Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: How To Stay Ahead of Phone Tracking ?

Posted by samzenpus on from the watching-the-watchers dept.

An anonymous reader writes "In the last few years there has been a significant upsurge in subverting the cellular network for law enforcement purposes. Besides old school tapping, phones are have become the ideal informant: they can report a fairly accurate location and can be remotely turned into covert listening devices. This is often done without a warrant. How can I default the RF transmitter to off, be notified when the network is paging my IMSI and manually re-enable it (or not) if I opt to acknowledge the incoming call or SMS? How do I prevent GPS data from ever being gathered or sent ?"

12 of 259 comments (clear)

  1. Don't carry one by siddesu · · Score: 5, Informative

    As you know, they can track you even when the device is off, unless you've taken the battery out.

    1. Re:Don't carry one by vux984 · · Score: 4, Insightful

      As you know, they can track you even when the device is off, unless you've taken the battery out.

      I don't dispute it's possible that the phone while 'off' is simply in standby and pops on now and again to ping the network.

      But.. if so, why does my Galaxy S3 take 10+ seconds to 'boot up' after it's been turned off, and then another 5-10 seconds before it has service?

      There might be some phone out there that is 'always on'... but is there actually one? More than one? Is it actually common?

      This seems more 'urban ledgend' / paranoia then real -- the sort of paranoia where you think the NSA has installed a rootkit to simulate your phone shutdown sequence when you turn it off while it remains transmitting. Possible, theoretically? Sure.

      But then what makes you think taking the battery out will work? The NSA inserted a secondary battery with enough juice to keep tracking you for days even when the battery is out. Better put the phone into your pocket faraday cage...

      And take a shower and change your clothes to rinse off the micro RFID they hid in the dirt on your shoe and are tracking with a satellite equipped with some sort of super pringles antenna...

      I think my Galaxy S3 is off when I turn it off. I'm prepared to be educated that it really isn't, but I need more than some handwaving or links to rumors on some guys dubious blog.

    2. Re:Don't carry one by FrkyD · · Score: 5, Interesting

      Well, we have known for quite some time that is is not just possible to use your dumb phone as a roving bug while it is turned off, but that it has actually been done.

      http://news.cnet.com/2100-1029-6140191.html

      So even though you sound a bit (albeit justifiably) paranoid, you might not be paranoid enough.

    3. Re:Don't carry one by hAckz0r · · Score: 5, Interesting

      I think my Galaxy S3 is off when I turn it off.

      That switch that you use to turn your phone off is nothing but a sensor switch. Its not a physical on/off switch disconnecting the battery from the phone circuits. When you press it, the OS on the phone is programmed to start shutting down certain circuits within the phone. It keeps other circuits powered up so that it can sense that same switch to bring the phone back up to its normal powered state.

      That being said, someone can reprogram the phone to 'look like' its powered off. It can still be recording audio/video to the local memory, or whatever it wants to, and even use the transmitter periodically without being noticed by the owner.

      The phone can be reprogrammed fairly easily by someone who gains control of the device. How easy is that? I've seen a demonstration by an expert that took all but 15 seconds to have root on a popular phone. All that was needed was an IP address of the data connection for the handset. In an instant they had the equivalent of ftp and could have done anything on that phone, including staging a boot loader/update waiting for the next time you cycled the phone's OS.

      For someone who has the power of the courts behind them, they can easily have the phone company push an update out to the phone to do the same thing. Nobody needs to hack your phone, and they can then completely control the outward appearance of the devise without you knowing anything about it.

      Other than having an RF monitor next to the phone you likely won't be able to detect it. A small RF monitor can be purchased and hacked to add a audible warning if the phone becomes active, if you are the tin foil hat type. Otherwise, if the phone is active and uses the network the battery will get slightly warm, even when turned off, so you might be able to tell that way. A cheap way to tell is a liquid crystal temperature strip adhered to the outside case where the battery compartment is. This is also a help if your phone has a battery drainage problem with certain apps, because it will tell you when the battery is being drained, and how quickly, for whatever reason.

    4. Re:Don't carry one by Electricity+Likes+Me · · Score: 4, Informative

      If you really want to track someone, it's usually way easier to steal and modify their phone, or modify a replica phone and download their phone to that one.

      There are a lot of high-tech surveillance techniques, but they're just really kind of hard to do compared to the simple stuff.

  2. Transmitter off won't work. by rew · · Score: 5, Informative

    If you want to receive calls or SMSes, you need to leave the phone on and transmitting:

    When a call for your number comes in, the incoming call is NOT transmitted nationally. Only in the GSM-cell that you are actually in is the signal transmitted. So, the system has to know in which cell you are to be able to "call" your phone. If you properly turn it off, the phone will tell the GSM network it is going off. So when a call comes in, it will go to voicemail immediately. If you yank the battery, the system will assume you are still in that cell where you last had the phone on, but it will probably time you out if it doesn't hear from your phone for a while. (which happens naturally if for example you drive out of range).

    1. Re:Transmitter off won't work. by KiwiSurfer · · Score: 5, Informative

      When a call for your number comes in, the incoming call is NOT transmitted nationally. Only in the GSM-cell that you are actually in is the signal transmitted. So, the system has to know in which cell you are to be able to "call" your phone.

      Not quite, a GSM switch will keep track of which Location Area (LA) a mobile device is in. A LA can contain a few or upwards to several hundred cells. Using Vodafone's GSM network in New Zealand as a point of reference, their largest LA covers all of Auckland's (our biggest city with 1.5m population) CBD with around 150-200 sites while in rural areas a LA generally only has around 50 sites.

      When a phone is being called, all the cells in the LA will send out a broadcast request to all mobile devices in the LA and the mobile device will respond by contacting the nearest cell. This is quite useful as it reduces the need for the mobile device to check in frequently — the mobile device only needs to check in with the network when it moves into a new LA.

      I'm not too familiar with how UMTS or LTE works but I presume the same principles applies but I may stand corrected.

  3. Airplane mode and OsmocomBB by asnelt · · Score: 5, Informative

    I would say a good start is to just use the airplane mode of your phone. That should disable your RF transmitter. But of course you wont be notified when the network is paging your IMSI. The save option is to use a phone with OsmocomBB, a free software implementation of the GSM stack: http://bb.osmocom.org/trac/ It has limited functionality (no GPRS working at the moment) but at least you know exactly would your phone is doing. With that, you can even run CatcherCatcher, which is able to detect IMSI catchers: http://opensource.srlabs.de/projects/catcher The supported phones are a bit outdated, mostly old Motorola phones. But there is one supported smartphone: the Openmoko Freerunner. It is pretty usable these days and is fully supported by Debian. I love it, but you will need to tinker - a lot.

    1. Re:Airplane mode and OsmocomBB by asnelt · · Score: 5, Informative

      What I forgot to mention: using OsmocomBB it should even be possible to fake your location. It is explained in this presentation at 05:20: http://www.youtube.com/watch?v=M0NjS6aUXYw

  4. Re:Only one way by thephydes · · Score: 5, Funny

    Thanks Apple, please tell your users how to remove the batteries!

  5. Re:SOLUTION: DON'T BE A CRIMINAL !! by AvderTheTerrible · · Score: 4, Insightful

    The issue is that the government does not wait until they think you *are* a criminal to do this stuff, they start doing it when they think you *might* be a criminal, or worse yet, when someone *wants* you to be a criminal. It's not the stuff that would actually manage to fetch a warrant that a lot of people are worried about, it's the fishing expeditions that lazy crime fighting agencies and power abusing bureaucrats engage in if they don't like some of your associations. Just look to what happened during the McCarthy era to see what can happen when persons in power don't like the idea of you exercising your right to free association with people they don't like, regardless of if any rules are being broken.

  6. I have it. by BrokenHalo · · Score: 5, Funny

    I am in a position to offer a perfect solution. Just move to rural Australia and move your phone contract to Telstra. They are so fucking incompetent, nobody will ever succeed in tracking you.

    The only downside is that you won't be able to make phone calls either. :-/