this post was submitted on 23 Oct 2024
944 points (98.6% liked)

Technology

59495 readers
3081 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Privacy advocates got access to Locate X, a phone tracking tool which multiple U.S. agencies have bought access to, and showed me and other journalists exactly what it was capable of. Tracking a phone from one state to another to an abortion clinic. Multiple places of worship. A school. Following a likely juror to a residence. And all of this tracking is possible without a warrant, and instead just a few clicks of a mouse.

you are viewing a single comment's thread
view the rest of the comments
[–] fubarx@lemmy.ml 13 points 4 weeks ago (3 children)

Apple and Google can fix the problem. Apps are required to ask for permission to access location information. Most of the time, it's for tracking and analytics, not anything related to the app's functionality. That's the data that is leaking to these data brokers.

In those cases, if asked, user can say no, but apps keep haranguing you until you capitulate.

Instead, the OS could add a button that says: "Yes, but randomize." After that, location data is returned as normal, but from totally random locations nearby. They could even spoof the data clustering algorithms and just pick some rando location and keep showing returns to them, or just trade the data from one random phone for another every N days.

You do this enough and the data will become polluted enough to become useless.

[–] CileTheSane@lemmy.ca 9 points 4 weeks ago

Apple and Google want to sell that data, they're not going to help you obscure it.

[–] henfredemars@infosec.pub 8 points 4 weeks ago (1 children)

I don’t think this would be technically useful to prevent exploitation of location data. The handset always has to identify to a tower using the SIM card, which is going to identify the phone and its user. Your cellular service provider can still sell this information to data brokers.

With that said, I would love the option to lie about my location to apps that have no business knowing it.

[–] pirat@lemmy.world 1 points 4 weeks ago* (last edited 4 weeks ago) (1 children)

You have the option to spoof/fake/mock it manually with an app. This one, it seems, even has some available add-ons for mocking UnifiedNlp data and more...)

Mock my GPS (mock the GPS and Network location providers) https://f-droid.org/packages/com.github.warren_bank.mock_location/

Mock my GPS UnifiedNlp Backend (mock the GPS and Network location providers) https://f-droid.org/packages/com.github.warren_bank.mock_location.service.microg_nlp_backend/

Mock Silently (mock the GPS and Network location providers) https://f-droid.org/packages/com.github.warren_bank.mock_location.silently/

Possibly you'll have to enable dev options and set the location spoofing app in there. At least, I remember seeing the option in there, but that was years ago.

[–] henfredemars@infosec.pub 2 points 4 weeks ago

This changes location reported to applications by the OS. It doesn't change that your signal is coming from a direction and distance as known by the tower tracking the phone. MIMO and other beamforming techniques use this data to boost signal, but it is also collected for monitoring.

[–] sunzu2@thebrainbin.org 4 points 4 weeks ago (1 children)

Tower dats i guess is harder to get as it requires a warrant?

[–] homesweethomeMrL@lemmy.world 3 points 4 weeks ago (2 children)

Unless you become a phone company or use a StingRay

[–] henfredemars@infosec.pub 4 points 4 weeks ago

Or you just have some money to buy the data from a data broker that phone company sell your data to already.

[–] sunzu2@thebrainbin.org 1 points 4 weeks ago (1 children)

Well i meant why wouldn't telco sell or provide it to the feds?

[–] homesweethomeMrL@lemmy.world 1 points 4 weeks ago (1 children)

If they get a warrant, sure. Sell it I dunno. There's more legal cases about cell tower data simply because it's some form of technology courts have at least made an effort to understand at some point.

[–] sunzu2@thebrainbin.org 2 points 4 weeks ago

Well we know telco sells your traffic data as ISP as "anonymized" i dont see how they are not doing this with tower data but i am not familair with case law on the issue.

So maybe there is some legal bar to that...

Amazing how warrant got turned into a joke in modern age tho all within last 30 years.