Has this security issue been addressed? I'm new here, new to GOS, have searched though many threads for an update but haven't found one. Not certain that I understand this situation completely, or if it's an issue still, but it sounds like the statement from FAQ "Enabling airplane mode disables the cellular radio, but Wi-Fi can be re-enabled and used without activating the cellular radio again. This allows using the device as a Wi-Fi only device" and "Airplane mode is the only way to avoid the cellular network tracking your device and works correctly on the devices we support" are not the exciting way to get around carrier privacy violations that I was hoping it would be? Am I understanding it right that WiFi is no more private as a form of calling and messaging than connecting through a cellular carrier? Additionally, this is a long post, and much has been said, but I think I remember someone saying something about a privacy-centric cellular carrier, and the MVNO that Librem owns, Librem AweSIM and SimpleSIM, claim to function as such, but I wonder, do the providers of their service have access to the data that Librem claims not to collect, store and share? The way that data travels, is it even possible to be a privacy-centric carrier?

Also, what about running an app like InviZible Pro with Orbot and Purple I2P that claims to hide your IP among other things? Would that compensate for the problem of information leaked via the way info doesn't flow through the VPN?

Does this issue also affect the privacy and security of end to end encryption services over WiFi?

    OpenSource-Ghost

    Please, advise... I'm trying to understand this...

    OpenSource-Ghost Carrier WiFi xalling uses IPSec tunnel, which is an old and insecure VPN protocol and usage of WiFi calling opens you to more attack surface"

    So, are you saying that Carrier Wi-Fi calling is open to more attack surface? WiFi calling, in general? Or that WiFi calling via Carrier WiFi calling enabled is open to more attack surface? And what do you mean my more attack surface? More than simply using a SIM and carrier for communication?

    OpenSource-Ghost Each carrier uses its own domains for WiFi calling and your phone should only try to resolve such domains if SIM card is inserted and active, but your phone continues to try to resolve those domains when connected to WiFi in Airplane mode even if SIM card is disabled + WiFi calling itself is disabled!

    I have read this over and over again, and can't wrap my head around it. You're saying that if you insert a SIM, your phone will endlessly try and resolve carrier WiFi domains, with the SIM card disabled, whilst connected to WiFi, in airplane mode, with WiFi calling disabled? How? Why? If the phone isn't asked to connect to WiFi, why would it be trying to resolve domains? Is this the same regardless of your phone's DNS settings?

    OpenSource-Ghost Carrier WiFi calling doesn't use specified private DNS servers from Android settings. It uses WiFi network's specified DNS addresses.

    In light of this, I guess that means that your phone's DNS settings are irrelevant. So, it uses WiFi specified DNS? Meaning the home network that you are using, for instance, not the carrier's WiFi network? And if you are referring to your home WiFi Network, can anything be done on that end with DNS and VPN settings that would make a difference? Is this problem all due to the eternal attempt to resolve domain?! Whether WiFi calling is enabled or disabled, it's all the same? This is super confusing.

    OpenSource-Ghost That means the WiFi network to which you connect immediately knows that someone with phone with your carrier is connected to it, even though no actual carrier WiFi calls are possible when its disabled.

    But, if you have never inserted a SIM, can WiFi calling be acheived? And are you any less exposed? Does your home network DNS and or VPN settings, or your phones DNS and or VPN settings make any difference with being identified by your home network WiFi provider?

    OpenSource-Ghost The only way around that is to connect to your own WiFi network that blocks carrier WiFi calling domains via local DNS server/forwarder (like Pi-Hole) and/or IP's to those domains.

    So, this whole thing can be circumvented via PiHole? With and/or without the presence of a carrier SIM? And are you saying this isn't optimal due to the lack of portability? Or something else? It would work ok for at home base, where ever it is that you set that up, though, right?

    And, would any of this carrier WiFi calling issue be mitigated by toggling off "Mobile data always active" in Developer options?

    My primary concern is that whilst Google and Apple are massive privacy invading whores, mobile carriers are worse, because it seems like there are ways to shut down Google, Apple and the like, but mobile carriers don't just know you're number, your name (if you have to register your SIM with ID), where you are at any given moment, who you know and communicate and spend time with, your lifestyle choices and habits, etc., they also collect and store every conversation and every text and every picture or video you send! In my mind they are the worst! I know, if I choose to use a cellular device for telecommunication, there's not much that can be done to keep certain aspects out of their servers, but it would be great to be able, at bare minimum, to keep conversations, and conversational content from them. So, is this goal able to be achieved using services like Signal, and email? And can these be done with your phone, without a mobile carrier? And/or with a mobile carrier? What even ARE our options? It seems awfully bleak.

      8 months later

      I tried to install wifi-calling to avoid roaming abroad. And I've just realized that it does bypass the VPN.

      To make GOS work with wifi-calling abroad, I had to install a VPN on a physical router. And connect GOS to my physical router.

      And then, as if by magic, wifi-calling worked.

      So it would be cool to prevent wifi-calling from bypassing the VPN. This would allow you to have an IP from the country where your operator is, and avoid roaming on wifi.

        16 days later

        gos-users Yeah it's another by-design leak in the android VPN implementation few know about.

        2 months later

        Anonymous not sure if this is robust enough, so someone with more knowledge please correct me if im wrong, but best option is to use an LTE router with a valid VPN on it.
        Assuming router doesnt have same weak spots as the phone, such as "carrier communications" being routed outside the tunnel/dns.

        gos-users So it would be cool to prevent wifi-calling from bypassing the VPN. This would allow you to have an IP from the country where your operator is, and avoid roaming on wifi.

        it would be cool to have controll of ALL connections of an OWNED device.

        Graphite But carriers fought that fight and won a long time ago.

        Not absolutely! stiil possible to obfuscate tethered data in case if client device allows to adjust its TTL, like any windows machine.

        Anonymous not sure if this is robust enough, so someone with more knowledge please correct me if im wrong, but best option is to use an LTE router with a valid VPN on it.
        Assuming router doesnt have same weak spots as the phone, such as "carrier communications" being routed outside the tunnel/dns.

        edit:
        and assuming LTE carrier wont categorize the setup as tethered connection(if it would, maybe router has option to adjust the TTL to hide that its sharing web access)

        personally only planning to implement the router setup and would greatly appreciate any concerns shared. it is out of scope of GOS obviously, but thought this thread seems best place to ask due to massive discussed above.