All questions are in bold for ease of use.

The major carriers in the United States participate in NSA surveillance (except for T-Mobile apparently, because it’s based outside of the US. Except they bought Sprint, which participates.) and that, along with other major privacy issues, means that the market for private carriers is incredibly slim. When I found out that some carriers, such as Mint Mobile, piggyback off of Verizon, I wondered: What’s stopping a carrier from simply E2EE everything from Verizon, and then using Verizon to transfer the data? Obviously, the encrypted data could still be collected and sold, but it wouldn’t matter if the encryption was setup properly, right? I’m looking to better understand how this works, and, if a solution exists, potentially be the first to make it happen. The reason I’m not suggesting creating a carrier without piggybacking is due to the sheer cost and lack of support it would have, which would lead to poor adoption. Also, if carriers simply don’t support E2EE, couldn’t carrier locked phones install the software (since most install software anyways) required to make E2EE work?

  • Melody Fwygon
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    9 months ago

    Personally I think there are possible federal wiretapping laws that might have something to say about a telecom that is offering an E2EE secure phone line to someone who is not on duty as a police officer (cop), federal agent (glowie), or other authorized federal, state or local employee (bureaucrat, with data that has legitimate need to be protected).

    That’s not even considering the entitled political hand-wringing about terrorists, spies, drug dealers, pedophiles and other so called “EVIL” people who “should not have access to such a powerful tool” because “it’s our law enforcement’s right to catch them in the act.” Unfortunately it’s a nuanced problem and we can’t wave away all of that hand-wringing, even if we think most of it is dramatic and performative. They do have some points.

    But…even if we were to suppose for a moment that all of the above issues are not a problem… because something likely happened to wake people up to the need for privacy…we would be facing an entirely new set of technical challenges to hurdle over.

    As our current cell networks are structured; we would need to deploy cell phones with phone numbers that do not typically allow routing of outbound unencrypted calls…instead all phone calls would need to be routed over cellular data (AKA LTE or 5G). These calls could definitely be nominally routed by an existing application such as Signal and would require that remote recipients also install the Signal app to receive encrypted calls.

    Essentially you’d have a phone which is a Data+SMS only line with a phone number for ease of access. You wouldn’t be able to make outbound unencrypted calls or send SMS messages except to emergency services.