There are many ways to describe Voice-over-IP, or VoIP. I've seen it called an anonymous, internet, alias, or throwaway phone number (and more). Regardless of the name, I personally consider VoIP to be a healthy part of a good privacy and security strategy. The advantages are endless. For one, VoIP is harder to SIM Swap compared to a normal SIM phone number. VoIP can also help provide you privacy since most SIM numbers can easily be Googled or looked up on any number of the hundreds of people search sites and return information about the carrier and who the number is registered to. On the day-to-day, VoIP – combined with other strategies I recommend on The New Oil – can help reduce spam calls/texts, prevent would-be stalkers, create healthy work/life balances, control what information people (like prospective employers) can find about you, and help compartmentalize or reduce tracking by big corporations. Sadly, VoIP is a tool that's not widely available in many countries, but for those with access to it, VoIP can provide numerous benefits and should at very least be considered. So this week let's explore some of the best VoIP options currently available for consumers.
Before we begin, there's a huge misconception I see often that I need to address: VoIP is not a replacement for secure messaging. A lot of people criticize the services I recommend here for not being open source, end-to-end encrypted, and other such criteria I would normally encourage readers to consider when recommending communication methods. These are extremely important points to keep in mind, however there is still a use-case for services like VoIP. My bank will not use Signal. Or all my coworkers. Or even some of my friends and family, for that matter – the same kind of people who may download an app like TrueCaller which will then collect my phone number or who will put my phone number into a third-party employment management software, where I lose all control over what happens to my information and it may get breached or sold. I always recommend getting the people around you to use more secure messaging options wherever possible, however this isn't always possible and in those situations, I think VoIP can be a reasonable compromise.
These services are listed in alphabetical order and not order of recommendation.
Hushed's biggest selling point, in my opinion, is that they offer an unlimited amount of numbers. Of course, you have to pay for them, but as long as the check clears (figuratively speaking), they're willing to give you a number. This means that whatever your needs, Hushed is willing to accommodate. Furthermore, Hushed doesn't require a SIM number: you can download the app, buy a number, and get started using it as-is. They also offer international calling plans. Unfortunately, like most VoIP options, Hushed only provides phone numbers for the US and Canada and has no desktop app. But for most people in those countries, Hushed is a fantastic option worth investigating.
Okay, hear me out: Google is one of the most privacy-invasive companies in the world. But, as I already said: 1) VoIP is not a replacement for encrypted messaging, and 2) VoIP is about preventing public-facing attacks like SIM-swapping or stalking. In that context, Google Voice is hard to beat. You can lock your Google account with a security token for maximum security, the free plan is pretty generous, and there's even a web portal so you can check and respond to calls and messages without a phone, or you can forward calls and messages to your SIM number if you'd prefer not to have the app on your phone. Unfortunately, Google Voice also comes with some significant drawbacks. Mainly: they only provide numbers for the US and Canda, and they require a Google account and thus, by extension, a SIM number even if you do use the app.
MySudo is a popular choice in the privacy community, largely propped up by an endorsement from privacy rockstar Michael Bazzell. That's not to say they haven't earned it. MySudo offers a whopping 9 numbers – complete with email, voice calls, messaging, and even masked credit cards (iOS only), all without requiring your phone number. The iOS version even allows you to sync with a browser so you can put your phone away and still continue to send and receive messages, as well as offering masked credit cards similar to Privacy.com or other services. MySudo claims to offer zero-knowledge encryption at rest, and end-to-end encryption with other MySudo users. That said, MySudo – like every other entry on this list – is not perfect. They only offer phone numbers in the US, Canada, and the UK, and I personally have taken great issue with their marketing materials as being misleading and disingenuous. That said, most users need not pay any attention MySudo's blog or marketing to take advantage of the service, which has – in my years of use – been reliable and consistent.
Another “hear me out” moment. Skype is owned by Microsoft, another privacy-hostile company. Still, Skype offers a level of flexibility most other services on this list don't. For example. Skype is available in over 25 countries, a far cry from most other services' 1-3. They also offer 10 phone numbers, work independently of your SIM card, and offer a desktop app to manage your calls and messages. That said, Skype requires a Microsoft account and – more importantly – charges per-minute. This could be a great option for those who don't plan to use VoIP much and require international coverage, but may not be right for everyone.
Tossable Dgiits may be one of the more impressive services I've seen in the VoIP space. Tossable Digits offers unlimited numbers and international calling in a whopping 70 countries – by far the most on this list. This is a great option for people who may live in countries outside the usual US/Canada/UK, but again there are drawbacks. Tossable Digits bills by the minute, which again is rough for those who do a lot of calling, and SMS is only supported in the US and Canada, so for those who rely on texting a lot, this is rather limited. Tossable Digits also doesn't offer a free tier or desktop app.
Viber is another rather niche service, but in my research I found them to have some unique advantages that make them worthy of inclusion. For example, they claim to allow you to call anyone in the world with phone numbers available from 59 countries and don't require a SIM number to use the app. They also claim to be zero-knowledge (presumably at-rest or with other Viber users) and offer disappearing messages – which is always a plus in my book for security and minimalism reasons. Unfortunately, even on top of the Viber Out subscription, you will still have to pay per-minute and you only have access to that one phone number. Again though, for users outside the US and Canada, Viber offers a solution worth looking into.
Of course I would be remiss if I didn't include JMP Chat as – at least – an honorable mention. JMP Chat is probably the most privacy-friendly VoIP provider I've found so far, but they're not right for everyone. This is primarily because JMP Chat uses XMPP as a backbone, meaning it's up to you to find a server that you trust that also supports SIP and find a working client. Fortunately, JMP Chat can help with this last one (at least on Android) by offering the Cheogram app to users. It can also be a process to translate a phone number into an ID that JMP Chat can recognize and send messages to or call. At this time, JMP Chat also only offers US and Canadian phone numbers, though those numbers should be capable of international calling/messaging and JMP Chat is supporting other projects interested in adding more international capabilities. JMP Chat is not for the faint of heart, but for those able and willing to put in the work, the organization puts a heavy emphasis on data sovereignty, interoperability, open source, and other values that align heavily with the privacy community.
Last but not least, recently I was approached by VoIP.ms about working together to promote their product. This intrigued me because this was another service that Michael Bazzell had recommended. After some back and forth with their CEO – and looking through the documentation – I was really impressed by their rates and offerings. VoIP.ms offers phone numbers from over 60 countries around the world with low rates, but the main reason I don't list them on the website is the lack of a first-party mobile app. You will have to go find another app and link it with your VoIP.ms account to start using your phone number. However, VoIP.ms offers a wide range of support for common apps including videos and documentation on how to get started using those apps. So, much like JMP Chat, VoIP.ms may not be right for everyone, but for those who are technical enough and not afraid to get their hands dirty, the service offers cheap, flexible numbers from a wide range of countries that can be managed from a variety of apps and operating systems.
Considering how much of a proponent of VoIP I am, I think it's great that we have so many options for VoIP. I'm disappointed though, that we have so few that are privacy respecting or source-available. I get why – providing a VoIP service is a massive undertaking that requires deep technical skill and massive infrastructure. It's typically not something that a new dev can code in their room on a spare weekend. I hope to see this landscape shift in the future where more privacy-respecting options become available in more countries. For now, remember to rely on encrypted messaging wherever possible and use VoIP as a backup solution to protect your privacy accordingly. If you've never considered VoIP before, consider this your invitation to give it some thought and explore some of the options.
You can find more recommended services and programs at TheNewOil.org, and you can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...
As some of you may have noticed, TNO hasn't really been updated in a hot minute. I was working on a major overhaul, one that deserves a blog post. Let's talk about it.
The single biggest new change is that we've added a page about how to audit your devices and reasonably ensure they're safe from compromise such as spyware. This is an extremely difficult subject to tackle. Often, in the privacy community, we adopt a mentality of “if your device is compromised, just give up.” There are times when this mentality is fair: for example, a few years back, there was a lot of FUD (fear, uncertainty, doubt, aka “conspiracy theories”) going around that Signal was compromised because the FBI was able to read a congressional aide's Signal messages as part of their investigation. However, as numerous experts have pointed out, the much more likely story is that they simply confiscated his phone as part of a search warrant. Aside from enabling disappearing messages, there's not much you can do to defend against this kind of compromise – and I think that's a valid thing to point out. Nothing can ever be 100% hackproof, and it's important to know where the reasonable limitations of a service exist. If you choose not to enable ephemeral messaging, it's not really Signal's fault if your messages get scooped up by someone with physical access to your phone. There's only so much they can do.
However, the flip side of this mentality is that we have left a significant number of people hanging – specifically people in the most vulnerable of demographics. There are a lot of people out there who don't know about this stuff, and furthermore don't know what to do about it. People who are exposed to consumer-grade spyware or attackers who might sync their own devices to a person's account to get a copy of every message may not know what signs of compromise to look for or what to do when they find it. This seems like an egregious oversight to me. As such, I have added a new page toward the beginning of the website about how to audit your devices and accounts to check for potential signs of compromise.
Needless to say, as the veterans reading this are no doubt aware, this a monumental undertaking. On the one hand, it's critical I don't lull users into a false sense of security. As Privacy Guides rightly points out (multiple times), you cannot prove a negative. Nobody can ever 100% prove that a device isn't compromised. (Some people have made whole, profitable careers out of stoking this sort of fear.) On the other hand, the vast majority of common malware that readers are likely to encounter can be easily removed by rebooting, uninstalling a malicious app, or simply factory resetting their phones or buying a second device. It's hard to find that balance between helping those users without overpromising the world for those who really are in unique, high-risk situations.
It is with that in mind that I want to put out an especially larger-than-usual call for help from the community. I know that this is a gray area, and I know there's lots of nuance and caveats. It's hard to condense something this advanced into a single, easily-digestible page. However, the stakes are simply too high to be wrong while also being too high to just wash my hands and steer clear. I would really appreciate the community's help in vetting this page and ensuring that it's accurate and complete. Any missing tools, settings, or incorrect settings or information should please be reported so that we can keep this resource helpful and accurate for those who need it most. You can check out the new page here.
Another major change is that I have reorganized the site. Previously, I had various concepts like “encryption” or “the Five Eyes” sprinkled throughout the site. This was designed to make the concepts more manageable. I've said from the beginning that TNO should be considered more of an e-book than a website, and nobody wants to read a book that infodumps at the beginning and has 25% prologue before getting to the good stuff. Unfortunately, doing it that way makes a lot more sense for a reference, which is what TNO is. It makes more sense to simply condense all the concepts and fundamentals into the beginning, then let readers explore the various tools and techniques later on. And given that TNO is designed to let you jump around as you wish, this seems like a small price to pay. Readers who want can simply move on to the pages they find interesting and circle back later on if they find they don't understand a concept.
From a community perspective, this also means some of my links may now be broken as they link to where pages used to be instead of where they are. I've done my best to fix this, but please feel free to report any such links you find.
That said, there were a significant number of new content changes:
You can find more recommended services and programs at TheNewOil.org, and you can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...
In recent weeks, I’ve noticed a rise in censorship regarding SMS communication that’s not being discussed. At all. I’m concerned that it may become a slippery slope that eventually effects us all. I don’t have any dramatic, prose-ridden introduction this week. Just some news, facts, and observations I wanted to share. So this week, follow me down the rabbit hole as I explore an existing but rising threat to our free speech and what we can do about it.
For context, I am a MySudo user. I have expressed criticisms in the past with their podcast, and their marketing continues to grate on my nerves. I have said many times I want to explore some additional VoIP options, but I haven’t made the time. For now, it works – about as well as any other VoIP app, which is “not well but good enough most of the time, I guess” – so it just hasn’t been a priority.
Those who follow me on my personal Mastodon or the podcast on Patreon have probably noticed I like to curse. A lot. No real reason for it, to be honest. I don’t think it makes me sound tough or cool – in fact, I recognize it probably turns some people off – but as former military, it just feels natural and comfortable to drop some curse words to highlight my point. I like hyperbolic humor. So it probably won’t come as a surprise when I say “I send curse words via message a lot.”
The censorship issue first rose to my attention a few months ago. I was catching up with an old friend over text, and toward the end of our conversation, I tried to say something along the lines of “f*** [a particular political issue].” The message failed to send. Now, as I said earlier, I’m kind of used to MySudo not being perfect. I’m not sure this is their fault – I’ve tried a number of VoIP apps and none of them are really great. I’m not the first person to express this criticism. Somewhere in the back of my brain, however, I must’ve realized that the message itself was being censored, because my eventual solution was to screenshot it, crop it, and send it again. Success!
The second issue happened a few weeks after that. I was on my way to work in the morning when I noticed my coworker had sent me a text message that I hadn’t noticed – cause, ya know, I was driving and not watching my phone. I work a relatively blue-collar day job, it wasn’t through official work channels (like Teams), and my coworkers know me pretty well by now, so I replied with something like “Oh s***, sorry man, I just saw this.” Once again, failed to send. The light turned green (I only text at red lights), so I decided to call instead and deliver the message.
That night, the string that connected the dots came in the form of JMP.Chat’s blog. I try to follow the official blogs of all the various services I recommend so I can keep up with any major news or developments to share with my audience. In a blog post titled “SMS Routes, RCS, and more!,” there was this section near the top that caught my eye titled “SMS Censorship, New Routes”:
We have written before about the increasing levels of censorship across the SMS network. When we published that article, we had no idea just how bad things were about to get. Our main SMS route decided at the beginning of April to begin censoring all messages both ways containing many common profanities. There was quite some back and forth about this, but in the end this carrier has declared that the SMS network is not meant for person-to-person communication and they don’t believe in allowing any profanity to cross their network. (Emphasis mine.)
I started reading that section not because I thought it applied to me, but because I’m always interested in censorship and wanted to know what was being censored and what the issue was. But then that one line caught my eye. Instantly my brain thought about that morning. Then a few weeks prior. I slid over to my phone and texted my coworker: “Hey, I’m testing something. Ignore the next message.” We’ve worked together for years and he’s known about my connection to The New Oil, so he’s kind of used to this stuff. He simply replied “Okay lol” and I copy and pasted the message from that morning that had failed to send, making only one change: “Oh, sorry man, I just saw this.” I erased the curse word. And instantly it was delivered. Just for good measure, I tried the original with the curse word again. Failed. I suddenly remembered a third, similar incident with a different coworker that had happened in between the two incidents. I don’t remember using a curse word in that text, but as I said at the top, cursing is just part of my vernacular. It’s highly likely I did. The next morning I explained to my coworker why I had texted him and what I had discovered.
For the next few days, this continued to stick in my head. Did MySudo know about this problem? They had never mentioned it. Although, given their highly misleading, trash marketing, it was pretty likely they weren’t exactly rushing to be transparent about the problem even if it was beyond their control. I finally decided to email them to ask more about it. I sent a support ticket asking “I think your carrier is censoring messages that contain profanity. Do you know if this is the case?” A few days later, MySudo replied, confirming that was the case, citing stricter enforcement of “SHAFT” rules by MySudo’s third-party telephony provider. They suggested switching to Sudo-to-Sudo messaging. I sent them a follow-up asking what “SHAFT” is so I could do some further digging (to which they did reply). And then, a couple weeks later (and before I had made time to dig in further), they posted this blog post, finally shedding light on the situation. Here’s the relevant part:
SMS in the United States is governed by strict rules and regulations around prohibited or limited content. The wireless industry trade association CTIA monitors and enforces these rules, and mobile carriers must comply with them. One of those rules covers content within the category known as SHAFT or Sex, Hate, Alcohol, Firearms, and Tobacco. Within the Hate category sits profanity or swear words. So, if you’re sending or trying to receive a text message with swear words in the U.S., chances are the carrier will block it.
We behave differently when we know we’re being watched. I talk about this on the website, and will include additional links and sources in my next upcoming video. I also know this firsthand. I first discovered TAILS while I still in the military and thought “wow, that’s really cool! But also I probably shouldn’t mess with it, I’m sure I’ll get in trouble for some reason. I’ll wait til I’m out.” (That's just one story of many I could cite.) Now, I get to live the joy (sarcasm intended) of being under scrutiny again. Now, when I reply to messages, I have to ask myself “did I put in any curse words? Did I include anything that could be considered a curse word by the filters?” I don’t think it’s a controversial take that this is problematic on multiple levels. My provider should have no right to tell me what to say, especially when I’m talking to other people who have consented to me talking that way. What’s next? Will they censor “The president sucks”? or “I hate [insert famous figure here]”?
Now one can make the argument that maybe I just shouldn’t curse. Some people don’t like it, and clearly I’m very capable of conveying my ideas without it. Maybe. But some people don’t like that gay people exist. Or black people. Or that women have jobs. Or China. Or other political ideologies. We can’t just say “I don’t like that thing, let’s repress it.” That’s the entire point of censorship. This is especially concerning when we talk something like phone carriers, which are the backbone of our communications network. I’m told that in other countries, services like WhatsApp, Facebook Messenger, and Telegram are common because SMS messages cost money, but in America (and I assume at least a few other Western countries), that’s not the case. Here, it’s still pretty common. And the idea of “Just go somewhere else” is completely insane. Unless you’re about to go out and found your own carrier to prove me wrong, I don’t want to hear it.
Unfortunately, it’s the only solution we now have. Behavior like this adds another practical reason why end-to-end encrypted messaging needs to become the default. Some people have strong opinions on censorship of any kind: if I ban you from my Mastodon instance for any reason, some people view that as censorship. I disagree. There’s nothing stopping you from joining another instance – or even starting your own (in fact, I plan to post some tutorials later this year on how to install and run services like Mastodon or PeerTube). This is a far cry from the carriers as a whole colluding to tell us not to say bad words, which is a ridiculous solution to whatever issue they’re ostensibly trying to solve. This is a slippery slope and a troubling development. As MySudo noted, these SHAFT rules are not new, but they are being cracked down on. This is why we can never call it victory when someone says “well, I won’t do it now, but I’m gonna leave the option open.” We have to accept nothing less than fully secured communications that can’t be read, scanned, and censored on a whim. Yesterday it was CSAM. Today it’s mean words. Tomorrow it could be dissent.
Fuck. That. Use encryption.
You can find more recommended services and programs at TheNewOil.org, and you can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...