1. 27
  1.  

  2. 6

    Just wanted to say hi – I’m one of the co-founders of this effort and would love to answer any questions or discuss further.

    1. 7

      I have a Graphene phone with absolutely no dependency on Google services. This is for privacy reasons. Hence, no Google Play access, and no Google Play services. The few apps I use (that are compatible with this setup) come from F-Droid or are downloaded directly from the software manufacturers website. Would you consider providing a version of PGPP that is compatible with de-googled phones?

      1. 4

        We’re working on adding an apk distribution for F-Droid and/or side-loading. Relay works on GrapheneOS out of the box, though currently eSIM functionality does require sandboxed google play: https://grapheneos.org/usage#sandboxed-google-play-esim

        Much much more on that here: https://github.com/GrapheneOS/os-issue-tracker/issues/159

        1. 2

          I don’t know much about sandboxed google play.

          1. If I set up PGPP Mobile Core using sandboxed Google Play, will my phone contact Google servers? What information is exchanged? Will Google now be tracking my IMSI and my location?
          2. Do I need a Google ID?
          3. If I install Aurora, does that eliminate the need for a Google ID?

          What about Calyx and MicroG? Does the eSIM functionality work on Calyx?

          1. 2

            Yup – the eSIM functionality works with CalyxOS and MicroG from what we’ve found.

            1. 1

              I don’t know much about the PGPP project but I use GrapheneOS and have been following their development for a while.

              1. If I set up PGPP Mobile Core using sandboxed Google Play, will my phone contact Google servers?

              Yes. Sandboxed Google Play by definition will contact Google. As for:

              What information is exchanged? Will Google now be tracking my IMSI and my location?

              I’m not sure.

        2. 4

          This seems extremely cool. Can you share which U.S. networks the underlying connectivity uses? (The website doesn’t explicitly say you’re an MVNO but I’m gonna go ahead and assume you didn’t put up towers everywhere.)

          1. 2

            Currently in the US it’s lte on ATT. There’s also a prorated refund policy if you’d like to try it and test your network coverage.

        3. 5

          The research paper behind this is here.

          There are a few huge problems with this right now. The first is that the IMEI doesn’t change, because that’s hard to change in Android right now. The second is that it’s very obvious who is using PGPP in a given area, and since there won’t be a high density of users for a long time, those users are going to be readily identifiable. But, with enough time and money, both problems could be fixed.

          Edited to add: Google can also track you, since they know your Google ID and your IMSI. And since the Android components to change your IMSI require Google Play Services which requires a Google login, this isn’t avoidable. Again, fixable with sufficient time and money.

          1. 2

            Thanks – yeah, the hardware identifier aspect of any of this is challenging. Even if we got rid of all hardware identifiers, the PHY of almost any wireless device can be uniquely identified today. Like most things mobile, there isn’t one clean answer but many overlapping and incomplete (and not-universally-globally-true answers). IMEI, for instance, is not part of actual connectivity protocols, but it does get queried by some mobile cores with some frequency (which and what frequency varies). (It’s also possible for thousands of devices to have the same IMEI without causing problems. And, strangely enough, even for devices to have the same IMSI and not cause problems, as we talked about in the research paper, but for a different reason.)

            The google aspects are, I think, more solvable through alternative Android variants; to our knowledge (and we’d like to learn about it if it’s otherwise), Google as a service (not their code, but actual network services) is not actually involved in the network protocol in the actual eSIM operations.

          2. 2

            This sounds like a great initiative — all except the unfortunate choice of names! In spite of the good intentions of many and having done much good along the way, at this point in history PGP is an absolute fiasco. I can only hope the boondoggle of legacy protocols and differing implementations in its namesake does not forebode anything for this project.

            1. 1

              This is so cool, and I will purchase it to get off Google Fi as soon as I possible can.

              @barathr - thank you so much for saying hello over here, a few questions:

              • What are the current limitations around being a customer?
              • Do you only offer this to EU / US residents currently?
              • If I am a resident of a country but use the service primarily or half the time somewhere else, are you still able to offer service?
              • International SMS and phone calls will have to have variables costs, is this where most of your margin will come from?
              • And the big big question, will this ever be possible on iPhone?
              1. 2

                What are the current limitations around being a customer? Do you only offer this to EU / US residents currently?

                There are EU “know your customer” laws that prevent us from being able to accept payment for the mobile eSIM plans in some European countries. Relay is purchasable worldwide.

                If I am a resident of a country but use the service primarily or half the time somewhere else, are you still able to offer service?

                You can roam for no additional cost across any compatible network.

                International SMS and phone calls will have to have variables costs, is this where most of your margin will come from?

                We only offer data. We’re recommending that users install and use more secure apps such as Signal and Matrix for voice and video. I can’t exactly speak to “margin”, but our prices reflect server bandwidth costs for Relay and then mobile bandwidth data for the mobile plans.

                And the big big question, will this ever be possible on iPhone?

                We’ve been considering approaches for mobile on iPhone, though they’ll necessarily take a lot longer if even just because of Apple’s review requirements. Relay on the other hand is much more doable.

                1. 1

                  Sorry, I was out and max got to it first – but yes, what he said :)

                  We think it’s possible on the iPhone either with Apple’s help or with a slightly different technical approach that requires more mobile operator cooperation. (So, a rock and a hard place, but not impossible.)