To get a sim card (even prepaid) in Austria you need to provide a valid ID/passport. If it's not an Austrian/German/Swiss ID you will need to go in person to activate your sim card. This would make it really difficult for someone to manage a few accounts.
So tell me how this will work. Will you swap SIM cards just to post anonymously sometimes and let the telecom providers (among others) find out what your other SIM cards are through your device ID? Or will you get a SIM card from another country to use exclusively and pay roaming costs / live with a worse data plan in Austria?
People apparently forget that telecoms providers cooperate with authorities, new legislation is planned for this too.
> So tell me how this will work. Will you swap SIM cards just to post anonymously sometimes and let the telecom providers (among others) find out what your other SIM cards are through your device ID? Or will you get a SIM card from another country to use exclusively and pay roaming costs / live with a worse data plan in Austria?
> People apparently forget that telecoms providers cooperate with authorities, new legislation is planned for this too.
Also remember that as soon as you connect to the cell phone network, your location is made known. If you ever slip up and use your personal and private sims in a more private place, you are likely to get caught. Coupled with other potential identifier leakage (like device id as you mentioned) the opsec bar is high for this use case.
> Roaming costs are basically non-existant these days in the EU.
Data plans can be limited for other countries, even within the EU (and frequently are), i.e. if your prepaid contract allows 5GB monthly data transfer for free, the provider might limit this to 500MB for roaming and beyond that limit, you can pay a hefty fee per MB.
In general, prepaid cards aren't famous for having a generous data plan...
But in eu it's more like 20euros for 100go/month and 25go of roaming.
The main problem is tje provider will close your account/ask you to pay more if you use roaming exclusively
Giffgaff in the UK gives you 20GB for £20 on pay as you go, and it can be used up to that limit anywhere in the EU. And you don't need a passport to get a simcard either.
I cannot say for sure but as I remember EU countries eliminated roaming charges, even for prepaid.
OTOH there are not so many EU countries that sell prepaid without ID.
"So tell me how this will work. Will you swap SIM cards just to post anonymously sometimes and let the telecom providers (among others) find out what your other SIM cards are through your device ID?"
Imagine connecting to the Internet using a non-phone ?
Alright then I am mistaken. But I do know for sure that you are required to show ID to get a sim card inside the country and there are no unregistered prepaid cards.
this will work for a minority who pay attention to privacy, though the majority just won't bother. The problem I think is that because it's being criminalized to have an anonymous SIM the average citizen will just comply while those who have something to say are silenced.
what you suggest is a really good technique which has the additional benefit of inheriting the social graph of whoever owned the phone before. it's easy to get them from immigrants in one of the mom+pop shops offering international "calling-home" services.
tbh I'd rather not considering how easy it is to give the wrong advise. OpSec is a deeply personal affair very everything you do (and don't do) needs to be tailored to what you're trying to protect and consistently (!!) revised.
I did a writeup that was aimed to illustrate the insane complexity of OpSec and for people to follow along to achieve better privacy (e.g. first install some browser plugins, then /etc/hosts blocking, then pi-hole, then Tor, etc ... so it gradually introduces people to the idea, until eventually the steps become too hard or impractical for them). Also be warned about the psychological pitfalls of what secrets/compartmentalization can do to the brain and remember that cops and spooks have specialists to support them while a lone wolf trying to protect themselves remains exposed to these dangers this can do to your mind.
some of the first couple of "Steps" from the document should be ignored in 2019 (or moved to the bottom - to where the more difficult points are listed - because people will get it wrong) and are no longer useful but the final points of the document give some tricks on how to hide completely. Things like sending a friend around the world with a budget of monthly $50,- debit card for beer money (under your name) remain highly relevant.
Other things are totally missing such as what to do if you think your phone is compromised or how to do damage control in general.
Again be warned that certain points are very dated and may not give you the protection they promise in 2019:
> Use a burner phone with a prepaid SIM to safely enable 2-Factor Authentication (2FA) without leaking your primary mobile number to any «cloud based data-krakens». Nokia’s relaunch of the 3110 is OK for that purpose and doesn’t immediately out you as somebody holding a burner phone in their hands. But the problem is that it has a GPS chip and camera. Probably a show-stopper for stricter scenarios. Just get any cheap phone that doesn’t include the word «smart» in the name. You want to be able to text and that’s it. Consider buying a used prepaid SIM for a few extra bucks from somebody not associated to you and who hasn’t advertised this to you before either. In some countries this might be your only choice meanwhile. Immigrants are usually happy to sell their prepaid SIM for some extra cash. This gives you a number including all existing metadata (call and movement history visible to the operator and the spooks) already associated to that device and its previous owner. You have now purchased the «cover» of a whole network of people connected to the previous owner. This adds plausible deniability to what would otherwise be a pristine dataset (starting from zero). You will also inherit any active tracking that the original device owner themselves might have already accumulated. So if you’re unlucky you may buy the phone from someone under active surveillance. However the idea is that as data-sets age they increase in value to anyone studying them (and people who do are never your friends regardless if you have anything to hide). In other words, what we did above with TrackMeNot/AdNauseum, we’re now repeating with a prepaid SIM from a stranger.
