Hey all, I'm one of the creators of BurnerPhone, and just wanted to leave a comment with a few facts about the product.
We weren't really planning on launching this thing so quickly (we planned on making improvements to the site, etc. and launching in the next couple of weeks) -- but since all the press about the NSA / phone stuff came out it seemed like a good time to put our MVP online.
Anyhow, we're basically trying to provide our users with a secure-as-possible communication device that allows them to remain as anonymous as possible. Yes -- the government can definitely collect call data and SMS data, but by using different devices and SIM cards (phone numbers) you can abstract away all but the most difficult to track details: your voice, your writing style (sms messages).
Using a BurnerPhone allows you to make phone calls and send SMS messages that won't be linked back to your by your telco billing records.
In regards to how we work:
- These phones come with unlimited talk and text for 30 days, nationwide coverage.
- We piggyback off of tons of US carriers, so depending on where you're located, you'll be connected to a different cellular network.
- You can recycle these phones (we have a lot of plans with this in the future).
I'd love to get some feedback from you guys, really respect HN and your opinions.
Also, if you want to prevent tracking at the USPS -- ship the phones in unmarked boxes with postage purchased with cash. Don't use a return address and randomize the post-offices drops you utilize to send the packages.
When the phone is turned on, the phone communicates with cell towers. This can approximate your location. To be truly anonymous (as much as possible) you should have the phone cut ALL communication with the cell towers. When you make the call, the antenna turns on, call is made, antenna turns off.
Additionally if the phone can be configured to use wifi for phone calls, then ideally you decrease the possibility of the location being tracked.
If the phone is on in theory authorities should be able to pull records from the cell companies and track every place the carrier of the phone visited.
For added shipping security always ship from a VERY high volume shipping place. This way its hard to isolate your package, but not impossible.
Using the existing phone network? Probably not easily.
I think the ideal way would be to make the device a passive satellite receiver. Then when a phone call arrives for your device, the satellite broadcasts a message which your device can passively receive which tells it to wake up and get on the cell network.
In theory you can do this with cell towers (it's how pagers work -- you may even be able to reuse the existing infrastructure), but in that case you either have to know somehow which tower is in range of the device (which obviously leaks the device's general location) or you have to broadcast on all towers everywhere (which, as wireless bandwidth increases, becomes increasingly practical since the incoming call message would have nearly trivial length).
Bitcoin isn't anonymous, and if the NSA has infiltrated the various Bitcoin whitewashers (er, "exchanges") it also has your incoming transaction history, to boot.
If you control both the tor entrance and exit nodes, you can unmask the user. Statistically, controlling 300 nodes (~1% of the network) should be enough to unmask a large number of users. It is not hard to spin up a whole bunch of servers to the mix, and I would find it very hard to believe that the NSA/similar does not already control a substantial portion of the network.
You can go online and add an address or call the number on the back. I have done this with a pre-paid Amex, simple as can be (you can choose any address!).
Why is turning away business smart - don't prepaid cards get authed the same way normal cards do? Are they commonly associated with fraudulent orders? I am genuinely curious, they seem like they would be generally safe for merchants to accept online.
They're generally associated with fraudulent orders in a lot of markets. They're easy to get and hard to trace, and limit the liability of the person doing it. I've heard that they're common to use for buying resealable goods to launder smaller amounts of money.
Are you willing to insure, in real money terms, the privacy of your customers from leaks/warrants at your end?
If so, how much? Can that money be held in escrow by a third party?
Are you willing to go to jail for your customers? For how long?
If a customer orders 134 phones ($10k), will you comply with any relevant federal financial disclosure guidelines?
If served a national security letter that includes a gag order, how will you react?
Will you accept cash transactions through the USPS, with only $75 and an address enclosed?
Can you prove that records are not kept? How?
These questions are partially rhetorical, but for people who want/need anonymity, they're important.
edit, to keep questions in one spot:
How do you anonymize shipping? It's straightforward to find ways to accept anonymous payment, but how do you keep the Man from following all outbound packages from burnerphone?
What are advantages over buying a gift card with cash and purchasing a phone online or through an intermediary?
We're totally aware that we need to be a lot more explicit and include more information on our site about the product / processes / security stuff. We've been working on this for a while now, but kind of rushed the launch due to the recent press over the NSA stuff -- we figured it was better to launch early than delay.
We're actively working on answering all those questions, and will be including a page which covers all the security aspects fully in the next week-ish.
We're 100% dedicated to making this work for our users (and ourselves), and providing real security for people.
While it's probably good to answer these questions eventually for your clientèle, don't worry about an early or rushed launch. As Reid Hoffman said, "If you're not embarrassed by the first version of your product, you've launched too late."
How are you planning on proving that no records are kept? I'm currently engaged in a project that takes privacy very seriously and that also makes that very promise (amongst others). I would be very interested in hearing about your approach.
A huge pile of escrowed cash, held against any release of records (inadvertent or otherwise), does seem to be a way of moving some of that trust around.
The only way I could think to do it would be to have it process the transaction in memory and never store the data at all. Make the running code open source, and make it hashable in some way so that when you visit the site, you could tell if the current running version is the same as the one in the code repository.
That $10,000 limit you're thinking of only applies to money service businesses. Specifically, it's from the Bank Secrecy Act and is invoked in reference to negotiable instruments.
Have you guys consulted an attorney and tax professional to verify all of this is legal? Maybe I'm just naive but it sounds like by destroying all records of every sale and shipment, you guys might be setting yourselves up to get shitfucked if the IRS comes after you with an audit. But then again I don't know much about the telecom industry or their reporting standard.
Less than 6% of business reporting less than $5MM / year are audited. If the IRS might take especial interest in this business, we're getting back to why this business is getting attention from this crowd.
Do you deny all GSM technology have state accessible wiretapping built in?
Also, your product is less anonymous than paying cash for a pre-paid phone at a store because you ship it to a physical address.
Buying this phone from you instead of NewEgg is worse for privacy because with traffic analysis it will be easy to identify the sales to you as opposed being mixed it with the 9k orders NewEgg gets a day.
Why should people trust you not to be a FBI run honeypot (like they do with warez BBS, etc. etc. ad nausium)?
Your target market seems to be the unwise and the gullible: even the purchase of one of these overpriced phones is made using a reasonably anonymous currency (e.g. tumbled Bitcoins) there is a still a record of delivery address.
Thus, these phones of yours are completely unsuitable for any sort of serious anti-Government whistleblowing, and probably inappropriate even for criminal communication, given the ease by which electronic records can be accessed by the various police authorities.
This is either a deliberate scam, or a really stupid business idea.
I think the market will be more the ineffective but paranoid types. Anyone who wants to be truly anonymous will work hard to reduce, not increase, the amount of interaction other people have with their plan.
The old saying "two can keep a secret if one is dead" is apt as using this service only adds extra layers of things that can go wrong and are out of control of the person buying the burner phone. The only way I could see this as even potentially useful is to maybe buy the phone and store it in case its needed in the future hoping by the time its needed the trail has gone cold.
don't blame this startup for trying. i don't know how big a cut the telcos take and yes, a phone should not be that expensive but we'll see where the price goes. for a start, higher prices are completely normal and later hopefully some competition will bring the price to more reasonable levels. ultimately anonymous would it only be if wallmart started buying them in bulk and people could grab one at the counter paying with cash.
You know that Walmart, and gas stations, and bodegas sell these already right? That's why this is a bad idea. Not only is this less anonymous from buying from Walmart, but it's more expensive as well.
The price was really a minor point against the idea. There are more fundamental issue that makes this a non-starter for supplying an actual "burner phone".
Some business advice, you are opening yourself up to interesting levels of CC fraud (desirable good, lack of needed info, lack of data for pattern checking). Which if chargebacks don't directly kill your bottom line, the payment networks will simply cut you off for your high fraud.
I hope you fail with CC and let the public know bitcoin's strength rather than see sneak in some paragraph in the small print of your TOS that allows you to keep the CC data for half a year just in case.
We've added Bitcoin support since this comment was added -- but if you look at our website copy now we've revised it to pushed users towards using Bitcoin as the preferred payment medium.
Actually, one more question. I see that you're marketing the Tank T190 phone by Blu which can be purchased on Newegg for $25 (http://bit.ly/ZyKBHA) and packaging it with an unknown 30 day data plan with talk and text which sounds very similar to the 30 day talk + text ReadySIM card which retails for $40 (http://bit.ly/13qyhtM). I guess what I'm wondering is what your company is adding to this equation for the extra $10 aside from being a middle man to obscure the trail? Also have you obtained permission from Blu to use their imagery?
Does it have cool special features like a microphone that ca be turned on (preferably even when the phone is off) and used as a room bug? My current phone has this and I'd really miss living without it.
Does the 30 day talk time start when you get the phone? Or after you make a call? I'm curious if this is something that you could buy and then hold on to as a backup or emergency phone.
Many Finnish prepaids are activated from first outbound call. So actually you can use SIM and receive calls, without starting the day counter. Only annoying thing is that SIM must be in home network before it's getting activated. So I can't send Phones & cards all over europe to only receive calls & SMS without starting the timer. In many countries you can get anonymous SIMs direclty from any SIM card automat.
I'm generally curious if there will be any (or many) "legitimate" (using it for a genuine belief in privacy for the sake of privacy) users of this phone? I mean, it costs more than a traditional cell-phone plan presumably and with fewer features... so anyone actually using this probably has something to hide to go through this length (or he is Richard Stallman).
We don't keep these records -- after we ship we destroy it.
The USPS would have records for this sort of thing, of course, but you could also have items shipped to PO Boxes, places that offer greater anonymity, etc.
Furthermore, it's very unlikely that within 30 days of usage you'd be tracked down / monitored and have records queried like that.
It's definitely not a perfect system, but we're working on it :)
Oh, a data plan would probably make a killer feature. Not sure how you would deal with people doing "things that are rightfully illegal" with it, though.
> Not sure how you would deal with people doing "things that are rightfully illegal" with it, though.
One of the things about privacy-boosting mechanisms is that they explicitly do not make such a judgement. In other words, they refuse to deal with it on principle. The exact letter of the principle differs between the actual people implementing the mechanisms, but the result is generally the same.
I don't personally agree with it, though, so that's my limit on being able to explain it.
Any idea what the implications for taking this device out of the country are, given the number of carriers you guys rely on? If you could elaborate on how you guys deal with the carrier networks, I'd be really interested, but I understand if you don't want to.
Great idea, by the way.
EDIT: Ooops, just saw your response to the Canada question below. Ignore this.
You can do either. This is our MVP and we didn't yet have a chance to write all the copy the way we wanted.
We're working on improving the site / product a lot, and will definitely talk about recycling. We're also considering a program where after 30 days are up, you send us the phone back and we'll get it shuffled around.
What a great show. And interestingly, despite being fictional, the point where the dealers failed was the collection of the phones - just the issue discussed above.
I recall that phones were supposed to be bought from stores all over the place, but a lazy gang member kept getting all of them from one source.
While I haven't heard the term burner phone outside of The Wire, I assumed it had been a real term since the writers were so close to these subjects. What I meant (more precisely) was that, from my perspective, The Wire popularized the term for a broader, non-burner purchasing audience.
Hah, no. Myself and my partner both work in the telephony industry, and are familiar with the name 'burner phone' (sounds kind of cool, usually refers to those spy phones that get thrown away in movies).
Unless you actually created the phone itself, all you are doing is putting a Sim card in it, and calling it a BurnerPhone. No offense, but I can't just buy an iPhone, put a Sim card in it, and call it the YoPhone.... Can you clear up the fact that you make the phone or you buy it yourself in bulk?
All phones have a unique identifier that is sent along with the SIM identification. Fairly easy to connect your "anonymous" SIM with any others you've used.
We weren't really planning on launching this thing so quickly (we planned on making improvements to the site, etc. and launching in the next couple of weeks) -- but since all the press about the NSA / phone stuff came out it seemed like a good time to put our MVP online.
Anyhow, we're basically trying to provide our users with a secure-as-possible communication device that allows them to remain as anonymous as possible. Yes -- the government can definitely collect call data and SMS data, but by using different devices and SIM cards (phone numbers) you can abstract away all but the most difficult to track details: your voice, your writing style (sms messages).
Using a BurnerPhone allows you to make phone calls and send SMS messages that won't be linked back to your by your telco billing records.
In regards to how we work:
- These phones come with unlimited talk and text for 30 days, nationwide coverage.
- We piggyback off of tons of US carriers, so depending on where you're located, you'll be connected to a different cellular network.
- You can recycle these phones (we have a lot of plans with this in the future).
I'd love to get some feedback from you guys, really respect HN and your opinions.