I recently learned about Cape and am trying them out to see how it works. I’d be interested in any other info or opinions people may have.
They are private by nature. They don’t collect a bunch of info on you to create an account. They aren’t going to sell your data. Its clear it’s not anonymous, but I don’t need that I just need privacy.
Cool features include:
A rotating IMSI number that changes every 24 hours or so.
What they call Network Lock, which basically pings your phone when your IMSI attaches to the network to verify proximity. If it doesn’t match then they deny it. This should prevent SMS interception and sim jacking.
There’s also secondary phone numbers included that handle SMS only, so you can use them for services you don’t want to give your real number to or as a burner number.
Phone numbers are not identified as VoIP so that (stupid) limitation from some services isn’t applicable.
I also like that they seem like a very practical solution. Right now I use JMP for VoIP numbers and buy a data sim separately. I’ve looked at other services and had issues with them. Cape seems very straight forward and simple.
That being said, they are a very new company. Apparently this has been worked on for years but the service just went live in January. That’s my biggest hesitation.
My testing over 2 days has been fine. I haven’t seen anything that is negative or a red flag.
Pricing is mildly expensive overall for a single line. No family plans, which is good from a privacy stance and there’s a referral discount so basically if you use that to sign up multiple accounts it brings the price down like a family plan would. But I’m a single line so I don’t get any of that benefit.
There’s some missing features but none that I really care about. They have a clearly marked out roadmap for the year, so I guess over time we get to see if they stick to it.
What do you guys think?
Thanks for posting your minireview, OP! I’ve heard of other things like this. Freeli was it? Similar sounding thing.
Lots of it sounds good to me. What I have to think thru is how alleged privacy from that company, interacts with ALL the ways mobiles can be ID-ed.
These companies piggy back on the big carriers, b/c ofc they can’t afford an entire ass cell network buildout like T-mobile or other huge co can do. So OK, they don’t collect customer info about me. That’s cool. But now I turn on my device at my home and the cell network triangulates me to the place I live. Even if I make sure to disable GPS and w/e on my phone.
This is where my understanding goes super fuzzy. I guess they rotate IMSI to help against this. But until the IMSi rotates, everything I do with that IMSI ties to my home, right? So like, I call my friends Alice and Bob. That call comes from an IMSI that the network can pinpoint to my exact location, or very close, doesn’t it?
So maybe if I use a faraday bag and never use the phone from home, that’d avoid it? Or maybe I just don’t understand.
Then there’s IMEIs. I need to read up on IMSI vs IMEI. I’m real fuzzy on the diff. For anybody else in my shoes, here is what I intend to read. IMEI. IMSI.
IDK. Maybe someone who understands this stuff better can add some clarity. Like assuming the co does what it promises, how far does that really get you?
I didn’t follow your links, but I’m sure you found that IMEI is a device ID and IMSI is the sim ID. So, best way to deal with that is to never put a sim card in your phone. I’ve done that for a long time. Not going to lie, it works but it sucks so hard.
With a SIM in your phone, your carrier knows your device and can track you that way. Yes, every telco company that isn’t one of the big boys just licenses their networks. They are the “upstream” carrier or provider.
So basically, if we assume the privacy companies are legit in not tracking your IMEI then its still a problem because the upstream carrier can do it. But, as far as I can tell since you aren’t their direct customer they don’t do that (this is really big gray area here) because there’s no reason to. But the point is they can. So if the government wants you they can still find you. But because you’re 2 layers deep in the networks they don’t have good enough data to sell.
Rotating IMSI solves similar problems. These days your phone number is your ID, and the sim card it sits on has an ID. So on average they are equivalent since people don’t change phone number or sim cards frequently. But a rotating SIM helps prevent profiling you since you are constantly changing the way your identifier. It’d be like following a guy who changed clothes every block. You can still do it but it gets harder.
So yes, your sim can be seen calling Alice and Bob from your location. But tomorrow its a different sim calling Alice and Bob from your location. You’re not a ghost, authorities would be able to put together that sim 1 and sim 2 are both you. But its significantly harder to track history of all those sims. And for data brokers its nearly worthless because its a days worth of data. I actually don’t know what they do after it expires from you. Does it get deleted or migrated to somebody else? So today its me and tomorrow its you. That would also be good because it would poison the data.
Oh this is super helpful. Thank you for taking your time to say it. It confirms some stuff I thought was true, but I was not sure about.
About rotating IMSIs, what about the IMEI? That can’t be rotated, can it? B/c it’s how the carrier knows your device is allowed to connect?
IDC about authorities per se. I just REALLY want to avoid normal dragnet surveilence. The data broker kind. Seems like this kind of semi private carrier might have a part to play. I have more to learn before I take the leap.
The links are just to the wikipedia pages BTW.
Yeah, the IMEI is set to the hardware like a serial number for lack of a better description. That’s why if you want to protect that, you never put a SIM in your phone. Also, if you go that route you need to buy your phone cash or second hand. IMEIs are logged at purchase so if you buy with a credit card its instantly traceable to your name.
And yes, I presume you are not avoiding authorities and just want some basic privacy. That’s all I’m after, I don’t need to be a ghost.
This privacy game is a process, and it never stops. But if you take small steps all the time you always make progress. You’ll also figure out what your true threat profile is once you hit all the friction points. Its all theoretical until you put it into practice.