Using a mobile anonymously with encrypted messages and voice is challenging. With Signal text and voice are encrypted but it sends your contacts to Signal which makes me uncomfortable. With Orfox you can browse the web without revealing your IP address but the GSM module tracks your location.
With a small budget you can however buy a second hand mobile and dedicate it to anonymous communications, as long as you remove its battery when you’re not in a public place. You do not leak your contacts to Signal and the GSM module tracks a SIM card that is not associated with you. Here is a detailed description of the preparation of an anonymous phone I did today. This is not rocket science and I’m sure lots of people already know all of that. But I did not find a HOWTO and it took me some time to figure it out.
In a nutshell, the problems we’re trying to solve to make a new mobile anonymous are:
- Geolocalisation that cannot be turned off. The GSM module runs a proprietary blob that cannot be deactivated. It will broadcast the phone unique identifier to mobile operators who can record the fact that it was close to a relay. It can also trivially be recorded by anyone with cheap hardware.
- Identification device: it is required by law to provide an id card when using a SIM card.
- No end-to-end encryption for voice conversations or text messages
If you are in Paris, France here is what you can do:
- Pay for everything in cash
- Buy a Lyca SIM card and a 5 euros credit in a shop near Stalingrad, Gare du Nord or any shop that advertises the brand. In the unlikely event that you are asked to provide an ID card, answer that you don’t have it with you and will call support later.
- Buy a Samsung phone in a shop and write a fake name and address on the invoice. There is no requirement to provide an id: this will not raise any question, it is only for the warranty. When you walk out of the shop, remove the battery from the phone. You will find a few shops selling cheap second hand Samsung at Montgallet.
- Go to a coworking space with unfiltered internet, no surveillance cameras and sit at a place with your back to a wall. For instance one of the Anticafé.
- If you’re in luck and managed to find one of the models supported by Replicant, install it to get rid of all proprietary software and attach a wireless adapter. Otherwise install Lineageos to get rid of any trackers installed on the phone by default. This is not ideal because Lineageos still contains many proprietary blobs. When installing Lineageos decline all suggested feedback, geolocalisation, updates etc.
- Insert the Lyca SIM card and wait a few minutes. There is a good chance it is pre-registered and you don’t have to do anything. If nothing happens go to the Lyca web site, look for Activation and follow the instructions. Do no call the operator. You will then receive your phone number via SMS and you will need to use the credit you bought, in case the SIM card has no credit at all. As if you were calling a phone number, type *131*THE NUMBER ON THE ACTIVATION CARD# and you will immediately be credited and able to receive and make phone calls.
- Install the Signal APK by downloading the file and clicking on it in the Download area. Do not register on the Google Play Store to install any application, always download the APK instead
- Verify the SHA256 displayed on the Signal page matches the file you just downloaded with
unzip -p Signal-website-release-4.13.7.apk META-INF/CERT.RSA | \ keytool -printcert | grep SHA256
- Register with Signal using the phone number you just obtained from Lyca. When this is done, remove the SIM card and do not use it again. It will be your unique identifier with Signal but you don’t need it after registration. The SIM is likely to be deactivated a few days later because you did not provide your identity. But it does not prevent you from using signal since you only need the phone number to register. It will become a problem when and if the phone number is recycled to someone else who registers to signal and tries to impersonate you. If that happens, the persons you communicate with will be notified by Signal that the the encryption key changed. You should warn them in advance about this possibility and advise them to stop all communications.
- Install Orfox and Orbot from the release repository. At the time of this writing there is there is no direct link to the APK from the Orfox page and you will have to guess which is the latest stable release.
- Run Orbot, wait until the connection to tor is established and click Browse to launch Orfox
Such an anonymous mobile could be useful if you are a whistleblower who wants to remain anonymous or a journalist trying to protect a source. If you do not have the technical expertise to carry out these instructions, feel free to ask for help.
Once the mobile is ready, using it anonymously does not require any technical expertise:
- Go to a public place with network connectivity and pay in cash if it is not for free
- Insert the battery in the phone
- Use Signal to text or call a journalist
- Use Orfox to browse the web
- Use SecureDrop to send documents
- Always remove the battery from the phone when you are finished and never insert the battery unless you are in a public place.
Note: there are many privacy tools in addition to Orfox, SecureDrop or Signal and I chose to focus on just a few of them because they are the one I know.
Note: it goes without saying but let’s say it anyway: never use this anonymous phone to login on social networks or other web services
Note: if the shop in which you bought the phone has surveillance cameras (and they may not be easy to spot), the invoice including the serial number of the phone could be traced back to you. As a rule of thumb, if you have reason to suspect you already are under physical surveillance, there is virtually no chance you can succeed to make an anonymous phone call
Note: See also a similar blog post with more options, not focused on anonymity