frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Cell Service for the Fairly Paranoid

https://www.cape.co/
38•0xWTF•2h ago

Comments

jerlam•1h ago
Secondary numbers sounds neat:

https://www.cape.co/blog/product-feature-secondary-numbers

I've been using my Google Voice number for something similar. But Cape doesn't specify if/when these numbers are rotated in any way - you have three numbers to track now, and you can't retain these numbers if you switch services.

treetalker•1h ago
If anyone uses this and could tell us about your experience, please do!
mingus88•56m ago
I’m a skeptic. It’s only been a handful of years since Anom was backdoored by the Feds. The surveillance data provided by cell phones is simply too good to let someone work around it

https://www.vice.com/en/article/anom-backdoor-fbi-years-of-a...

cucumber3732842•42m ago
If you're not doing "fed" level shit and just don't wanna make your petty shit trivial for the locals to dredge up that's probably fine.

Like they're not gonna burn that kind of capability over tax evasion, state civil law violations, etc.

dguido•9m ago
I use Cape every day on my iPhone. The service is excellent, and the security features haven't ever interfered with my use of the phone. They have a convenient mobile app for setting up extra features like the IMSI rotation and getting support. As a tech savvy user, it matches what I want.

I'm a target for a variety of things, and knowing that no one can SIM swap me is worth the subscription alone. The SS7 protections, encrypted voicemail, secondary numbers, IMSI rotation, etc are all a bonus.

dlenski•1h ago
From their "Features" drop-down:

> Minimal Data Collection

> Identifier Rotation

> Secondary Numbers

> Disappearing Call Logs

> SIM Swap Protection

> Network Lock

> Encrypted Voicemail

> Private Payment

> Last-Mile Encrypted Texting

> Secure Global Roaming

"Identifier (IMSI) Rotation", "Secure Global Roaming" and "Network Lock" do look interesting *IF* they can actually address some of the baseband vulnerabilities that plague all modern devices. That's a Big If.

SIM Swap Protection you already get by using a VoIP number rather than a cell number.

And the other features are irrelevant if you're using over-the-top end-to-end encrypted messaging, like Signal, rather than Plain Old Telephone Service and SMS.

0xWTF•59m ago
They built their own mobile core, does that help with resolving your "Big If"? I'm not a cellular guy, I don't know which pieces of the stack cover which attack vectors: I'm genuinely asking.

Also, the 50 foreign countries seems interesting.

wil421•6m ago
Do they own the enodeBs or the RAN? How many hops does it take to get to their core? Not sure how MVNO works maybe they have encrypted VLANs to their systems. Not a RAN guy.
bryancoxwell•55m ago
Not sure what IMSI rotation has to do with baseband vulnerabilities?
gruez•8m ago
>do look interesting IF they can actually address some of the baseband vulnerabilities that plague all modern devices. That's a Big If.

Baseband vulnerabilities are overhyped, imo. On proper phones (eg. pixels), their access to memory is restricted by IOMMU, which protects the rest of the phone from being compromised if there's some sort of an exploit. Once that's factored in, most exploits you can think of are "on the other side of the airtight hatchway[1]". For instance if you can hack the baseband to steal traffic, you should probably be more worried about your carrier being hacked or getting a lawful intercept order. Or if you're worried about the phone triangulating itself, you should probably be more worried about your carrier getting hacked and/or selling your location data.

[1] https://devblogs.microsoft.com/oldnewthing/20060508-22/?p=31...

buttocks•51m ago
Will not pass muster with FCC. Know Your Customer regulations require the company to … know the customer. They will not last.
gruez•24m ago
>Know Your Customer regulations require the company to … know the customer

Which KYC regulations exist for carriers? AFAIK you can walk into any store and get a SIM card. The most they ask for is maybe E911 which they don't check.

whiterock•18m ago
not in Europe no more for a few years now.
gruez•2m ago
"Europe" isn't a monolith, and there are quite a few countries that don't require any KYC, UK and NL to name two.
throwaway57572•49m ago
You might check out who the CEO is here and how he runs the company and then consider whether you'd trust them. And look at the infra providers they use. Not what I would call the most upstanding bunch.
helterskelter•40m ago
...care to elaborate?
theearling•13m ago
Palentier and A16Z connections...
nxobject•11m ago
This probably doesn't cover what OP said, but after reading the CEO's intro post, I left a little more depressed. Make money off surveillance, and then make money off selling a privacy product.

> At Palantir, where I started in technical roles more than 10 years ago, I learned about a wide array of vulnerabilities in the cellular network that present a threat not only to mission-focused organizations in government, but also to everyday people. I came to see mobile phones — and the networks that power them — as perhaps the largest risks to our privacy and security.

> If you told Americans twenty years ago that corporations and governments would conspire to attach powerful tracking devices to nearly every adult worldwide, it would’ve sounded like science fiction. And yet, that’s not far from where we are today.

https://www.cape.co/blog/building-the-future-of-mobile-priva...

monster_truck•41m ago
Do not fall for a word of this. If you've spent any time dealing with actual SIP providers (ie not the shit you'd hook an app up to, the ones debt collectors use), you'll know exactly how much you can trust them. Same difference
dguido•14m ago
I have a conflict of interest here (I am an advisor to Cape, also a security expert, and my company has done security audits for Cape), you should absolutely look more deeply into what Cape has created. Their service is fundamentally different than other "security-focused cell providers" (mostly snake oil IMHO) because Cape wrote their own mobile core, nearly from scratch. They control the whole software stack and have done really innovative things with it.

Here are a few things you might want to look at more closely:

Encrypted voicemail uses public key crypto: https://www.cape.co/blog/product-feature-encrypted-voicemail

How they use full control of the mobile core to detect SS7 signaling attacks https://www.cape.co/blog/product-feature-network-lock

Swapping SIMs is done via digital signatures, not customer support https://www.cape.co/blog/cape-product-feature-secure-authent...

They're the only provider that can rotate your IMSI, and do it continuously for you https://www.cape.co/blog/product-feature-identifier-rotation

They're also one of very few organizations doing original research on cell network security:

Collaborating with the EFF to release software for detecting cell site simulators (e.g, imsi catchers et al) https://www.cape.co/blog/how-eff-and-cape-collaborated-to-im...

Identifying novel weaknesses for physically tracking people on cell networks https://dl.acm.org/doi/pdf/10.1145/3636534.3690709

anonymous541908•7m ago
Is it free and open source software?
roughly•5m ago
I’m curious if you’re able to comment on the IMEI question raised above - rotating the IMSI is good, but are the towers still collecting IMEIs?
helterskelter•39m ago
How does this compare to Phreeli [1]? Has anyone here used either of the services?

1: https://www.phreeli.com

konaraddi•37m ago
I hope this succeeds and isn’t backdoored
LorenDB•28m ago
> Enjoy unlimited high-speed data; after 50GB, speeds may slow to 256 kbps.

Last I checked 256 Kbps is not high speed. You can advertise this as unlimited data, or you can advertise it as 50 GB of high-speed data, but you can't call it unlimited high-speed data.

gruez•19m ago
>Identifier Rotation

>Protect yourself from persistent tracking by rotating your IMSI every 24 hours, so you appear as a new subscriber each day.

But nothing for IMEI, which is fixed for a given device. Unless you got a new phone to use with this service, it can instantly be linked back to whatever previous service you're using. If we assume that whatever carrier they partner with keeps both IMEI and IMSI logs (why wouldn't they?) it basically makes any privacy benefits questionable.

The other benefits also seem questionable. "Disappearing Call Logs" don't really help when the person you're calling has a carrier that keeps logs, and if both of you care about privacy, why not just use signal?

They're asking $99/month for this, which is a bit steep. If you only care about the rotating IMSI, don't care about PSTN access (ie. no calls/texting), you can replicate it with some sort of data esim for much cheaper. The various e-shops that sell esims don't do KYC either.

Steve was a leader, innovator, and friend

https://twitter.com/tim_cook/status/2026296056435138620
1•keepamovin•1m ago•0 comments

What keeps Japan's 1k-year-old companies alive?

https://www.japantimes.co.jp/business/2026/02/09/companies/japan-1000-year-old-business/
1•PaulHoule•3m ago•0 comments

Ask HN: Built an algorithmic forensic accounting tool

1•cd_mkdir•3m ago•0 comments

Stress testing Claude's language skills

https://vivsha.ws/blog/stress-testing-claudes-language-skills
1•nl•4m ago•0 comments

Ask HN: How do you find a cofounder for a game?

1•general_reveal•4m ago•0 comments

Democracy in 2025: on rising authoritarianism in the United States

https://www.hks.harvard.edu/faculty-research/policy-topics/democracy-governance/harvard-experts-d...
2•KnuthIsGod•10m ago•0 comments

The Price of American Authoritarianism What Can Reverse Democratic Decline?

https://www.foreignaffairs.com/united-states/american-authoritarianism-levitsky-way-ziblatt
1•KnuthIsGod•11m ago•0 comments

The Internet, nobody knows you're a dog (1993)

https://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you%27re_a_dog
1•vismit2000•12m ago•0 comments

Go-Size-Analyzer

https://www.datadoghq.com/blog/engineering/agent-go-binaries/
1•vismit2000•15m ago•0 comments

Show HN: AI Olympics – Claude vs. GPT-4 vs. Gemini in live browser competitions

https://ai-olympics.vercel.app
1•stefanogebara•15m ago•1 comments

The Tail That Wags the Company

https://k2xl.substack.com/p/the-tail-that-wags-the-company
1•k2xl•16m ago•0 comments

Secure, kernel-enforced sandbox CLI and SDKs for AI agents

https://github.com/always-further/nono
1•mooreds•17m ago•0 comments

Ask HN: Built a real functional game from scratch where do I find investors?

1•chiengineer•17m ago•0 comments

Offline Intelligence: Founding Software Engineer (Equity Only)

https://www.offlineintelligence.io
1•lillian_lakes•18m ago•1 comments

US Military leaders meet with Anthropic to argue against Claude safeguards

https://www.theguardian.com/us-news/2026/feb/24/anthropic-claude-military-ai
5•KnuthIsGod•19m ago•0 comments

AI's Uneven Impact

https://the-home-ceo.web.app/ai-blogs/ai-uneven-impact
1•astuteajax•20m ago•1 comments

The Edge of Mathematics

https://www.theatlantic.com/technology/2026/02/ai-math-terrance-tao/686107/
1•hackernj•20m ago•0 comments

One Million Checkboxes on SpacetimeDB

https://twitter.com/gill_kyle/status/2026450707990327415
1•kylegill•21m ago•0 comments

The Software Upgrade in Chinese Civic Behaviour

https://thewire.in/culture/the-software-upgrade-in-chinese-civic-behaviour
2•herbertl•21m ago•0 comments

Pentagon Gives Anthropic an Ultimatum

https://www.nytimes.com/2026/02/24/us/politics/pentagon-anthropic.html
3•egonschiele•21m ago•1 comments

The Physical Intelligence Layer

https://www.pi.website/blog/partner?v=1
4•lachyg•22m ago•0 comments

Native KV Cache Offloading to Any Filesystem with LLM-D

https://llm-d.ai/blog/native-kv-cache-offloading-to-any-file-system-with-llm-d
1•mji•22m ago•0 comments

Car Shopping Is Cooked

https://www.vehique.ai/
3•geboss•25m ago•3 comments

Mercury 2: Best-in-class speed-optimized intelligence at 1,200 tok/SEC

https://twitter.com/ArtificialAnlys/status/2026360491799621744
1•volodia•25m ago•0 comments

I Built an "AI for Shell Commands" CLI (So I Could Stop Asking ChatGPT)

https://agingcoder.com/posts/i-built-a-thing/
1•inssein•25m ago•0 comments

A Meta AI security researcher said an OpenClaw agent ran amok on her inbox

https://techcrunch.com/2026/02/23/a-meta-ai-security-researcher-said-an-openclaw-agent-ran-amok-o...
1•cratermoon•25m ago•0 comments

Argus: Automated Discovery of Test Oracles for DBMSs Using LLMs

https://joyemang33.github.io/blog/2026/argus/
1•matt_d•25m ago•0 comments

App Fair Project: free and open-source app store for iPhone and Android

https://appfair.org/
2•LorenDB•26m ago•0 comments

Habits to make sure you don't go insane

2•nyxtom•28m ago•0 comments

Agents.md file isn't the problem. Your lack of Evals is

https://tessl.io/blog/your-agentsmd-file-isnt-the-problem-your-lack-of-evals-is/
3•sjmaplesec•30m ago•0 comments