Your phone is more than just a communication tool; it’s a powerful tracking device, and the SIM card inside is a key reason why. I don’t actually have a SIM ...
Very interesting video about the tracking of cellular networks.
Simless phones can make emergency calls because the towers are configured to accept a request for an emergency call to any device that handshakes sufficiently (in Europe and most of Asia anyway, I assume also true of USA because it does work).
The phone is able to contact the nearest tower and initiate a call because it scans for the nearest towers in the boot process in order to go to the next step (check sim details and connect to configured provider). In the process of determining available towers it provides the IMEI to each of them.
If you live in a country where you have to provide ID to buy a handset then this definitely isn’t anonymous, but even if you are in a country that doesnt, all the manufacturers track where every IMEI is shipped, and sku numbers on POS will easily allow determination of exactly when the device was sold. Even if you paid cash there will be CCTV footage of the purchase.
TL;DR this will work mostly until you make a mistake against corporate tracking but will absolutely not protect you from three-letter-acronyms and law enforcement.
Consider your threat model carefully before relying on it
But it doesn’t work. The phone just says “NO NETWORK” and you can;t make any calls,
You can make emergency calls on a phone with an expired SIM card whose phone number has been re-used. So that would not be traceable to the number, but they can still triangulate your position.
Simless phones can make emergency calls because the towers are configured to accept a request for an emergency call to any device that handshakes sufficiently (in Europe and most of Asia anyway, I assume also true of USA because it does work).
The phone is able to contact the nearest tower and initiate a call because it scans for the nearest towers in the boot process in order to go to the next step (check sim details and connect to configured provider). In the process of determining available towers it provides the IMEI to each of them.
If you live in a country where you have to provide ID to buy a handset then this definitely isn’t anonymous, but even if you are in a country that doesnt, all the manufacturers track where every IMEI is shipped, and sku numbers on POS will easily allow determination of exactly when the device was sold. Even if you paid cash there will be CCTV footage of the purchase.
TL;DR this will work mostly until you make a mistake against corporate tracking but will absolutely not protect you from three-letter-acronyms and law enforcement.
Consider your threat model carefully before relying on it
Thanks for elaborating. This was an interesting read.
In germany for example is it not possible to perform an emergency call without a sim card. But this is thanks to a law and not the technical side.
But it doesn’t work. The phone just says “NO NETWORK” and you can;t make any calls,
You can make emergency calls on a phone with an expired SIM card whose phone number has been re-used. So that would not be traceable to the number, but they can still triangulate your position.