Tag Archives: surveillance

Q&A: Secure Phones

If there was a secret organization, could they use regular cell phones to conduct business or would burner/pre-paid phones be the best option for staying under the radar when crime is involved? Do you know any about burner phones?

As with everything else, it’ll depend heavily on the nature of your organization. If your secret organization is just street level criminals or terrorists, then you’re probably looking at burner phones. If your secret society is a secret masters of the world, Illuminati style conspiracy, then they’d probably be using off the shelf secure phones, possibly with non-standard OSs and (maybe) firmware. There’s also a middle ground here, where you might be looking at some kind of NGO which could still use standard phones, with legal protections in place to somewhat mitigate the risks in using them.

A “burner” is a disposable cell phone. Technically, the term refers to the cell phone’s identity on the network, when you’re replacing the phone’s SIM card, you could easily end up with a top of the line smartphone that still functions as a burner, though that is a bad idea, because if the OS install is compromised, that doesn’t change when you swap out the SIM.

In this case, SIM stands for Subscriber Identification Module. It’s a small smartcard that, when slotted into a phone, gives that handset it’s unique network identity. It’s how the network can identify a phone when it’s trying to connect a call. When the SIM card has been replaced, the phone is effectively a new unit to the cell network.

Not that it matters for this question, but if you have two phones with identical SIM data, the network will connect with whichever handset queried the network most recently. In the real world, this is mostly useless info, but if you were dealing with time travel, dimensional copies, or some other kind of weirdness, then the cell phone connectivity might get a bit strange.

Additionally, first responders, such as fire, police, and EMTs often have SIM data that’s flagged for priority access in the event of mass cellphone congestion. Again, not a common occurrence, outside of the immediate aftermath of a terrorist attack or major natural disaster, but a cop’s phone should work, when the network is otherwise overloaded.

So, if your secret organization is just a group of criminals, then all of this might not matter. Criminals are not a particularly bright group on the whole. It’s possible they could have a tech guy who understands how the phone network functions, but it’s also entirely possible they’d simply shuffle their SIM cards around on a regular basis (which has happened), on the idea that it would sufficiently conceal who they are. Also, most people without an intelligence or technical background are unlikely to know the full capabilities of surveillance and forensics.

If you’ve got a group that consults with law enforcement, but also engages in more direct behavior. For example, something Millennium, then it’s possible you might see ex-law enforcement, who know when to use burners, and how to work around police investigations when necessary.

At the far end of the spectrum, you’ve got a secret conspiracy that secretly runs the world, (or their little corner of it.) In a case like this, it’s possible that individual members may enjoy total immunity from prosecution for their actions, making any surveillance by mundane law enforcement meaningless. They may also have access to proprietary software and hardware that, while capable of interacting with the network, would be effectively immune to the methods I explained last week.

Loading malware onto a phone relies on knowing the operating system’s architecture. If someone were to hand code a new OS off of a new Unix fork, that would share enough with conventional phones to work with the network, while still having the potential of security. If you can’t run code on the phone, you can’t compromise it. Needless to say, this would be a serious undertaking, probably requiring a team of coders, so it’s not something that would be open to any small cabal.

Using Voice-Over-IP systems does allow for the user to make and receive encrypted phone calls. Technically, this can be done on existing systems as well, and you can use apps like Discord or Skype for mobile VOIP, but, depending on your data plan, this can get pretty expensive. Additionally, VOIP has the advantage of creating a phone that can go anywhere in the world, so long as you have internet access. (It also allows you to make and receive calls from your laptop or tablet, so there’s that as well.)

Additionally, some existing VOIP systems do offer end to end encryption. Usually, you’re talking about data plans that would be contracted to entire corporations. This would be somewhat expensive, but, it is possible with existing technology, and certainly within the budget of a major corporation or a massive cabal.

Secure smartphones are an existing market, aimed primarily at business and governmental agencies. These are not cheap, and the actual quality varies. However, they’re real, and available on the commercial market, if you’re prepared to pay for better equipment, the option is out there.

The weird thing about burners is, they have a home among professional criminals and spies, but as you wander out of those circles, the concept becomes much rarer. It never occurs to most people that their phones upload their geolocation data to the cell network on a regular basis, or that this info is stored. Hell, it’s not unheard of for amateur criminals who learn about burners to never ditch them, or only replace them when their plan is depleted, creating an even cleaner evidence trail.

That said, yes, proper use of a burner, will make someone much larger to track, via cell network data. Assuming they remembered to leave their main phone at home, and didn’t do something stupid like call a non-burner with that phone.

If your characters are trying to coordinate in the field, then some kind of secure communications system is necessary, but that doesn’t need to be phones (at least, not directly). As I mentioned earlier, VOIP services, particularly ones with end to end encryption, and chat room structures, would probably be more useful in the field. Though, there are other communication solutions, including short range radio handsets.


This blog is supported through Patreon. If you enjoy our content, please consider becoming a Patron. Every contribution helps keep us online, and writing. If you already are a Patron, thank you.