Skip to main content

Researchers track mobile phone locations with cheap hardware and open-source software


While cop shows have shown us that it's easy for service providers to track a person's location via their mobile phone, researchers at the University of Minnesota have revealed it's also an easy task for hackers. Using a cheap phone and open source software, the researchers were able to track the location of mobile phone users without their knowledge on the GSM network, which is estimated to serve 80 percent of the global mobile market.
According to the new research by computer scientists in the University of Minnesota's College of Science and Engineering, a third party could easily track the location of a mobile phone user without their knowledge because cellular mobile phone networks "leak" the locations of mobile phone users.
"Cell phone towers have to track cell phone subscribers to provide service efficiently," Foo Kune explained. "For example, an incoming voice call requires the network to locate that device so it can allocate the appropriate resources to handle the call. Your cell phone network has to at least loosely track your phone within large regions in order to make it easy to find it."
To do this, mobile phone towers will broadcast a page to a user's phone and wait for the phone to respond when they get a call. Hackers would be able to ascertain the general location of the user by forcing those pages to go out and hanging up before the phone rings.
Although the GSM standard assigns a phone a temporary ID to disguise its identity, it is possible to map the phone number to its temporary ID. Just by looking at the broadcast messages sent by the network, the researchers say it is possible to locate the device within an area of 100 square km (38 square miles). But by testing for a user on a single tower allows a user to be tracked to within a geographic area of 1 square km (0.38 square miles) or less.
"It has a low entry barrier," Foo Kune said. "Being attainable through open source projects running on commodity software."
In a field test using an inexpensive mobile phone and open source software and with no direct help from the service provider, the researchers were able to track the location of a test subject within a 10-block area as they traveled across an area of Minneapolis at walking pace.
In their Paper, which was presented at the 19th Annual Network & Distributed System Security Symposium in San Diego, California, the researchers highlight some possible personal safety issues arising from their discovery.
"For example, agents from an oppressive regime may no longer require cooperation from reluctant service providers to determine if dissidents are at a protest location. A second example could be the location test of a prominent figure by a group of insurgents with the intent to cause physical harm for political gain. Yet another example could be thieves testing if a user's cell phone is absent from a specific area and therefore deduce the risk level associated with a physical break-in of the victim's residence."
But it's not all bad news. Foo Kune and his group have identified low-cost techniques to plug the leaks that could be implemented without changing the hardware. They have contacted AT&T and Nokia to inform them of these techniques and are also in the process of drafting responsible disclosure statements for mobile service operators.

Comments

Post a Comment

Popular posts from this blog

Google to build green-roof California HQ

An image has been released of what looks set to become Google's new California HQ. Named Bay View, the nine-building campus is designed to maximize the likelihood of innovation-friendly chance encounters between the workforce. "You can't schedule innovation," Google's David Radcliffe tells  Vanity Fair . "We want to create opportunities for people to have ideas and be able to turn to others right there and say, 'What do you think of this?'" This philosophy has fostered the design's angular office blocks, arranged back to back like nodding clergy. Despite the 1.1 million sq ft (102,000 sq m), employees will be a maximum of a 2.5-minute walk away from one another, Vanity Fair  reports. Perhaps most remarkable is that this is Google's first build. In its 15-year history, Google has only ever occupied buildings previously used by others. "We've been the world's best hermit crabs: we've found other people's shell
1 comment
Read more

Connectify Dispatch combines multiple internet connections into high speed bandwidth

Connectify, a company known for software that can turn your computer into a wireless hotspot, is at work on a new project called Dispatch that will turn all internet connections available to your device into one glorious (and hopefully faster and more stable) stream of high-speed bandwidth. The project appears to take some of its cues from live video broadcasting companies like  LiveU , which sells custom made backpacks wired up with 3G/4G and Wi-Fi transceivers. These backpacks then spread the traffic load over whatever available networks it can connect to in order to maximize bandwidth, which is obviously a major plus if you're streaming live video. Dispatch, however, is planned as a software-only solution for the masses – no special backpack required. It will dynamically manage the traffic based on which networks provide the greatest bandwidth and have the clearest signal, which also means that even if one of the networks drops out entirely, you'll still have interne
Post a Comment
Read more

Holovision aims at life-size 3D projections

Close on the heels of the 21st century complaint of “Where’s my jetpack?” is “Where’s my holographic projector?”. Nothing spells “future” like having a conversation with someone whose life-size image is beamed into the room. Provision  of Chatsworth, California wants to bring that one step closer to reality, with its Holovision life-size holographic projector. The company is currently running a Kickstarter campaign aimed at raising US$950,000 to fund the development of new technology for the projector, with hopes of unveiling it next year. The Holovision projector uses what is called aerial or volumetric imaging, which is a way of producing 3D images without special glasses, lenses or slits. It uses a digital LCD screen and a concave mirror to produce the illusion of a 3D image floating outside the projector. In the smaller versions currently made by Provision, this is about 30 cm (12 in) from the display surface, but in the life-size Holovision, this will be further. According
Post a Comment
Read more