this post was submitted on 23 Oct 2024
684 points (98.2% liked)

Technology

58833 readers
6323 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
684
Inside the U.S. Government-Bought Tool That Can Track Phones at Abortion Clinics (www.404media.co)
submitted 15 hours ago by otter@lemmy.ca to c/technology@lemmy.world
163 comments fedilink hide all child comments
 

Privacy advocates got access to Locate X, a phone tracking tool which multiple U.S. agencies have bought access to, and showed me and other journalists exactly what it was capable of. Tracking a phone from one state to another to an abortion clinic. Multiple places of worship. A school. Following a likely juror to a residence. And all of this tracking is possible without a warrant, and instead just a few clicks of a mouse.

you are viewing a single comment's thread
view the rest of the comments
[–] fubarx@lemmy.ml 13 points 14 hours ago (3 children)

Apple and Google can fix the problem. Apps are required to ask for permission to access location information. Most of the time, it's for tracking and analytics, not anything related to the app's functionality. That's the data that is leaking to these data brokers.

In those cases, if asked, user can say no, but apps keep haranguing you until you capitulate.

Instead, the OS could add a button that says: "Yes, but randomize." After that, location data is returned as normal, but from totally random locations nearby. They could even spoof the data clustering algorithms and just pick some rando location and keep showing returns to them, or just trade the data from one random phone for another every N days.

You do this enough and the data will become polluted enough to become useless.

[–] CileTheSane@lemmy.ca 9 points 9 hours ago

Apple and Google want to sell that data, they're not going to help you obscure it.

[–] henfredemars@infosec.pub 8 points 12 hours ago (1 children)

I don’t think this would be technically useful to prevent exploitation of location data. The handset always has to identify to a tower using the SIM card, which is going to identify the phone and its user. Your cellular service provider can still sell this information to data brokers.

With that said, I would love the option to lie about my location to apps that have no business knowing it.

[–] pirat@lemmy.world 1 points 2 hours ago* (last edited 2 hours ago) (1 children)

You have the option to spoof/fake/mock it manually with an app. This one, it seems, even has some available add-ons for mocking UnifiedNlp data and more...)

Mock my GPS (mock the GPS and Network location providers) https://f-droid.org/packages/com.github.warren_bank.mock_location/

Mock my GPS UnifiedNlp Backend (mock the GPS and Network location providers) https://f-droid.org/packages/com.github.warren_bank.mock_location.service.microg_nlp_backend/

Mock Silently (mock the GPS and Network location providers) https://f-droid.org/packages/com.github.warren_bank.mock_location.silently/

Possibly you'll have to enable dev options and set the location spoofing app in there. At least, I remember seeing the option in there, but that was years ago.

[–] henfredemars@infosec.pub 2 points 1 hour ago

This changes location reported to applications by the OS. It doesn't change that your signal is coming from a direction and distance as known by the tower tracking the phone. MIMO and other beamforming techniques use this data to boost signal, but it is also collected for monitoring.

[–] sunzu2@thebrainbin.org 4 points 13 hours ago (1 children)

Tower dats i guess is harder to get as it requires a warrant?

[–] homesweethomeMrL@lemmy.world 3 points 13 hours ago (2 children)

Unless you become a phone company or use a StingRay

[–] henfredemars@infosec.pub 4 points 12 hours ago

Or you just have some money to buy the data from a data broker that phone company sell your data to already.

[–] sunzu2@thebrainbin.org 2 points 13 hours ago (1 children)

Well i meant why wouldn't telco sell or provide it to the feds?

[–] homesweethomeMrL@lemmy.world 1 points 12 hours ago (1 children)

If they get a warrant, sure. Sell it I dunno. There's more legal cases about cell tower data simply because it's some form of technology courts have at least made an effort to understand at some point.

[–] sunzu2@thebrainbin.org 3 points 11 hours ago

Well we know telco sells your traffic data as ISP as "anonymized" i dont see how they are not doing this with tower data but i am not familair with case law on the issue.

So maybe there is some legal bar to that...

Amazing how warrant got turned into a joke in modern age tho all within last 30 years.