I haven’t owned a cellphone since around 2017. For years I used an iPod Touch to send emails or encrypted text messages. When Apple discontinued that iPod in 2022, I moved to a WiFi-only iPad Mini, which requires me to either carry a small bag or a jacket with pockets that can fit the not-so-mini communications device.
This was an extreme way to live in the previous decade, and arguably it’s even more extreme in 2024. But every time I inch closer to finally buying a phone, some cybersecurity incident happens that reminds me why I made this radical choice: telecoms and data brokers selling location data to bounty hunters or other third parties; hackers (repeatedly) stealing peoples’ sensitive personal information from T-Mobile; stalkers tricking Verizon into handing over a target’s address by haphazardly posing as a cop; and AT&T storing the call and text metadata of “nearly all” of its customers inside a Snowflake instance that young, reckless hackers gained access to.
Then there is the constant threat of SIM swapping, where hackers trick a telecom into transferring the victim’s cell service from their normal SIM card to one the attacker controls. Another lesser but still relevant concern is SS7, where private surveillance companies, governments, and even financially motivated hackers can tap into the telecommunications backbone to track a device’s location or intercept calls and texts (I’ve been called up by the owner of an SS7 surveillance company after I wrote about them).