this post was submitted on 02 Oct 2025

118 points (94.7% liked)

Privacy

42224 readers

1215 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

118

Saw this ad - what do we know about Cape? (lemmy.world)

submitted 16 hours ago* (last edited 16 hours ago) by collar@lemmy.world to c/privacy@lemmy.ml

51 comments fedilink hide all child comments

Happy to see a privacy-focused carrier, and it has better policies than any other carrier out there. But founder is formerly from Palantir and there’s a lot of VC money behind it (not inherently a problem, just flagging).

Thoughts?

top 50 comments

sorted by: hot top controversial new old

[–] PrivateNoob@sopuli.xyz 2 points 1 hour ago

Cell providers such as Telekom, Verizon, Yettel etc. have to provide Lawful Interception support for countries' law enforcement agencies, and these are implemented in a way, that not even the cell providers is aware when a said subscriber / user is being listened on.

Otherwise I would guess a cell provider can't operate in that country if it isn't willing to provide this support?

[–] redparadise@lemmygrad.ml 9 points 6 hours ago

Palantir, end of discussion.

[–] Catalyst_A@lemmy.ml 9 points 8 hours ago (1 children)

It's also like $100 a month.

[–] collar@lemmy.world 2 points 6 hours ago (1 children)

True, expensive. Prosper to offset no selling customer data.

[–] Catalyst_A@lemmy.ml 5 points 6 hours ago

I refuse to believe they didn't do this for their benefit. Especially at the price tag. I feel the same about Proton. The minute the government knocks without a warrant they'll still turn you over.

[–] communism@lemmy.ml 47 points 11 hours ago (1 children)

It looks like a honeypot, and wtf is a "private cell network"? How are they gonna do that? SMS and phone calls aren't E2EE

[–] Scolding7300@lemmy.world 2 points 3 hours ago

It's private because it's yours /s

[–] NullGator@lemmy.ca 9 points 9 hours ago (1 children)

I think their tech works, they're used by the army. The founder was the cofounder of Palantir, which I think is worth noting. Their focus is on US government use first and the average consumer second.

[–] collar@lemmy.world 3 points 7 hours ago

Yeah it looks like the cell network is the consumer facing product

[–] ExtremeDullard@piefed.social 86 points 13 hours ago

The cynic in me immediately thinks it's a honeypot to trap privacy-conscious individuals.

I'll look it up. But I suspect it'll be just another case of a company pinky-swearing to respect your privacy, like Apple.

[–] Blackfeathr@lemmy.world 71 points 15 hours ago (1 children)

I just assume every ad on reddit is a scam. Seems to be the trend over there.

[–] SomeAmateur@sh.itjust.works 10 points 12 hours ago

Hell half of the front page posts seem to be ads anymore

[–] gravitywell@sh.itjust.works 61 points 15 hours ago (6 children)

100% honeypot

Big encrochat vibes

[–] Kirk@startrek.website 4 points 13 hours ago* (last edited 10 hours ago) (1 children)

Something can't be both "100%" and vibes based lol

Unless you mean "I am 100% basing the following opinion on vibes".

You need evidence. Please don't respond with more vibes.

[–] gravitywell@sh.itjust.works 28 points 13 hours ago (1 children)

I am sure it is a honeypot, they will work with feds. I base that on the people behind it.

Also it reminds me a lot of encrochat which had similar vibes about it.

[–] Kirk@startrek.website -2 points 10 hours ago* (last edited 9 hours ago) (1 children)

This is depressing. Trial by vibes. I'm going to live in the woods.

[–] gravitywell@sh.itjust.works 6 points 6 hours ago (1 children)

Im not basing anything on vibes, this is how venture capital funded operations work.

If you expect some rich assholes to keep your chats secure and not cave after the slightest preasure, you're going to get taken for a ride.

[–] DeathsEmbrace@lemmy.world 1 points 50 seconds ago

Which is why it's a honey pot it's basically for gullible people.

load more comments (5 replies)

[–] HiddenLayer555@lemmy.ml 30 points 13 hours ago

Gonna guess a company that has no problem engaging with Reddit's invasive targeted ad system is not that privacy conscious.

[–] magic_smoke@lemmy.blahaj.zone 27 points 15 hours ago* (last edited 15 hours ago) (1 children)

Jmp.chat provides sim activations for xmr but honestly no matter what anything with a cell radio is being logged by its upstream carrier.

If you want a truely private number, use jmp.chat with a separate xmpp server over something like mullvad.

For what its worth, the sim swap protection might be worth it considering how many services force you to use SMS for 2fa, and they seem to ask for less data than usual.

Is it better than your average carrier? Maybe. Is any SMS/phone call coming out of your personal number something you should consider private from the government? Probably not.

Its still going to have to go over the big boy carriers, and its still probably going to be tied to a phone number several institutions will know is yours if its your main number.

If it isn't, use jmp.chat, alongside a good XMPP provider and VPN, or forego the PSTN all-together.

[–] collar@lemmy.world 4 points 14 hours ago* (last edited 14 hours ago) (1 children)

"Is any SMS/phone call coming out of your personal number something you should consider private from the government? Probably not."

Well your phone calls themselves -- the actual conversation -- shouldn't be accessible without a warrant for a wire tap, that's pretty longstanding precedent in the U.S. Cell phone location information is also protected by a warrant (Carpenter v. U.S.), but pen registers (logs of who you call) do not require a warrant (Smith v. Maryland). I'm not sure if governments are prevented from purchasing data from carriers, just as any data broker could do. Additionally, who knows if governments are secretly collecting phone call and cell phone data and storing it, but only accessing it once they have a warrant. It's impossible to know what's fully happening on the back end between big telco companies and the gov't.

Either way, at the end of the day, whether you have Cape or some other service, if you're at the level of the government getting a warrant for your data any legitimate company is going to comply. That's why the best thing is to have a company that can only turn over limited amounts of data because that's all they have.

[–] Steve@communick.news 7 points 12 hours ago (1 children)

By the cops or FBI maybe. The NSA is absolutely recording any and all phone calls that touch five eyes phone networks. That's what Snowdon warned us all about.

[–] collar@lemmy.world 2 points 10 hours ago (1 children)

Collecting and monitoring are two different things. If NSA is still dragnetting communications in the post-Snowden era, it’s likely storing and then accessing when something gives the reason. The sheer volume of communication data is far too large to monitor everything.

[–] FutileRecipe@lemmy.world 2 points 4 hours ago

The sheer volume of communication data is far too large to monitor everything.

By people, sure. Run it through a magical analytical algorithm that flags stuff for people to look? Or if that's still too much everywhere, they could focus it on a certain area's towers and process that data. Will it catch everything or not generate false positives? No, it's not perfect, but I could see it helping them and being done.

I doubt an agency like this would just hoard the info and not proactively use.

[–] Auli@lemmy.ca 11 points 15 hours ago* (last edited 15 hours ago) (1 children)

How would this be private? Wouldn't they be using other providers cell network? I doubt they have put out enough or their own towers.

Also how do I pay for it they never now my name or address to I have to put cash in an envelope and drop it somewhere? Ah they don't store the data on your payment but Stripe does.

So lots of this can be bullshit since they can claim we don't collect data but they would be an MVNO but whichever network you are using does.

[–] collar@lemmy.world 8 points 15 hours ago

I saw this video on YouTube with a rep from the company and while there were some positive things put forward, the biggest red flag to me was when he wouldn't disclose what networks they partner with. They are a virtual network so they don't own the cell towers, and that means they're running off someone else's. Why can't you say who? Other virtual carriers have no problem saying that they run on Verizon or T-Mobile.

https://www.youtube.com/watch?v=K1C-bR728ro interview for Cape starts at about 30 minutes in. Ironically, the podcast is called "Snake Oilers" and it's a paid-promotion thing, sooooo take this with a grain of salt.

[–] hansolo@lemmy.today 10 points 15 hours ago (3 children)

https://cyberscoop.com/cape-phone-privacy-calea-tracking/

Good article which points to a few promising aspects. They seem to have their own phones (as of Nov 24) as part of this. Second, that their market is "high risk" individuals. So people with money, it sounds like. If the pricing reflects a market for governments, celebs, and crypto bros trying to not get SIM swap attacked, then it's not likely a honeypot for Feds. Maybe.

I hate the idea of only being allowed to use their phones, but that might just be their "easy mode" for idiot celebrities or government contracts. If they can give me a physical SIM, I'm interested.

I would not be an early adopter. Hang and see who isn't a plant that joins.

[–] Truscape@lemmy.blahaj.zone 7 points 15 hours ago (2 children)

The feds have already pulled a similar stunt with another manufacturer+software combo. (https://en.m.wikipedia.org/wiki/Operation_Trojan_Shield#Distribution_and_usage)

The only thing that makes this smell legit is the fact that it is a provider and probably only eSIMs. But even then, this is not very good opsec to be deliberately using a marketed product that will likely have an identifier for their cell traffic. Graphene works as well as it does because it runs of pre-existing hardware to be more inconspicuous.

[–] guismo@aussie.zone 2 points 12 hours ago

they contracted with the AFP to run the first node of the server and process the data. (Australian law does not provide the same protections as U.S. law for its citizens.)

Thanks for that link. I didn't know that. We are below the US in privacy laws! Is there any first world country worst than Australia?

They said all users were criminals, but who knows what they are calling a crime, specially with the retarded laws down here...

It shows what I suspected, that Australian software and servers must be avoided even more than Americans.

[–] hansolo@lemmy.today 2 points 13 hours ago

Well, opsec can only go so far. At some point you need data packets traveling over real wires, and it's a question of who do you trust with unencrypted data like SMS? Using a data only VPN is "clunky" for wealthy manbabies, who demand less friction in everything they do.

Simply having your data going to their service is immaterial since it's likely the phone number also indicates it's a Cape carrier phone, and the IMEI of the phone doesn't ping for any other carrier.

It's a strong "ugh...maybe, we'll see" from me, but I wouldn't bother with it for another 6 months and see if it ends up one of those super elitist things wealthy people talk about only to each other.

[–] collar@lemmy.world 5 points 14 hours ago (2 children)

So, they have their own phone that is for high risk individuals and is not available to the general public. Then, separately they have their own mobile network that you can use with any regular phone and they sell Pixels on their website (for $50, you can have them pre-load GraphineOS). The AD i posted is for their cellular network, which is not related to their own first-party device.

[–] hansolo@lemmy.today 4 points 13 hours ago

It's a good call to post, but waaay too soon IMO too bother with it. It might simply be flash in the pan marketing for VC funding and not work. It might be a total scam. It might be legit and poorly run. It might be the real deal. It's hard to say without more data.

[–] AmbiguousProps@lemmy.today 2 points 12 hours ago (1 children)

You should not use a phone with preloaded graphene without first checking the hash. It's also kind of insane to charge $50 for it, when Graphene's web installer just has you click buttons to install. You can even use another phone to do it.

[–] collar@lemmy.world 2 points 10 hours ago

100% agree. I would definitely not have them install graphene for you. Do it yourself so you know what’s in the installation

[–] zen_killoran@lemmy.world 3 points 14 hours ago

The best answer

[–] TaviRider@reddthat.com 5 points 13 hours ago (1 children)

Previously discussed three months ago at lemmy.ml/post/33176527. Not sure how to format that link correctly though…

[–] jet@hackertalks.com 2 points 7 hours ago

https://lemmy.ml/post/33176527

[–] pfr@piefed.social 3 points 12 hours ago

This is probably a question for the Graphene forums

[–] Truscape@lemmy.blahaj.zone 6 points 15 hours ago (1 children)

Could be a honeypot.

[–] collar@lemmy.world 3 points 14 hours ago (1 children)

That's always the concern with privacy-focused services, especially if they're not open source or audited.

But if we think about the practical application -- who needs a honeypot for cell phone services? Carriers already collect so much data (location, telemetry, payment, government-issued ID, etc) and sell it willingly to whoever wants to buy. How could Cape be any worse? lol. If they adhere to any of their stated policies it seems like a plus, no?

Additionally, at least to me, Cape is not marketing the way the Anom phone did, where it trying to gain adopting by nefarious users. That's my take - I'm not advocating for Cape since I don't really know much about them, but I'm trying to put things in context.

[–] Truscape@lemmy.blahaj.zone 1 points 12 hours ago (1 children)

The way anti-fingerprinting techniques work is by making you as much of a background digital character as possible. A privacy conscious user spoofing location and network traffic data on AT&T, Verizon, or T-Mobile is going to be far less likely to be singled out compared to customers on some bespoke cell network.

You should try to fake your traffic on a standard phone network (Using something like GrapheneOS with more granular control) to simply appear like another faceless data point rather than a "paranoid privacy user who bought this subscription for the privacy people", because that traffic will raise eyebrows much quicker.

[–] collar@lemmy.world 2 points 10 hours ago

Fair points. Different strategies for different threat models I assume. Anonymity through hardening (if we take Cape at their word, big if) or security through obscurity.

[–] einkorn@feddit.org 3 points 15 hours ago (2 children)

So, how is this supposed to work? From what I can gather at a quick glance it appears to be a VPN of some sorts but for cellular data?

[–] NullGator@lemmy.ca 1 points 9 hours ago

They offer IMEI spoofing, geofenced profiles, etc. It would function better than a VPN in theory.

[–] collar@lemmy.world 2 points 14 hours ago

You get you phone number through them and they act as your carrier and then they use other telcos that have the physical infrastructure to service calls/data. Not that different from how Mint or other virtual networks operate, but Cape alleges to collect little data about its users and not to sell any user data.

[–] solrize@lemmy.ml 1 points 12 hours ago

What? Lol.

load more comments