how to use burner phones securely (useful for vendors)

source (lots of great stuff on his site)

The publication of this piece at The Intercept about NSA targeting via mobile phones prompted me to release this collection of notes. Some quotes and statements in the article wrongly promote the idea that the SIM card is the only unique identifier in a mobile phone. I've enumerated the identifiers that exist, and they go far beyond the SIM card. At a minimum the physical identifiers of a mobile phone are the IMSI and the IMEI, that is the SIM card and the mobile phone hardware itself.

This is a short collection of notes I've put together on how you can be identified via your mobile phone. If you want to securely use a mobile phone, you'll need to use a burner. This is non-trivial. Here's a good guide.

Clandestine Mobile Phone Use

Mobile phones should primarily be used for signalling, rather than for actually communicating operational information. Remember the golden rule of telephone conversations:

Identifiers

Mitigations

Turn it OFF, for real.

Know how to turn the phone to a completely off state. This means removing the battery, taking out the SIM card and placing in a shielded bag (if possible). This really off state is how you store and transport the phone when not in use.

A note on storage: it should not be at your house or anywhere that is directly linked to you.

Take a hike, buster

Where you use the phone is itself very important. Never use it at locations which are associated with you, that means never at home, never at the office/work, never at a friend's house. Never have the phone in an ON state at locations that are associated with you, or your immediate social network. Never.

Do not turn the phone in the same location as a phone associated with you. Make sure that your real phone is somewhere else, but not in an OFF state if possible. You don't want the disappearance of one phone from the network to coincide with the appearance of another. Paired events are indicators of relation, and you want to avoid those as much as possible. You also want you regular phone to appear with a typical usage pattern, which means keeping it on as you normally would.

Contamination, avoid it

Never use different phones from the same location.

Never carry phones for different compartments together (keep them turned off, batteries out)

Never carry phones turned on over the same routes you normally take. Avoid patterns and predictability.


Comments


[7 Points] cactuzxx:

Lol you want me to take the sim and battery out; my line is 24hours a day 7 days a week. I don't have time to lose money


[4 Points] clandestine000000:

this information is useful if you are planning to attack white house


[3 Points] throwhayaway123:

If you're really large scale enough to worry about this, you really shouldn't even be on the same cellular network as the feds or practice rotating burners? Use it for a week and buy a new one, $30 for anonymity; how much are BTC commissions?

Write a street dealer's guide for using burner's, I dunno any 'vendors' of narcotics on the corner, just nigs


[2 Points] 3f3f33489898:

Why take the battery and the sim out, what reason do you have to believe that the phone can be accessed without a battery to run the processor? Or are you speculating that there is a non-removable battery?


[1 Points] JimLaheyKnows:

You are such a cop.

You can't honestly think people don't see your angle here, can you?

Dear god...


[1 Points] _GordonBombay:

The best opsec for phones is not to use them and to communicate through PGP emails or bitmessage. If you can't coordinate your enterprise without a phone then you are just waiting to get busted.


[-2 Points] howtouseburnerphones:

is there any interest for a vendor selling burner phones USA domestic? i can assume that if it's purchased and activated in another state it would provide reasonable cover

i can activate it for you, add 140 minutes and a 90 day plan for $45 and shipping. you can add minutes by walking into a gas station and buying a refill card with 120 minutes + 90 days for $20. sets up at $0.22 a day