A decade ago that data was a little more iffy (i.e. it was more a good estimate (typically within half a mile or less) than a true location), but with a combination of more towers (and therefore more data points), the ubiquity of smartphones (which check in more often, are doing geolocation related things, etc), and better / more accessible/well-known analytics tools, is think even 6 months would be a generous time-frame
You can also arrange to buy this information. I worked for a place where you could request someone's location by phone number. There were a lot of contractual obligations around us having the phone owner "allow" us to do that, but no technical ones.
https://www.youtube.com/watch?v=Am8izKu5ZSU
https://en.wikipedia.org/wiki/Aaron_Hernandez#2013_murder_of...
The mechanism that provides roaming is based on trust, so anyone connected to the SS7 network can query the location of any phone in the world and even intercept its calls. Just say to the home carrier "hey this phone is roaming on my network, would you be able to send me all of its calls and texts?".
Edit: It was a video.
That's really sad, their channel had videos of all the past talks from the CCC, an amazing resource that's now gone.
I think this is the one you might have been talking about: https://www.youtube.com/watch?v=lsIriAdbttc
If it's not that one then it's probably one of the "Running your own 3G/3,5G/GSM network" talks.
One of the first things I did after opening the article was to search for the string "ss7" ... was disappointed to see it mentioned zero times ...
What if i remove the battery?
If you remove the battery, it will be unpowered and unable to emit RF and thus cannot be tracked. While it is theoretically possible to hide an auxiliary battery in your phone, that would be very hard to achieve, especially in modern thin phones. If your threat model includes highly motivated state sponsored actors, this is could be achieved.
If you put your phone in a RF-tight enclosure (e.g. metal box), the RF energy cannot get out and thus it cannot be tracked.
Questions like this one aren't very useful without a threat model. Who are you trying to prevent tracking you? If it's just your phone carrier then obviously turning off your phone and removing the battery will render it inoperable. But now you don't have a phone, and your location info wasn't very useful to begin with anyway unless you were involved in an operation where you need to conceal your location.
A patron was telling me that the way the GPS is so accurate is because it uses the phones radio... Didnt know that either. (i mentioned to him that there is one spot in MA where our google directions are off by 1/2 mile.. Same place every trip.)
It takes a lot of work and expertise to build a population model from mobile telemetry that approximately reflects reality. Far fewer people know how to do this well than you might assume by looking at the requirements for a naive implementation. Even most mobile carriers have limited ability.
Do you have examples (or a link/reference to something that has such examples) of those types of artifacts?
It isn't that difficult technically, if you have experts doing it, it just requires far more domain expertise to do correctly than I think people expect. You also need to be willing to write some of your own tooling to deal with the data efficiently and effectively.
AWS does not scale this way, you can't just throw more resources at a problem and expect to be profitable.
In my opinion tho, even that price point is pretty accessible to keep tabs on all citizens with that resolution which was my hypothetical case.
Cheaper than both and hardly any maintenance required.
The article is not about a hack. The article is about how the cell company or state-level actor can leverage the connectivity information that is required for any modern cell service to operate.
Yes, that's true - but remember that all of our 3G/4G phones are also 2G phones and that if you disable/jam/overpower the 3G/4G signals the phone will very happily revert down to 2G, possibly with no encryption, and possibly in a way that you have to be very careful to even notice.
There are quite a few attacks that are mitigated by 3G/4G in theory, but in practice you're still vulnerable to because your phone can be downgraded to 2G by an outside actor.
Radio waves travel at the speed of light 299 792 458 m/s.
An interesting question is whether radio waves, gamma radiation, and visible light all travel an identical speed through atmosphere.
The reason light slows down in atmosphere is because it hits atoms. It travels between each atom at the speed of light, but when it reaches an atom the radiation is absorbed and re-emitted, which introduces a delay. So the question that I'm wondering is: do different frequencies of radiation get absorbed and re-emitted at the same rate as every other frequency? That would give it identical speed. But if the absorption is different then presumably the speed would also be different.
After having a second cup of coffee I did a doh! and realized conflating 'radio' with sound is non-sensical, but I wonder if I'm in the minority thinking this way. Or maybe it's just my non-tech background!
> "We said that a tower covers a radius around it. In practice, this is sub optimal so that’s not how it’s done.
> Instead, a station is usually split in 3 independent beams of 120 degrees."
So it's not the intersection of two circles anymore, it's the intersection of two arcs, which will likely only have one intersection point, unlike circles.
Also see Hannah Arendt, Erich Fromm, et al. This other mediocre shit? This being a "hacker" in a goldfish bowl? That's for those who can't hack the adult responsibilities of the 20th and 21th centuries. those who fell asleep, those who already fell off. They will downvote you today and look the other way as drones take care of you tomorrow, don't hold your breath for anything else. Anything else, any future worth a fuck, has to be done despite their wishes, or rather, despite where they are drifting.
A. Sell outsourced billing solutions to the mobile carrier. (See AMDOCS)
Most of those companies focused on 10m+- resolution and focused on path data to build traffic speed data for local news companies.
Only cost a couple million bucks and an extensive partnership agreement to get into the space.
There is a lot of data washing in those agreements, mostly related to preventing reverse identification.
Airsage has taken it to the next level in the more recent past with GPS based anonymized data, but data with EXTENSIVE history. The Airsage product is zip code and smaller resolution and can provide months to years of location history of an anonymous cell phone id.
https://thehftguy.files.wordpress.com/2017/07/tdoa.png?w=300...
