Anonymous SIM Cards

[OffshoreMonero]

According to some tweets I've been reading today, you can instantly get anonymous eSIM cards from Silent Link.

Combine this with a Google Pixel purchased with cash and Graphene OS and you are unstoppable!

P.S. Monero support was just added today. 🙂

Toggle signature

*** Monero - Making Offshore Banking Great Again ***​

 

[deepspeculator]

Interesting, but they list that disadvantage of classic sim from operator is that operator can‌ run attacks at your device:
So now, when using their SIM, probably⁢ they can run those attacks. And they seem 1000x times more shady than normal operator.︀ So perhaps caution needs to be exercised (e.g. when using device with this, assume that︁ it's constantly listening). Also it needs to be considered that this could be law enforcement︂ operation, such as Anom ("privacy phone" made by FBI) - as if this indeed allows︃ to make such attacks at phones from operator's channel [which they claim are possible from︄ normal operator], this would be excellent idea.

 

[JohnLocke]

Good to know, thread moved!

 

[OffshoreMonero]

These risks are present with any phone company. SIM cards run Java and can run⁤ applications that the mobile company can deliver to the card at any time without your⁣ knowledge.

I would remove the microphones and cameras from the phone (if you have the⁢ skillset to do it), and only use it for data. Optionally use Wireguard to move︀ the IP risks elsewhere as well. Any good VPN company worth its salt accepts Monero.︁

Do your voice and text communications using an app thet encrypts end-to-end. There are many︂ to choose from. Always choose open source when possible.

Sure.

That's why you mitigate risks by using the advice above.

The trusted 5-star mobile company that you currently use can be hacked or co-opted by glowies︇ using a court order (or not - depends on your jurisdiction) at any time as︈ well.

The point of my initial post was to show that such a service exists︉ and what is possible while staying anonymous.

 

[deepspeculator]

Wireguard / vpn helps in‍ nothing if your device is already compromised through this SIM channel. Attacker will force it⁠ to make a connection without Wireguard / vpn.

Same: it helps in nothing when your device⁢ is already compromised through this SIM channel (or other malware, e.g. famous Pegasus). Attacker will︀ see your messages like you on your screen, and the fact that in transit they︁ will be super-hyper encrypted is irrelevant.

Yes, but︄ here we have some unknown guys selling sim cards for Monero. So who is more︅ risky, normal operator or these guys? IMO, by nature of this service, as it attracts︆ people who wanted anonymity, it more likely that:
1) They will be attacking your device︇ as they described (more likely than normal operator)
2) They will get hacked (as probably︈ they are less sophisticated then normal operator, and also have users which are nice target:︉ crypto users who want to stay anonymous)
3) They already might be LE honeypot like︊ Anom

Cool!

 

[JohnnyDoe]

Another option is to connect to the internet using a portable router with a SIM card purchased “by a friend”, and use a safe encrypted device.

Toggle signature

@JohnnyDoe ”“ Your #1 Source for Guidance in Different Offshore Fields​

 

[void]

I'm using these devices MikroTik for example
very stable, from more than 60 pieces⁠ I have one LTE module and one power adapter died during 3 years - not⁤ bad
two sim card slots for transparent failover, just load it, establish WireGuard tunnel anywhere⁣ and you're happy

nevertheless, I like your post OP

 

[OffshoreMonero]

Sure, and for certain setups this is preferred. You can carry a secured laptop⁠ and a portable router.

However, if you want the form factor of a phone and⁤ the convenience of portability, a device that looks like a boring smartphone offers better stealth.⁣ 🙂

If your adversary is the NSA you will lose no matter what︁ you do. They can possibly escape the baseband and infect the linux (android) kernel running︂ on the application processor to do anything they want.

For most normal people looking for︃ privacy and want to carry a device that looks normal. This is a decent fit.︄

Yes yes.. and there are 0days for everything that are sold︈ to the governments. We know.

This is why I advocate for Graphene OS because it︉ actually has most of the exploit mitigations turned on, hardware attestation, OpenBSD's memory allocator, etc.︊

For the average jet setter who needs to stay in contact with business associates and︋ family this is overkill.

If you are Pablo Escobar you'll need something even more hardened.︌

You can't say that for certain. You are talking out︎ of your @ss.

Sure, bring it on. That's why you harden‍ the endpoint.

Sure. Spy all you want. Wireguard, Signal, microphone and cameras removed. Purchased with cash.⁤

As with everything you need to do proper threat modelling.

You don't have to outrun⁣ the bear - you just have to be faster than the slowest camper.

 

[deepspeculator]

@OffshoreMonero: No need to talk about NSA / 0days. They openly admit that operator‌ (so this means "they" when you are using their sim card) can successfully attack your‍ device. So no magic tricks or NSA required, this is already solved issue.

VPN /⁠ Wireguard works on different layer (already internet layer, so this means that cellular connection is⁤ established and operator has details about this connection, e.g. where it's originating from). Moreover, as⁣ I wrote earlier, encryption in transit either with VPN or E2E apps is irrelevant when⁢ you have malware on your device (delivered by this SIM-channel) - as malware will work︀ on unencrypted data on your device, not try to decrypt it in transit.

So, you︁ are just mentioning random keywords about hardening in ways which are completely irrelevant in this︂ case. If you truly think like that (and not just advertising the service), then it︃ nicely shows why this attack could be very successful and is a such a nice︄ idea: People will think "omg I will install VPN and signal and be safe due︅ to super encryption" - nope, as malware on your device makes this irrelevant.

 

[OffshoreMonero]

What are you talking‍ about?

That's not how the baseband and application processors work︁ on the Google Pixel 7.

You didn't read anything I︇ wrote, did you?

 

[JohnnyDoe]

OffshoreMonero said:
*** Monero - Making Offshore Banking Great Again ***
Click to expand...

thu&¤#thu&¤#thu&¤#

Toggle signature

@JohnnyDoe ”“ Your #1 Source for Guidance in Different Offshore Fields​

 

[Masterhack]

Leaked ip from this sim card get phone number and triangual phone tracking and have‌ your location.

 

[OffshoreMonero]

That's obvious.

Any mobile device can be tracked‍ by the carrier and those who have access to the data (such as governments).

 

[void]

practically speaking it's‍ very difficult for everyone - using VPN server (as a gateway to the internet) in⁠ country A using the sim card from operator based in country B in country C⁤ is pretty strong setup - SIM card in roaming uses local operator to find the⁣ way home and from there to your vpn server - if you choose the right⁢ countries and pay for the services the right way... good luck to anyone to track︀ what and from where you're doing...

 

[Mr Eros]

One can easily buy prepaid SIM in some eastern european countries without any documents.

 

[deepspeculator]

Your main carrier sees that your sim card connected in foreign country using another operator. And⁢ they have all information about details of this connection (enough to locate it, and some︀ operator APIs for IoT SIMs even have easy way of locating connections of your own︁ sim cards as a feature provided to the users), they see contents of sent and︂ received SMSs (e.g. bank verification codes could be important for shady operator), connections you made︃ (to whom and how long they took), how much internet data you uploaded and downloaded︄ etc. This is on the lower layer than internet connection (as this is on cellular︅ connection layer), so VPN will not help with it.

Often your internet connections go through︆ your main carrier proxy, even when connecting from abroad with different operator (you can verify︇ this by using some IP-location tool when you will be abroad - most likely it︈ will display IP from your main country and location in your main country, as traffic︉ will be exiting through your main operator). So, while your connections through the internet will︊ be encrypted by you, this also provides some interesting metadata and additional attack surface.

This is all in normal setting with normal operator. In situation when you are using shady︋ operator and they will try to hack your device and succeed, of course it's much︌ worse.

 

[void]

I didn't say impossible, I said "difficult" which︉ I still stand behind

 

[OffshoreMonero]

Yes, but can you buy it without showing your face‍ to a security camera?

 

[palomino]

Yes you can. I wouldnt trust these esim provider either.
Already activated simcards in certain type of shops are almost impossible to trace back to who‍ bought it. You pay cash and the shop owners dont register the sale with the⁠ simcard number. If they even register the sale at all. Simcards are activated with internet⁤ packages even before you enter the store. These stores produce this type of simcards with⁣ activated packages on bulk.
About cctv cameras there are even some stores which dont have⁢ cameras but for these you need to search a bit.

With such type of existent︀ offer there is no need for those esim provider. Its less traceable and even cheaper.︁

 

[OffshoreMonero]

Again, I'll repeat: this is all dependant on your threat model.

Perhaps you are ok‍ with showing your face. Perhaps you are ok with just paying for it with a⁠ credit card in your name. It's your life. "You do you."