Thanks for trying us out and for the feedback. We are have had some bugs with voicemail that we should have resolved now. And improving the network is our #1 priority this year. Hopefully you'll give us another shot down the road!
We don’t operate our own towers and as you point out we can’t control what someone there does. Our privacy and security model is to treat the towers as untrustworthy. This is why we do things like rotate your IMSI daily or split your traffic across multiple underlying network partners. We want to make any data that is collected noisy and less valuable to data brokers.
It depends what your threat model is. Most telco data collection and resale is based on IMSI’s attached to KYC’d customers. If they can’t get personal information and the IMSI looks like it’s a day old, that data is inherently less valuable to data brokers. The large telcos have plenty of clean data with stable IMSI’s tied to KYC’d customers that is worth more.
We receive in cleartext and encrypt with a key controlled by the customer. Most carriers store voicemail and SMS in cleartext on their servers. The goal is reduce exposure while preserving interoperability. This post on encrypted voicemail gets into more technical details about how it works: https://www.cape.co/blog/product-feature-encrypted-voicemail...
This is valid feedback and it’s on us to earn trust over time through our actions. I will say that Cape is a company of almost 100 people from many different backgrounds. Prior to Cape I spent almost a decade at DuckDuckGo. We’re a group of people that is frustrated with the status quo in the telco industry and want to do better.
One of the efforts we’re working on now is an audit of our data retention claims. We recently posted an RFC on Reddit if anyone from this community has input: https://www.reddit.com/r/CapeCellular/s/zTn7HQ0emo
We plan to continue to do more things like this that increase transparency and build trust over time.
This is good feedback. We don’t want caps and throttling to be a blocker for signing up and using us. Since we’re at a premium price point we should economically be able to be a lot more generous than existing carriers.
Yeah. As a olde ex-carrier type person, I want burst mode unlimited, I expressly do not want continuous saturated unlimited, if that makes any sense. So if you tune the service to warn me “you’ve used 10% of your cap in five minutes so we’ve slowed your service down temporarily, respond with YES if this is intentional and we should speed it back up, otherwise it’ll reset in the morning”, that would be an example of best in category service that’s on my side rather than the carrier’s overage fees profit line item.
I don’t mind that you have caps, I consider caps to be a marketable form of 90th percentile billing to consumers, so please don’t take this as “remove all caps” — but definitely find an in-between that’s more nuanced than “you reach arbitrary threshold 50G at 1gbps 5G and so it only took 8 minutes and 40% battery, too bad so sad now your entire month of data is at DSL speeds”. (This sarcastic tone is not a critique of you! but of the general carrier practices that leave me worried about you.)
In a dream world my usage percentile for the past 30 days would be inversely proportional to my bandwidth speed so that momentary usage to download a software update had no meaningful impact, but running nonstop continuous data for four hours straight caused a measurable drop in bandwidth (which protects my battery and the network health). It’s not fiber-optic or fixed-installation wireless and I do respect the shared base antenna capacity problems!
I don’t think keeping the status quo of throttling caps will stop anyone from signing up. As long as it’s not any worse, I don’t think it would deter me due to the other features you offer. The main reason why I don’t change is my spouse and kids don’t care about privacy and I can get them service for cheaper!
I don’t really think about caps all that much except in theory. I would love speed tests to be excepted from caps, but I get why that isn’t always workable.
I would like to try Cape. How do guys deal with IMEI tracking from folks like Google when i search or use their email? Or that one is beyond your control?
I thought access to IMEI and IMSI was pretty heavily restricted starting with Android 10. Graphene [1] makes a few extra restrictions beyond AOSP [2], but it's been around for a while now.
To get access to IMEI and IMSI, you need to either be a carrier app, allowlisted, or grant the `READ_PRIVILEGED_PHONE_STATE` permission.
Unless Chrome is running at a system level in AOSP or some OEM specific firmware, I wouldn't expect it to have `READ_PRIVILEGED_PHONE_STATE`
Appreciate the feedback, we’ll likely experiment with different plans down the road, but for now we’re focused on rolling out as much additional privacy/security value as we can to justify the premium price point.
I on the other hand am fine with the premium price... but it looks like I'd need to install a proprietary app to use the service. That's a 'hell naw' from me.
Hi -- Head of Product at Cape. This is a good question. I will say up front there is no silver bullet for privacy on cellular networks given the way they were designed to interoperate. Our strategy is to offer many different protections that collectively make it harder for your activity to be tracked.
The details of what our carrier partners can see is in the table at the bottom of our privacy summary: https://www.cape.co/privacy-summary. We add noise to their data by doing things like rotating your IMSI daily and spreading traffic among multiple carrier partners. If the data is messy enough and not associated with your personal information, there should be less monetary incentive for the carrier to try to piece it together when they have an abundance of clean data with stable identifiers and verified personal information.
Additionally, with disappearing call logs, it's about reducing surface area. Fewer logs in less places.
It’s interesting that Apple is going down a similar path with hardware filtering location retrieval commands and neighborhood-level blurring on their C1 modems. Really awesome work from that team by making sure they’ve considered privacy as a first party feature for that chip.
How do you guys view the relative value of privacy/security at the network provider layer of the cell stack for the average user/citzen?
Even if Cape doesn’t retain metadata yourselves (eg LTE positioning info), is that data not still retained and repackaged by the tower owners themselves? Eg babel street, venntel, etc. A rotating IMEI every 24 hours might make it marginally more difficult for logical tracking, but there’s still only physically one location the phone can be in without fuzzing at the hardware level.
I should also say - I’ve been following y’all’s work for a while (and considered some of those early forward deployed engineer positions), but I’m struggling to see how this all works as a consumer product. Would be awesome to see an eventual partnership with Apple/Qualcomm to bring this to the hardware level since privacy is a tough nut to crack even at full MVNO.
Appreciate the shoutout. We love what Apple is doing in this area. There is a lot of room for them to help improve things at the modem/hardware/OS layer.
On the tower question, you’re right, we can’t control what data is collected by the tower owners. Like I said above our strategy is to add noise through a variety of methods that makes it harder (not impossible) for anyone collecting data to track you. We also give you multiple phone numbers. I think this stuff adds up and is a meaningful improvement over the status quo for most average user/citizens.
I like to use the organic food analogy. If given the choice, why not choose the carrier that is actually making an effort not to track you vs everyone else who clearly doesn’t care?
> It’s interesting that Apple is going down a similar path with hardware filtering location retrieval commands and neighborhood-level blurring on their C1 modems.
Are there any technical writeups on this yet? I agree, it’s really cool and would love to read about how they’re doing it
A sort of related question, is the user able to actually power-off the baseband carrier chip and still keep the phone powered on? I seem to recall there being some 911 regulations around that topic. But it might be a way to enable the user to at least disable that tracking vector, while still using the phone offline or via wifi?
Additionally to what others have said LineageOS (Android open source OS) allows you to selectively turn on/off carrier modem and radio in quick settings just like you do for wifi, bluetooth, gps etc. You can use airplane mode which will by default turn off the carrier radio and wifi, of your can manually do this selectively.
This feature is called Flight Mode or Airplane Mode on most phones. You'll know if your phone implemented it this way because your battery life will go wayyyy up while in the mode.
