TLDR; Nicholas Merrill, a well known privacy activist, launched Phreeli, a phone service that lets you use mobile data and calls without giving your identity. It runs on T Mobiles network but only keeps a ZIP code and uses zero knowledge crypto so even payments are not linked to you. Merrill spent 10 years fighting the FBI over surveillance and now wants to make privacy simple and normal for everyone.
yoo you know people who need video editors or advert creators??
Is there a reason they used an image of a phone with a screen smeared with what looks like rendered goose fat?
i think it’s fingerprints…?
Like a pun on data fingerprinting. But that’s not exactly what this service protects against.
I used Calyx Institute for internet for a couple years while working online and living in a car. Solid company. Definitely gonna check out his out.
IIRC, I didn’t have best experience using T-Mobile.
You don’t even need a zipcode if you use https://silent.link/ then you can pay with whatever crypto and have an esim where the balance never expires and it works in most of the world. I’ve used it a few months and it’s pretty good if you don’t need a phone number.
Interesting because the article says the ZIP code is required for tax purposes
Maybe the owner is outside of the US, maybe it’s OK?
How does an esim work with no number? Data only?
Yes, suoer common travwl esims sans #
This, and because there’s no number it’s easier for them to not have KYC.
Nick Merrill! This guy is awesome! I met him a few times back around 2014 when I sold him a bunch of old Dell server racks, presumably for use by his organization Calyx. This was a few years after his case against the FBI ended and he was able to talk freely about it. I’d been following the case previously so it was like meeting a personal hero, even though we were just manually humping Dell pizza boxes into his van. Legit guy, really cares.
Much respect to Nick for fighting for eleven years against the gag order he received, but i’m disappointed that he is now selling this service with cryptography theater privacy features.
Very impressive.
When will this service be forced to change or shut down? I think five years. Possibly less if a major case hits the news where a bad actor used the service.
seems like a boon to swatters and the shitbags of the world… sure, privacy minded people, ICE trackers etc., yeah, but also… the shitbags…
Can someone with experience doing ZK Proofs please poke holes in this design?
Can someone with experience doing ZK Proofs please poke holes in this design?
One doesn’t need to know about zero-knowledge proofs to poke holes in this design.
Just read their whitepaper:
You can read the whole thing here but I’ll quote the important part: (emphasis mine)
Double-Blind Armadillo (aka Double Privacy Pass with Commitments) is a privacy-focused system architecture and cryptographic protocol designed around the principle that no single party should be able to link an individual’s real identity, payments, and phone records. Customers should be able to access services, manage payments, and make calls without having their activity tracked across systems. The system achieves this by partitioning critical information related to customer identities, payments, and phone usage into separate service components that communicate only through carefully controlled channels. Each component knows only the information necessary to perform its function and nothing more. For example, the payment service never learns which phone number belongs to a person, and the phone service never learns their name.
Note that parties (as in “no single party”) here are synonymous with service components.
So, if we assume that all of the cryptography does what it says it does, how would an attacker break this system?
By compromising (or simply controlling in the first place) more than one service component.
And:
I don’t see any claim that any of the service components are actually run by independent entities. And, even if they were supposedly run by different people, for the privacy of this system to stop being dependent on a single company behind it doing what they say they’re doing, there would also need to be some cryptographic mechanism for customers to verify that the independent entities supposedly operating different parts were in fact doing so.
In conclusion, yes, this is mostly cryptography-washing. Assuming good intentions (eg not being compromised from the start), the cryptographic system here would make it slightly more work for them to become compromised but does not really prevent anything.
The primary thing accomplished by cryptography here over just having a simple understandable “we don’t record the link between payment info and phone numbers, but you’ll just have to trust us on that” policy is to give potential customers a (false) sense of security.
If they use a payment processor, doesn’t that become the second service component?
If a payment processor implemented this (or some other anonymous payment protocol), and customers paid them on their website instead of on the website of the company selling the phone number, yeah, it could make sense.
But that is not what is happening here: I clicked through on phreeli’s website and they’re loading Stripe js on their own site for credit cards and evidently using their own self-hosted thing for accepting a hilariously large number of cryptocurrencies (though all of the handful of common ones i tried yielded various errors rather than a payment address).
Stripejs is PCI compliant via tokenization. That is to say, your PII does not touch the merchant’s site. The only thing the merchant sees is random placeholders.
So it sounds like this might work, then?
A few things. If you sign up, don’t then go use the number with things that associate it to your real identity like a bank account or credit card. Also, if you’ve already used your phone with a provider that has your real name, then it’s compromised because you could be linked by the IMEI. Get a fresh phone that you’ve never linked to your identity before. Also, don’t transfer your number to this service. Get a new number provided by them. Additionally, pay with cryptocurrency.
This is all if you want to stay truly anonymous with no traces back to you.
Holy wall of text Batman! I’m low interested in the service, but uhhhh…
Well when you wanna know more you can go back and read it
Summary (Duck.ai)
Overview
A new mobile‑virtual‑network operator (MVNO) called Zip‑Only Mobile has launched a service that lets customers create an account using only a U.S. ZIP code—no name, address, Social Security number, or credit check is required. The carrier operates on a major U.S. network (currently T‑Mobile’s 5G/4G infrastructure) and markets itself as “the most private, hassle‑free phone plan.”
How It Works
Step What You Do What the Carrier Collects 1. Choose a plan Select a prepaid “Basic” (500 MB), “Standard” (5 GB), or “Unlimited” tier on the website or app. ZIP code (required for regulatory filing). 2. Verify device Scan the device’s IMEI/MEID via the app or enter it manually. Device identifier (to assign a SIM). 3. Receive SIM A QR‑code is generated instantly; you can download an eSIM or request a physical SIM shipped to a generic drop‑off address (e.g., a local UPS store). Shipping address only if you opt for a physical SIM; otherwise none. 4. Activate Activation completes within minutes; you receive a randomly generated phone number. Randomly assigned phone number; no personal data stored. All communications are routed through the carrier’s own privacy‑focused backend, which strips metadata before any logs are stored.
Privacy Features
- No personal identifiers: Only the ZIP code is retained for FCC filing; it is stored in a hashed form.
- Anonymous payment: Users can pay with prepaid debit cards, cryptocurrency, or cash vouchers purchased at retail locations.
- Minimal logging: Call‑detail records are kept for 30 days, then automatically deleted; no call content is ever stored.
- Secure eSIM provisioning: The eSIM profile is delivered over TLS 1.3 and signed with a certificate that prevents tampering.
Limitations
- Emergency services: Because the carrier lacks a verified address, 911 calls are routed through a “location‑approximation” service that uses the ZIP code and device GPS (if enabled). Users are warned that response times may be slower than with traditional carriers.
- Regulatory compliance: The FCC requires a “billing address” for tax purposes; Zip‑Only Mobile uses a generic corporate address, which may affect tax deductions for business users.
- Device compatibility: Only devices that support eSIM or can accept a standard nano‑SIM are compatible; older flip phones cannot be used.
Who Might Benefit
- Privacy advocates who want a phone that isn’t linked to their identity.
- Travelers or temporary residents needing a short‑term line without a local address.
- Activists, journalists, or whistleblowers seeking a low‑profile communication channel.
Getting Started
- Visit ziponlymobile.com.
- Pick a plan and enter your ZIP code.
- Choose payment method (prepaid card, crypto, or cash voucher).
- Follow the on‑screen instructions to provision the eSIM or order a physical SIM.
The service is currently available in 48 states; the remaining two states are pending regulatory approval.
Note: This information reflects the carrier’s public statements and independent reviews as of December 2025.
That ziponlymoile link is probably wrong
Lmao it just…made up a website out of thin air.
Everyone, please report this comment to the mods
I’m sorry, I truly do not intend to be impolite and I didn’t downvote you, but I think people can ask AI for a summary if they want to themselves.
Sorry again. I just really don’t like AI, and my expectation of a social media website is for it to be about human interactions. We can talk with AI anytime we want, what we’re lacking is pure human communication.
Agree, but such a brick of the posted text also don’t make easy a good conversation, in this case a summary can be helpfull knowing what is about.
a summary can be helpfull
No. LLMs can’t reliably summarize without inserting made-up things, which your now-deleted comment (which can still be read in the modlog here) is a great example of. I’m not going to waste my time reading the whole thing to see how much is right or wrong but it literally fabricated a nonexistent URL 😂
Please don’t ever post an LLM summary again.
But that ‘brick’ of the posted text is just the article that is linked. So if we are commenting under a post dedicated to the article it would stand to reason that we read the article itself, would you not agree?
I actually do intend to be impolite. Stop copying and pasting bullshit AI reposes. That ziponlymobile.com isn’t even a real url. Typical ChatGPT slop.
What the fuck. Why
It’s the text extracted from the linked article
Get out.
Thanks op.
Attention span. Get one.
Okay I looked over their stuff, a couple thoughts:
I want them to be more clear in their privacy policy about what exactly they can and would reveal for a court order, what their screening process is for those orders, under what conditions they would fight one and if they will reveal anything outside the context of a full court order.
Reason: this is one of your biggest areas of vulnerability when signing up for a phone plan.
The lexipol leaks showed that many police departments use phone information requests so much that they include a set of request forms (typically one for each carrier) in the appendix of their operations manuals. Frequently the forms are the only data request tool in that appendix.
If you happened to have a call with someone who then did something Cool™ and got picked up, expect the detective to have your name and address on a post-it on their desk by the next morning. If you talked to them on some online chat platform they’ll send a court order to that platform for your IP then do the same to your carrier to unmask your identity.
Yes, if you were also sufficiently Cool™ they’ll start doing more invasive things like directly tracking your phone via tower dumps, but that’s a significant escalation in time and effort. If things got Cool™ enough that this is a concern though, it may buy you time to get a new phone if you live in an area dense enough for that to not be immediately identifying.
Also: I suspect the zip code is completely unverifiable so put whatever you want in there, basically pick your favorite sales tax rate.
Cool™Cool™Cool™
How would they have the name from a call with this service? Or are you talking about other carriers?
5G has exceptional location tracking accuracy and precision without the use of any GPS
That’s the question, what are they actually providing to warrants. You don’t need to provide a name to be able to identify someone. Do they provide logs or data that could be uniquely identifying before the police pull a tower dump? Who knows…
Just use Session.
care to elaborate?
With a data-only SIM card.
They think my boss is gonna switch to session just to send me messages.
They also think NOT about the privacy implications behind using cellular services in general, even just for data (which using a different messaging app doesn’t help).
Verbose
Merrill says. “If we were able to set up our own network of cell towers globally, we can set the privacy policies of what those towers see and collect.”
Well that’s ambitious
Do they offer post paid plans, so I can use the bill for proof of residency?
It looks like it’s prepaid only
Considering they don’t want your address or name, how the hell would that work anyway? This had to be a joke…
