First of all, The threat model is based on both APT and Bigtech.
I have been thinking about using the built-in LTE add-on card for a long time, but I have not been able to make a decision due to lack of expertise.
Here are what I have found out so far, and the thinking and decision-making process.
1.WiFi is incredibly vulnerable, it provides the lowest hurdle intrusion method for attackers even with a secure AP owned, which is why it removes the Blutooth,wifi chipset from the laptop.
-but so many hackers use wifi!!! how can they handle risk??
2.Built-in LTE modem is a small black box. Even if you turn it off in terms of software or BIOS, it can still be used as a backport, so I recommend the external type. However, even if you have an actual secure LTE modem, you will not be able to use it unless you can use the USB port freely on a regular basis, and in the end, you will have to make a compromise for safety (enable USB connection allowed in the BIOS).
The thought I came up with after thinking about it was
Since the built-in LTE modem is provided with NVMe, modify the NVMe slot and attach a hardware kill switch to the power supply -In theory, it is possible, but it is very difficult.
Even if itâs just troublesome, donât use it except for wired.
-In a way, it seems to be the best option, so I have been sticking to the policy so far, but the mobility I lose because of this is too tight.
After that, the thought that flashed was -Looking at the some LTE router made based on OpenWRT, wouldnât it be okay to create an OpenWRT Qube to implement IMEI scramble, etc.?! There is also a part, but similarly, the part of âSo how are you going to implement it?â is completely empty.
My 2 cents:
sys-net is inherently untrusted and so is sys-usb, plugging in one of these chinese lte usb sticks should do the trick becaues they are cheap and replacable, better yet since most of these chinese usb sticks run âandroidâ then you might be able to find one that is rootable so you can change the IMEI if need be but beware some of these devices turn on the âwifi sharingâ more as soon as they are plugged in so they immidietly start advertising âhey I am hereâ.
I am not sure if you CAN scruble the IMEI in linux âbuild-inâ 3G/LTE/5G modems, afaik it was easier to do in android because the manufactorer worked under the assumption that their devices wont be rooted so they had less protections, also think of the fact that there is less community insentive to do so in computers because less people use them.
Lastly I would advice against using IMEI âscrablersâ at all, it invites more trouble then not especially if you dont know what you are doing
What if the IMEI you use at any point in time is assigned to a company but not yet âprintedâ into a device
What if the IMEI you use at any point has been blacklisted before
What if he IMEI you use is on a watchlist
And you also have to take into account that the surveilance network is getting wider and wider, if you live in a first world country then you can be almost damn sure that telcoms are sharing data and there must be a central company that compares all this data(PALANTIR), unless you are traveling or living in 3rd world countries just dont use an IMEI scrambler at all, if you do then use an IMEI you know is safe, you could buy 2-5 dollar phone batches from ebay that are marked as âfor parts onlyâ, if said device is only up to 3g then dont use it into LTE, if the device supports LTE then you can put it into the list of available IMEIs that you could use. Dont allow your computer to contain an IMEI that is paired or has been paired with a phone before that doesnt support that generation (3g,4g/lte,5g)
Thx to helpful repy Coalms,
I suprised unexpected answer, about suggestion chinese cheap lte modem, in my gut screamming âDefinately no!!! we canât fight with more unhandling secure issue!please give me brand new sealed production from 1st country modem!!â I want to gentlly asking, did you readed about my threat model? Then still is it truely try worthy solution?
Oh my actual needs about IMEI scramble most of them from trying to avoid PALANTIR like company, but after read your comment i totally wrong demend that. soâŚwhatâs the best option i trying? just far away from lte modem then only sustain wired eth only? Specially in 21century itâs too much burden.
Thereâs nothing from 1st country.
You could either buy priced stuff with 1st country logo or cheap stuff with Chinese logo both manufactured in China. Eventually in Taiwan. Asus?
Search for wired lte travel router.
In general most electronics are manufactured in china, they are just repackaged or soldiered in 1st world country controlled companies but generally the manufactoring is done overseas
That being said most external WIFI and Cellular devices that are plugged via usb are in fact both manufactored and based(the company) on china
There is Taiwanese dLink DWM-222 usb stick modem but dunno if it uses Taiwanese or Chinese chip.
Thereâs also MicroTik M.2 lte modem but again, no one in Europe produces chips so dunno if it uses Chinese or Taiwanese modem chip.
Honestly just drop the idea that any cellular device is going to give you any kind of privacy from a company like PALENTIR and itâs investors or data buyers(generally goverments but also big tech)
If you truly want to use a cellular device here is a quick list of things to consider:
A)Dont use âanon sim cardsâ or generally anything advertised as being anonymous, you stick out like a shore thumb, if you wanna have anonymous internet access its best you pick the most popular cellular provider from the country of which you are based, the second best one is the one that offers cheap unlimited data
B)Donât swap sim cards unless you also swap the IMEI, everything is logged, so either use a new device and a new sim card or dont bother swapping either of them at all
C)I know it sounds far-fetched but the best way to get the most out of your privacy with a cellular device is either
a)Travel and live in a van(no kidding)
b)Get an open source drone with cellular access and install a Li-Fi received and transeiver , fly it somewhere high up but in the line of sight of your house window or somewhere you can attach it to, needs to be somewhere other people wont be able to reach in general but at the same time must we far away from you
c) connect to the Li-Fi from your home, best resaults at night since there is less light infterference
d) hope the wind doesnt knock it over and you have to buy a second one
Do you see now why there are so many traveling techies in vans? Li-Fi+drone is the second best option for anonimity even without a celular connection since you could connect to a buissness wifi but you also stick out like a shore thumb, the only reason that it is better then a yaggi for infostracture you control is because in espionage people rarely think to check for light based communication unless you are in a warzone
In the case you plan to use a popular sim card like I would generally advice, find one in your area(if any) that do not require KYC for registration(or even registration at all) and you should be good, you can buy sim top-ups online using crypto nowdays, i think there used to be a store listed in kycnot.me, not sure