Practical privacy and simple cybersecurity.
TheNewOil.org

2022 Review: MySudo

What is Voice-Over-IP (VoIP) and Why Do You Need It?

Voice-over-IP – or VoIP – is basically phone calls over the internet or cell data rather than via traditional phone technologies. The technology is far from new – it’s been used in business for decades – but it’s also available for consumers for a relatively low cost.

While VoIP does come with a few drawbacks – primarily the fact that your call quality depends heavily on your internet strength (via mobile data, for example), the benefits, in my opinion, cannot be overstated. In no particular order, VoIP can be used to compartmentalize your life, set healthy work/life boundaries, protect yourself from spam calls and robotexts, and protect your overall privacy. For example: if you have a VoIP number you use for work, you can disable that number each night when you get off the clock. You can also use a VoIP number for dating or selling things online, which prevents you from being stalked or harassed if things go south. There is no reason I can think of not to use VoIP of some kind if it’s available in your country.

MySudo is a popular VoIP app in the privacy community for iOS and Android that offers up to nine digital identities. I say “identities” because to say “phone numbers” is to discredit MySudo’s other features: an inbox, a web browser, and virtual cards.

Image
Photo courtesy of MySudo

The Good

I think the most obvious advantage of MySudo is the number of identities you can have. Having so many different phone numbers at your disposal offers a lot of flexibility. I believe most people could get away with the MySudo Pro plan (three phone numbers with 200 messages and 200 minutes per month) depending on how many minutes you need. You could use these for work, personal, and other, and for most people that’s plenty. But as I said, the configurations are near infinite and can be whatever you need them to be. You could do a dedicated Signal number, shopping, burners, travel, really whatever your heart desires. Even if you can only afford the SudoGo plan (1 number, 100 messages & 30 minutes), that still reduces the odds of a SIM-swapping attack, so maybe you'd use that for all services that only offer SMS 2FA. It really largely depends on how many minutes you need and how much messaging you do, but there should be a plan that nearly anyone can make use of.

When contacting other MySudo users, you get the advantages of group messaging, end-to-end encryption, self-destructing messages, and even video chat. With non-users, you get SMS, MMS, and voice calling (no group chats or calls and no disappearing messages). You also have an email address for each identity that you can customize (ex, nbartram@sudomail.com) which are end-to-end encrypted for other MySudo users, and a web browser for each identity that claims to block third party ads and trackers. Each identity can also create masked virtual cards that you can use online to help prevent tracking and card theft. Unlike privacy.com, these cards are not linked to a single merchant but can be reused as many times as you want. Finally, MySudo claims that all your data is stored in a zero-knowledge format and that they don’t log your incoming and outgoing messages. So while your messages may not be end-to-end encrypted coming and going, they are safely free of MySudo’s prying eyes once they’re in your inbox.

The Bad

I am biased toward MySudo. I personally use it in my daily life and depend on it very heavily. Having said that, it’s not without drawbacks.

For starters, MySudo is heavily dependent on stock operating systems like Android and iOS. In order to get a paid plan, you have to go through either the App or Play Stores, but once you’ve done that you can move to a new device as long as the billing plan stays active. However, the actual usability of MySudo with custom ROMs seems to be hit or miss. While MySudo does offer direct downloads for both Graphene and Calyx, I’m also told it doesn’t work on Graphene OS at all. I’m unsure about other custom ROMs. Either way, this presents a challenge for those who wish to take their privacy to the max and truly get as Big Tech-free as possible.

MySudo is also an inconvenience for those who prefer to be as phone-free as possible in general. There’s a web app you can use on desktop, but it has to be synced up manually each time you use it, so I can’t just turn my phone off at the end of the work day or get rid of my phone entirely. Sure, I have most of my most important contacts on Signal, Matrix, or some other desktop-ready communication platform but I’m one of those people lucky enough to work a job that generally respects work/life balance. That means that when I get a late-night text, it’s usually kind of important, so I’d like to be able to have a desktop app where I can get this information in real time without depending on my phone.

Image
Photo courtesy of MySudo

There’s also the issue of price, as always. There is a free tier, but it’s pretty useless since you can’t call or text non-Sudo users at all. As I said above, I think most people can do just fine with SudoPro, which is $5/month ($50/year) and gives you 300 messages per month and 200 minutes per month with non-Sudo users, as well as 3 virtual cards and 3 identities. However, I am a firm believer that privacy should not be a luxury and should be available to all. Obviously services like MySudo are not cheap to run and must be paid for somehow, but it still makes me sad that the free level is so restrictive. I always want to be considerate of people who truly are that tight on money. The virtual card feature costs money, too: 2.99% of the purchase price plus $0.31. Again, I understand that nothing is free, but I wonder why they can’t just take a cut off the back end like Privacy.com does.

Then there’s the concerns about the limitations of who can use MySudo: MySudo phone numbers are only available for US, UK, and Canadian phone numbers, and you can only sign up for a paid plan in the US, UK, or Canada (UK pricing is not listed on their site, which makes me wonder what other countries are available that we don't know about), while the virtual cards are only available for US users. The app is available for download in New Zealand, Singapore, and South Korea, though, but I guess at that point it would function like any other encrypted messenger, requiring both users to have the app, and at that point I would advocate for nearly any other encrypted messenger instead for that use case.

Finally, a word about MySudo's “other features” like email and web browsing: while they certainly are added value, I think they're pointless. Because MySudo lacks a strong desktop app, using the emails is clunky and annoying. The web browser claims to block ads and trackers, but has no publicly-visible list to check. There are other open-source browsers who do this just as easily like Brave, Bromite, or Mull (or hardened Safari). MySudo's real use is compartmentalization, therefore I see no reason to put all your eggs in one basket. I would still recommend an open source, trusted encrypted email provider and an open source, privacy-focused browser over MySudo's offerings. Therefore – again – while they are nifty features, they mostly collect dust in my use case. Likewise, I use privacy.com for virtual cards, which offers me significantly more options, better protections, and no fees. Given that virtual cards are only available in the US, I don't know why anyone would bother using MySudo over privacy.com (unless you don't trust privacy.com, and I'm not sure why you trust MySudo more in that case as they both require your personal information to comply with anti-money-laundering laws).

Conclusion

It’s important to remember that VoIP is not meant to a be a replacement for an end-to-end encrypted messenger. A lot of people bash on MySudo because it’s not open source or zero-knowledge, but in my opinion that’s missing the point. What VoIP is meant to be is a way to compartmentalize your life and protect you against data breaches, stalkers, and set healthy boundaries in your own life. In that sense, I personally have found MySudo to more than meet my needs and exceed. Due to the price, location restrictions, and operating system restrictions it may not be for everyone but I strongly encourage those who still use a stock iOS or Android and live in an area that MySudo services to look into it. It’s a powerful tool and it may come in extremely handy to have in your arsenal.

You can learn more and download MySudo here.

Updated on Oct 9, 2022 to reflect that a UK paid plan is available. Previously I was led to believe it was not.

Tech changes fast, so be sure to check TheNewOil.org for the latest recommendations on tools, services, settings, and more. You can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...