Today I’ve been sitting here, looking at my Android, then looking at my iPhone, then shaking my head sadly. There are things here that trouble me.

• Some services demand a carrier phone number, not Google Voice.

• Lose a burner, lose a carrier number.

• Google Voice numbers can disappear if idle for a very long time.

• Desktop Signal will fail if Signal is uninstalled from a mobile device.

• Authy can be bound to a Google Voice number.

• I really dislike that first one, there’s no recourse if you lose a device.

• Telegram will work with Google Voice, but it can fail unrecoverably.

What can be done about this?

Disaster Drill:

Having come from the service provider world, I absolutely WILL do disaster recovery drills. If you haven’t tested your procedure, you do not HAVE a procedure, all you have is a theory.

Both the Android and iPhone have some things that are attached to their carrier numbers. The only way I can see to make this safe is by figuring out how to clone the SIM for each device. This is a phone repair guy thing … or a SIM swapping gang thing. I see Amazon has equipment for doing this but I still have some reading here. This will fix the “loss of physical device” problem.

Authy was the first OTP app I tried and I instantly liked it. I spent just a little time with Duo later on, didn’t care for it at all. I’ve just started looking at FreeOTP to see if I can do something that will be stable and secure without the presence of a mobile device. This won’t be the retirement of Authy, it will remain, assuming I can solve the SIM backup problem, but there are a lot of things in my Authy that maybe should be in FreeOTP instead. Stated another way, my real life AND multiple compartments are entangled in just one Authy account.

I have lost Google Voice numbers this year and in one case I ended up with a Signal number that worked for a GV number I no longer controlled. It was a fun number, akin to my 706-47-TROLL, so no huge damage done in losing it, but it still bugs me a bit. Same thing with Telegram, 706-47-TROLL broke three or four years ago and they won’t reset it. Since I don’t care for Telegram, nor for the little SchizOps group that kept putting me in their derpy “we manipulate the psychiatrically challenged” rooms, this was more of a life upgrade than a loss.

Conclusion:

I am guardedly sure that 2024 Tool Time is going to feature things like:

• Corralling all one’s tentacles on Qubes.

• Getting Qubes mobile with a Dell Precision Xeon.

• Obtaining some sort of Google Pixel for GrapheneOS.

• Retiring OpenVPN for Mullvad/Proton WireGuard configurations.

• Picking a no phone number required comms method to replace Wire.

• Encrypted containers with Age or Veracrypt.

• Exercises involving loss or seizure of devices.

I keep thinking of a line from Green River as I look over what’s coming at us:

You’re gonna find a world that’s smolderin’

And on that note, I gotta get back to day job stuff over here. See you next year.