7

Why do people use burner phones rather than Signal or similar? I would imagine that if you are high value target the police or intelligence service would simply eavesdrop every phone call passing the base station nearest the location where you dwell. Doing that then it is easy to filter out all phone calls made between phone numbers that have been used more than hundred times or for more than three months (or something like that) in both ends. The amount of remaining phone calls should minuscule, and there you have your criminal, spy or whatever speaking in cleartext on a non-encrypted line.

if you instead of using a dumb phone used something more modern you can on the one hand be exposed through a trojan or a rootkit but is that really a doable attack vector, even for very valuable targets?

If you use something like OpenBSD or one of the hardened Android phones that are on the market and only install Signal on it and then only use it for Signal. Never browse the web, never use it for regular phone calls and texts etc and keep it updated (Maybe regular factory resets too?), can the authorities, even if they have a lot of resources, really manage to sneak in some malware on it? Malware that can't be caught by another layer of security (E.g., your firewall could be setup to only allows device A to connect to internet to Signal destinations and ports using the Signal protocol - making it difficult to deliver whatever the malware manage to find to the people controlling it.).

What are the best practises for safe phone calls if you are a private citizen that some authorities are very interested in listening to?

EmLi
  • 171
  • 5
  • 3
    I think it's important to make a distinction between *privacy* and *anonymity*. A solution that hides the content of calls but not the identity of the callers would enhance privacy but not anonymity. A solution that hides the identity of the callers but not the content would enhance anonymity but not privacy. One problem with a non-burner phone is that even if the phone never reveals the content of any conversations, anyone cooperating with the cell company can track your location at all times based on which towers are pinged, since the SIM is tied to your name. – tlng05 Jun 08 '20 at 22:01
  • "Why do people use burner phones rather than Signal or similar?" Is there any evidence that people actually do this? As in, don't use both? Or that "high value targets" don't exactly use what you are describing? I'm pretty sure the answer to your question is: Your premise is false. – Tom K. Jun 09 '20 at 09:54

4 Answers4

8

People do use Signal, and even less secure systems like Whatsapp, to do the kind of communication that has traditionally relied on burner phones.

Let's dispense with the spy fantasies first, though: the majority of people who use or have used burner phones are not spies or high value targets,. As you can guess, not all criminals are technically-minded enough to use a software solution, and a low-tech burner phone is easier for many of them.

Nonetheless, encrypted messengers are getting increasingly more popular both in the scam business and in the retail drug business. Evidence to the former can be seen in many scam questions on Finance, to the latter in drug tags on the street with messenger names instead of phone numbers.

Both methods alone or even together leave a lot to be desired for perfection. Encryption can be broken with rubber hose methods and anonymity can be defeated by circumstantial evidence. In real life, perfection is not needed. Either the reduced detectability provided by encrypted messengers or the evidence loss/deniability provided by burners suffice to reduce the incarceration rate for their users.

ZOMVID-21
  • 2,450
  • 11
  • 17
5

Best practice would be to use a burner android phone along with Signal or another encrypted communications app with an outgoing firewall blocking everything else.

Remove all unneeded apps especially the Google ones.

But keep in mind there is another lesser-known attack on burner phones that most people are unaware of:

Proximity

Keeping your burner phone next to your real phone will 100% compromise its anonymity. The authorities are able to automatically associate phones that are kept close together with extreme accuracy and this has been happening for half a century.

So if you use a burner, make sure you keep it far away from any other identifiable device that is connected to a cellular network.

8vtwo
  • 372
  • 1
  • 7
  • Indeed, that is a similar attack to the one I described in my question (filter out all old phone numbers). And it is difficult to avoid the proximity issue if you use mobile data. One could leave one's regular phone at home and take a 10 minutes walk before you turn on your burner but if you do that in all directions the can quite soon pinpoint your starting point with quite good accuracy. If you instead always walk in the same direction then they only have to wait for you (forces you to have irregular habits, otherwise they just need to wait for you 17:00-18:00 when you makes todays calls). – EmLi Jun 09 '20 at 14:41
  • I think the solution to this issue is to disable mobile data and always have the phone in flight mode and only use WiFi. Even if you only use mobile data when you are out driving with your regular phone at home, there are cameras registering your car or face everywhere and after passing three cameras there is only one car/face left that passed all these cameras/base stations at approximately the right time. – EmLi Jun 09 '20 at 14:44
  • This is actually interesting. In fact, if you disable mobile connections/data on your burner and only use WiFi you could actually bring both phones with you and share WiFi from your regular phone to your burner and then use Signal on the burner without it being detectable, couldn't you? – EmLi Jun 09 '20 at 14:45
  • It really depends on how well connected your adversary is. If you use the same wifi on your burner phone as your normal phone, you will still be linking the two by using the same external IP. You could use a VPN on the burner phone to mitigate this, but most VPNs are transparent to the very high level surveillance agencies. – 8vtwo Jun 09 '20 at 14:53
  • But it requires the adversary to be able to detect Signal traffic. Is that possible? – EmLi Jun 09 '20 at 16:41
  • Absolutely. Signal provides confidentiality, not anonymity. In fact, you should assume that entire service is being closely monitored. Your best bet would be to use peer-to-peer encrypted messages. – 8vtwo Jun 09 '20 at 17:48
  • How do you mean that Signal doesn't offer anonymity? – EmLi Jun 09 '20 at 20:15
  • @EmLi if you read the wikipedia on Signal you will find: *"It does not provide anonymity preservation, and requires servers for the relaying of messages and storing of public key material."* Your data is encrypted and therefore confidential, but your identity is not protected. They know *who you are* but not *what you're sending*. – 8vtwo Jun 09 '20 at 20:55
  • How do they know that? – EmLi Jun 09 '20 at 21:46
2

Another reason to use a burner phone is that an attacker can theoretically get complete access to it, and they will not find any information regarding your personal life.

For example, a lot of people use burner phones when going to conferences like DEFCON or Blackhat. The idea is that you leave your regular phone at home, and use the burner phone to perform only the most necessary actions. This way, your credentials are never put on the burner phone, and even an attacker with absolute privileges could not e.g. steal your login data, bank account, phonebook, etc.

Of course, after the burner phone was used, it should be "burned".

  • Don't you workaround that problem by using a dedicated phone for Signal? – EmLi Jun 09 '20 at 10:22
  • No, because you would still have a long history of contacts on that phone, that can be used to identify you. The advantage of a burner is that you keep it for only a relatively short period of time. –  Jun 09 '20 at 14:29
  • Why? You would only have your Signal contacts (which, besides, it is much harder to access than the contact/recent list in a dumb phone) on that phone. And you can ditch your Signal account and create a new when whatever you need a burner for is finished. – EmLi Jun 09 '20 at 14:37
2

The main point of a burner phone is not the privacy of the communications, but to avoid to tie a phone number to an identity. So that when an accomplice is busted by the police and its phone contacts are revealed (through the mobile network operator or by accessing the phone history) it can only reveal burner numbers not tied to your identity (they can only be tied to your approximate location, using base towers).

In most countries, to register a phone number for a long period of use, one need to provide a proof of identity, such as a passport number. Using Signal or WhatsApp will not prevent that.

A. Hersean
  • 10,046
  • 3
  • 28
  • 42
  • Prevent what? ... – EmLi Jun 09 '20 at 14:04
  • @EmLi Prevent disclosing your real identity to the mobile network operator, that could then be disclosed to law enforcement. – A. Hersean Jun 09 '20 at 15:28
  • They don't require a postpaid subscription. If you live in a country that requires you to show an ID for a prepaid service, just ask a random drunk to go get it for you for a reasonable compensation. – EmLi Jun 09 '20 at 16:40