by Aromatic_War
1 subcomments
- It’s rare to see an MVNO thread get into the weeds of the mobile core, but as a Full MVNO, Cape is essentially running its own sovereign telco infrastructure. From an outside perspective, they are definitely among the few who are treating the signaling plane with the proper level of scrutiny (they built their own signalling firewall)
But even with a proprietary core and a signaling firewall, Cape is still an island in a sea of legacy protocols and peer MNOs with different intentions...
I'd be interested to see how they are hardening the IMS (IP Multimedia Subsystem) and VoLTE/VoWifi stack. SIP signaling and RTP streams for voice are often unencrypted internally.
If Cape is applying their 'Network Lock' logic to the IMS layer, they could potentially mitigate SIP-level spoofing and voice interception that occurs at the interconnect.
Their 'Encrypted Voicemail' (using asymmetric keys on the device) is a strong signal that they understand the 'Last Mile' problem.
Also even if SEPPs are not really a thing, i'd be curious to know if they've started looking at this.
In the small world of telco security (disclaimer i work for P1Security), they are definitely working in the right direction. Any international ambition, particularly in EU, will be a tough sell though....
- > Enjoy unlimited high-speed data; after 50GB, speeds may slow to 256 kbps.
Last I checked 256 Kbps is not high speed. You can advertise this as unlimited data, or you can advertise it as 50 GB of high-speed data, but you can't call it unlimited high-speed data.
- >Identifier Rotation
>Protect yourself from persistent tracking by rotating your IMSI every 24 hours, so you appear as a new subscriber each day.
But nothing for IMEI, which is fixed for a given device. Unless you got a new phone to use with this service, it can instantly be linked back to whatever previous service you're using. If we assume that whatever carrier they partner with keeps both IMEI and IMSI logs (why wouldn't they?) it basically makes any privacy benefits from this questionable. It's like clearing your cookies but not changing your IP (assuming no CGNAT).
The other benefits also seem questionable. "Disappearing Call Logs" don't really help when the person you're calling has a carrier that keeps logs, and if both of you care about privacy, why not just use signal?
They're asking $99/month for this, which is a bit steep. If you only care about the rotating IMSI, don't care about PSTN access (ie. no calls/texting), you can replicate it with some sort of data esim for much cheaper. The various e-shops that sell esims don't do KYC either.
- FYI, I had to walk through the first dozen or so steps of the signup form to figure out that it's available in the US only. I suspected as much, but I figured I'd post it here, since it's not in their FAQ.
- I've looked into this company before and when I saw who was behind it and on the team it was an immediate red flag to never use or trust this company.
Look at who Doyle has worked for previously and what connections he has. Palantir and the military, to start.
by throwaway57572
3 subcomments
- You might check out who the CEO is here and how he runs the company and then consider whether you'd trust them. And look at the infra providers they use. Not what I would call the most upstanding bunch.
- From their "Features" drop-down:
> Minimal Data Collection
> Identifier Rotation
> Secondary Numbers
> Disappearing Call Logs
> SIM Swap Protection
> Network Lock
> Encrypted Voicemail
> Private Payment
> Last-Mile Encrypted Texting
> Secure Global Roaming
"Identifier (IMSI) Rotation", "Secure Global Roaming" and "Network Lock" do look interesting *IF* they can actually address some of the baseband vulnerabilities that plague all modern devices. That's a Big If.
SIM Swap Protection you already get by using a VoIP number rather than a cell number.
And the other features are irrelevant if you're using over-the-top end-to-end encrypted messaging, like Signal, rather than Plain Old Telephone Service and SMS.
- I used cape for a while - they had a promo where the service was cheaper. I'll be honest, the service itself - the signal I got on the device - was just not worth the full price of $99. It could just be my area. I also had to constantly turn voicemail on and off or else I wouldn't get voicemails.
The customer support team was great to work with and actually extended the trial price for me. But ultimately, the service just does not seem competitive on a usability level with major carriers and this was an issue for me. It very much could have been my local area but Verizon and T-Mobile are far, far more reliabl and comparable in price.
by helterskelter
1 subcomments
- How does this compare to Phreeli [1]? Has anyone here used either of the services?
1: https://www.phreeli.com
by iamnothere
0 subcomment
- Unfortunate that it doesn’t seem to support Linux phones. Phreely or Purism’s AweSIM would be a better fit for anyone running a non-Android/non-iOS setup. Hopefully they add this in the future.
- Secondary numbers sounds neat:
https://www.cape.co/blog/product-feature-secondary-numbers
I've been using my Google Voice number for something similar. But Cape doesn't specify if/when these numbers are rotated in any way - you have three numbers to track now, and you can't retain these numbers if you switch services.
- No way this isn't funded by the CIA
- So it's an MVNO mostly on the AT&T network with extra privacy features? I think it still all then comes down to how you use your phone and how much you can trust the whole pipeline. I use Credo Mobile which doesn't seem totally different. https://www.credomobile.com/our-story
- Will not pass muster with FCC. Know Your Customer regulations require the company to … know the customer. They will not last.
- Hi Cape team,
I'd like a service like yours that allows private signups and that works continuously to prove ongoing private operations. I don't need huge data plans, I'm fine with WiFi mostly. It needs to cost way less per month than your current pricing. It would be cool if you could find a way to serve people like me.
- The problem with every service targeting "safety conscious" people is that by virtue of using that service you mark yourself as someone with something to hide and draws attention. The lack of signal is a signal in itself.
It's like walking into a bank wearing a ski mask. Yeah we don't know who is under the mask but we know there is probably something fishy going on.
Your best bet at staying safe is always to not raise any attention at all, and that usually means doing what the average citizen with 2.4 kids does.
by monster_truck
1 subcomments
- Do not fall for a word of this. If you've spent any time dealing with actual SIP providers (ie not the shit you'd hook an app up to, the ones debt collectors use), you'll know exactly how much you can trust them. Same difference
by konaraddi
1 subcomments
- I hope this succeeds and isn’t backdoored
by treetalker
2 subcomments
- If anyone uses this and could tell us about your experience, please do!
- There’s a chance this catches on with some folks with blacklisted IMEI’s due to a quirk on AT&T MVNOs where service works for a few days before getting halted per IMSI.
by vivzkestrel
1 subcomments
- - this is my biggest gripe with any of these privacy products
- how do I know you are actually implementing what you claim on your webpage?
- It would be more useful and beneficial to have a privacy oriented twilio than a privacy oriented carrier.
If we treat the carrier as adversarial, dumb pipes we can move the security and all of the capabilities into the cloud platform. A personal comms stack like this should be carrier-agnostic, phone-agnostic, sim-agnostic.
See my other post in this HN topic - I have done this since 2016 ...
- I guess making honeypot phones and calling them secure fell out of fashion, so now we backdoor at the carrier level?
by ranger_danger
0 subcomment
- https://piefed.social/c/privacy/p/1813919/privacy-cell-servi...
- Hold on. Cell towers still know where the device is. If a group of people in an area have stable ismi’s and one person’s ismi is rotating daily, it doesn’t take a genius to figure out who’s now using cape. Using it for travel makes sense, but again being a device that doesn’t a have an owner is, as the kids say, sus.
- I know it'a a bit of a pivot but the following would make me move:
1/ eSIM activation outside the US
2/ The family plan is weird. My wife and I don't want to manage two separate bills.
3/ multiple eSIMs and numbers in different countries all within the one account (Germany in particular)
by fortranfiend
0 subcomment
- Guess I'm more paranoid than fairly. Id class this in a wait and see category maybe try it out on a secondary device for a trial run. You'd have to have the need to their services to justify the cost or just not care about cost.
- I have some questions about the "Last-Mile encryption" and "Encrypted Voicemail". Does Cape receive cleartext and resend it encrypted? What does this achieve? Integrity? Does the service drop unencrypted messages?
by voidUpdate
1 subcomments
- Does cape use its own cell towers, or do they rely on third parties to provide the actual infrastructure? And if they do use third parties, are they sure that they aren't also storing data about the connected devices etc?
- Please add an arbitration opt out option or better yet ditch requiring people who care about their rights waive their right to a trial and jury.
by driverdan
1 subcomments
- Why is this so much more expensive than other MVNOs? Mint Mobile, for example, is $30/m for unlimited. Most MVNOs can be funded anonymously, through in store purchases.
- Any plans on how to secure the hardware layer, where phone modems and infra equipment are insecure/rooted by design?
- If only they supported physical SIMs, I could use it on my punkt phone.
by ThePowerOfFuet
0 subcomment
- Can't even roam in the EU with it? Useless for an awful lot of HN.
by anon5739483
0 subcomment
- Maybe have an onion web service and add direct Monero payment support. This will help privacy LARP'ers get into the mood. Truth be told, if you're paranoid by any measure and use a cell phone -> YNGMI. It's not cheap enough for average person to care and not private enough for ulta-paranoid to pay and use. The whole mobile infrastructure is utterly broken in terms of security and privacy so it's still refreshing to see any kind of attempt being made in this area.
- What about crypto payments?
How does this compare to silent.link?
by Doohickey-d
0 subcomment
- Another option for anonymous mobile service: https://silent.link/
eSIM, global, variable pricing per country with per-GB billing, anonymous crypto payments and no KYC. Although it seems to not have some of the additional security features of the OP.
- is RCS support planned in the future?
by maybsum1else
1 subcomments
- i think this thread is a honeypot
- Why this gives honeypot vibes?
by mrbluecoat
0 subcomment
- Pair it with your Dark Wire phone for perfect anonymity! /s
https://www.hachettebookgroup.com/titles/joseph-cox/dark-wir...
- Partnered with EFF, might as well say this is a US government honey trap.
Hacker News