You should also beware that if you use the Google Play stuff for push notifications to work (even sandboxed afaik) it will include the IMEI in the payload when it phones home to Google.
Is it a good enough solution for IMEI tracking to use an alternative device to provide a hotspot connection?
What?
So you wanna use another phone as a hotspot and connect your GrapheneOS Phone to it?
I mean, what exactly do you mean by "IMEI Tracking"? Location?
Well they won't know the location of your GrapheneOS Phone, but they'll still know the location if your alternate phone. Not sure what you're trying to achieve here.
The main goal here is to keep my device's IMEI number private, so that it appears to the service provider as if my phone has never used cellular data. By hiding the IMEI, the provider won’t be able to associate the device with me when I use it solely on public Wi-Fi such as in a café, or be able to track me with IMEI if my IMEI number is leaked by some service or app that I accidentally used. They might see that a new device is connected, but they won’t be able to identify that it belongs to me.
Now that I think of it twice I think you got a point Solely connecting to WIFI doesn't seem to leak my IMEI number. But I'm not sure what else will except for using SIMs.
I guess I just don't like the idea that a persistent number could be used to identify me.
Though I'm still curious about:
May I also ask how much information is carried to the second device by using hotspot? By this I meant the phone with IMEI will be able to know my device name, but what else? Will the phone with IMEI also be able to know the device model?
By hiding the IMEI, the provider won’t be able to associate the device with me when I use it solely on public Wi-Fi such as in a café
I think you're a little confused. Connecting to Public Wifi (or any wifi), will not reveal IMEI, it does reveal your Wifi MAC Address, and if you have Bluetooth on, it will reveal your Bluetooth MAC Address, but will not reveal your IMEI (unless you have malware on your phone).
In modern smartphones, including iOS, Android, and especially GrapheneOS, Wifi MAC addresses are spoofed by default, generating a random MAC address for each Wifi network. You can even go to Developer settings of Android to enable randomization for each different session of the same wifi network (or you can "forget" the network and reconnect and, from my testing, it would immediately change the MAC address for that network).
Although, if you have iOS or Google's Android, you can't be sure if the companies themselves are tracking you, but but a privacy Android ROM (like GrapheneOS) with Wifi MAC randomization enabled should be very safe.
Keep Airplane mode on so it stops connecting to cell towers.
Though I’m still curious about:
May I also ask how much information is carried to the second device by using hotspot? By this I meant the phone with IMEI will be able to know my device name, but what else? Will the phone with IMEI also be able to know the device model?
Your device name and Wifi MAC address is revealed, so change the default "Google Pixel" to something else to hide the fact that it's a Google Pixel. But, some wifi access points can detect your device model anyways. My Xfinity gateway will show my Phone's name and what model of phone I have. So I'll just assume that: Device Name, Device Model, and MAC (which is randomized) is known. Shouldn't be that much of a privacy risk unless Google Pixels aren't popular in your area. If there are a lot of Google Pixels around, they can't prove it was your Google Pixel.
thank you for the clarification!
changed my device name!
I cannot find any reliable source that says personal hotspot can see the device model connecting to it, would be really great if someone could clarify this here.
But, some wifi access points can detect your device model anyways. My Xfinity gateway will show my Phone’s name and what model of phone I have.
I believe this is true as there is browser plugin for spoofing device model
I'm not exactly sure what you're trying to do here. Yes, if you use a phone as a hotspot, everything going through will be associated with that hotspot phone's IMEI.
thanks a lot.
I am trying to keep my device IMEI information private
May I also ask how much information is carried to the second device by using hotspot? By this I meant the phone with IMEI will be able to know my device name, but what else? Will the phone with IMEI also be able to know the device model?
It will know as much data as it would for any other wireless client. MAC address mostly.
I am trying to keep my device IMEI information private
By replacing it with another not-private one? For what purpose?
using another not-private device is just a temporary solution. In the end I would like to use a portable router that supports MAC/IMEI randomnization
Not sure how that would work. IMEI is how the carrier knows who you are and grants you network access.
They certainly can be spoofed or cloned.
But thats as illegal as it gets and faces serious proscecution.
Spoofing IMEI isn't helping if OP pays for the service with bank account / credit card, or walks in a store to pay but with face exposed, or turns on the cell-hotspot device on at home (because they'll be able to associate the SIM/Service-Plan with your address via cellular triangulation, and thus your identity)
You should be clear about what your threat model is. What are you willing to accept? What are you willing to trade?
Using a phone only as a Wi-Fi device is probably going to reduce the information surface you exposed to the world.
thanks a lot
May I also ask how much information is carried to the second device by using hotspot? By this I meant the phone with IMEI will be able to know my device name, but what else? Will the phone with IMEI also be able to know the device model?
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)