For months, I have been trying to create an anonymous Google account by using an SMSPool number. However, so far all the numbers I have tried have failed. I’ve only tried 3 or 4 times, so there are still plenty of tries left.
Just now, I tried to create an account with the same username that I had tried last week and again, I was presented with this QR code that I am supposed to scan with my phone. I wasn’t even asked for my phone number this time.
Assuming you aren’t on stock the only possible way Google could get your information from clicking a link like that is if you’re connected over cellular and your carrier is injecting headers that identify traffic from a given source (eg. Verizon has done this in the past.). So as long as it is a real Google link, maybe just click it and find out what it asks?
If you however are on stock, you should assume it could be retroactively linked with whatever metrics/telemetry that device has collected.
It says there at the top left that they want to verify info about your device or phone number, then it says below it won’t make the association between your account or phone number. If it smells bad then …
None. Steal someone’s phone and associate it with them?
What do you mean by stock? Are you referring to stock Android vs Graphene OS?
The reason I am skeptical is because every time I tried to enter a number from SMSPool, Google said that that number was not allowed, or it was used too many times. It then asks me to scan their QR code with my phone, and I don’t trust it for the following reasons.
Discord mysteriously acquired my number
I once signed up for a Discord account. I never gave my Discord my number, and yet in my profile, my number was visible. This led me to believe that they could read my SIM and get the number that way. I never used Discord on Mobile again after that. I use it only via web.
TikTok knew my location despite using a VPN
Similarly, in the past I tried multiple times to sign up to TikTok by using a VPN and an alias, and yet, TikTok could steal read my location because all the videos they showed me were specific to my location.
These two incidents make me believe that Google can probably do the same thing. They could also detect if any Google accounts are linked to my phone. I currently had no Google accounts linked to my phone because it’s brand new.
To me, it smells bad because of the reasons I gave above.
I believe the only reason they didn’t ask me for my number this time is because I used the same name, username, and DOB, that I tried to register last time to no avail.
This seems untrue ? Pls site the exact documentation for this in android permission. Phone state does not imply the phone number. It seems to be an Appops permission.
Only privileged apps i.e those are pre-installed system apps like play services can actually get your number for auto-filing purpose.
Also you can actually remove the number from sim card manager settings while setting up a sim card. So not even system apps can read your number
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any android.telecom.PhoneAccounts registered on the device.
If your app targets Android 11 or higher and needs to access the phone number APIs shown in the following list, you must request the READ_PHONE_NUMBERS permission, instead of the READ_PHONE_STATE permission.
Granted the other things , but this still remains true. I had removed my number at setup stage itself , so it doesn’t fills in when any app asks for it.
It mainly happens when you first insert a particular sim into your phone. The setup will read previous values. If you delete it at this stage it won’t store your number. I have just put first few digits of my number ,to identify the sim. You may have a settings called sim manager which allows such stuff depending upon the android skin
giving a SIM a name is just a vanity name, it does not prevent apps from reading your phone number.
there is no “SIM Manager” on AOSP or eg. GrapheneOS
there is the SIM ToolKit but only if your SIM has applets that can be managed by it, and even then it is unlikely you’d have an applet for altering your number.
My device is not set to my country, and I removed my SIM before I installed the TikTok app.
I had all permissions off by default, but I was still surprised that it was possible for certain apps to determine my location or read my phone number from the SIM.
I definitely learned that lesson. Unfortunately, some services like TikTok are incredibly difficult to sign up to via web, especially if you use a VPN, email alias, and don’t want to share your phone number.
My current phone uses an e-Sim. Is it harder or easier to hide from intrusive apps?
Right now it seems like even though my desired username hasn’t been registered, Google remembers that there are have been multiple attempts to register that username with multiple numbers that have failed. In other words, any attempt to register that username again is going to produce the same result.
This sucks. It means that every time I try to create a Google account and the registration fails because SMSPool’s number is not accepted, I cannot make more attempts to register the same username because Google remembers the history.
