That's the name of a story discussed over Slashdot this morning, Flaws Allow Every 3G Device To Be Tracked.
Their summary: "New privacy threats have been uncovered by security researchers that could allow every device operating on 3G networks to be tracked. The vulnerabilities could be exploited with cheap commercial off-the-shelf technology to reveal the location of phones and other 3G-capable devices operating on all 3G compliant networks. It was similar, but different, to previous research that demonstrated how attackers could redirect a victim's outgoing traffic to different networks."
Cellphones tracking is apparently a recurrent topic.
I was away last week, I have a lot of geonews to catch up... I'll try to share them in the coming days.
This story was discussed over Slashdot during the last weekend, Cops' Warrantless Cell Phone Tracking Now Better Than GPS.
Their summary: "On Thursday, the House Judiciary Committee held a hearing to discuss a proposed bill to limit location tracking of electronic devices without a warrant — what it's calling the Geolocational Privacy and Surveillance Act, or the GPS Act. Ahead of that hearing, University of Pennsylvania computer science professor Matt Blaze submitted written testimony (PDF) telling Congress that phone carriers, as well as the law enforcement agencies with which they share data, can now use phones' proximity to cell towers and other sources of cellular data to track their location as precisely or even more precisely than they can with global positioning satellites. Thanks to the growing density of cell towers and the proliferation of devices like picocells and femtocells that transmit cell signals indoors, even GPS-less phones can be tracked with a high degree of precision and can offer data that GPS can't, like the location of someone inside a building or what floor they're on. With the GPS Act, Congress is considering expanding the ban on warrantless tracking of cars with GPS devices that the Supreme Court decided on in January. Blaze's testimony suggests they need to include non-GPS tracking of cell phones in that ban, a measure law enforcement agencies are strongly resisting."
Slashdot ran a discussion named Leaky Cellphone Nets Can Give Attackers Your Location. What I found interesting is that the operating system of the cellphone is not at stake this time.
Their summary: "GSM cellular networks leak enough location data to give third-parties secret access to cellphone users' whereabouts, according to new University of Minnesota research. 'We have shown that there is enough information leaking from the lower layers of the GSM communication stack to enable an attacker to perform location tests on a victim's device. We have shown that those tests can be performed silently without a user being aware by aborting PSTN calls before they complete,' write the authors, from the College of Science and Engineering, in a paper titled 'Location Leaks on the GSM Air Interface' (Pdf). The researchers are working with carriers and equipment makers, including AT&T and Nokia, to address the security issues."
A bit more from the article: "The researchers demonstrated how easy it was to track down a cellular device within a 10-block area in Minneapolis using a T-Mobile G1 smartphone and open source technology. They never contacted the service provider to conduct the test. "It has a low entry barrier," researcher Denis Foo Kune said, in a statement. "Being attainable through open source projects running on commodity software.""
Yesterday Slashdot discussed a story named Indian Government To Track Locations of All Cell Phone Users.
Their summary: "As per amendments made to operators' licences, beginning May 31, operators would have to provide the Department of Telecommunications real-time details of users' locations in latitudes and longitudes. Documents obtained by The Indian Express show that details shall initially be provided for mobile numbers specified by the government. Within three years, service providers will have to provide information on locations of all users. The information will have some margin of error at first. But by 2013, at least 60 per cent of the calls in urban areas would have to be accurately tracked when made 100 metres away from the nearest cell tower. By 2014, the government will seek to increase the proportion to 75 per cent in cities and 50 per cent in suburban and rural areas."
Slashdot is discussing a story named Shopping Center Tracking System Condemned by Civil Rights Campaigners.
Their summary: "Civil rights campaigners have spoken out against a technology used by several shopping centers in the UK to track consumers using their mobile signals. The shopping centers claim that the technology helps them provide better services to consumers and retailers without compromising privacy. The system, called the Footpath, allows them to know how people are spending time in a shopping center, which spots they visit the most and even the route they take while walking around. Several consumer and civil rights groups, including Big Brother Watch, say consumers must be given a choice on whether they want their movement tracked or not."
See this story and the related links for numerous previous similar stories.
Their summary: "The management company of both malls, Forest City Commercial Management, says personal data is not being tracked. 'We won't be looking at singular shoppers,' said Stephanie Shriver-Engdahl, vice president of digital strategy for Forest City. 'The system monitors patterns of movement. We can see, like migrating birds, where people are going to.' Still, the company is preemptively notifying customers by hanging small signs around the shopping centers. Consumers can opt out by turning off their phones."
Slashdot is discussing a story named BBC Crowdsources 3G Coverage Map.
Their summary: "The BBC is asking Android users to install an app which will upload information about 3G and 2G coverage, in order to build up a map showing where Britain has signal. The company behind the app, Epitiro, previously worked with the regulator Ofcom to measure 3G speed, and apparently found that O2 is slightly faster"
In the comments you'll learn that they have something similar for the Netherlands [in Dutch]. There's OpenSignalMaps too to display heat maps of signal strengths, but I'm not so sure about how "open" they are, since they provide the maps, but seems to keep for themselves the crowdsourced database (I'm wrong?). We mentioned in the past OpenCellID.org, which is truly open but doesn't display nice maps out of the box. On the same topic, we mentioned OpenBmap.org last April. Any other valuable source?
Slashdot is discussing this story named Sub-Centimeter Positioning Coming To Mobile Phones.
Their summary: "SLAM (Simultaneous Localization and Mapping), a technique invented by NASA, defines the concept of building a 3D-map of the environment and simultaneously computing the position within it. Based on SLAM, Swedish startup 13th Lab has implemented real-time sub-centimeter local 3D-positioning by using only the sensors, most importantly the camera, already present in most mobile devices (demo video). The technology will be made available as a software platform for developers (sign up for beta). A first application demonstrating the technology has just been released for the iPad2. The technology should be available on other devices with similar computational power soon."
The second discussion over Slashdot this weekend was named Researchers Track Cell Phones Indoors By Listening In.
Their summary: "Researchers at Northwestern University and the University of Michigan have developed a technique which aims to extend the reach of mobile phone location tracking. Their free iPhone app, Batphone, extracts a location 'fingerprint' from a short recording of ambient sound. This software-only approach allows the device to determine its location with high accuracy using its built-in microphone. Unlike prior indoor tracking techniques, Batphone does not rely on the presence of Wi-Fi access points to serve as landmarks, although these can be used to assist the system when available. They also posted a web game which allows you to test your own ability to recognize rooms by listening. Technical details are in a paper which was presented at the MobiSys conference on Thursday. This is from the same people who brought you laptop sonar."
During the weekend, Slashdot ran a discussion named VoIP Data and Google Maps Mashup Shows Live Calls.
"OnSIP, a provider of hosted Voice over IP business communications, announced today the latest addition to their website: a visualization of live calls made using the OnSIP service, made possible by an integration of real time OnSIP data and Google Maps API. Each time an OnSIP customer makes or receives a call, a pin is dropped on the live call map, openly displaying call volume peak and trend information." This is all from one company's VoIP network, though — would be interesting to see an overlay of heatmaps from various providers."