Mobile carriers can get your GPS location

5G isn’t inherently any more precise, but because of the higher frequency used in 5G, the radio signals are blocked by obstructions much more easily, so there must be many more 5G radios per unit area to provide coverage. And one feature of having many more base stations around is that triangulation of specific phone is much more accurate and precise because of how close the 5G base stations are to all 5G phones.

5G infrastructure isn’t limited to tall easily visible radio towers like 4G and before; 5G transmitters are small and relatively inexpensive, making them very common. My employer has a private 5G infrastructure, and we are not related to telecommunications in any way.

I'd be very interested in more info, but am going to doubt this for now. Usually just the intra-day deformations of the terrain between the towers through hydrological activity should far exceed what GNSS can achieve.

It is just VERY VERY hard to beat the predictability of orbits.

Why is it so hard to believe that the police can use our devices to backtrack us, as both carriers and police officers have said numerous times?

But the pinging of the phone would not share ip address

I have a hybrid approach with GrapheneOS. 99% of the time I only use WiFi on my phone via a Tor router. I have an anonymous KeepGo ESIM with global data that does not expire and use it when I have to when Im away from home.

Cancel phone subscription and have family. I don’t understand how you still have family? You don’t have any emergencies?

How do you work on the go? I use personal hotspot quite often. Not only when on the go, but if there is unstable WiFi. It’s saved me on multiple occasions - both for live-site incidents and for random meetings.

Pardon my skepticism but I find it hard to believe you can actually participate in western society without choosing to have a government mandated tracking device?

Maybe you live somewhere this is possible but it's definitely not in the developed world

I’m guessing you have a bunch of other people with their own cell phones doing things?

That’s the reason most other people are (fundamentally) going to struggle.

You could also turn your cell off/on as needed. Sure you can be "seen" when it's on, but when off, it's my understanding you can't.

You can also just use google family link, make someone else your parent, and lock down the phone. I have a "dumb phone" that is just a refurbished Samsung s22 I bought. Only supports phone calls, messaging, and some credit cards basically.

Do you hit issues around things like 2fa, online banking?

> They aren't doing this for anyone's safety.

Strictly speaking, this is not completely true. When you call an emergency number, it’s very good that they can see exactly where you are. That was how this was sold 15+ years ago. But of course, that’s basically the only use case when this should be available.

> Our devices should generate _noise_. Huge crazy amounts of noise. Extraneous data to a level that pollutes the system beyond any utility. They accept all this data without filtering. They should suffer for that choice.

I like the idea on principle, but I'll like it far less when I'm getting charged with computer fraud or some other over-reaching bullshit law.

You people are so cynical.

Its simply made for 911 calls.

In the 2G era there was no compute space to just put in extra evil shit for fun

https://en.wikipedia.org/wiki/Radio_resource_location_servic...

Committing a crime and also abusing your authority to aid in the crime should be greater than the penalty for just committing that crime.

Qualified immunity is the only legal doctrine I can think of where piling on extra crimes reduces your liability.

In the United States, qualified immunity is a legal principle of federal law that grants government officials performing discretionary (optional) functions immunity from lawsuits for damages unless the plaintiff shows that the official violated "clearly established statutory or constitutional rights of which a reasonable person would have known".

Under 42 USC § 1983, a plaintiff can sue for damages when state officials violate their constitutional rights or other federal rights.

https://en.wikipedia.org/wiki/Qualified_immunity

Qualified Immunity only sets the bar or threshold that you have to meet in order to sue.

This reflects an anarchist viewpoint or a trial lawyer's dream. Good luck having a government where everyone participating can be sued individually.

Get rid of qualified immunity and enjoy no more fruit of the poisonous tree. I assume you are not familiar with the laws of evidence by your emotional position. One of the biggest problems the country faces is citizen literacy in all domains. If you improve citizen literacy across all domains you will solve all problems, until they take away our ability to vote. The "system" exploits those who cannot defend themselves.

Idealist views like this get us nowhere either tho.

The reality is somewhat more murky. On a long enough time horizon your point makes sense, we might be able to get rid of the security state by slowly chipping away at ig over hundreds or thousands of years.

Most of us are going to be dead in about 40 years tho. Security state isn't going anywhere in that timeframe.

Does it apply to the government like it applies to people? Is it enforced against governments like it is enforced against people and corporations? A core issue here is that laws, and the application and enforcement of laws, generally do not. Having said that I applaud the attempt and encourage pushing forward on the anti-surveillance aspects of GDPR while recognizing all laws are flawed.

This right is applied per entity.

If I send it to the company A, company B doesn't execute it unless they're a subsidiary of A (or A is their data controller) and my request was carefully crafted.

In the scenario you painted, that would mean that my _former_ friend has issued their request to me.

In that case? Fair. Poof if that's their wish.

Otherwise? How do you imagine it work?

Why? My memory is not a marketing database at Facebook, and I don't see any obligation to pretend it is.

Exactly, the channel information is all that’s required but you can quite easily get the location information from that, which makes it easier to add additional features from a system point of view.

If I recall correctly, the tower will report channel information to the higher up controller system which will then decide which next tower should be notified of a phone that’s entering its range.

So while explicit positioning isn’t required when dealing with one tower, the system overall does need to determine a users position and velocity to handle tower to tower transfers.

In other words my opinion is that the difference between a towers channel information and a users position is almost one and the same. It’s a handful of math equations away.

Yeah, whether or not precise location info is required, even coarse 24/7 location tracking is a huge privacy issue. Privacy was simply never a part of the core design of our phone system in the first place. That needs to change. Device anonymization would be a great first step.

I only recently discovered Reticulum, only to then learn that the developer has retired from working on it. Do you know if there's still any community members carrying the torch?

I just read gnutella page on Wikipedia, no mention of bad actors

Height is might.

I couldn't get ANYTHING on my first/test ESP32 (Heltec v2).

Anything. I didn't see any packets. Then I finally heard one station later when I held it high on the upper floor.

The I hanged it at the top of my roof and I currently have almost 130 repeaters and room servers.

In your scenario a couple of 5W handhelds woukd work better.

But I agree the usabity is very limited. This is why I think of hanging a couple of guerilla solar repeaters in my neighborhood :)

I've been using the T-Deck Pro and T-Lora Pager, so the device is the app.

I agree, there's way too much going on in the firmware, just make a dumb Lora-bluetooth bridge. Hell, just integrate a Lora radio in a phone.

All telemetry is off by default, you have to explicitly tune it on and then optionally permit specific contacts to poll it.

The PKI is basic because these networks are tiny and merging. And running on tiny computers ($5 boards with no display)

Public channel is public and it uses the default encryption key because it's a default channel, so by definition everyone is invited to participate. Not sure what your critique is.

And no, it's not trying to be signal. It's also currently less reliable.

But it's still safer than Sms, by a country mile.

You aren’t reading this right. Gps sharing is off by default on meshcore.

The US one is called E911: https://en.wikipedia.org/wiki/Enhanced_911

>The 911 feature can be activated fully remotely

Source? Even if the phone isn't actively doing a 911 call?

Wait wait, so if I know the "secret" SMS format I can text someone's phone and get their coordinates back?

I believe they're talking about this feature (https://support.google.com/android/answer/9319337?sjid=18079...).

This is a system you can disable as a user, but it's not the on-modem feature discussed in the article.

Note sure: In my country exactly this feature is used by police & state enforcement to find locatin, because this "ping" message is not forwarded from the modem to the OS, so the OS is not aware of any of these messages

yeah, there always was. It's a service code, like getting your imei. But it was a weird long one, and manufacturer dependent. Now UI switches are created for it apparantly. Can't find it anywhere on the internet though. I don't work there anymore, so can't look it up.

The hacker news guidelines forbid you from suggesting someone has not read the article. Please do not participate in this forum with such conduct.

Did you read the complete comment?

> Next is a text to your phone number, which is intercepted by firmware and sends gps coords back.

AFAIK, other than maybe some 5G, Boost Mobile just resells service from AT&T.

It isn’t restricted to Boost Mobile. It is only available on devices with the C1 or C1X modem, though. I assume this is because of specifics with the third party modems that most models in the wild have vs what Apple is doing in-house with their C1(X). If you call emergency services it will still provide precise location.

The feature says it doesn't restrict the ability of 911 to locate you...

911 is the only actual emergency number with regulations around it in the US. police and fire have _non_ emergency numbers that differ, my local hospitals will tell you to call 911; and gas, water, power, and other immediate risks to life safety are all 911 anyway (at least as the first call).

Sometimes it seems dumb, but as long as its an honest report I've never heard of anything more than an annoyed patrol officer. Felt stupid calling in an interstate sized sign hanging by a literal bolt-thread but the patrol shut down that lane.

It's perfectly reasonable to have the expectation that the cell phone network can provide location to emergency services but not the the telecom provider's marketing team or whoever they sell the data to.

In fact the apple feature the article talks about says [1]

> The limit precise location setting doesn't impact the precision of the location data that is shared with emergency responders during an emergency call.

So it actually now implements what it should have been all along. (except that it should be the default)

[1] https://support.apple.com/en-us/126101

> We really have a societal problem in that we allow private entities to do things we don’t allow government to do.

Thats basically the foundational idealogy of the united states. Thats not the issue.

The real issue is your next sentence. The government can just loophole around their intentional limitations by paying private companies to work on their behalf.

> allow private entities to do things we don’t allow government to do. Furthermore, the issue is exacerbated by then allowing governments to bypass these issues by then just paying private entities to do the things it can’t do as a proxy for the same functional outcomes. <

Somehow this reminds me about Blackwater / Xe Technologies? :-/

(Im betting 100 USD that soon we will find out that ICE also deployed "private financed forces" to "support state actions"?)

>We really have a societal problem in that we allow private entities to do things we don’t allow government to do.

It really isn't, given that the government literally has a monopoly on violence, and therefore it makes sense to have more guardrails for it. That's not to say private entities should have free reign to do whatever it wants, but the argument of "private entities can do [thing] that governments can't, so we should ban private entities too!" is at best incomplete.

>Furthermore, the issue is exacerbated by then allowing governments to bypass these issues by then just paying private entities to do the things it can’t do as a proxy for the same functional outcomes.

Again, this is at best an incomplete argument. The government can't extract a confession out of you (5th amendment). It can however, interview your drinking buddies that you blabbed your latest criminal escapades to. Is that the government "bypassing" the 5th amendment? Arguably. Is that something bad and we should ban? Hardly.

This is why I advocate for making selling location/identifying data illegal. If nobody is allowed to sell it then the government cannot legally buy it.

I agree completely with your first paragraph, but I'm not sure what privatization has to do with it. Also, I agree that more regulation of private parties is needed. Or even better, break up the private companies that are like multi-state governments in terms of power.

Why not vote for some law limiting the government’s buying of this data? After all, I expect a say in how the government is run, so that seems like the appropriate path. I don’t see why I should expect a say in how AT&T is run. AT&T can’t raise an army, or enter my house, or shoot me.

I've been repeating this ("a law") since the Snowden leaks days. I was so sure. But I tried to look up my reference for it (it was Wired) and I'm just not finding it and indeed I'm finding government memos (https://web.archive.org/web/20160112232215if_/http://www.wir...) that show it isn't true.

I'm sorry. It is not a law. I am wrong. Thank you for the correction and preventing me from continuing to repeat this embarrassing falsehood.

That said, they do still collect and use this data and turning off GPS doesn't do anything.

"Mobile phone (cell phone) microphones can be activated remotely, without any need for physical access"

https://en.wikipedia.org/wiki/Covert_listening_device#Remote...

And the linked sources are:

- Kröger, Jacob Leon; Raschke, Philip (2019). "Is My Phone Listening in? On the Feasibility and Detectability of Mobile Eavesdropping". Data and Applications Security and Privacy XXXIII. Lecture Notes in Computer Science. Vol. 11559. pp. 102–120. doi:10.1007/978-3-030-22479-0_6. ISBN 978-3-030-22478-3. ISSN 0302-9743.

- Schneier, Bruce (5 December 2006). "Remotely Eavesdropping on Cell Phone Microphones". Schneier On Security. Archived from the original on 12 January 2014. Retrieved 13 December 2009.

- McCullagh, Declan; Anne Broache (1 December 2006). "FBI taps cell phone mic as eavesdropping tool". CNet News. Archived from the original on 10 November 2013. Retrieved 14 March 2009.

- Odell, Mark (1 August 2005). "Use of mobile helped police keep tabs on suspect". Financial Times. Retrieved 14 March 2009.

- "Telephones". Western Regional Security Office (NOAA official site). 2001. Archived from the original on 6 November 2013. Retrieved 22 March 2009.

- "Can You Hear Me Now?". ABC News: The Blotter. Archived from the original on 25 August 2011. Retrieved 13 December 2009.

- Lewis Page (26 June 2007). "Cell hack geek stalks pretty blonde shocker". The Register. Archived from the original on 3 November 2013. Retrieved 1 May 2010.

How that works is simple: there are regulations that force that the microphone used for calling is directly connected to the "baseband", which is under control of the carrier. It has to be, because of AT&T's argument: ONE misbehaving baseband can make cell phones inoperable in an area that's up to a kilometer in diameter. So AT&T's cell towers "need" to be able to send out a signal that permanently disables a phone's transmitter.

Regulations say the baseband MUST control: all wireless signals (including wifi and GPS), all microphones and speakers, and it must be able to disable the camera electrically. It must have a tamper-resistant identifier (IMEI number ... kind of).

Oh, it must allow calling the emergency services. If in this mode, during a call to the emergency services it MUST be able to send the exact GPS position (not just once, continuously) to the emergency services at the request of the emergency services (ie. NOT the user, and carriers must facilitate this)

By the way, it's worse: as you might guess from the purpose, it doesn't matter if your phone is on the "spying" carrier or not, other carriers can send commands to other carriers' phones' basebands (because "get off this frequency" is required: spectrum is shared, even within countries. Since phones may go from one tower to another and be required to vacate frequencies, you need this command). It doesn't even matter if you have a SIM in your phone or not (ever tought that if eSIM works, it must of course be possible for any provider to contact and send instructions to the phone, so it opens up an end-to-end encrypted connection to the javacard that the actual phone cpu cannot intercept). In some phones it doesn't even matter if the phone is on or not (though of course eventually it dies). So "meshtastic" or anything else cannot make a phone safe.

And in practice it's even worse. A lot of phone manufacturers "save on memory" and use the same memory chips for the baseband processor and the central cpu. Which means that it's a little bit cheaper ... and the baseband has access to all the phone memory and all peripherals connected through the memory bus (which is all of them in any recent phone). It may even be the case that these chips are integrated in the cpu (which I believe is the case for recent Apple chips). Oh and the regulations say: if there's a conflict over control over (most) peripherals, including the microphone and speaker, the baseband processor MUST be guaranteed to win that fight.

Oh and because governments demand this, but of course neither fund nor test these devices, they are old, bug-ridden and very insecure. This also means that despite the government requiring that these features be built into phones, governments, carriers and police forces generally do not have the equipment required to actually use these features (though I'm sure the CIA has implement them all). Not even carriers' cell phone towers: they have to pay extra to allow even just frequency sharing ...

Here is an article about baseband and baseband processors.

https://www.extremetech.com/computing/170874-the-secret-seco...

I wouldn’t be so confident. The article even references this. Apple has used third-party baseband devices in the iPhone since the beginning, which was from other manufacturers. All bets are off regarding security when this is the case. This does included microphone access.

The article touches on this by saying Apple is making the baseband/modem hardware now. Something they should have done since day one, and I’m not sure what took them so long. However, it was was clear they didn’t have the expertise in this area and it was easier to just uses someone else’s.

I empathize with the sentiment, but in reality Apple is as lazy as anyone else: https://www.technologyreview.com/2019/07/29/134008/apple-con...

Eh, no? How does your provider know all your bank accounts? If at all, then the one you are using for billing - but the 2FA apps do not expose such data to the provider? The Apps communicate via HTTPS calls in the background?

GrapheneOS only supports devices with isolated radios including but not limited to cellular. It's one of the hardware requirements:

https://grapheneos.org/faq#future-devices

The radios on the supported devices can't access the microphone, GNSS, etc.

GrapheneOS has never supported a device without an isolated cellular radio since that isolation was in place even with the initial Nexus 5 and Galaxy S4. However, some of the devices prior to Pixels did have Broadcom Wi-Fi/Bluetooth without proper isolation similar to laptops/desktops. Nexus 5X was the initial device with proper isolation for Wi-Fi/Bluetooth due to having SoC provided Wi-Fi from Qualcomm. Pixels have avoided this issue for integrating Broadcom Wi-Fi/Bluetooth. Nexus devices left this up to companies like LG, Huawei, etc. and anything not done for them by Qualcomm tended to have security neglected. Qualcomm has taken security a lot more seriously than other SoC vendors and typical Android OEMs for a long time and provides good isolation for most of the SoC components.

Don't believe everything you read about smartphone security and especially cellular radios. There are many products with far less secure cellular radios which are far less isolated but rather connected via extremely high attack surface approaches including USB which are claiming those are better. A lot of the misconceptions about cellular come from how companies market supposedly more secure products which are in reality far worse than an iPhone.

I think this feature is required for emergency calls if your specific carrier is not available/in reach - in emergency mode after the phone is restarted, it does connect to any carrier when calling 911, not only yours?

What is it’s a mentally ill person who is about to kill themself?

That’s the majority of uses for the system in the UK. People love to run away and waste police time.

You know about it because your regulatory body requires the system exist.

The cell network routinely does TDoA triangulation in order to help choose which tower should serve the client mobile device. Accuracy is about 20m, and may be better at 5G frequencies. 911 gets the location from the mobile network provider, but the network provider could provide it to anyone, and they do.

Tons of "free" and crapware apps are also recording location, and sending it to data brokers.

https://www.wired.com/story/jeffrey-epstein-island-visitors-...

In the UK, it happens when you call 999 or 112. I don't think 911 is supported, although it probably should be (it'd be a mess to get everyone to agree to add it to their routing tables, but I bet there's a nonzero proportion of people who watch American TV programmes and think the emergency number is 911 - or, for that matter, American tourists).

When you dial 999 it forwards your phone's GPS location if it has a lock to the provider, who then forwards it on to one of the 999 call handling centres in the UK, who then in turn forward that on to the appropriate emergency service control room. All the various services use various different products for telephony and dispatch but they will show the incoming location, and often will prepopulate an incident with the location.

The system that does this is called "EISEC" - Enhanced Information Service for Emergency Calls - and has a lot of cool stuff defined in the spec (which is publically available! You can just go and read it! BT offer a "Supplier's Information Note" with the protocol and details of how the information is encoded) that also handles calls from landlines. These are easy - your telephone provider knows where you live. OMG! The phone company know where I live? Yes, dumbass, they pulled a wire right into your house, of course they know where it is. For VoIP the situation is a little different but you can notify your VoIP provider of the location that the number is being used at, and it'll inject that into the EISEC request.

You can do other cool stuff like if you've got fixed mobile telephone in a vehicle, you can assign the make, model, registration number, colour, and so on in the EISEC database, so given a call from a phone number they know what car they're looking for. No-one uses this.

The very great majority of calls coming in to 999 are from mobiles. It's extremely rare to get one from a landline.

None of the providers use triangulation for determining where a phone is, it's all GPS.

You're thinking of Phase II E911 in the US.

That's true, but you can always be triangulated down a couple hundred meters by figuring out which towers you're connected to.

How would that work?

You're not wrong, but it's annoying even the FCC uses triangulate in their documents for it.