this post was submitted on 27 Oct 2024
88 points (94.9% liked)

Privacy

32120 readers
371 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm investigating getting off the cell network permanently to avoid at least the constant triangulation of my position. I figured I'd look into getting a VoIP number and getting calls and texts over WiFi. I don't mind being unreachable when I'm not connected to a hotspot, so it's not a problem for me.

But before looking for a good VoIP provider, I decided to check if WiFi still worked in airplane mode. And indeed it works. But to my surprise, when I connected the WiFi, my cellphone provider's name also came right back up at the top right of the screen. In airplane mode? What the hell?

Long story short, after investigating a bit, I realized I had WiFi calling enabled. So I can in fact already get calls and texts without being on the cell network.

And I'm thinking, maybe that's good enough for privacy?

I mean I know SIMs leak information like ICCID / IMSI / IMEI so obviously they have no reason not to do that over WiFi also and that's not so hot.

But on the plus side, none of that information is linked to cell towers and location anymore - at least not precise location if I'm not on a VPN - the baseband processor is off and can't do whatever shady chit-chat it does with the SIM and the cell towers, and I can still use my normal phone numbers without having to change and tell a million people that I have new numbers if I go with VoIP.

Also, I don't store my contacts on my SIMs and I use a deGoogled Android. So I figure that limits how much adversarial software can exploit the SIMs to leak data.

So it seems to me that WiFi calling may be a good solution for me for better privacy without too many compromises.

Can you think of something I missed that I should know before using this feature?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 3 weeks ago (2 children)

If I'm understanding how 'WiFi Calling" works; it's still "identifying you" to the cell provider the same way; via your SIM. The only difference is they don't get an exact location because you're not using any cell towers typically.

I do suspect SIMs and eSIMs are still doing all the heavy cryptographic signing done on a typical phone network though...they're just not screaming your IMEI/IMSI all over open or even encrypted airwaves; nor is a WiFI signal triangulate-able typically due to it's short range.

[–] [email protected] 3 points 3 weeks ago (1 children)

It is basically a SIP (a widely used VoIP standard) inside of IPSec (a type of VPN, and also a common standard). The IPSec credentials are provided by your your SIM card and that makes it about as secure as cellular.

[–] [email protected] 2 points 3 weeks ago (1 children)

Actually; (basically) SIP over (basically) IPSec sounds pretty correct. Wish the dense technical manuals I read had explained it that way; makes a lot more sense to me as a Net Admin type of IT person.

I do remember reading that the protocol was basically encapsulated. Dunno about any encryption; probably there's not any at the IPSec level. I do know that the SIMs themselves probably contain certs that have some value; I just don't know if they handle any encryption or if they're just lightweight little numbers for authentication only.

[–] [email protected] 1 points 3 weeks ago

There’s encryption and it is managed by the SIM.

[–] [email protected] 1 points 3 weeks ago (1 children)

I don't know what kinds of packets WiFi calling sends, but I would assume a public IP would be in there somewhere and, at least from a law enforcement perspective I can't imagine it would be too hard to get the address tied to it.

[–] [email protected] 1 points 3 weeks ago

It your provider has some endpoint somewhere. The thing is, if you’ve law enforcement involved it doesn’t really matter is it’s WiFi calling or a cellular call, they’ll still be able to tie it to you.