By now you’ve probably discerned that I’m always seeking ways to be more private, more secure, and untracked. 

Since your phone is your most prolific tracker it makes sense to try and make that as secure and private as possible. 

There are some variations and options on how you can do this and I will mention many of them, but IMO GrapheneOS on a Pixel phone is my favorite way to accomplish this. 

That said, let’s get to it. 

What you'll need

  • Pixel 6 or above (for GrapheneOS)
  • Other privacy OS’s work on different devices and we’ll talk about that below. 

Why would you even want a sim-less phone?

That tiny SIM card (or e-SIM) in your phone, while essential for connectivity, is also a key reason why your every move, call, and online habits can be tracked, logged, sold and otherwise accessed without your knowledge. If you’re concerned about your digital freedom and privacy, a Wi-Fi-only phone offers a great alternative to being constantly surveilled by carrier towers, tech companies, and even our own government.

How your phone is constantly tracked

  • Always on Surveillance: The Communications Assistance for law Enforcement Act (CALEA) is a statute enacted by Congress in 1994 to require that telecommunications carriers and manufacturers of telecommunications equipment design their equipment, facilities, and services to ensure that they have the necessary surveillance capabilities to comply with legal requests for information. However, these days that information is turned over or sold by 3rd parties. No warrant needed. 
  • Your SIM is an Identity Card: Your phone number is often tied to Know Your Customer” (KYC) regulations, forcing carriers to link it to your identity. SIM cards are also in constant communication with cell towers, recording your phone’s connection time and signal strength. This data is linked to your International Mobile Subscriber Identity (IMSI)  which is your digital fingerprint, and  creates a personalized map of your movements which (along with Wi-Fi triangulation) can pinpoint your location within 6 feet. This location tracking is impossible to opt out of and works even with GPS and location services disabled.
  • VPN Bypass: When your phone’s operating system controls your apps, internet gateway, and VPN, it can intentionally bypass your VPN for certain system services, exposing your traffic directly to the internet without warning. This has been observed on both iPhones (for apps like Stocks, Health, Wallet, Messages) and Android (for Google services).

So, how do you set this up?

Setting Up a Phone Without a SIM Card (GrapheneOS).

Installing a privacy-focused operating system like GrapheneOS on a Pixel phone is recommended to enhance privacy and security.

Hardware Requirements

  • Pixel Phones Only: GrapheneOS can only be installed on Pixel phones and tablets because they meet GrapheneOS’s security prerequisites, such as verified boot, and allow the bootloader to be relocked after flashing an alternative OS.
  • Choose a Supported Model: Check https://grapheneos.org/faq#supported-devices for currently supported models and end of life to ensure the device will receive security updates for a while.

Be privacy concious when you buy your phone

  • The most private way to purchase is in a physical store using cash. Pawnshops are a great place to look as well as online/local marketplaces like Facebook marketplace where transitions are usually cash only and available for local pickup.
  • Avoid “variant devices” which are often tied to carrier contracts, cheaper, carrier-locked, and usually “bootloader locked,” meaning the OEM unlock option is permanently disabled. This will prevent you from installing a custom OS like GrapheneOS.
  •  Do not buy in conjunction with a carrier plan.

Graphene OS Installation

GrapheneOS Installation Process: The entire installation process typically takes 20 minutes or less. I’ve done it a couple of times and it went smoothly every time.

I see no reason to re-invent the wheel here. David Bombal has a great 8 minute tutorial:

GrapheneOS Alternatives

LineageOS
Although I recommend GrapheneOS if you want the best privacy experience, you could also use LineageOS.  Lineage is also a privacy focused Android based OS that is compatible with a wider rage of devices. 

I’ve used LineageOS in the past and actually still have a phone running it. While I do like it, for my everyday phone I’m using GrapheneOS.

Ubuntu Touch
Ubuntu Touch is a mobile operating system based on Linux, designed for phones and tablets. It’s known for its open-source nature, privacy features, and convergence capabilities, allowing it to be used as a desktop PC when connected to a monitor.

I’ve used Ubuntu Touch and it is a fine mobile OS, but I couldn’t get used to the Linux UI, and app availability was limited, but then again you don’t build a privacy phone to keep using the same old aps that were tracking you before. 

IodeOS
iodéOS is a privacy-focused, custom Android operating system developed by the French company iodé. It’s built on LineageOS, an open-source Android distribution, and aims to provide a more secure and private mobile experience by minimizing or eliminating Google’s tracking and proprietary software

PureOS (Purism)
PureOS is a Linux-based, mobile operating system developed by Purism for their Librem 5 phone, and it is also available for desktops and servers. It’s designed to be a privacy-focused and secure operating system, built entirely from free and open-source software

Sailfish OS
Sailfish OS is a Linux-based European alternative to dominating mobile operating systems, and the only mobile OS offering an exclusive licensing model for local implementations.

I really liked Sailfish even though at the time I used it there was no apps on the store worthwhile. 

Sailfish only works on Sony Xperia devices, and is only available in European Union, UK, Norway and Switzerland. So use a VPN. 

Secure Messaging


Signal (recommended)
Signal is a free and open-source messaging app focused on privacy and security. It utilizes end-to-end encryption to protect messages and calls, ensuring that only the sender and recipient can access their content.

Matrix
Matrix is an open standard and protocol for decentralized, real-time communication over IP, primarily focused on instant messaging and VoIP/WebRTC signaling
Briar
Briar is an open-source software communication technology, intended to provide secure and resilient peer-to-peer communications with no centralized servers and minimal reliance on external infrastructure

Element
Element is a free and open-source software instant messaging client implementing the Matrix protocol. Element supports end-to-end encryption, private and public groups, sharing of files between users, voice and video calls, and other collaborative features with help of bots and widgets

Threema
Threema is a paid cross-platform encrypted instant messaging app developed by Threema GmbH in Switzerland and launched in 2012. Users can make voice and video calls, send photos, files, and voice notes, share locations, and join groups. The service offers end-to-end encryption.

App Stores:

GrapheneOS comes with an in-built App Store. You can also install:
Accrescent: For Graphene-approved privacy alternatives.
F-Droid: For many free and open-source alternatives, installed via the Vanadium browser.
Aurora Store: A private front-end for Google Play that doesn’t require a Google account. Install via F-Droid.
Direct APKs: For apps not found elsewhere, but updates must be managed manually.

Yes, you can still install the Google Play Store. Graphene uses a sandbox method to isolate Google apps. However it is still not recommended that you go back to use the same social media and tracking apps as before.

Siloing Profiles (GrapheneOS)

  • GrapheneOS allows you to create multiple user profiles (up to 32). Each profile has a separate PIN and encryption key, and apps in different profiles cannot easily see or communicate with each other.
  • Owner Profile: Keep this for bare minimum apps like your browser, VPN, and App Stores.
  • Secondary Profiles: Use these to silo sensitive activities (e.g., 2FA apps), or apps that require Google Play Services. You can configure them to automatically reboot after exiting to clear sensitive data from RAM.
  • Sandboxed Google Play Services: Install this in a separate profile from the in-built Graphene store. It behaves like any other sandboxed app without privileged system access.

Purchasing a hotspot

Obviously you can purchase a hotspot from anywhere, but you almost always going to need to give up identifying info (and probably a credit card) to purchase and pay for service. 

If you’re in the U.S. I’m recommending that you get one from The Calyx Institute. 

Calyx Institute Hotspots (USA-specific):

  • Anonymous Purchase: Calyx Institute memberships (which include hotspots) do not require personally identifiable information. You can pay with cash at events or with cryptocurrencies (including privacy coins like Monero and Zcash) on their website.
  • Unlimited Data: Calyx offers unlimited data on their hotspots, which is a significant advantage over most phone company hotspots that have data limits. This is due to their license on a piece of the radio spectrum under the FCC’s Educational Broadband Spectrum program.
  • Support Privacy-Focused Organization: Purchasing from Calyx supports a non-profit dedicated to privacy solutions and free public services like VPNs, Tor exit nodes, and private messaging relays.

So how do I get a phone number?

MySudo (recommended) is an all-in-one privacy app that allows you to create multiple “Sudos” (profiles) with unique phone numbers, email addresses, virtual payment cards, and private browsing. This helps compartmentalize your online activities (e.g., for travel, social media, shopping, subscriptions, freelancing)

I’ve used MySudo for years for everything from job hunting, to selling on marketplaces or just to have a secondary phone number. I’m very happy with the service and the value. 

A “done-for-you” Alternative

Brax Virtual Phone Service offers phone numbers in USA/Canada with no KYC (know your customer) requirements for customers.
Extension-to-extension calls within the Brax Virtual Phone service have no record on the phone network, no billing info, and no records on the trunk provider, ensuring highly private communication.Calls and texts can be forwarded to email, or managed directly from a web browser via the Brax.me app.

You can purchase a Brax3 phone that comes already set up.

Using public Wi-Fi

You don’t have to purchase a hotspot  at all and instead rely on available public Wi-Fi.  It’s not as convenient, but it is cheaper if you’re OK with the trade offs. Using public Wi-Fi does offer some additional privacy benefits:

  • You can keep your phone in airplane mode at all times, stopping it from constantly communicating with cell towers and recording your location.
  • Connect via VPN: Always connect to public Wi-Fi over a VPN to enhance privacy for your location.
  • Anonymity: Public Wi-Fi networks often do not require an account linked to your personal identity.
  • MAC Address Randomization: Modern smartphones often randomize their MAC addresses to prevent tracking across different Wi-Fi connections. Ensure this setting is enabled (GrapheneOS offers “Full MAC address randomization”).
  • Hide Your IP Address: When using the internet, prevent websites and apps from seeing your IP address by using services like Tor or a VPN (e.g., Mullvad, ProtonVPN).

The downsides of ONLY using Public Wi-Fi

  • Emergencies: You might be in an emergency and unable to find an internet connection.
  • Security Risks: Public Wi-Fi networks can be less secure, with risks of malware or man-in-the-middle attacks.
  • Always use a VPN to beef up security and privacy.
    ◦ Ensure your phone’s VPN settings are configured to route your full device traffic through the VPN.
  • Inconsistent connectivity: Some people prefer not to have constant connectivity on the go and will only connect to public Wi-Fi briefly when needed. This allows you to only turn on connectivity when desired, similar to turning a light switch on and off.

The Hated One says he doesn’t use a sim at all and ONLY uses public Wi-Fi. You can check out that video here:

So what have you accomplished?

By removing the SIM card from your phone and relying on Wi-Fi, you gain significant privacy advantages:

  • Enhanced Location Privacy: Your phone stops constantly communicating with cell towers, drastically reducing location tracking via triangulation. When you do connect via Wi-Fi, modern smartphones can randomize MAC addresses, making it harder to track you across different networks.
  • Mitigation of Hidden Communications: By using a separate mobile hotspot for internet, it’s the hotspot’s baseband processor that communicates with the cellular network, not your phone’s. Since the hotspot is typically only used for internet, it has less personal activity to report, potentially reducing the impact of any hidden messages.
  • VPN Control: By siloing your SIM in a separate hotspot device and running your VPN on that device, your phone’s OS no longer controls the internet gateway. This prevents the phone’s OS from bypassing your VPN and exposing activities directly to the internet.
  • Anonymity: Public Wi-Fi networks often don’t require an account linked to your personal identity. Services like the Calyx Institute offer hotspots and service that can be purchased completely anonymously using cash or cryptocurrency, avoiding KYC requirements. Similarly, services like the Brax Virtual Phone (a cloud-based VoIP service) have no KYC requirement for customers, making your phone number unsearchable on the cellular network and untied to your identity.
  • Reduced Data Profiling: When using a hotspot, your cellular provider primarily receives data volume and traffic patterns, rather than the specific usage patterns, call logs, and message logs that reveal personal habits when a SIM is in your phone.
  • Greater Control: You can keep your phone in airplane mode at all times, connecting to Wi-Fi only when you need connectivity. This dramatically reduces constant transmissions. For extreme caution, a Faraday bag can block all signals when the phone is not in use or even when off (especially for iPhones).

Is that it?

Not by a long shot. You really should get to know GrapheneOS all of it’s privacy features. I’ve been using a GrapheneOS phone for the better part of 2-years and I’m still finding stuff out. 

There’s a cornucopia of GrapheneOS videos on YouTube.  Privacy Pro Shop has a nice video about their favorite features. 

Navigating the dark web

Subscribe to my updates

Follow along with what I’m up to next and get my TOR Privacy Guides: 

  1. Navigating the Dark Web Safely
  2. How to use Tails Linux 
  3. Dark Web Websites & Search Engines

GrapheneOSMySudoPixel