How much is the Cape referral bonus?

Cape's referral program gives $20 per month off the bill for both the sender and the redeemer. Both parties keep that $20 monthly credit for as long as both remain subscribed to Cape.

How long does the Cape referral discount last?

Indefinitely. The $20 monthly credit applies to your Cape bill every month for as long as both accounts in the referral pair remain active. If either side cancels, that specific $20 credit ends on the next billing cycle.

How many times can a Cape referral code be used?

Cape caps the bonus at 5 active referrals per subscriber. Each active referral stacks another $20 off the sender's monthly bill. With Cape's early adopter pricing at $70/month, just 4 referrals ($80 in credits) fully covers your plan. If a referral cancels, that $20 credit ends on the next billing cycle and the slot opens up again.

Do Cape referral codes expire?

Cape doesn't publish an expiration on referral codes. As long as the original subscriber's account stays active, their code stays valid for new redemptions. cape.rip removes each submission from the rotating pool after 7 days to keep things fresh, but a code's underlying validity comes from the sender remaining a Cape customer.

Is cape.rip affiliated with Cape Cellular?

No. cape.rip is an independent community tool not affiliated with, endorsed by, or operated by Cape Cellular. It is a free service with no signup, no login, and no analytics. IP addresses are HMAC-hashed and data retention is capped at 7 days.

Cape Cellular Referral Codes, Speed Tests & More

There’s a vulnerability in the global phone network that lets attackers intercept your calls, read your text messages, and track your location in real time. It’s been publicly known since at least 2008. Every major carrier in the world knows about it. And almost none of them have done anything meaningful to fix it.

The vulnerability is called SS7, and it affects every phone connected to a traditional carrier.

What SS7 is

SS7 stands for Signaling System 7. It’s the protocol that lets different phone networks communicate with each other. When you call someone on a different carrier, SS7 is what routes that call between the two networks. It also handles things like number portability, SMS delivery, and roaming.

The protocol was designed in the 1970s, back when every telecom operator was a government-run monopoly or a heavily regulated utility. The assumption was that every entity on the network was trusted. There’s no authentication built into SS7. If you can send a message on the SS7 network, the network assumes you’re allowed to.

That assumption hasn’t been true for decades. Today, hundreds of companies and organizations around the world have access to SS7, including mobile operators in countries with minimal oversight, commercial service providers, and anyone who can buy access from a company that has it.

What an attacker can do with SS7 access

The list is bad. With access to the SS7 network, an attacker can track the real-time location of any phone by querying which cell tower it’s connected to. They can intercept voice calls by redirecting them through their own equipment. They can intercept SMS messages, including two-factor authentication codes sent by your bank or email provider. And they can redirect calls entirely, so that calls meant for you go to someone else without your knowledge.

These aren’t theoretical attacks. They’ve been demonstrated publicly, repeatedly.

This has been shown on live television

In 2016, German security researcher Karsten Nohl demonstrated SS7 tracking on 60 Minutes by tracking US Congressman Ted Lieu’s phone with his permission. Using nothing but Lieu’s phone number and access to the SS7 network, Nohl was able to see the congressman’s real-time location in Los Angeles and record his phone calls from Berlin.

Congressman Lieu later called for congressional hearings on the issue. He described it as a threat to national security and said it was “outrageous” that the carriers had known about it and done nothing.

That was nearly a decade ago. The fundamental vulnerability is still there.

Why the carriers haven’t fixed it

The honest answer is that fixing SS7 would be extremely expensive and operationally complicated. The protocol is deeply embedded in the global telecom infrastructure. Replacing it would mean rebuilding core systems that every carrier depends on for basic functionality like call routing and roaming.

There are newer protocols. Diameter, which is used in 4G/LTE networks, was supposed to replace SS7. But Diameter has its own set of vulnerabilities, and SS7 is still in use for backward compatibility. As long as a carrier supports 2G or 3G connections, or interconnects with networks that do, SS7 remains part of the picture.

The carriers also don’t have a strong financial incentive to fix it. SS7 attacks primarily affect individual users, not the carriers themselves. The carriers aren’t losing money from the vulnerability. And until there’s regulatory pressure to change, the cost-benefit analysis doesn’t favor a massive infrastructure overhaul.

Some carriers have implemented basic SS7 firewalls that filter out the most obvious malicious queries. But these are partial solutions that don’t address the fundamental design flaw: SS7 trusts every message by default.

Who is actually targeted by SS7 attacks

SS7 attacks aren’t random. The access and knowledge required means they’re typically used against specific targets. Known use cases include government surveillance of journalists and dissidents, particularly in countries with authoritarian regimes. Corporate espionage, where competitors or state actors want to monitor executive communications. Criminal operations intercepting 2FA codes to drain bank accounts. And intelligence agencies conducting cross-border surveillance without the cooperation of the target’s carrier.

If you’re a journalist covering a sensitive story, a human rights activist in a country that monitors opposition figures, a business executive with access to valuable information, or someone holding significant cryptocurrency, you’re in a higher risk category for SS7-based attacks.

But even if you’re not a high-profile target, the existence of the vulnerability means your SMS-based two-factor authentication is fundamentally less secure than you think. Every 2FA code sent by text travels over a network that doesn’t verify who’s asking for it.

How Cape built around the problem

Cape didn’t try to patch SS7. They built their network from scratch without the legacy infrastructure that makes SS7 attacks possible on traditional carriers.

Cape’s Network Lock feature detects and blocks suspicious signaling requests at the network level. Because Cape runs its own core network layer rather than just reselling service from another carrier, they have the control needed to implement these protections.

On top of that, Cape’s IMSI rotation makes location tracking through SS7 harder even if a query were to get through. When your network identifier changes every 24 hours, sustained tracking becomes much more difficult.

SIM swap protection adds another layer. Even if someone tried to use SS7 to intercept your SMS for two-factor codes, they can’t port your number away from Cape without network-level authorization.

These aren’t add-on features bolted onto old infrastructure. They’re built into how Cape’s network operates from the ground up, which is the only way to address a problem this fundamental.

What you can do right now

Whether or not you switch carriers, there are a few things you should do to reduce your exposure to SS7 attacks.

Stop using SMS for two-factor authentication wherever possible. Switch to app-based 2FA with something like Aegis or Google Authenticator, or use hardware security keys. This removes the most common practical impact of SS7 interception from your life.

Assume that regular phone calls and SMS messages are not private. Use Signal or another end-to-end encrypted messaging app for sensitive conversations. SS7 can intercept traditional calls and texts, but it can’t break end-to-end encryption.

If you’re in a high-risk category, a carrier with SS7 protections isn’t optional. It’s a necessary part of your security setup. The vulnerability isn’t going away any time soon.

Get $20/month off Cape

If you want a carrier that actually addresses SS7 instead of ignoring it, grab a free referral code at cape.rip before signing up. It takes $20 off your monthly bill permanently, and the person who shared the code saves $20 too. No signup, no tracking. Just pick a code and use it at cape.co. Cape’s referral program stacks up to 5 times at $20 each, so 4 referrals makes your $70 plan free.

This article was written with AI assistance. All claims, pricing, and feature details have been verified against primary sources.