Cell Service for the Fairly Paranoid

Original Article ↗ Hacker News Discussion ↗

Product & Feature Set

  • Runs as a full MVNO with its own mobile core and signaling firewall, but relies on existing towers (no own RAN).
  • Key features discussed: IMSI (“identifier”) rotation every 24h, SS7 “Network Lock” protections, encrypted voicemail and “last‑mile” encrypted SMS, secondary non‑VoIP numbers, SIM‑swap protection via cryptographic SIM changes, disappearing call logs, secure global roaming, private payments.
  • Secondary numbers are real cellular numbers, fixed until user deletes them; not rotated automatically.

Privacy Gains vs. Limitations

  • Cape’s model: treat towers and upstream carriers as untrusted, add “noise” by rotating IMSIs and spreading traffic across multiple partner networks, and minimize Cape‑side logs.
  • Multiple commenters note that IMEI and location are still visible to towers; IMSI rotation alone is likened to “clearing cookies but not changing IP.”
  • Cape staff concede there is no silver bullet: they reduce surface area and data value, not eliminate tracking.
  • Debate over baseband risk: some call it overhyped due to IOMMU and OS isolation; others argue any extra trust boundary (IOMMU, TPM) is itself another potential failure point.
  • Standard advice reappears: for content, end‑to‑end apps like Signal remain stronger than PSTN/SMS plus any carrier‑side privacy.

Trust, Honeypot Fears & Governance

  • Heavy skepticism around ties to the defense sector and previously working at a major surveillance‑associated firm; some see this as disqualifying or “honeypot vibes.”
  • Others point out mainstream carriers already sell or leak location and metadata; even if Cape were compromised, some features (SIM‑swap resistance, encrypted voicemail) would still help against common threats.
  • Founder and staff repeatedly and explicitly deny being a honeypot, emphasize minimal data collection, notification of non‑gagged legal process, and intent to challenge overbroad requests.
  • Requests for warrant canaries, open source, and third‑party audits; Cape says canaries aren’t realistic for a US telco but they are pursuing independent audits and more transparency.

Comparisons & Alternatives

  • Several users prefer a “privacy Twilio” or VoIP‑fronted number (e.g., Twilio + unknown physical SIM), arguing you can get SIM‑swap resistance and programmable SMS firewalls without trusting a special carrier.
  • Other options mentioned: Google Voice, jmp.chat, VoIP.ms, online SMS banks, Phreeli, Purism AweSIM, Credo, silent.link, Visible, Mint, etc.
  • One daily user reports Cape works well on iPhone and praises the security features; others suggest using Cape only on a secondary device until it proves itself.

Pricing, Plans & Practical Issues

  • US‑only service, $99/month, premium vs typical MVNO pricing. Some want much cheaper, low‑data, privacy‑focused plans or family/bundled billing.
  • “Unlimited high‑speed data” is criticized due to throttling to 256 kbps after 50 GB; Cape agrees the wording is misleading and is open to higher throttled speeds and user‑defined soft caps.
  • No support yet for Linux phones; eSIM activation outside the US and multi‑country numbers are requested.

Regulation, Abuse & KYC

  • Debate over how KYC rules apply to US carriers: some claim anonymity is incompatible with robocall‑mitigation requirements; others note you can still buy largely anonymous prepaid service in practice.
  • For fraud/robocalls, suggested that simple heuristics on call volume per account could be enough, even with minimal identity.