All questions are in bold for ease of use.

The major carriers in the United States participate in NSA surveillance (except for T-Mobile apparently, because it’s based outside of the US. Except they bought Sprint, which participates.) and that, along with other major privacy issues, means that the market for private carriers is incredibly slim. When I found out that some carriers, such as Mint Mobile, piggyback off of Verizon, I wondered: What’s stopping a carrier from simply E2EE everything from Verizon, and then using Verizon to transfer the data? Obviously, the encrypted data could still be collected and sold, but it wouldn’t matter if the encryption was setup properly, right? I’m looking to better understand how this works, and, if a solution exists, potentially be the first to make it happen. The reason I’m not suggesting creating a carrier without piggybacking is due to the sheer cost and lack of support it would have, which would lead to poor adoption. Also, if carriers simply don’t support E2EE, couldn’t carrier locked phones install the software (since most install software anyways) required to make E2EE work?

The 8232 Project
creator
link
fedilink
0
edit-2
9M

Why would they put in the effort when anyone who cares about secure communication just uses an encrypted messaging app?

Because not all traffic sent through cellular is messaging. People visit websites and whatnot when they’re out-and-about. Not to mention that not everyone uses secure messaging apps.

P.S. I am very aware of Signal, thanks!

Browsing most websites is E2EE. When it’s not, that isn’t something a phone carrier or ISP can fix because they don’t control the web server. The traffic will be in the clear between the ISP and the server.

For secure messaging without a third-party app, phone carriers in the USA seem to be pretty onboard with Google RCS, though I think I’d recommend anyone who’s serious about security use Signal instead.

The 8232 Project
creator
link
fedilink
19M

Thanks for elaborating! I’m curious about two things

  1. How are DNS queries handled over cellular?

  2. Is traffic E2EE between the phone and the cell tower, or could anyone with a laptop sniff packets of phone calls OTA with Wireshark?

Saik0
link
fedilink
29M
  1. Up to your device.
  2. Doesn’t matter what layer 1 is if higher layers are encrypted.

deleted by creator

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.12K Posts
  • 78K Comments
  • Modlog