How could I prevent some smartphone's IMEI and/or ICCID leakage through getprop output?

Question

By chance, I found some Android smartphone would leak IMEI through getprop, you could test in Termux like this:

# Tested on a Mi 5s Plus (Natrium)
$ getprop | grep imei
[persist.radio.imei]: [86REDACTED]
[persist.radio.imei1]: [REDACTED]
[persist.radio.imei2]: [REDACTED]
[ro.ril.oem.imei]: [REDACTED]
[ro.ril.oem.imei1]: [REDACTED]
[ro.ril.oem.imei2]: [REDACTED]

On a OnePlus 7 sold in China I even get ICCID of SIM card which could be used to track and retrive your personal data from ISP...

$ getprop | grep iccid
[persist.radio.bksim.iccid]: [REDACTED]
[persist.radio.ddssim.iccid]: [REDACTED]

And I have Magisk installed, so I come up with the idea of deleting these props using Magisk's ability to run startup script. I have tried using this script below:

#!/system/bin/sh
# /data/adb/service.d/0001deletethefuckingimei.sh, already has execute permission
For debugging
touch /sdcard/init
Wait till the system boots up
while [ "$(getprop sys.boot_completed)" != "1" ]; do
  sleep 1
done
For debugging
touch /sdcard/after-boot
/sbin/resetprop -p --delete persist.radio.imei
/sbin/resetprop -p --delete persist.radio.imei1
/sbin/resetprop -p --delete persist.radio.imei2
/sbin/resetprop -p --delete persist.radio.meid
For 3rd party ROMs like LineageOS
/sbin/resetprop -p --delete ro.ril.oem.imei
/sbin/resetprop -p --delete ro.ril.oem.imei1
/sbin/resetprop -p --delete ro.ril.oem.imei2
/sbin/resetprop -p --delete ro.ril.oem.meid
For MIUI
/sbin/resetprop -p --delete ro.ril.miui.imei
/sbin/resetprop -p --delete ro.ril.miui.imei1
/sbin/resetprop -p --delete ro.ril.miui.imei2
/sbin/resetprop -p --delete ro.ril.miui.meid
For OnePlus leaking ICCID
/sbin/resetprop -p --delete persist.radio.bksim.iccid
/sbin/resetprop -p --delete persist.radio.ddssim.iccid
For debugging
touch /sdcard/done

~~But it seems that this script has never been executed, as there is no /sdcard/init.~~ Somehow these props are set in the middle of the booting process, having no idea how it is set.

Currently I am using SmartPack Kernel Manager to run script after Android boots up, and limits untrusted apps running automatically at startup.

@IrfanLatif Partially...Yes? Just running resetprop to delete those containing IMEI before startup. With Magisk I thought this would be easier... — march_happy, Apr 17 '20 at 10:23
Does this answer your question? How to run an executable on boot and keep it running? — Irfan Latif, Apr 17 '20 at 10:37
The problem is that it is hardcoded in the firmware (Correct me if I am wrong! ) and we could do nothing about it except delete this using Magisk's resetprop utility before apps start. So this is the point running a startup script. — march_happy, Apr 17 '20 at 11:27
OK, so I edited the problem for a more general discussion - Maybe someone else could figure all the mess out. — march_happy, Apr 17 '20 at 14:09
you probably run magisk in core only mode and script is not executed at all — alecxs, Apr 17 '20 at 14:18

How could I prevent some smartphone's IMEI and/or ICCID leakage through getprop output?

For debugging

Wait till the system boots up

For debugging

For 3rd party ROMs like LineageOS

For MIUI

For OnePlus leaking ICCID

For debugging

0 Answers0