Anonymous SIM Cards

Status
Not open for further replies.
O

OffshoreMonero

🗣️ Loud Newcomer
Nov 14, 2022
165
0
161
According to some tweets I've been reading today, you can instantly get anonymous eSIM cards from Silent Link.

Combine this with a Google Pixel purchased with cash and Graphene OS and you are unstoppable!

P.S. Monero support was just added today. 🙂

Toggle signature
*** Monero - Making Offshore Banking Great Again ***
 
Interesting, but they list that disadvantage of classic sim from operator is that operator can run attacks at your device:
(...) your local mobile network provider to run various attacks, that are easy with ordinary mobile subscribers, such as:
- SimToolKit attack. Using a special service SMS and a secret Ki key attacker can control subscriber's SIM card (or eSIM chip) and, using a special surveillance interface built into every GSM phone, eavesdrop on the subscriber during calls or standby.(...)
Click to expand...
Click to expand...
So now, when using their SIM, probably they can run those attacks. And they seem 1000x times more shady than normal operator. So perhaps caution needs to be exercised (e.g. when using device with this, assume that it's constantly listening). Also it needs to be considered that this could be law enforcement operation, such as Anom ("privacy phone" made by FBI) - as if this indeed allows to make such attacks at phones from operator's channel [which they claim are possible from normal operator], this would be excellent idea.
 
Good to know, thread moved!

Toggle signature

Latest Video Interviews, Offshore Company Resources, Payment Processing Tips & Tricks, Articles and Anonymity Hints only a click away!
Support the Freedom of Speech of our Community

Disclaimer: Nothing I say should be taken as tax, legal or financial advice. Anything I say is for general informational purposes only. Always seek independent professional advice.
 
deepspeculator said:
deepspeculator said:
So now, when using their SIM, probably they can run those attacks. And they seem 1000x times more shady than normal operator. So perhaps caution needs to be exercised (e.g. when using device with this, assume that it's constantly listening).
Click to expand...
Click to expand...

These risks are present with any phone company. SIM cards run Java and can run applications that the mobile company can deliver to the card at any time without your knowledge.

I would remove the microphones and cameras from the phone (if you have the skillset to do it), and only use it for data. Optionally use Wireguard to move the IP risks elsewhere as well. Any good VPN company worth its salt accepts Monero.

Do your voice and text communications using an app thet encrypts end-to-end. There are many to choose from. Always choose open source when possible.

deepspeculator said:
deepspeculator said:
Also it needs to be considered that this could be law enforcement operation, such as Anom ("privacy phone" made by FBI) - as if this indeed allows to make such attacks at phones from operator's channel [which they claim are possible from normal operator], this would be excellent idea.
Click to expand...
Click to expand...

Sure.

That's why you mitigate risks by using the advice above.

The trusted 5-star mobile company that you currently use can be hacked or co-opted by glowies using a court order (or not - depends on your jurisdiction) at any time as well.

The point of my initial post was to show that such a service exists and what is possible while staying anonymous.

Toggle signature
*** Monero - Making Offshore Banking Great Again ***
 
OffshoreMonero said:
OffshoreMonero said:
Optionally use Wireguard to move the IP risks elsewhere as well. Any good VPN company worth its salt accepts Monero.
Click to expand...
Click to expand...
Wireguard / vpn helps in nothing if your device is already compromised through this SIM channel. Attacker will force it to make a connection without Wireguard / vpn.


OffshoreMonero said:
OffshoreMonero said:
Do your voice and text communications using an app thet encrypts end-to-end. There are many to choose from. Always choose open source when possible.
Click to expand...
Click to expand...
Same: it helps in nothing when your device is already compromised through this SIM channel (or other malware, e.g. famous Pegasus). Attacker will see your messages like you on your screen, and the fact that in transit they will be super-hyper encrypted is irrelevant.

OffshoreMonero said:
OffshoreMonero said:
The trusted 5-star mobile company that you currently use can be hacked or co-opted by glowies using a court order (or not - depends on your jurisdiction) at any time as well.
Click to expand...
Click to expand...
Yes, but here we have some unknown guys selling sim cards for Monero. So who is more risky, normal operator or these guys? IMO, by nature of this service, as it attracts people who wanted anonymity, it more likely that:
1) They will be attacking your device as they described (more likely than normal operator)
2) They will get hacked (as probably they are less sophisticated then normal operator, and also have users which are nice target: crypto users who want to stay anonymous)
3) They already might be LE honeypot like Anom

OffshoreMonero said:
OffshoreMonero said:
The point of my initial post was to show that such a service exists and what is possible while staying anonymous.
Click to expand...
Click to expand...
Cool!
 
JohnnyDoe said:
JohnnyDoe said:
Another option is to connect to the internet using a portable router with a SIM card purchased “by a friend”, and use a safe encrypted device.
Click to expand...
Click to expand...
I'm using these devices MikroTik for example
very stable, from more than 60 pieces I have one LTE module and one power adapter died during 3 years - not bad
two sim card slots for transparent failover, just load it, establish WireGuard tunnel anywhere and you're happy

nevertheless, I like your post OP
 
JohnnyDoe said:
JohnnyDoe said:
Another option is to connect to the internet using a portable router with a SIM card purchased “by a friend”, and use a safe encrypted device.
Click to expand...
Click to expand...

Sure, and for certain setups this is preferred. You can carry a secured laptop and a portable router.

However, if you want the form factor of a phone and the convenience of portability, a device that looks like a boring smartphone offers better stealth. 🙂

deepspeculator said:
deepspeculator said:
Wireguard / vpn helps in nothing if your device is already compromised through this SIM channel. Attacker will force it to make a connection without Wireguard / vpn.
Click to expand...
Click to expand...

If your adversary is the NSA you will lose no matter what you do. They can possibly escape the baseband and infect the linux (android) kernel running on the application processor to do anything they want.

For most normal people looking for privacy and want to carry a device that looks normal. This is a decent fit.

deepspeculator said:
deepspeculator said:
Same: it helps in nothing when your device is already compromised through this SIM channel (or other malware, e.g. famous Pegasus). Attacker will see your messages like you on your screen, and the fact that in transit they will be super-hyper encrypted is irrelevant.
Click to expand...
Click to expand...

Yes yes.. and there are 0days for everything that are sold to the governments. We know.

This is why I advocate for Graphene OS because it actually has most of the exploit mitigations turned on, hardware attestation, OpenBSD's memory allocator, etc.

For the average jet setter who needs to stay in contact with business associates and family this is overkill.

If you are Pablo Escobar you'll need something even more hardened.

deepspeculator said:
deepspeculator said:
1) They will be attacking your device as they described (more likely than normal operator)
Click to expand...
Click to expand...

You can't say that for certain. You are talking out of your @ss.

deepspeculator said:
deepspeculator said:
2) They will get hacked (as probably they are less sophisticated then normal operator, and also have users which are nice target: crypto users who want to stay anonymous)
Click to expand...
Click to expand...

Sure, bring it on. That's why you harden the endpoint.

deepspeculator said:
deepspeculator said:
3) They already might be LE honeypot like Anom
Click to expand...
Click to expand...

Sure. Spy all you want. Wireguard, Signal, microphone and cameras removed. Purchased with cash.

As with everything you need to do proper threat modelling.

You don't have to outrun the bear - you just have to be faster than the slowest camper.

Last edited: Dec 8, 2022
Toggle signature
*** Monero - Making Offshore Banking Great Again ***
 
@OffshoreMonero: No need to talk about NSA / 0days. They openly admit that operator (so this means "they" when you are using their sim card) can successfully attack your device. So no magic tricks or NSA required, this is already solved issue.

VPN / Wireguard works on different layer (already internet layer, so this means that cellular connection is established and operator has details about this connection, e.g. where it's originating from). Moreover, as I wrote earlier, encryption in transit either with VPN or E2E apps is irrelevant when you have malware on your device (delivered by this SIM-channel) - as malware will work on unencrypted data on your device, not try to decrypt it in transit.

So, you are just mentioning random keywords about hardening in ways which are completely irrelevant in this case. If you truly think like that (and not just advertising the service), then it nicely shows why this attack could be very successful and is a such a nice idea: People will think "omg I will install VPN and signal and be safe due to super encryption" - nope, as malware on your device makes this irrelevant.
 
deepspeculator said:
deepspeculator said:
They openly admit that operator (so this means "they" when you are using their sim card) can successfully attack your device.
Click to expand...
Click to expand...

What are you talking about?

deepspeculator said:
deepspeculator said:
VPN / Wireguard works on different layer (already internet layer, so this means that cellular connection is established and operator has details about this connection, e.g. where it's originating from). Moreover, as I wrote earlier, encryption in transit either with VPN or E2E apps is irrelevant when you have malware on your device (delivered by this SIM-channel) - as malware will work on unencrypted data on your device, not try to decrypt it in transit.
Click to expand...
Click to expand...

That's not how the baseband and application processors work on the Google Pixel 7.

deepspeculator said:
deepspeculator said:
So, you are just mentioning random keywords about hardening in ways which are completely irrelevant in this case. If you truly think like that (and not just advertising the service), then it nicely shows why this attack could be very successful and is a such a nice idea: People will think "omg I will install VPN and signal and be safe due to super encryption" - nope, as malware on your device makes this irrelevant.
Click to expand...
Click to expand...

You didn't read anything I wrote, did you?

Toggle signature
*** Monero - Making Offshore Banking Great Again ***
 
Leaked ip from this sim card get phone number and triangual phone tracking and have your location.
 
Masterhack said:
Masterhack said:
Leaked ip from this sim card get phone number and triangual phone tracking and have your location.
Click to expand...
Click to expand...

That's obvious.

Any mobile device can be tracked by the carrier and those who have access to the data (such as governments).

Last edited: Dec 8, 2022
Toggle signature
*** Monero - Making Offshore Banking Great Again ***
 
OffshoreMonero said:
OffshoreMonero said:
That's obvious.

Any mobile device can be tracked by the carrier and those who have access to the data (such as governments).
Click to expand...
Click to expand...
practically speaking it's very difficult for everyone - using VPN server (as a gateway to the internet) in country A using the sim card from operator based in country B in country C is pretty strong setup - SIM card in roaming uses local operator to find the way home and from there to your vpn server - if you choose the right countries and pay for the services the right way... good luck to anyone to track what and from where you're doing...
 
One can easily buy prepaid SIM in some eastern european countries without any documents.
 
void said:
void said:
practically speaking it's very difficult for everyone - using VPN server (as a gateway to the internet) in country A using the sim card from operator based in country B in country C is pretty strong setup - SIM card in roaming uses local operator to find the way home and from there to your vpn server - if you choose the right countries and pay for the services the right way... good luck to anyone to track what and from where you're doing...
Click to expand...
Click to expand...

Your main carrier sees that your sim card connected in foreign country using another operator. And they have all information about details of this connection (enough to locate it, and some operator APIs for IoT SIMs even have easy way of locating connections of your own sim cards as a feature provided to the users), they see contents of sent and received SMSs (e.g. bank verification codes could be important for shady operator), connections you made (to whom and how long they took), how much internet data you uploaded and downloaded etc. This is on the lower layer than internet connection (as this is on cellular connection layer), so VPN will not help with it.

Often your internet connections go through your main carrier proxy, even when connecting from abroad with different operator (you can verify this by using some IP-location tool when you will be abroad - most likely it will display IP from your main country and location in your main country, as traffic will be exiting through your main operator). So, while your connections through the internet will be encrypted by you, this also provides some interesting metadata and additional attack surface.

This is all in normal setting with normal operator. In situation when you are using shady operator and they will try to hack your device and succeed, of course it's much worse.

Last edited: Dec 9, 2022
 
deepspeculator said:
deepspeculator said:
Your main carrier sees that your sim card connected in foreign country using another operator. And they have all information about details of this connection (enough to locate it, and some operator APIs for IoT SIMs even have easy way of locating connections of your own sim cards as a feature provided to the users), they see contents of sent and received SMSs (e.g. bank verification codes could be important for shady operator), connections you made (to whom and how long they took), how much internet data you uploaded and downloaded etc. This is on the lower layer than internet connection (as this is on cellular connection layer), so VPN will not help with it.

Often your internet connections go through your main carrier proxy, even when connecting from abroad with different operator (you can verify this by using some IP-location tool when you will be abroad - most likely it will display IP from your main country and location in your main country, as traffic will be exiting through your main operator). So, while your connections through the internet will be encrypted by you, this also provides some interesting metadata and additional attack surface.

This is all in normal setting with normal operator. In situation when you are using shady operator and they will try to hack your device and succeed, of course it's much worse.
Click to expand...
Click to expand...
I didn't say impossible, I said "difficult" which I still stand behind
 
OffshoreMonero said:
OffshoreMonero said:
Yes, but can you buy it without showing your face to a security camera?
Click to expand...
Click to expand...
Yes you can. I wouldnt trust these esim provider either.
Already activated simcards in certain type of shops are almost impossible to trace back to who bought it. You pay cash and the shop owners dont register the sale with the simcard number. If they even register the sale at all. Simcards are activated with internet packages even before you enter the store. These stores produce this type of simcards with activated packages on bulk.
About cctv cameras there are even some stores which dont have cameras but for these you need to search a bit.

With such type of existent offer there is no need for those esim provider. Its less traceable and even cheaper.
 
palomino said:
palomino said:
Yes you can. I wouldnt trust these esim provider either.
Click to expand...
Click to expand...

Again, I'll repeat: this is all dependant on your threat model.

Perhaps you are ok with showing your face. Perhaps you are ok with just paying for it with a credit card in your name. It's your life. "You do you."

Toggle signature
*** Monero - Making Offshore Banking Great Again ***
 
Status
Not open for further replies.

JohnnyDoe.is is an uncensored discussion forum
focused on free speech,
independent thinking, and controversial ideas.
Everyone is responsible for their own words.

Quick Navigation

Forums

User Menu

Login
Community platform by JohnnyDoe © 2025 JohnnyDoe
  • Width
  • Queries
    12
  • Time
    0.5974s
  • Memory
    14.11MB
Top Bottom