VPN killswitch on the laptop and the pixel.

Laptop and pixel must be used to access certain apps and websites. (tails and others are not an option)

Is this currently the best way to avoid location tracking and historical location data from LE?

As the sim card communicates with the cell towers and the network carrier knows when and where this sim card was used for data. Would LE be able to discover the sim card used and ask network carriers for data on this sim card and thus being able to triangulate where this sim card was located 20-30 days ago?

Or is historical location data much harder to obtain than live location tracking? And how detailed and precise is historical location data as sim cards use and share IPs with different sim cards of the same carrier nearby.

Is using this setup on a laptop compared to a pixel less secure?

Hope there are some members here that are well versed and know about location tracking and historical location data from carriers and to discuss this threat model together and if there are any better solutions than the solution above?

de0u

banjo45673 My topic was never intended to be about criminality.

Immediately after joining, two threads were started. The other thread begins as follows:

banjo45673 The threat model that I want to discuss is if there is any known way that law enforcement (LE) can successfully backtrack location of someone who was using certain apps and websites during a certain time of 20-30 days prior or more.

banjo45673

Any members familiar with historical location data tracking?

Vincent96

You're aware the router can be relatively accurately pinpointed with cell tower triangulation. The history of the router's movements are logged and can form a timeline of it's movements. I'm unaware if there are retention time laws for this, be it minimum or maximum retention time, but the amount of data storage these logs consume is miniscule so I would assume either location history is saved forever or for very long period.

Why not put the VPN on the router as well?

You're probably vulnerable to AI traffic analysis and packet timing matching regardless. What is your VPN provider and do you use TOR?

banjo45673

Vincent96

Can all portable routers sideload VPN into the router? What if just using VPN on the device that is connected to the portable router, would that suffice? As using that connected device to access apps and websites the IP would show VPN right?

VPN choices would be iVPN, Proton, Mullvad.

Ai traffic analysis and packet timing matching, what are these? Can a VPN override these because the VPN's IP is only what they can see.

Vincent96

banjo45673 If your so worried about location tracking don't use a cellular connection.

Protectli routers can be directly connected to VPN services.

oci3o is right about Mullvad's DAITA which is why I asked the VPN service but it does indeed use much more data.

Your ISP can't just see the VPN IP, they can see the packets and time them with the packets that leave the VPN to link your VPN traffic to the traffic leaving the VPN.

oci3o

GlInet can do a lot of VPNs, but I'm not sure if they can leverage Mullvads DAITA for protection against AI.
https://mullvad.net/en/vpn/daita, it can also increase data use due to the way it works.

The SIM is the issue here, no sim is immune to tracking, its just how they work, they talk to towers openly, and whomever is shouting the loudest to the SIM, it will talk to, this includes newer "privacy" sims like CAPE.
Loose the SIM, and use a faraday bag, or don't take the phone.
If you want to know more about attacks like these (essentially MITM) look at how IMSI catchers work, 5G is supposed to help against these, but well, security isn't an ISPs highest priority usually.

if the police or whomever want to track you, they can just get the ISP to give them logs, I would imagine they are kept for a long time

banjo45673

oci3o

Yes no sim is immune but the threat level discussed here is that they will order the apps and websites to give them the logs of logins and usages for a certain day and time.

The apps/websites would only have the VPN's IP address to provide (not the sim card details or sim card's real IP). And therefore they wouldn't be able to track what type of internet was used (Wifi or Sim) and wouldn't be able to track down the sim. Is this the correct logic?

banjo45673

Vincent96

But someone trying to locate would only be able to see the IP addresses from the apps and websites that were used during that time.

They won't know which ISP or carrier one was using for data and therefore wouldn't be able to see the sim's location or history.

Perhaps if DAITA was turned on, they could theoretically ask ALL the carriers in that country to provide intel on a certain time and date and see which sim was using the most data (assuming that they know the target was using Mullvad with DAITA).

dhhdjbd

Vincent96

Your ISP can't just see the VPN IP, they can see the packets and time them with the packets that leave the VPN to link your VPN traffic to the traffic leaving the VPN.

Are you sure that 'your ISP' is the one that sees this?

because i dont think so. Your ISP can see what is happening between you and the VPN Server, as can technically anyone inbetween, but normally, if the VPN server is not using the same ISP for some reason, your ISP has no way of knowing what is happening after the Server.

If anything i think the 'ISP of the vpn server' is the one that can see the incoming and outcoming traffic and try to link that. (and this is relevant because then the laws of the country the vpn is located in then apply)

(This can be migated kinda by using mullvads 2 step vpn feature tho)

Vincent96

banjo45673 You're right about the website only knowing your VPN IP. But if a reason to dig deeper on your activities exists it's possible for three letter agencies to correlate packet timings of your VPN to your internet provider and they know your location history. I don't think you understand how packet timings are useful for deanonymizing so I suggest leaning more about it.

banjo45673

Vincent96

So those 3 letter agencies would have to get these "packets" from the VPN provider correct?

banjo45673

dhhdjbd

What is the mullvad 2 step vpn feature and how does one use it?

Vincent96

banjo45673 You should research this topic some more before in your own time.