It’s Not Me, It’s You:
Breaking Up With Your Cell Phone Number
Any good investigator will tell you that the single best artifact to collect when building a targeting package against a subject is their cell phone number. I don’t speak to data brokers (I’m sure the feeling is mutual) but I suspect they feel the same way about the value of cell phone numbers. More than your social security number, more than your name, address, IP address, ad tech ID, email address, browser fingerprint, or any of the other digital identifiers, your phone number is you. Almost everything we sign up for asks for a phone number, and some, like Meta properties WhatsApp, Facebook, and Instagram require an actual cell phone number — burner VoIP lines be damned. Even services that technically don’t require a cell phone number, like Gmail or ProtonMail, make it much easier to sign up if you provide one.
In 2002 cell phone adoption among US adults was 62%
Today adoption is 97% overall and 100% in the 18–49 age group. This means that if you are 18–49 in the US and you don’t have a cell phone, you are statistically nobody.
I was 18 when I got my first cell phone in 2000, right in the middle of the adoption curve. I remember being told I had a whopping 150 minutes a month and some amount of these things called “texts”. I was in college at the time and the main problem I had with my Zack Morris-esque Nokia phone was that it didn’t have “vibrate” so if, per chance, I was at a loud, uh, event, I couldn’t hear it. My solution was to put the phone in my front pocket facing out in hopes that someone looking at me would see it light up with an inbound call and let me know. I don’t recall texting much, after all I had AOL Instant Messenger on my desktop in my dorm room, so I had the social written word covered. If you needed to know where I was, just check the away message. Stupidity ensued.
Prior to the undertaking described here, I had the same cell phone number since the 150 min Zach Morris phone. It was time for a change. Given how entwined we all are with our phone numbers, is it possible to make a privacy preserving shift to a new number without creating chaos?
Yes.
After that 21-year run with my original phone number I decided it was time to see if I could add some rigor to my privacy practice and unwind my life from my long-held cell phone number. Honestly, I put it off for a long time. I thought it would be disruptive and time consuming. To some degree I was right, but it was not nearly as bad as I thought. Here’s how you can do it too.
First and by far the most important thing in this whole process is that you should never, ever, release your cell phone number back into the wild. Imagine if someone got your cell phone number of 21 years randomly (or nefariously) assigned to them after you released it and used it as a vector to access your accounts or digitally impersonate you. Bad news. Got it? Good.
Now we can talk through process. You will want to port your old cell phone number to a VoIP provider. At my crafty day job at Halo Privacy, we can handle this on behalf of customers with our private number provisioning, but I wanted to go full DIY to show the mechanics. I spent several months looking into various VoIP providers. I was not impressed. Most have horrible security. Part of my vetting was to actually sign up for an account then attempt to change access to the account to see how easily it could be done. In all but one case I was able to engineer account access with a phone call and information technically available through open source. I say technically because some of it, like credit card numbers, might have to come from breach data, but it’s still out there on most of us. VoIP services with a reasonable level of security tend to be geared for b2b sales. Practically, this means that single-user accounts are at the most expensive rate. Expect to pay as much for VoIP as you would for a cheap cell phone plan. The cheapest option is Google Voice, but not only can I not recommend it, I’ll never forgive you if you use it. Admittedly, some of my good privacy friends use Google Voice, it’s just that I have a separate personal initiative to completely de-Google my life. More on that in a different article. Please get in touch if you want to know which VoIP service I selected. I consider it poor OPSEC to publish the provider, so I won’t list it here.
Once you’ve identified your intended VoIP service the next step is to pivot back to your SIM card. If you don’t have a dual SIM enabled phone, I would recommend one for this project. iPhones starting with the XR model through the current 13 line all have hard SIM + eSIM dual capacity. Before you port your current SIM to VoIP, add your new line as an eSIM. You will have two cell phone lines for part of this process. It is possible to skip the overlapping SIMs step, but the process is more forgiving if you opt in.
In selecting your new phone number & carrier there are a variety of things to consider including:
· Carrier Security
· Area Code
· Attribution
· Payment
Carrier Security
The three main carriers in the US are Verizon, AT&T, & T-Mobile (Sprint). None of them have sufficient security at the retail level. SIM swaps remain prevalent because of lax mechanical controls around subscriber account provisioning compounded with a very large pool of carrier employees who can manage subscriber accounts. Between all the carrier employees in their call centers and the retail employees at stores, the social engineering target set for an adversary trying to co-opt access to your SIM card is too large to ever be considered fully mitigated.
I decided to get my number from a privacy-loving Mobile Virtual Network Operator (MVNO) that I know well and use regularly for day job projects. Feel free to contact me if you want to learn more but the gist is that my cell phone numbers are considered “carrier-hidden”. It means that they are strictly managed outside of the main carrier retail databases. If I tried to go to a Verizon or AT&T store to get help with my number, they would not be able to look it up. This is an exotic offering, but the level of SIM card security provided is the best I’ve ever seen.
Area Code
Don’t get a cell phone number in your home area code. There’s no need to provide geographic information about yourself via your phone number. I recommend choosing a dense urban area code with which you have little to no ties and go with that. A second choice is to go with the area code of a city where you used to live but are no longer resident. This would be consistent with your “pattern of life” without revealing current location data.
Attribution
Eventually your number will start to bind to your identity. There’s almost no way around it unless you have some very extreme disassociation of your phone from your known locations. For most people its effectively impossible to achieve. That being said, you don’t have to overshare. The following rules will help keep your phone number somewhat clean:
- Don’t use your new number for any account sign ups, profiles, or services
- Don’t post your number on the internet (c’mon guys)
- Only give your number to people you know
- Use your old number that you ported to VoIP for anything that is associated easily with your name
- Don’t call 800 (or 900) numbers with your cell phone number — most businesses log the call and associate the number to your account by default
- Never give your cell phone number to the Government. Any Government.
Payment
If you can, pay your cell phone bill with Bitcoin, Privacy.com, cash, or a corporate bank account not tied to your name. One of the quickest ways to reveal the identity of a number’s owner is by looking at the payor details. All the carriers can see this information.
Was it bad?
The above process can be done in a day once you have your plan. The bigger time consumer is updating your contacts that you switched numbers. It is a good opportunity to prune your personal network if you don’t subscribe to the popularity theory of contact lists. I have 1114 contacts saved in my phone of which I get a text from about 3 on Christmas and half that on my birthday. It’s safe to say that contacts with labels like “Mike — Chicago Conference (follow up)” from 2007 are okay not to update about your new ultra-private life. In fact, it’s time to delete Mike.
Other than updating my contacts with my new number, the only real friction point is discovering that some of my “SMS-only” logins where I used my old number to receive 2FA codes caught on that I had moved the line to VoIP and forced me to provide a true cell phone number on the account. It’s total data mining and I’d like to do an ambush video of me yelling at the CEO of one of these companies as he or she is arriving at Davos. I also don’t like being on video and have some sense of puritan decorum from all my years living in New England, so I don’t see this happening.
Next Level Stuff
Did I stop with the “good enough” solution outlined above. No. I had to go three steps further. If you are looking to level up to a vain amount of cellular privacy, I recommend the following:
Step One
Get a second carrier hidden number added to your phone and don’t share it with anyone other than very close contacts. This way if you need to burn your new cell phone number that you gave to most of your contacts it won’t impact your inner circle. Think of it as having a “Public” and a “Private” number. Below is how I have my phone set up with two lines. I redacted everything that would be of use but I’m still giving myself credit for breaking up the wordiness of this article with a picture.
Step Two
Get a cellular data Access Point Name (APN) to route your cellular data encrypted through a private network. There are several companies that provide this service including, [checks notes], Halo Privacy, where, [checks again], I work.
The advantage of an APN is that it encrypts and routes your cellular data by default and its always on. Think of it like a VPN for your SIM card. Halo’s APN also splits your traffic into-session based post quantum encrypted tunnels and disperses the routes randomly, terminating at various egress points around the world. It’s some Jason Bourne stuff, if Jason Bourne lived in 2030.
Step Three
Carry a second cell phone to quarantine the “bad” apps that you need but don’t trust. Carrying a second cell phone is wildly annoying. I do it because there are a couple apps I need for certain relationships or functions, but I would never let them live on the same operating system as my main phone. For me, two examples of this are Signal & Telegram. I treat both of those apps as hostile, but I do have some friends and associates that contact me on either. The second phone allows me to have those apps while keeping them at arm’s length. I don’t put that phone on Wi-Fi at my home or office and I don’t ever give that phone “Local Network Access”.
I need to be very explicit about one thing here. I don’t care if you have a hundred extra phones, and you keep them all double faraday bagged in lockdown mode in an anechoic chamber under the ocean. There is no device on which you should ever have TikTok.
Conclusion
I think it’s well worth the accrued privacy to pursue some variation of the cellular reset described above. It requires some tinkering and will be modestly disruptive. It will also cost somewhere between $400-$1600/per year depending on what version of the above you select and assuming you DIY.
Returning to my initial point, your cell phone number is the primary attack vector against you in the digital world. So, before you bother with other privacy mechanisms like data base opt out, VPNs, living like a boss on Monero only, lay the foundation with a solid phone number set up. It’s not as hard as it (may) sound. Also, Mike from the conference in Chicago, if you are reading this, I’m sorry I never followed up.
