Hacker News new | past | comments | ask | show | jobs | submit login
Living without a SIM card (habd.as)
318 points by jhabdas 11 days ago | hide | past | web | favorite | 281 comments





I've been without a SIM for over a year. Here are a few more tips:

- Google Voice gives you a free number that works anywhere and can be used for texting and 2FA. (There are some exceptions.)

- Calling with Google Hangouts is free to some countries, cheap in others, and can be configured to show your Google Voice number as the caller. Unfortunately, the call quality cans be pretty bad, definitely worse than, say, Skype.

- Google Maps offline works great on iPhone.

It feels liberating to have no SIM. I'm not always reachable, and that's a good thing. I'm not always connected to the internet, also a good thing. I usually near urban or suburban areas, so free WiFi is everywhere. When I want to connect, I connect. Easy.

Along with living without SIMs, my family also has a policy of No Screen Day (NSD) once a week. We all put our phones, computers, etc in closet at 11pm and don't touch them until 6am two days later. No TV, no going to movies theaters, no screens of any kind. We love our NSDs. They cause us to do different kinds of things, sometimes just read books. It usually the best day of the week.


The Google Voice app requires confirming your phone number in order to make or receive calls. You can use it for SMS and incoming voicemail but not calls.

If all you need is a number to text people there are other alternatives that don't harvest data like Google.


I'm inclined to argue that ditching a SIM card in favor of Google voice is simply trading one form of "Surveillance Capitalism" for another.

The misperception I feel many of us have - myself included - is basic privacy means nondisclosure. I don't personally trust Google, nor do I have a Google account. But if I were to have a Google account I'd rather share my data - whatever it was I chose to share, which should always be opt-in - with Google's nemesis (Huawei?) and let let them pay us to fight over it.

Which email service do you prefer? I'd like to transfer away from gmail.

Not the person you asked but protonmail has worked well for me and seems to be widely recommend. There's some small Gmail features I miss like individually addressable Android notifications but I don't regret the switch.

Posteo.de and ZeroMail

I envy the OP. Unfortunately since September 2019 living without SIM card became (practically) illegal in EU.

> most online payments above €30 to go through an extra level of verification such as entering a code received via a text message. [2]

Most banks unwisely chosen SMS as Strong Customer Authentication providing little choice to customers.

https://ec.europa.eu/info/law/payment-services-psd-2-directi...

[2] https://www.paypal.com/uk/webapps/mpp/psd2


All but one Dutch bank (newcomer Bunq) offer authentication methods that do not rely on owning a smartphone. Most often this takes the form of a complimentary card reader that uses your debit card as a hardware private key to generate OTP codes.

Most banks do try very hard to push you to use their Android or IOS app though. I agree that it is becoming increasingly hard to exist without either an Android or IOS smartphone.

The Dutch government is mandating the use of a stronger level of authentication to access your personal medical data. Currently, the only system that meets this standard is the government Android or IOS app. An alternative is being considered that allows people to use an NFC-reader on any modern computing platform with a suitable driver's licence or ID-card, but this won't be available to every citizen until 2029 due to the renewal cycle of these government issued cards. But even then I can't escape a certain sense of complacency with the government branch developing these techniques; they really seem to want everyone to either get an Android or IOS smartphone, or authorize a relative or friend to manage your digital affairs on your behalf. This latter option is of course geared towards the elderly and the digitally encumbered.

It was possible to participate digitally as citizen in the age of the personal computer even if you didn't get Windows or Mac OS X, but in the smartphone era this freedom does not seem to exist for much longer.


ABN Amro (and I think many others as well) send you an e-identifier device and allows you to make online iDeal payments with those devices.

Well yes, all but one Dutch bank offer valid and secure alternatives, including ABN Amro. ABN also keeps nudging you about using their app instead at every turn (I'm a customer).

Although our own government really takes the cake in terms of 'gently nudging' people to use their app for authentication:

https://twitter.com/jdhoek/status/1214969536333651968 (in Dutch, but with screenshots illustrating the 'nudging')


There's an option on the first screenshot ("ik heb geen smartphone") I don't know what would happen when you click that link (already have my digid on ios set up many years ago) but seems like the government have thought about that.

Of course there is an option not to use a smartphone (for now, and it will not be available if you want to access your medical records after 2020).

The problem lies in the presentation. The styling of the “no smartphone” link is meant to convey that you are doing something undesirable, unsafe, obsolete, weird. That's behavioural nudging. This is fine when the upgrade path is clear and available to all (e.g., “Don't use Internet Explorer, get automatically updating Chrome, Edge, or Firefox”), but it is not fine if the only upgrade path is buying a smartphone and going into an agreement with (foreign) Apple or Google (for the required use of their respective app-stores).

The government should simply not be mandating citizens to own a smartphone just because they can't be arsed to embrace authentication solutions that work on any modern computer (e.g., WebAuthn, or accelerated roll-out of NFC-chip ID-passes and a way to use these with an NFC-reader on any modern OS).


Banks in the US and EU are required to have the identity on file for all bank accounts (ostensibly to combat terrorism), so sharing your phone number with them shouldn’t change the level of privacy. If it is cost people are worried about they can get a prepaid card and never use it except to receive sms. That’s effectively free.

Combined with the push to get rid of anonymous accounts and phone numbers there has also been a push to get rid of cash. I expect to see a time in my lifetime where a country will fully do away with all anonymous forms of payment, effectively making it impossible to be anonymous.


> sharing your phone number with them shouldn’t change the level of privacy

It's not sharing that is lowering the privacy level, it's having to disclose all the information to the mobile operator, in addition to the hassle of needing an additional contract with a third, unrelated party.


Let's be clear about this. Sorry I didn't make myself clearer in my post that I'd never entertain the idea of doing internet banking from a smartphone or any online PC or other facility (except an auto-teller using my card).

In fact, the last internet banking transaction I would have made would have been at least 10 years ago!


I'm not sure how common it is, but in the UK I've known people who have been forced to use their 'free' SIM or risk having the number revoked and the SIM disabled.

What do you mean? How were they forced to use a number they didn't want? Why would they care if a number they don't what get disabled?

> Why would they care if a number they don't what get disabled?

If you gave it as a security contact number to a financial institution you’d care if it was disabled.


Especially since the number will generally be recycled and given to someone else ...

Eventually. Old numbers are held out of use for, I think, five years before being reissued specifically to address security and privacy issues like this

When I had a prepaid phone you had to buy minutes once a year at minimum otherwise you lost your existing minutes and your number was disabled.

Since the inevitable conclusion is impossibility of being anonymous, I think we should push to ensure full transparency for all. Otherwise, it ends badly for those not in power.

This was John Brunner's solution in Shockwave Rider. So does it work for preventing scammers and telemarketers? I guess it does since you would know who is calling you.

The problem with this is the asymmetry of power relationships - if everything is transparent it is very easy for a powerful group to use that against an individual but much harder the other way around

That’s happening anyway with non transparency. At least with transparency, it can be known, and perhaps acted on.

Exactly. QED.

> I expect to see a time in my lifetime where a country will fully do away with all anonymous forms of payment, effectively making it impossible to be anonymous.

That would mean either the elimination of poverty or a country that so hates its poor, it's willing to remove them from the economy altogether. I highly doubt that will happen, even in the US, where the poor are despised and hated by almost everyone. But then again, you never know.


Many poor people already use digital forms of money. The others will probably have to resort to barter. Money is really hard to kill, though; if cash is unavailable, people will create informal alternatives.

Yeah, fuck them. Just let them resort to barter.

People who assume predictions to be wishes are really tiresome.

Don't blame the EU just yet.

1. EU didn't force the banks to use SMS

2. EU is aware of the privacy/security issue of SMS and is planning to actually ban using SMS otp as a form of strong auth

https://www.zdnet.com/article/german-banks-are-moving-away-f...


I wasn't blaming EU (I am not in a habit of bashing EU) and I am not saying this is completely bad law. I am just observing the reality on the ground.

As I understand your point it has absolutely nothing to do with it being illegal to not have a SIM card. Your point is simply that it is impractical not to have a SIM card because that makes it difficult to do bank transactions. Big difference, and using 'illegal' in this context is highly misleading.

I think the implication is that if you wanted to function without a SIM card, your only way to do that would involve eschewing all above-board fiscal infrastructure and working with the grey/black market instead.

It's like being an outlaw, or a member of an untouchable caste: sure, you could just hide in a hole forever and wouldn't be breaking any laws, but in order to do anything you'd have to do it in a way that breaks a law.


But that’s just not true.

My point was really that the banks will be forced (by EU)to drop sms as SCA anyway. Legislation for that to happen is already in place.

Most banks use their own card reader which you can use to authorize/sign a payment, I never had to use SMS for this.

And some banks (ING, bunq, but also others) don’t require anything else than just the mobile app, using either a pincode or biometric validation through your mobile OS. That’s way more practical, because you don’t need to have a reader in your pocket in order to do payments.

Except that you are now required to get into an agreement with Apple or Google for use of their app-stores (banks don't offer alternatives to that route).

Bunq is also a troubling development, because it is the first Dutch bank to require the use of their app, offering no alternative authentication methods (like the larger banks do). If they are allowed to do that, then what is stopping the other banks besides good customer service? ING is already notorious for having waited as long as possible before offering an alternative to their app to users of their former outdated numbered one-time code system.


Be careful what you wish for. Probably if banks are forbidden from using SMS they'll force you to use a mobile app on your Google mobile implant. (And the app will refuse to run if you have root on the phone, facilitated by strong DRM mechanisms)

Unless you summarize the law we don't know what you mean by "practically illegal."

When you say "practically illegal" I can only assume you mean "not illegal."


They're referring to the Revised Directive on Payment Services ("PSD2") passed by the European Union which imposes a requirement to use "Strong Customer Authentication" for certain financial transactions (online or contactless) to reduce fraud, among other things.

When you make a payment over a certain size, you're required to verify that it's you making the payment. It's 2FA for payments essentially, you enter the code sent by SMS or you tap the approval button in your banking app, or enter your PIN again for contactless transactions.

It seems a lot of payment institutions have allegedly implemented SMS verification for these transactions. I bank with Monzo (https://monzo.com) which offers an approval notification in their app.

Unless you switch to a "challenger" bank like Monzo, you're going to be getting SMS to verify transactions (otherwise the transaction won't go through) and while I consider it hyperbole to mark this as "practically illegal", it does make things rather difficult for those with no phone or SIM card.



That is probably wrong in this generality because it is used by ING, at least.

I have edited my answer.

Most institutions I know have chosen SMS for Strong Customer Authentication which means sooner or later you in practical life will need your personal SIM card (banking, doctor visit, e-prescription, e-government etc.). Unless you chose to live off the grid for real.


But also, I think you have that situation understood the other way around.

SMS was chosen because everyone has it already. So it's not a matter of being forced to have it, it's a matter of "all other alternatives are less widespread."

I think there are actually more people globally with access to mobile phones than people who have access to basic sanitation, i.e. flushing toilets.

I'm sure that many or most of those organizations have alternative, non-electronic means of interaction - such as phone, paper (writing checks), or in-person. That is the alternative to using a SIM card.


Yes but situation before September was that I could use my account without SIM card. Now access to my account requires having a SIM card and a phone.

Now imagine taking all my six SIM cards on vacation to Thailand just because you may be in need to urgently use one of my multiple bank or brokerage accounts ;-)


So you're complaining of having to use a SIM while you have 6 SIMs?

I am not yet ready to become a hermit. But when I do I would rather live without a phone then without phone and a bank account. :-)

sms is not PSD2 compliant which means it can't be used as SCA method

https://www.zdnet.com/article/german-banks-are-moving-away-f...


This article summarizes a document that's titled "opinion". As long as there is no definite legal outlawing of SMS, many banks will continue to use it.

Well the document provided is an opinion on the implementation and further clarifies the specifications. It clears states that SMS is not PSD2 compliant. Banks found in breach will be forced to comply. I think is more a banking license issue than a "legality" issue.

>> To fulfil its statutory objective of contributing to supervisory convergence in the EU/European Economic Area (EEA), and to do so in the specific context of the RTS, the EBA is issuing a further opinion with a view to responding to the large number of queries that the EBA and national competent authorities (CAs) have received from market participants on SCA and, in particular, on what procedure or combination of authentication elements may or may not constitute SCA


Where are you? Here in Germany, most banks do not require SMS (many have phased out SMS entirely).

In Poland most banks I use (Citibank, Santander, Millenium and others) require confirming logging into account via SMS at least once in two weeks. Some require confirmation via mobile app. (That wasn't obligatory before)

Its rather that banks have phased out other methods like tokens as too expensive and troublesome.

https://www.money.pl/banki/santander-pko-bp-mbank-czy-pekao-...

https://www.spidersweb.pl/2019/09/jak-zalogowac-sie-do-banku...


Even according to these articles, most support an app-based solution that doesn't require a phone number?

This isn't so. Yes you can use banking app but this might be even worse for privacy. It depends a lot on implementation details of the app. For example Santander app won't even start without permission to manage you phone on Android.

One thing I did is to use Twillio to get a mobile phone number (5.-/mo) and forward the SMS to email or whatever. It works pretty well and was easy to setup.

One big advantage is that number-porting attacks are much harder to pull-off with them as they have better security than most phone companies.

One downside is that the SMS must come from the same country. It's a weird limitation of their platform.


Most banks in Austria mandate their own proprietary push-TAN apps and don't support SMS as a second factor. Depending on your POV this could be better or worse.

I live in Germany, and while I need a smartphone to get the code for my online banking access, it doesn’t require a SIM card or a phone number.

that's not much better tho.

If saving money is the reason, go for a prepaid card. German/Dutch prepaid cards have far long credit life. I travel full-time nowadays and I can use my KPN number for less than €1 per year.

German Alditalk credit lasts 24 months IIRC, and topping up extends the credit shelf life.

Pretty much every SIM card has free incoming SMS when roaming. USSD are also free with some carriers.

Losing SIM card is less of a hassle with eSIMs.

Perhaps other than tracking concerns, I'm totally not convinced with the reasoning.


A German/Dutch sim card doesn't help someone living in Indonesia/Malaysia.

Also, the fact that the credit lasts 24 months before they steal it for not using it is meaningless, since life with a sim that has no data and makes no outgoing calls or sms is almost identical to life without a sim, except for the tracking and the ability to be found by others.

So i think it completely misses the message.


You can receive unlimited amount of SMSs for free.

> Perhaps other than tracking concerns, I'm totally not convinced with the reasoning.

Tracking is not an issue, if you keep your phone in airplane mode (wifi and bluetooth can be enabled on most phones, but mobile network stays disabled), or if you just remove the sim card, and put it back, on those rare occasion when you need it (so you don't have to bother other people)


If you have wifi turned on then what's to stop you being tracked. I imagine Google Maps can track you using a combination of GPS and WiFi, as well as working out your likely route between locations for periods you're out of contact.

Precisely. With any outgoing connection, your phone is constantly looking, reporting, and talking. IIRC, didn't Google (or maybe even some Open Initiative) do a huge mapping of routers based just on the MAC and overlays with GoogleMaps or OpenStreet?

A connection exposes you to surveillance, and yes, it's worse with SIMs, but having WiFi on just adds a little latency to the same thing. Public Routers that you're discovering do the same thing. I had thought this was the entire point of iOS devices randomizing their MACs when scanning available networks (no idea if this ever got shipped with Android devices).

I am probably in the "nutty" quadrant when it comes to concerns about tracking, surveillance concerns, and online privacy, but I also don't really like needlessly inconveniencing myself just to undermine the entire purpose of why the inconvenience is necessary in the first place. Your phone is always talking -- SIM card or not. I'm not even sure modern non-smart phones (flip revivals and such) are wifi free.

Such protections are a good ideal, but a lot of people have an unrealistic idea of the threat actors they're trying to protect against.


To me, the price paid to a cellular provider is actually preferable to relying on other people's WiFi networks.

Using someone else's WiFi isn't a security advantage, it's the opposite. You're bumming off of someone's network and not even paying them - so who knows what their motivations might be. Who knows if the network that the SSID claims to be is actually that network.

Is Starbucks Free WiFi actually run by Starbucks or is it a malicious router placed in the same vicinity? I don't actually know until I connect.

I would suggest the alternative of using a pay-as-you-go plan on a SIM card, something that doesn't cost a lot with low usage. If you want to be more disconnected you can simply turn on airplane mode. In almost any country in the world you can pay less than $10/month to maintain a phone line and SIM card.


>> Is Starbucks Free WiFi actually run by Starbucks or is it a malicious router placed in the same vicinity?

Both. The Starbuck Free WiFi is also a malicious router. All routers should be seen as malicious. That threat model is why we have secure websites. That's why VPNs are always a good idea, or Tor if you are really worried. But even then, those routers too must be deemed untrustworthy. At no point should one ever trust middlemen, be them routers or used car salesmen.


The entire Internet is based on routers aka middlemen. Even your VPN provider is a middleman.

If I had to choose, I'd trust a known compromised access point that doesn't know my identity over Yet Another VPN provider to whom I paid money and gave valid billing details.

Both are shady, at least the first only gets small bits of traffic that happen to be unencrypted here and there and doesn't have my identity and can only snoop when I'm at the location of the AP, the other one has my valid identity and billing details, e-mail address and happens to snoop on me all the time I have the VPN on regardless of my physical location.


VPN services such as Mullvad (and I believe Nord as well) accept cash and crypto in exchange for their service. And both allow WireGuard, which is coming to the 5.6 Linux Kernel. Additionally, Mullvad has no referral model in place to attempt to track individuals via social graphs.

Are there any sites of any importance that don’t use https? What’s the threat model?

> Is Starbucks Free WiFi actually run by Starbucks or is it a malicious router placed in the same vicinity?

Isn't Starbucks "Free" WiFi a joint venture between Starbucks and Google where you have to agree to them collecting your browsing data in order to use their "free" service?


Exactly this.

The only reason public Wi-Fi is a thing in this day and age is marketing & advertising tracking. Venues don't deploy it out of the goodness of their hearts, they do so because the data they collect from it exceeds the cost of deploying and operating it.

Another issue is that most public Wi-Fi is provided by a few companies offering it "as a service" to the venue so these companies can track you across different venues by your MAC address.

Trading off mobile data for public Wi-Fi for "privacy" is stupid and counter-productive. You're trading off a company that might occasionally be nasty (depends on the region - carriers selling granular location data like in the US wouldn't fly in Europe for example) to companies whose entire businesses is to be nasty.


The reason cafes offer wifi is that otherwise people would stop coming.

[citation needed]

When was the last time you chose your coffee shop based on whether the WiFi was offered?


When my homework assignment required internet for research and the coffee shop was my choice for studying.

Yesterday.

Every coffee shop doesn't have wifi apparently. I wouldn't go to a coffee shop without wifi.

So you freed yourself of the hassle of paying for a SIM, but constantly rely on others who have a SIM to get around?

German Freenet Funk offers one-day-one-euro prepaid SIM; you can cancel any day.

Satellite.me gives you a German mobile number through an app for free (SMS support is in alpha, though).


Five years ago I quit my Software Engineering job, and I got rid of my dumb phone. I've not had a SIM since. My sister gave me her ~4 year old HTC One phone, which I take out and power on about once a month to use as an alarm or use google authentication or some such.

I'm a person who is a little addicted to the internet, so for me I think of it like an alcoholic not walking into bars - I'd be that guy constantly reaching for my phone in social situations, so it's simply better if I avoid the temptation and just don't have one.

A few thoughts:

- Yes, I occasionally ask humans for directions. It's actually kind of novel and always starts a conversation.

- I had to talk to my bank for an hour to let me use email as my verification option. Works fine now.

- I have wifi at home, so I have tons of contact with my family using my laptop and video chat, messenger, etc. I spend more than enough time online.

- I have a large social media presence, but it never 'bothers' me. I do it for 15 minutes a day on my laptop, then I put it away and I never get a single notification during the day.

- I thoroughly enjoy sitting in a bar or other social setting and looking around the table to see who wants to make eye contact and talk vs. who is staring at their phone. Many times I'm the only person at a large table not using a phone.

- Sometimes I miss out on social stuff because friends are organizing on whatsapp or even messenger an I don't open my laptop so I don't see it. I honestly think this wouldn't change if I had a phone, because I'd turn off notifications and only look at it a few times a day.

- I've saved a lot of money over the years

- It certainly is inconvenient at times, and I'm currently flirting with the idea of getting a SIM for the old HTC so I can take creit card payments. So be it. I probably won't install any apps.


> …it's the only thing which has prevented me from having to continually make international calls from a friends phone

By relying on other people it is possible to do without many things.

However, unless you have other ways of signaling sufficient status or wealth (such as being a digital nomad living abroad in a lower income country), people you continuously rely on for essentials might start treating you with a little less respect.


My sister’s former boyfriend used to carry a phone without a SIM. His mom ended up calling my sister or our landline to check up on her son. It was annoying AF.

Feel free to live off the grid, but please make sure you don’t leech off of those around you.


This is really hard to do. I don't live off the grid by any means - there's a million ways to contact me, e.g. text message, calling, Signal messages, emails, etc. However, I don't use Whatsapp in a country where the vast majority of people does.

I'm fine with missing things if people don't feel like using any of the methods I have to get in touch with me. However, instead of either not bothering or using one of the communication channels we have in common, people tend to ask my partner to relay messages to me. So short of starting to use Whatsapp (which I'd really rather not do, and which requires installing a different OS on my phone - and possibly get a data subscription as well), the burden is on my partner to either tell them to contact me directly, or to relay the messages.

Any good tips for others ways of dealing with this are very welcome.


It's a social cost question, I guess.

Your signal: I don't care enough about our communication to use WhatsApp, because of reasons that are obscure to 99% outside a tech community. Similarly, they don't bother to reach out to you on other communication channels, because they don't bother enough.

The important thing to understand is, from your communication partners point of view, you create a burden without reason, so they work around it in (their) most effective way.

I've been there and didn't support this or that messenger. By now I think, the only way to solve those kind of issues are i) sane laws that regulate privacy and communication security, and ii) trends that create a need for a new communication style - private, secure, and human (like, calling from time to time, find a better solution to ghosting, things like that).

I'm convinced that we need positive incentives for that, instead of creating artificial burden.


Oh yes, I wasn't trying to imply that any party was at fault here - just that the outcome is unfortunate.

This isn't just limited to communications tools. For example, people might have dietary restrictions for non-health reasons (religion, environmental impact, etc) that others do not share or even understand. I don't mind accommodating those (to a limit) e.g. when picking a place to eat, but it is a burden placed on people around them. That's just the way it is, I guess, and I suppose all people can do is try to minimise the burden, and to be accepting of those placed upon you.


One needs to work on explaining the reasoning to the others in one's group, and providing tech support so they too can embrace the freedoms one enjoys

> The important thing to understand is, from your communication partners point of view, you create a burden without reason

They create a burden without reason.


I think that both sides create a burden. In my opinion, the difference is that, it is a one-to-many kind of matching scenario. One person (the one opting out of using the preferred messaging method of all their friends) creates a burden to many people, while all those people create a burden just for one person.

If it helps, you can try visualizing it as a fully connected graph that initially has equally weighted edges between all nodes. But then the weight of all edges connected to one specific node goes up by multiple factors. That node loses out much more than all the other nodes.


> I think that both sides create a burden. In my opinion, the difference is that, it is a one-to-many kind of matching scenario. One person (the one opting out of using the preferred messaging method of all their friends) creates a burden to many people, while all those people create a burden just for one person.

I personally rather observe various groups in society with very different kinds of preferences.


He was making a point about empathy that you seemed to miss.

Perhaps I missed this point - but if the empathy point exists, the other side did not show empathy, either.

You're creating extra cognitive load for people. If there's one thing behavioral psychology has reliably taught us (in spite of the repeatability issues on a few findings), it is that our brains are wired to avoid cognitive load as much as possible.

The cost of putting cognitive load is many people will choose not to pay it and that cost is instead borne by your partner

Would you walk through wet mud if a grass or concrete alternative path is available? That's pretty much what your contacts are doing


Another metaphor: if someone decided not to pave their driveway, because they don't want it to get so hot in the summer, would you tell them, hey I'm not going to visit you until you pave your driveway?

In practical life, people who chose to live in less accessible places actually don't get visited much except by very close relatives & friends (I can think of 4-5 of my relatives like this). So probably proves the point :-)

Depending on how deep you want to go down the rabbit hole, you could bridge WhatsApp to Matrix using the web client and whatsapp running in an emulator - https://www.matrix.org/blog/2019/02/26/bridging-matrix-with-...

Not a solution for even most people unless you're really into Matrix and running your own servers though. (I bridge WhatsApp, but use a physical phone to do so)


And then take it a step further with something building on matterbridge[1], which has libs to "bridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocketchat, steam, twitch, ssh-chat, zulip, whatsapp, keybase, matrix and more".

[1] https://github.com/42wim/matterbridge


> His mom ended up calling my sister or our landline to check up on her son. It was annoying AF.

What you call "annoying AF" was reality for many many years, and yet people were not constantly annoyed..


I remember plenty of annoyance in those days! My friends' families being on the phone for hours and making it impossible to reach them. Having to get off the internet so someone could make a call. Having whole systems to make sure the people got important messages in a timely manner whenever they got home. Having every call need to take place in a central room of your house where you were usually in the way of other people. Having to make sure someone was near the phone/in the house if you were expecting a call.

It's not a constant annoyance, but if anything there were more annoyances in the 90's around phones than having people call me to speak to my sibling.


Things are not annoying when you know there is no other more practical solution.

>What you call "annoying AF" was reality for many many years and yet people were not constantly annoyed..

It might have been a reality pre-00s ─ today if you want to play out any Jason Bourne fantasies, they will not be considered just annoying but suspicious, as your number gets intrinsically linked with somebody else's activities.


It was a different time. The cost of communication is near zero, so if you can’t be bothered, people get annoyed.

I would say this demonstrates that the cost of communication is not near zero.

I just don't think most "people get annoyed" by such things, definitely not "annoyed AF", besides some very impatient people who'll always find this or other reasons to be annoyed.

> 'The cost of communication is near zero'

You mean the 'cost of interrupting other people while they are in the middle of living their lives' is near zero. On the other side of the coin, the cost of being constantly interrupted by beeping, buzzing, ringing, and jingling of every asshole in the county who calls/text on a moment's whim, and gets annoyed/offended when I don't instantly respond, is not zero.

Likewise, the cost of being constantly surveilled by intelligence agencies and evil corporations is definitely nowhere near zero.

I live completely off the grid. Far from giving a fuck about how offended/inconvenienced others are by my lifestyle, I purposely disconnected from all of those people. Life for me is much better now.


Yea that's by definition not "off the grid" anyway.

It's like German getting out of nuclear power generation but then buying nuclear power from Czech and France, where power plans are literally at the German border.


> make sure you don’t leech off of those around you

I think that's a toxic attitude. Picking up the phone for someone else every now and then is really not a big of a hassle. Obviously I don't know the whole situation, but in general I do think that one should be ready to do such minor favors for another human being without calling them a leech.


I know someone who lives off the grid like this, they are also too cheap to ever pay their share of airbnb lodging (I will stay with someone else, oh you got it I come stay with you), too cheap to give a bit of scotch tape for taping up a box when clearing out their dead mothers house because they bought that tape for 2 euro, or finally too cheap to buy their own chewing gum when they have had all their other expenses paid (flight, lodging) to go to a wedding in Kiruna Sweden.

on edit: changed some incorrect uses of to to correct usage of too.


Sounds like they're just cheap; and the off the grid part doesn't necessarily have anything to do with it.

exactly the original comment was make sure not to leach, and someone else thought it was a toxic attitude, and I don't think it is too toxic an attitude - because there are people who are leaches after all.

But there's being a leach, and there's trying to cope given a moral-philosophical decision not to use a phone. And you're not distinguishing them.

Yes but there was the original comment which suggested that it was not nice to suggest not to be a leach, because that was a little bit much to assume, so I provided a counterexample where that was a reasonable assumption.

Normally I would not expect, given that thread of conversation, that I should have to explain that my example was not meant to be a universal condemnation of anyone not having a sim card in their phone.


They aren't mutually exclusive.

Especially because it wasn't that long ago (by my standards) that not everyone had a personal phone in their pocket.

In fact, only 33 years ago my parents had to call the neighbours 3 doors further to call my aunt to notify her (and my grandparents who happen to be visiting her) of my birth.

Although, I admit as someone with a speech impediment, I absolutely loath using the phone. But it's a necessity even as a software developer. But nothing as annoying as having to pick up the phone, only to hear that it was (effectively) the wrong number and they needed someone across the room...


Or when you (effectively) work night shift, and some #$%#$%# telemarketer decides to call at 9am.

I feel you. After my last phone broke I decided to get a dual SIM phone. I set up my phone to block all calls on the first SIM from any unknown number. I got a cheap second pre-paid SIM and essentially made it my 'business number'. On my android I then have it set up to 'Do not disturb' mode during sleeping hours. The transition was a bit more cumbersome than I anticipated, but after it was all said and done, I couldn't be happier with the outcome. My friends and family can get a hold of me whenever, and I no longer get calls from business/employer/etc unless it is in the allocated times I want.

Or a friend forgeting about jetlag ringing you on a sunday morning when you were sleeping happily (just happened to me this morning :-D )

That's easy to fix though - I am putting my phone to do-not-disturb (or even airplane) mode when I go to sleep every day and I honestly don't see any disadvantages of doing that. If somebody calls me when I'm sleeping, I will react when I wake up. I don't think giving the people on the whole world the ability to wake me up whenever they want to is justified in any way.

Well I kow I should do that, but perhaps because I'm near my fifties (so lived a lot without a mobile phone), I always fail to remember to active it back when I wake up.

My wife (who is younger than me, as in 16y younger) do that too and have no problem.

For me, if I do it, I sure remember, but 2 or 3 days later :-D


I have been on do not disturb mode 24 hours a day, 7 days a week for the last few years. It’s actually amazing. It has allowed me to use my phone on my own terms, when I choose to, not on someone else’s terms when they want me to.

I haven't gone that far because unwanted phone calls aren't a problem for me, so I've just turned off most notifications and it's been great. Email is a much better tool when you don't have notifications on, I'm much better at paying bills because I check a couple of times a day when it's also convenient to pay them, with notifications on I'll swipe away and forget. Same goes for things I actually want to read, I'll read them properly now instead of a quick skim at an inopportune time.

Google has been awful at respecting my decision though, they'll keep enabling various news notifications and the have a very different opinion on "breaking news" than I do, I think the last one was for some Hollywood awards show. If there really is some breaking news I need to be interrupted for then the government emergency SMS service should suffice.

I first read this on HN: app notifications should really be called app interruptions. It really changes how things should be viewed.


Sounds like automating it to enable sounds at some hour when you usually are already awake may be an easy solution.

Sure, it is not a hassle for you but it can be a huge hassle for other people.

The example doesn't quite seem to connect to the moral. Maybe he didn't want his mom to call him. If a third party calls you to inquire about me, why is that my problem?

Because you care about people around you and don’t want them to suffer because of indirect consequences of your actions...?

Some time ago when mobile phones were very expensive one of my relatives carried SIM without phone.

We’ve recently got rid of roommates like that. They owned nothing and borrowed everything. Plus their ideology was that every corporation conspires to poison people. And they were heavy on drugs. And smelled pretty bad.

Sharing is great when you put in something material in, not just try to be bubbly person.


He could've just used a SIP client (plus e.g. WLAN, which does not even have to be on 24/7), and being the one who initializes the call. If he does it on a sane time, then he'll reach contact.

You presume that he wanted his parents to be able to contact him.

I don't. My use-case, where you have a SIP client and WLAN, allows for you to be disconnected, and only connect when you feel like it. It is akin to Invisible mode on ICQ; and that was perfect for people who wanted to lay low.

But why go to the trouble of that at all if you only want to make outgoing calls, and without giving people you call a return number to reach you.

People need your return number for voicemail (if you decide to opt into that; personally, I don't), and to recognize who's calling them. I know enough people who don't accept a call from a "private number" or "unknown number".

I have my smartphone 24/7 on DND. I only feel/hear my vibration motor if I get a call. Sometimes, this causes me to miss phone calls, but in general it works well enough. It also makes me one of these people who isn't annoying in public transport or on yoga class.


That's on his mother not him. Maybe he did this specifically to try to have some breathing room from his mother?

You don't seem too impressed by those that make the choice to live off the grid...

> You don't seem too impressed by those that make the choice to live off the grid...

I don't think the author of that post is living "off the grid" at all.

I am surprised nobody noticed that he mentioned he uses OKCupid.

https://www.eff.org/deeplinks/2020/01/grindr-and-okcupid-sel...


It's great if you choose to do that. But if everyone else has to compensate to deal with your choices, like parents can't reach the person so they call their friends, you aren't really living off the grid.

Strikes me as a feature. Who really wants to be judged as a person by what they own rather than who and what they are?

But it's not what they own, it's what they impose on others.

The implication here isn't that they're being judged for not having a phone (with a SIM card), and that they're constantly relying and leaching from others. That can be annoying, and people tend to not like annoying people?


Carefully reading the GP I have to agree. But that's calls.

Let's talk texts.

Compare:

1. An employee gets all of their break time eaten up by a friend who is off work and sending tens of low-effort messages for help with choosing an appropriate cafe for a double-date that night. (Saw it happen.)

2. An employee has nice, relaxing breaks. Then they meet up with a group of three that includes a friend who spends five minutes annoying the other three until someone finally decides on which cafe to visit.

Given that employee as input data, which is the preferable system? If you answer 1 then I've got a lot more questions for you.

It's too bad that texts generate so much flak that an "off the grid" person's absence doesn't register. But it's still a benefit for current SIM card holders that the "off the grid" person isn't adding flak to that broken system of communication.

Not sure it outweighs the mom calling the sister. But texts are generally such a productivity drain it is worth noting.


> 'But it's not what they own, it's what they impose on others.'

But I haven't imposed anything on anyone. It's society--or rather, a certain loud, vocal, and extremely selfish segment of society--which is attempting to impose something on me.

It speaks volumes about the mentality of such people that they somehow think I'm imposing on them, because they're 'forced' to think and plan ahead a little bit if/when they desire to contact me, rather than me being instantly available at their beck and call 24/7/365.

> 'they're constantly relying and leaching from others. That can be annoying, and people tend to not like annoying people?'

Exactly my reasoning for purposely disconnecting from those who always have to be joined at the hip with their digital devices 24/7/365, and who insist that I need to be also, for their convenience.


We're talking about the author's friend, whose phone is being used by the author to communicate with third parties, and who might find that annoying.

If you have friends that like you enough to chase you around to try and make plans, that's awesome. I'm thrilled for you and I'd have to imagine you're an awesome person.

The fact that you refer to people trying to make plans with you as an imposition on you tells me that might not be the case, but I'm not in any position to judge either way.


> "If you have friends that like you enough to chase you around to try and make plans, that's awesome. I'm thrilled for you and I'd have to imagine you're an awesome person."

Tons of assumptions packed into your post here, all of which are incorrect due to your own lack of perspective.

Let me put this into perspective for you.

So that you can better understand the totally warped and ridiculous mindset of antisocial, contemptible extremists like me, try this little experiment: Give up your phone for 90 days. All phones. Totally and completely. Use email and snail mail only for communication. Or even IM, if you like; you don't have to go "whole hog" like me and not even have internet at the house. Just dip your toes in the water. Use a desktop or laptop for your computing needs, and leave the toy in the drawer.

There are many ways you could go about justifying this to your shocked and horrified colleagues and family members, limited by your own imagination; the best way from a scientific standpoint (to conduct a study and learn from it) would be to example pretend to be a person like me, who has decided to do this because of very legitimate reasons concerning security, privacy, etc, perhaps leaving off the part about the unwanted intrusion of society's selfish demands on one's own personal health and well being, of course, so as not to offend anyone.

(You don't want to offend anyone, right? Neither did I.)

You could say that you're doing it as an experiment for a limited time. Whatever suits your personality and temperament, while preserving whatever modicum of social standing that you hold so dear. The point is, just do it. Step into my shoes for a time, if only briefly, just to see what it's like.

Here is what you will learn:

* Yes, there are annoyance and inconveniences involved with not having a phone. They're pretty small, actually, for the most part. By far the biggest difficulty lies in dealing with other people's bullshit.

* In some people's minds, you will immediately and instantly because the biggest asshole on the planet, a totally selfish person in their viewpoint, just because they can no longer text or call you up on a moment's notice, but instead have to email and wait (sometimes an entire day!) for a reply.

* This is even despite the fact that you actually went out of your way to make it easier for them to contact you via alternate means, knowing that it would be something of an inconvenience to them, and wanting to mitigate that as much as possible. No appreciation will be shown for your efforts.

* Further reflection on the above points will demonstrate just what a low place you must have really occupied in such people's esteem, if this rather small inconvenience to them is really enough to turn people against you. This is one of many fascinating unanticipated insights into the mind and heart of humanity which you'll glean by following the road less traveled.

* Some people will instantly understand why you are doing this. To them, no explanation is needed. In many cases you will find there are others who quietly would like to do the same, but feel afraid to do so, because of social pressure. Or sometimes they will secretly think you're a nutcase, but yet will express solidarity to appear polite, while quietly judging you. And also assuming that you don't understand that they are pretending to express solidarity while quietly judging you.

* Some never will understand. They will refuse to understand, badgering you with ten thousand questions like "What? You don't have a phone? Why don't you have a phone? How can you not have a phone? What if there's an emergency? What if [...]? How is this possible? How can you even breathe?" etc.

* In many cases people will hardly be able to hide their contempt of you, and may even go out of their way to purposely make your life difficult--as if the real reason you don't have a phone was to purposely make their life difficult.

* Such people will have this greatly exaggerated bias against you, as if you have placed this enormous unwanted burden on their shoulders by simple virtue of the fact they have to exercise a little forethought and patience when attempting to contact you for whatever reason, selfish or unselfish; which (in the case of such people) you'll find generally leans much more toward the 'selfish' end of the spectrum.

* Some of the people in question may even be your own close family members--like your mother or father. These are always the saddest revelations.

* Needless to say, any burdens that legitimately but accidentally fall on others as a consequence of your attempt to live a different, better life will be blamed entirely on you, even if they have nothing to do with you and are in fact a perfect example of just what you were trying to escape from--such as the example of the mother who can no longer call her son since he doesn't have a phone, and she Just Doesn't Understand so she just calls his girlfriend instead, and he gets the blame.

* The very fact that you "think you're better than everyone else" by living a different life than the herd will be held against you.

* One previously bad thing that's been changing, is when you are asked for your phone number at any one of these thousands of places that want it so they can datamine you, in the checkout line or wherever, and you tell them simply, "I don't have a phone", people are now more likely to assume you really do have one but just don't want to give them the number--which has less of a negative connotations than their previous (idiotic) assumption that you're just too poor to pay the bill or whatever.

Those are many of the "bad" examples of things you experience by going "off the grid." I won't even bother getting into all of the good stuff, like the peace, quiet, and contentment, improved mental and physical health, etc. All of that goes without saying, really. None of that is a surprise. It's the above that will surprise you, bother you, and change your outlook, when you see from an outside perspective just how totally selfish this society really is.


> Such people will have this greatly exaggerated bias against you, as if you have placed this enormous unwanted burden on their shoulders

Maybe what's really going is that you made them conscious of having an enormous unwanted burden on their shoulders. And every time yet another compromise is forced on them, the weight increases. And you had the strength to shrug it off.


I simply have a low tolerance for "just putting up with things." The things people are out there tolerating in their lives just staggers the mind.

Like junk mail, to name another easy example. I complained about all the junk mail one time at the postal counter, and the woman replied, quote, "You call it junk mail; we call it job security."

(Which is exactly why I no longer have a mailbox, either; just a PO box that I check once in a while. I refuse to waste away my precious life dealing with such bullshit.)

Tells you everything you need to know right there about the entire society, really. The rot is everywhere. Which is why increasingly the only sane option is to Opt Out from the madness entirely.

Life is much more peaceful on this side of the fence.

I remember playing Leisure Suit Larry back in the day. I think it was episode 2 or 3, where at the end of the game the story goes that Larry has retired to his "programmer's shack" out on a lake in the wilderness, to write the next LSL game.

I remember being struck by the beauty of that scene--the idea of being out in a shack on a lake, alone in the wilderness, nothing but me and the compiler. The "escaping from the world" aspect seems to have been a large part of the allure, especially as a kid, dreaming about not having to wake up early and go to that sorry ass school in the morning. No more society and its constant demands and burdens. Just living, in peace and contentment.

Today I am blessed to also have my own "programmer's shack" on a lake out in the wilderness, with nothing but me and the compiler and time.

I'll take this life over a $500k Silly-Con Valley rat race job any day of the week. And indeed, the very reason I'm here today is because that's the choice I made, period.

People have a lot more control over their lives than they allow themselves to believe. Where they inevitably end up is a result of their choices and actions. As time goes on, more and more will see the wisdom of unplugging and dropping out of this insane society. It's no big loss. In time we'll start our own new and better society.


He will be judged for his actions - becoming a burden to other people by choice

This thread is insane... How did we go from someone borrowing others' phone on occasion to these ideas of Social Darwinism? At this rate, someone is going to suggest euthanasia within two more comments tops.

For most people, lending their phone won't even incur marginal costs considering the trend towards flat rates.

If you find yourself being annoyed by such situations, note that these feelings are bound to make you miserable, and are unlikely to have much of an affect on the target of your anger. I've found that it is far easier than I thought to just consciously decide not to get worked up such issues, and that it's remarkably effective at improving mood and social life.


I find it hard to take people entirely seriously when in order for them to live their pseudo-ascetic lifestyle, they require other people around who haven't taken that step.

The OP is claiming the way he uses his tech gives him a cost saving and encouraging people to follow suit, when if everyone did that then he wouldn't be able to do the things he does any more. So it's not a sustainable lifestyle, because it leeches off the idea that most people aren't doing it.


Another good example of this sort of behavior - I know someone who doesn't carry any credit cards and prefers to pay cash for everything where possible. This is generally fine, however, since they're responsible enough to be carrying plenty of cash to cover whatever they need.

It would be quite annoying if they constantly only had $5 in their wallet and needed their friends to cover for them with a card whenever we went out. I can respect the position they're taking, but you've chosen to interact with the modern world in ways that are unexpected and more difficult in some ways. In return, I expect you to think through those obstacles and solve them yourself.

If you ask me ahead of time if I can pay for something, or use my phone, that's totally reasonable. Just going through life assuming that it's a thing isn't thoughtful or respectful of my personal limits.


But in the example given, it wasn't the boyfriend who was always borrowing his girlfriend's phone to call his mom; it was his mom calling to contact him. Probably because she's also yet another one of those types who Just Can't Understand Why Someone Wouldn't Have A Phone. And yet he's the one imposing on others?

I'm sure he would be perfectly fine with her not calling at all, and just speaking with her the next time he sees her, the way 95% of humans on the planet are perfectly capable of doing. But she chooses to not respect his very wise and very reasonable mode of living, and you choose to see that as being his fault somehow.


It can be multiple people's fault. If he knows it will upset his parents to not be able to call him, and at this point clearly knows that they're going to bother his friends instead, that's still a decision he's making. He could tell his friends to just block the number/ignore it, or talk to his parents about not contacting him. Sure, if his mom is stalking him and harassing his friends, that's her fault/problem, but that doesn't mean it's not a burden on his friends. I'd be more sympathetic for sure towards his situation then.

I live tens of hours away from my parents right now. Calling them is how I get/keep in touch with them. If I decided to get rid of my phone, I'd be sure to come to some sort of other solution that would be acceptable to them and not just cut them off.

The issue is he presumably knows that his parents are like this and want to stay in touch with him. If he can't convince them to use email/skype/whatever else, then that's his issue to manage. He's not entitled to push that off onto his friends just because his parents are unreasonable. Either deal with your parents unreasonable demands by having a basic burner phone, or tell all your friends to just not pick up/blacklist it.

To me, is like if you decided you were worried about the environment and started biking everywhere. I can respect that as a decision, but it doesn't mean it's not imposing on me to always be showing up to things late because you haven't adjusted to how long it takes to bike places.


If a large enough group of people followed his lead it would cause us to design our systems differently with the SIM-less in mind.

Lending the phone to someone who is in need for some other reason is fine.

Lending the phone to someone who doesn't want to carry one even knowing they will need it? Not fine. That person has little respect to others if they think they can't be bothered carrying a phone but everyone else should lend theirs when needed.

Not to mention modern phones are very personal. Our entire lives is there.


Correction. Your life is there.

Most of us. And it's by choice due to convenience.

[flagged]


You are arguing against something completely different than the subthread is about, while being condescending about it.

My comment fits perfectly well into the discussion, and into the subthread, up to and including said 'condescension'--which literally radiates from many of the 'cell phone junkie' types.

I actually agree with you. The world would be much better if everyone fought for the values they believe. And I do value privacy. Unfortunately for me, life's already quite hard even with all the conveniences that the system offers. It would probably be too hard without them.

I envy those who have enough energy left to fight for a better world after their daily chores. I don't.

So I do my best to be productive, positive and kind. Throwing my phone away right now would not be a little fight. It would cause me problems at work where my boss expects me to be responsive regardless of where I am or if there's a working wifi nearby. I'd also lose business and social opportunities. Being harder to reach would make some friends eventually distance themselves just as a consequence.

I feel you. Have a good week!


We're not talking about people who have chosen to disconnect, such as yourself. We're talking about people who choose to keep connected, just using other people's connections.

I always find this sort of "Just don't have your mind work like that then." response to be almost completely inane motivational poster sloganeering. If I could choose what annoys me, I'd love to just not pick anything. I'd love to have the sort of self-control to not feel anything that would make me miserable, and maybe you've reached that point of self-consciousness, but that's not just a switch people can flip. It's the same family of responses as telling someone to just "not be depressed by your situation anymore and be happy with what you have"

In addition, we're not talking here about how to specifically deal with one person. I've had plenty of friends with annoying habits, and I have managed to mostly ignore their behavior and just live my life. What we're discussing is the more general case - is it ethical to impose this sort of thing on someone else without their agreement/consent. I can both think that my old roommates should have cleaned the kitchen more as a matter of cleanliness and fairness AND have gotten to the point where it didn't bother me that much that I had to clean for them. My ability to not be bothered by it, and to put my friendship ahead of specific annoyances doesn't excuse behavior that makes doing so harder for their selfish reasons.

"Judging people for their actions" isn't the same as shunning them or wanting them dead. Any sort of anti-social behavior that asks for things from other people is going to trigger some sort of judgement or response. Often it will just be ignoring it or helping the person out, and that's fine, but that's part of the calculus of choosing it. You've decided the social cost of asking for other peoples phones is worth the personal moral/ethical/security gains of not having one yourself. Depending on how you approach it and how much you mitigate the asks of others will determine how people judge you on it.


And waay too many glib answers and dismissals. GPS? Just pull over and ask... while you're taking the wrong exit to the wrong freeway in the wrong direction at night. This isn't about avoiding human contact.

Need signal/whatsapp? Just get a disposable number... that everyone adds to their contact books but has to change every time you re-install because you cant get the old number back.

The world is outright hostile to not having a number. It's like not having an address. I lament this, but there aren't easy solutions to this hostility.


I was going to say.. you definitely don’t need much if others are paying the bill. Some people see friendship as an excuse to expect to use the resources of others.

I've also tried going SIM-less for a few years. Wifi hotspots are frequently around you rarely find yourself in a situation needing a data plan.

But the main problem is 2FA many services force you to use now.

Going without a data plan is wonderful, but every now and then, having a couple minutes are SMS services is great.


I lived SIM free basically all my adult life, but I had to buy a SIM last September, because a new European banking regulation that requires 2FA.

SMS 2FA is a joke tho.


> SMS 2FA is a joke tho. Yes, everyone knows. But it's better than nothing.

Not always. If the provider can be social engineered into granting you access to the account after proving access to that number then I’m not sure “better than nothing” is that solid.

It's potentially worse than nothing because you can steal someone's sim card and then use that to reset their account password. This is because (as in almost every company that uses text messages for 2fa) you use the sms to authenticate the reset.

Better than having a strong password bypassed using shoddy recovery procedures.

Of course, that means it's not 2FA, just 1FA.

Or these shitty fake 2fa photo tan things they have here in Germany.

Something you have (your phone, with saved passwords) and something you have (your wife's phone, or just a device to take a photo of your screen to show it back to your actual phone) isn't 2fa.

But it makes it so painfully difficult to do anything that a valid step for security, like quickly contacting the bank to say “my phone is untrustworthy” via another device, becomes unreasonable, difficult and unlikely.

(But in general, trying to do anything in Germany is a painful experience. The business culture here seems to be, “if it's beneficial to the customer, it's a cost centre to us so please remove it”.)


For the US and Canada, there is JMP.chat which can be used to 2FA over SMS without a SIM. Uses standard XMPP so can be used from a computer or phone while on WiFi.

There are other proprietary services which can do the same for no monetary cost (usually lots of advertising and tracking, though).


Of course, that means you're giving "Denver Gingerich and others" full access and control over the number and channel used to receive unencrypted authentication tokens.

This is modern minimalism to its peak: getting rid of your stuff by relying on others

Wasn't that modern minimalism from the get-go?

It has been so ever since Thoreau lived at Walden Pond and waxed poetically of self-reliance and living alone, but had his mother take care of washing his clothes.

My First reaction was that it sounds awesome and I want to try it for a view month.

Then I realized that most German delivery services require a phone number and email address (like when you order a new shelf or phone or computer or ...).

Then I realized that the messenger I use to communicate with my family bases identity on the phone number (not my choice, but nothing I can easily change).

Then I realize that my main relevant usage is to get live information about public transport.

Well I guess I'm not quite ready for it yet maybe when I managed to convince everyone to switch to a non phone number based messenger.


Denmark is pretty similar to Germany, in that a ton of services require you to have a phone number. Technically there’s rarely a reason for you to give out your number, and for stuff I don’t care about I’ll enter the number of a loan company or the number of a telcos support.

Still, I actually somewhat concerned that you’re basically not allowed to not have a phone. No one will actually call you anymore, but they do want your phone number.

I can’t think of a single service that would require you to have a phone, it’s just some weak attempt at “authenticating” you, via someone else.


> Then I realized that the messenger I use to communicate with my family bases identity on the phone number

It is only required upon registration or a change of a phone. Most messengers don't require (nor really have a way of figuring out) whether you have the same simcard in the phone, or whether you have a simcard in it at all.


In fact, I used to use Whatsapp on a WiFi-only tablet. The Simcard was on a featurephone that didn't have any support for installing apps.

> most German delivery services require a phone number and email address

As somebody who lived years in Germany without having the ability to make or receive calls (there was a SIM with a number, but connected to a data-only tablet)... Most delivery companies lack proper input validation, so you can either enter "n/a" or 00000000000 to the phone field. Never had issues with deliveries because of this


Nobody is pointing at the elephant in the room:

GSM, WiFi, TCP/IP, SIM cards, debit cards could provide strong privacy for everybody by default.

Requiring random, temporary, untracked addresses by law is possible and achievable.

Yet, society accepts corporate surveillance for the masses and privacy for the powerful and wealthy.


What about https://crypton.sh? I saw they do SIM cards (also with encrypted storage), servers in Iceland and privacy stuff.

"CRYPTOCURRENCIES SUPPORTED", says the page. I cannot wait to try this.

Without a SIM card it would be a lot harder to do my taxes, access my online bank, check my insurance, etc., because the SIM card is used to veriy my identity using a solution called BankID. (https://www.bankid.no/en/company/) It's a lot easier then the alternative with OTP codes, especially since BankID is now supported by a lot of different sites and services. From government, banking, phone companies, etc.

Isn’t BankID subject to the same old issues with cellular networks that make SMS 2FA insecure? Mobile provider support human factor, connection MITM’ing, etc. (https://news.ycombinator.com/item?id=16810266)

Edit: from sibling threads I can see that issuing a duplicate SIM card in Norway may require a very dedicated attacker, but mass-spoofing cell towers could still be an issue. I don’t know why do companies dislike non-SIM-associated OTP tokens so much…


Not at all. And the comment you link to is "just" social engineering. Tricking people into signing in someone else and then signing their transactions.

Akin to "hey I'm from paypal please give me your password so I can verify it is you". Or "I'm from Microsoft support, you have a virus please run this executable so that we can help you".

But it is a problem. And they explicitly target old and other people that (statistically) treat any computer stuff as black magic and are more likely to trust a stranger because they say they are calling from a bank/whatever.


> because the SIM card is used to veriy my identity using a solution called BankID.

That's BankID over mobile. You can also use a key fob like this[1] + a password to authenticate. I use it when traveling and using a prepaid SIM occasionally.

[1] https://bank.obos.no/globalassets/bilder-alternative-str/sig...


How has Norway solved the "slamming" problem, where attackers ring the phone company and get a duplicate SIM?

The SIM will be sent to the registered address of the owner. So you will have to intercept the post as well. And the PIN will be sent in a separate envelope on a different day.

That plus the other things like storing the encrypted keys in the SIM card activated by logging in to a bank by some other means make it pretty secure.


The BanID SIM-application has to be installed over the air and activated through online banking. It's bound to one physical SIM, so an attacker would need to get into the online banking in the first place to reinstall the SIM app onto the new card. I believe the auth keys are stored on the SIM as part of this solution, and regenerated every time it's reactivated, invalidating the existing SIM.

In Sweden the banks issue the BankID instead, the certificate is tied to the phone/pc it’s downloaded to and is not connected to the phone# at all. You can however connect for example ”Swish” to your bank accounts for seamless transactions through youe phone# but it too has to be authenticated with bankid.

I’ve never really heard of a case when the bankid/authentication to any Swedish banks has been compromised with the exception of the users signing in fraudulent actors.


This is .. remarkably sensible, and a good example of using the secure elements of the SIM card for the intended purpose. Makes me wonder why more places don't do this.

Why does this have to involve a SIM card though? Why not use the device itself, e.g. authenticator?

It's possible to use OTP and password as well, which requires a physical OTP generator. But that's actually more cumbersome than using the SIM alternative in my experience.

I believe using the SIM adds layers of security that OTP apps can't compete with, including increased difficulty cloning the private key. I assume that accessing the relevant parts of the SIM is way harder and requires completely different vectors than attacking the OS.


Since the early 2000's, banks in Europe gave physical OTP devices. While somewhat inconvenient if you don't have it with you, I still liked it better than alternatives that are popping up lately:

SMS based authentication, an app that generates a code from a QR-like pattern displayed on your computer screen (neat but they didn't think of the case where the screen displaying the QR pattern would be the phone itself, or the fact that you're letting their app see what else is on your computer screen) and paper cards with a finite amount of numbers on them.

In fact I'd prefer TOTP as supported by authenticator as a better phone based alternative since it's standard and you can control if and how you want to securely back up the codes rather than have a plethora of different systems.


BankId works even with non-smart phones. Plus it’s storage of private keys is more secure than the crypto-storage on cheaper smart-phones.

A SIM card contains a crypto module that can perform operations (signing, encrypting, etc) while not allowing the device to read the private key. Some phones include a chip like that too, but many don't.

Sweden briefly had a SIM card-based system before scrapping it in favour of a pure smartphone app.

How does this actually work on something like iOS, which I believe is a lot more restrictive and may not allow access to the SIM except through carrier services (which are in turn susceptible to attacks, including bribes, social engineering, etc.)?

The carrier is involved in transmitting and triggering the challenge as well, and I'm pretty confident that it works on iOS, though I've never tried myself.

The authentication works like this:

1. User fills out form with enough public and semi-private infoemation to securely identify the user (usually phone number and date of birth or social security number) 2. The user is presented with a random two-word string 3. The same message appears on the user's phone. If the words are the same, the user proceeds to input a PIN. The PIN is only stored on the SIM, and is chosen by the user. 4. A response is sent from the phone and the user gets logged in.

I assume that the challenge response employs asymmetric authentication, storing a private key for the SIM and public key for BankID on the SIM.

I'm not familiar enough with how the underlying crypto works to guess what kind of attacks they'd be suceptible to, but considering that the authentication is used for most public services in Norway (including taxes, welfare, medical records and document signing) as well as some private services (banking, insurance), I'll believe that the proper due diligence has been done.

There is a big focus on using these platforms securely, and BankID recently ran an at campaign with some TV spots, telling how people should never share their BankID login, not even with their loved ones - https://youtu.be/OFJmX7A--w4


iOS supports STK, which allows the SIM to ask the phone to draw rudimentary UIs and ask for user-input. It would work just as well as on a dumb phone.

Not sure about Norway, but in the Netherlands, you have to note down the PUK code. You can't get a replacement SIM card without PUK code. This is for prepaid though.

Is that the same as BankID in sweden? That is not 'connected' to the sim card, but to the device itself.

Norway's BankID and Sweden's BankID are different products by different companies that happen to have the same name.

Sweden did briefly have a SIM card-based version of its BankID, but it was quickly replaced with the smartphone app-based “Mobile BankID”.


Really?

In Norway BankID is quite definitely connected to the SIM card.


In Switzerland we have MobileID which is basically the same thing as Norway's Bank If : using a sim card as a smart card.

I would say that this does not work in third world countries and the author also mentions this subtly by saying.

>>If you're in Southeast Asia and in need a taxi service, you can ask someone to hail you a Grab. I've done this numerous times in Kuala Lumpur by kindly asking Coffee shop baristas. The feeling of moving around without your whereabouts being constantly beamed into a database can be quite liberating.

Imagine asking strangers to book you a cab in a country you cannot speak the language of.

While these countries and all first world countries have the ability to hail cabs for instance, asking strangers is basically not the way anyone goes because they don't have a sim card. For example, I do use a data-only SIM in a country I am visiting right now from Google Fi just to do basic things like ordering an Uber, checking bus timings etc.

However, I cannot without a local number 1. Order Food Online 2. Get Any services which require mobile number valid in the country for any services

I am used to doing all this because I have a phone number in my country, but can't do this in another country, because logistics involve delays and they have to be communicated and a local number is the best way to do it. Without wide-spread messaging only services which work out of the box for every app there is no way any establishment can contact you.

Everything is a step in the right direction, for example, people would call on WhatsApp/Facebook Messenger etc, but you don't expect micro-economy people in third world countries to have the skills to do that, they will want a phone number to do it.


I live without 3G on my phone, though I still have a SIM card for receiving "emergency" calls. I haven't topped it up though, so I can't call out.

It's been wonderful to make me focus on face to face conversations with people, rather than checking notifications all the time. I ask them to add me on Facebook, or make a note of their email address. If I can get online, I use mbasic.facebook.com with no ads, which loads quickly on an old phone.

My phone wakes me up with an alarm, but I'm not flooded with depressing Apple News first thing in the morning.

On the bus, I read books (the Bible and others, Edward Snowden's autobiography last year, currently The Shockwave Rider). I also browse offline Wikipedia (personally Wiki2Touch, but I've heard good things about Kiwix). I use Galileo Offline Maps with MOBAC-scraped tiles, without turn by turn directions.

Battery life is significantly better without 3G, and makes the old iPhone 4S quite usable.

Google Voice is often allowed for 2FA, and I use that when I need to receive SMS (e.g. TransferWise).

I could go without a SIM card entirely, but for the rare occasions when I do need to receive a call (e.g. I agree a place and time to meet someone, and they're late), then I still keep it in my phone.

It worries me to read that the US immigration department are using anonymised cell tower histories to trace people, but I don't know if removing the SIM card would solve that.


> It worries me to read that the US immigration department are using anonymised cell tower histories to trace people,

It worries me to read you’re still using Facebook even though it looks like you value privacy. Why’s that? (Not trolling, serious question)


Keeping in touch with friends in other countries. Rarely, there's even targeted ads that I actually want (e.g. bands that are playing concerts nearby). I try to avoid the news feed, and usually just use messages and events. Unlike most other chat apps, Facebook has backwards compatibility for old phones. There's a limited sense of control: I choose when to update my location, employer info, Liked pages, etc. Yes, they know about me, but I also use it to analyse myself [1]. I have no expectation of privacy for the things I post, but I'm therefore more careful about what I post, which Lists I share content with, and what metadata is hidden in that content.

[1] https://github.com/peterburk/sortlikes


Thanks!

> I live without 3G on my phone

> My phone wakes me up with an alarm, but I'm not flooded with depressing Apple News first thing in the morning.

So you turn off wi-fi before going to bed?


Not GP, but I turn off WiFi completely (not the intermediate “disconnecting nearby WiFi until tomorrow”) so that I control when I’m connected and when I’m not.

No, I just disabled notifications for most apps, because I'm using iOS 6. Several apps have stopped working entirely (WhatsApp, WeChat, KakaoTalk), so I just use them through an Android emulator on my laptop.

If it's for privacy, wouldn't a burner phone make more sense?

Otherwise leaching off everyone around you to save a bit of money... seems like it would get old pretty quickly


The 2 device solution seems best. One device for connectivity and essentials, the other device for personal stuff.

Prepaid sims are so cheap, can't see how this is about saving money.


I have been using this for the past two years and I'm very happy.

One dumbphone with 5-7 days battery life that does only SMS and Voice calls.

One smartphone that I use for browsing, google authenticator, twitter and some apps and occasionally as a hotspot.

Usually the battery dies in either of those, not in both at the same time. This means that when my phone dies I'm left with either only SMS and Voice or only Internet.

Both phones have dual SIM support so I can keep swapping the prepaid SIMs when needed.


A reasonable compromise is to just have a SIM card with a basic prepaid phone (and SMS) plan but no data. Lots of people I know do that. Phone is online at home, in the workplace, at restaurants etc, and you can communicate.

Getting rid of my SIM card is attractive to me for financial and political reasons, but it would not be compatible with my loved ones' expectations that I be reachable in an emergency. Here's a compromise I have been thinking about; I wonder if anyone has experience making it work (or knows why it won't) on an unlocked iPhone 6:

    - Buy a pay-as-you-go SIM card with support for SMS and data, but no voice, for when I'm not on WIFI. 
    - When I am on WIFI, use VOIP for calling, and SMS and data as usual.
Possible challenges/questions I need to research more:

    - Will iPhone permit a SIM card without voice?
    - Can I receive SMS via WIFI when connected and via the burner SIM otherwise?
    - What service should I use for VOIP when connected, and for accepting voicemails when not connected?
    - I know Apple overlays its iMessages over SMS (which causes terrible headaches when someone switches from iPhone to Android, and no longer receives iMessages). How should I manage this?

It looks like I can get most of this through Twilio if I'm willing to do some programming. One issue will be that Twilio is blocked from some 2-factor-authentication systems.

Not trolling: How does your life feel different knowing your data is not being stored in some database?

Losing out on all those conveniences sounds miserable to me.


It's called peace of mind. Some people worry about their privacy being violated. Without the sim, there is less tracking, so less to worry about.

>It's called peace of mind

Is it? because from my perspective you've taken yourself out of a few databases (AT&T / Verizon / Telco) and plopped yourself into a few other databases (2nd Line, Grab) without having a whole lot of benefit.


Some of us struggle with having constant connection to the internet in our pocket. Its a distraction at its mildest, and an damaging, health affecting addiction at worst (social media, and 24/7 work/communication expectations especially).

Well done to those of you who are able to carry around a smartphone and regulate yourselves but some of us need to take more drastic action to cut it out.


Get a SIM without a data plan? You can still call or SMS people, get SMS 2FA when required, but you can't use social media apps.

I cut my phone use by removing most social media apps. I have also disabled notifications for most remaining apps, except for Facetime and iMessage (since I use them for high signal/noise ratio communication with friends an family).


The problem for me is carrying around a phone with apps on it.

So I have a SIM with a dumbphone but no smartphone. People can call and send me messages. Frequently I leave that at home too.

I do have an iPod touch though which i use for podcasts, as a camera, and for a few specific things like a banking app. But no messaging, social media or distraction-type things are allowed on there.


That makes sense, but wasn't mentioned as a core reason in the post, so I'm assuming it's not that for author.

True, I was more addressing the general idea around "drastic" action along these lines. I hadn't heard of SIM free idea myself.

People often get a bemused or even aggressive reaction to those who cut out conventional device habits.


Being offline is good for your privacy and training concentration span.

One major advantage is the impact on phone battery life - partly because various services aren't repeatedly pinging over the mobile network (especially in "notspots"), WiFi tends not to burn through battery. And partly because it tends to change your behaviour to do more focused things (the phone isn't constantly trying to distract you as it often can't, so you don't then waste time and power on these distractions).

I don't think I'd abandoned a SIM card in the near future but having used my old phone without the SIM as an alternate for my new phone on a few occasions, the old phone battery went from being awful to lasting way longer than my brand new phone of comparable specs.


I got a smart watch after being staunchly anti-smartwatch, because I can now leave my phone at home. It was a compromise that allowed me to stay connected via phone while not having a distraction-factory in my pocket. I don't have anything but the phone app and weather on there, and I have a whitelist so only friends and family can contact me. I delay text messages 'til I get home if I can, and I get maybe 2 phone calls a week.

My biggest issue with the phone was it could distract me with a notification, and I could dive into it for too long after dealing with the notification. That doesn't happen on the watch because frankly, they can't do all that much and they are a pain in the ass to use for anything more than a quick sentence.

Could I just "be a better person" and be disciplined with my phone? Totally. But I've tried numerous times, so this is my method and it's been working well.


You can always use the phone on flight mode (to turn off radio), and selectively turn on GPS, WiFi, Bluetooth, etc).

Flight mode is the only way of living

Cellular really isn't all that power hungry, the problem is really data period, i.e. your phone being awake at all. If you get a 500MB plan, set everything unimportant to restrict background data, and turn off WiFi your phone can last for days.

My smartphones NEVER have SIM cards in them—as I'm not that stupid so as to become just another easy target of surveillance capitalism! Instead, they connect by Wi-Fi to external portable routers that do have SIMs installed in them. As such, these phones can connect to the internet but cannot be used be used to make telephone calls. Thus, there cannot be any cross-reference between my actual telephone number and my internet activity.

In addition, my smartphones use LineageOS without any Google Apps (GApps) installed and their browsers always have JavaScript disabled. Right, I have absolutely no need for social media, Facebook etc, and I never use any of Google's services such as Gmail—except perhaps search via an anonymous metasearch engines such as DuckDuckGo.

So how do I actually communicate? I use a separate dumb phone that has no internet access.

Oh, BTW, I never order stuff online via a smartphone, nor do I use smartphones for email.

So, am I a Luddite? Definitely not, I've always been a high tech worker, I was an early adopter of mobile phone technology, and I had one of Motorola's "bricks" the moment they came on the market decades ago. Moreover, if you saw the complex configurations of my smartphones and the ways they have been rooted (with the latest Magisk super-user software, LineageOS and firewall configurations to stop app software phoning home) then you'd realize I'm more a mobile communications platform than a person with a smartphone).

You may well ask why do I go to such lengths. It's principle really: as I see it, when I bought my first Motorola "brick" the telephone service was essentially anonymous with the option of users being listed in the telephone directory. Since then governments have deregulated and sold out our phone systems to Big Tech without any of us users ever having had a say in the matter—the damn hide of them! Nowadays, not only has Big Tech (Google, Facebook, Microsoft etc.) usurped our internet but they've also fucked our phone networks by actually integrating their corporations' businesses into our telephone systems—and they've essentially done so without anyone's permission.


Best comment in the thread. Thanks for keeping it real, chief.

Thank you Sir.

DuckDuckGo isn't an anonymous search engine. It's owned by the same people who own Google. And Microsoft. And Intel. And Facebook. etc....etc.

Likewise, what firmware is running on that phone's baseband chip?

Your plans aren't foolproof, but you're on the right path.


It's not a matter of being completely anonymous, if that concerned me then I'd never use the internet. After all, ISPs know who I am and where I'm located so anonymity isn't the issue.

What is at issue is the wholesale collection of our data by Big Tech without our full permission and proper disclosure, and that includes the end uses to which it is put and who has possession of it. The other key issue is the atrocious way governments have abrogated their responsibilities in these matters.

I agree with you that firmware on the phone's baseband chips cannot be trusted (nor any other binary blob)—nor can Intel's secretive and all-pervasive AMT on its PC/CPU chips for that matter. (In my opinion, surveillance via embedded firmware together with what actually goes on in firmware and cloaked from view by the compilation process is serious matter that all too few bother to consider important—remember the VW emissions affair and you'll get my gist.)

That said, I accept that some 'spurious' data does escape through my systems—even LineageOS has Google addresses in its kernel—but that's not the point which is essentially that I am effectively obfuscating and disrupting the collection of my data to the point where what's left is essentially worthless to others. A check of the data and IP addresses that pass through my routers shows that my efforts have made an enormous difference (in effect, I stop well in excess of 99% of unwanted traffic by using a combination of quite different technologies). Combine this with the fact that I use multiple different browsers which also report randomized browser user agent IDs to reduce browser fingerprinting, and it turns out what I've done is quite effective. For instance—except for when I'm testing, etc.—I never see ads on my mobiles or desktop PCs and those that I've accidentally seen have never been target at me as a direct consequence of my circumstances or interests.

However, the bigger issue for all of us is that all-encompassing surveillance, whether it's by the State and or Big Tech, reduces both our freedoms and autonomy to act as humans. That's why we must resist it.


Good post bro. +1

use tor, brave, vpn whatever. use prepaid unregistered sim. get online when you want, live :-) or just cut off you leg to fix your toe.

Getting a prepaid unregistered SIM is no longer possible in an increasing number of countries. I think most of Europe requires identification to buy a prepaid SIM.

I have not had an issue buying a prepaid sim in eastern europe AND EU is a "free roaming" zone, so if it works in the Eastern parts, it's going to work everywhere else as well.

Thankfully this is still possible in the US... for now.

The UK notably doesn't, and most providers are still doing "roam like at home" with the EU despite the UK having left.

Have you ever heard of LycaMobile?

Most likely they have heard of the MVNO/"service reseller" LycaMobile, but how does that respond to their comment at all? LycaMobile still require you to register your ID with them in countries that have that rule.

Mobile without cellular and therefore without SIM: https://github.com/xxlsec/proteusdevice/wiki

I had been living without a sim card for almost 2 years, and just use wifi. Loved it. No I have to because I am starting my own company and have no choice, otherwise I would have removed tphone completely.

But I will do it


Oof. I honestly don't know which is less secure: SMS or e-mail confirmation. Probably the former, but the latter is probably easy to downgrade into plaintext, and can/does does go through random middle boxes. You can add mitigations all over the client but I'm not aware of any requirement for strong authn+z in the protocol.

As a second factor, SMS is better, unless that 2FA e-mail is allowed to be different from your primary e-mail, and you only every sign into it from your phone.


Applications are open for YC Summer 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: