I use GrapheneOS and love my privacy. However, I am not as knowledge in regards to simcards.

My family needed to get a new simcard while abroad and I was hesitant to get a new simcard and preferred to ‘hitchhike’ on a family members internet thearing so he could get a simcard instead of me.

It left me with the choice to:

  • Get a Sim card
  • Get an e-sim
  • Let a family member get a simcard and hitchhike from their internet. (Internet hotspot thearing)

My question: Was my worry in vain and I could actually get an e-sim/Sim or did I do it correctly, making someone else get a Sim and share the internet to me? :P

What I’m worried of, is that I’m currently outside EU and I don’t want any weird hacking attempts towards me from the government. There are a lot of protests here, quite violent ones at times too, and I am aware that governments usually use stingrays or equivalent devices to identify or stalk people of interest.

  • utopiah@lemmy.ml
    4·
    9 hours ago

    Depends, as usual, on your threat model. I do not know where you live, where you went, what you do, who you are and thus who you worry about.

    That being said :

    • if you rely on someone else hotspot well you delegate the risk too. If they relay your traffic they can still shape or monitor your traffic. Obviously I would not expect your family member to do that… but if you are being monitored and there are data showing that you are not at home or work (wherever you usually are) and other data you are traveling together (e.g. plane tickets, border control with IDs checked, connection to services with different IPs) one could expect your surrounding to be potentially targeted. That is one extra hoop and it might protect from “shallow” surveillance but I would not be so sure.
    • SIM main problem in your situation IMHO is KYC, basically that you can’t buy one without an ID and thus if you have expectation of anonymity regarding the provider of the SIM then it is not viable indeed.
    • eSIM AFAICT do not enforce KYC (no scan of ID to send) and typically offer to purchase a SIM outside of the country one is visiting, unlike physical SIMs. Sure they might share ICCID and more but unless that piece of data is linked with your actual name then it might not be a problem
    • honestly if you worry about “weird hacking attempts towards me from the government” then you better know a lot more about cybersecurity than I and random people on the Internet do. It’s one thing to worry about mass surveillance, with or without BigTech, but if a state agent is paying actual security professional to hack your devices or accounts then it’s another ball game entirely.