comments are focusing on the protocol's message content which is not the source of the ability to track broadcasters. The ability comes from detecting nuances in the RF signal:
>BLE [snip] imperfections are introduced by the shared I/Q frontend of the chipset (Figure 1). They result in two measurable
metrics in BLE and WiFi transmissions: Carrier Frequency Offset (CFO) and I/Q imperfections, specifically: I/Q offset and I/Q imbalance.
Section IV of the paper, "Challenges", is interesting reading. As expected CFO displays a strong temperature dependence, causing wrong identifications. Further, I/Q characteristics tend to be close for a given chipset, so I/Q imperfections are more or less identifying the chipset. It's easy to detect different models of phone, but harder to detect individual phones. It doesn't strike me as a serious threat (yet).
A fun exercise would be to synthesise the detection of all phones in the area. By monitoring CFO over a period of time for lots of phones distributed over an area, maybe it would be possible to build a temperature profile of the area under surveillance and compensate the CFO measurements for temperature. Whilst crystals do drift with temperature, the frequency of a given crystal is highly repeatable as a function of temperature.
From the CFO the listener could tell what temperature changes the phone is undergoing, but the units would not be calibrated. It you knew the temperature of the phone at a couple of different points then you could derive calibration coefficients to get an absolute temperature. If the CFO temperature dependence turned out to be repeatable between phones then knowing the model of the surveilled phone you might be able to calibrate with only one known temperature, or none if the CFO characteristics are the same for all phones (unlikely).
If your phone is transmitting radio signals it is identifiable and trackable. A smart phones' primary feature and defining feature is transmitting radio signals. I don't think anyone is surprised at these "anonymous" bluetooth functions being deanonymized. But at least bluetooth beacons aren't going to go very far.
Multi-lateration of cell phone radio transmission via precise shared clocks at the base stations gives telcos a ~100m (these days) position that is updated very frequently. In the USA this stored by telcos for 2-5 years and is often sold to both private and government purchasers.
And anyone moderately skilled in SDR with a few thousand dollars can do the same for a small area (much larger than a bluetooth area though).
One of those services even used to have a demo site where you could put in any mobile phone number and it would show where it was. It got quickly shut down when it made the news.
I can't find the article because Google search terms for stuff like "locating any phone by number" are SEOed to death by scammers trying to exploit would-be stalkers
Triangulation of mobile phones was developed by Cambridge Positioning Systems, back in 1993. It's been part of mobile networks for a long time so telcos have had a lot of time to figure out ways to extract money from location data.
It was true for most of my life in the USA. I looked up the information again, now, and it seems in 2018 there was a supreme court decision that made it illegal for cops (but not the NSA, etc) to acquire individual location data without a warrant, https://www.npr.org/2018/06/22/605007387/supreme-court-rules... .
But this doesn't apply to selling to private companies who then sell their services to the government. And it also doesn't apply to the "anonymized" aggregate data of all locations of all cell users. This is still available and sold to both private and direct government purchasers. And with 2-5 years of high cadence 100m data it's very easy to see where someone lives, works, etc and de-anonymize their paths. The commercial sale of this is big business and has been covered innumberable times on HN over the years.
yes, a private company that has bought the information can just chose to share it for a fee with anybody it likes. Why would a judge be involved in that?
The potential for abuse of personal private data like location, movement profile, corelation with other movement profiles, etc, is so ginormous it blows my mind it's legal to keep the data for years, let alone to sell it to private companies.
If that is true then that means there is no data privacy protection in the US?
The GDPR type laws seem to imply that information can't ever really be sold, since consent is always revokable, and can't be required as a condition of using the service.
I have a bit of an issue with that, since one generally expects that they can license any data they own, and it makes things like model releases confusing.
And the laws seem to define new private spaces that formerly didn't have expectation of privacy for most people.
But perhaps it's necessary anyway to prevent even bigger issues.
I can definitely see the problem with a cell company being able to sell data to someone's abusive stalker, even though in general I don't like censorship of observation, for the same reason I don't like ag-gag.
Well that's the idea that data that pertains to you, personally as individual human being, is and remind yours, to protect you from any intrusion.
Cambridge Analytica Style desinformation targeting is just one option. Personal location and contact info can easily be used for criminal or political abuse.
> “As far as we know, the only thing that definitely stops Bluetooth beacons is turning off your phone,” Bhaskar said.
At least for recent Apple devices, that's not true anymore (intentionally, as it is used to support "Find my iPhone" even with a dead battery or on a phone that's been switched off):
FWIW, this can be capability can be disabled when you power down the device. Not sure if you can make it a persistent preference or if you have to do it every time, though.
I just looked it up and apparently this feature continues to work even in airplane mode. That seems crazy to me that doing that is even legal. What good is airplane mode if it doesn't actually disable all onboard radios? I get that it's theater and mobile device radios don't really interfere with airplane takeoff and landing anyway, but given the rule still exists, why are all iPhone owners allowed to ignore it because their devices don't support turning off the radios?
According to that article, it looks like the bags have to be grounded to work:
"Snack packets are made with a foil that combines aluminum and mylar plastic, making them electrically conductive and ideal as a temporary electromagnetic shield for mobile devices—as long as the packet is closed and grounded—and you don't mind a few crumbs on your device."
I'm not sure if that's really true, or why that is... and if it is, how one could do it while on the move.
In another hundred years are people going to look back at this time as a barbaric age of surveillance or are they going to be even more surveilled and controlled than ever before?
I think it will be a mix. There's always been the use of technology to both enhance and break privacy. On one hand you have surveillance, on the other you have encryption. It is a give and take and the march of progress will always render previous methods inadequate. Hundreds of years ago, letter locking was the thing for secure, private communication, but now we can read those letters without even opening them.
It's a nice thought experiment. I call it ubiquitous surveillance. Anything you say, do, etc. is picked up by cameras, microphones, sensors, etc. and analyzed and archived for the duration of your life. We're a few decades away from that becoming practical to do for the entire population of earth. A few exa bytes of data per person sounds like a lot right now but there are already companies operating at that scale today. A few decades would allow scaling that by few billion times.
That's scary if you think in terms of a scary state surveilling its citizens. But as soon as you have multiple parties doing ubiquitous surveillance on each other it gets interesting: counter surveillance becomes a thing. Counter surveillance could be a crucial tool to enforce rules related to e.g. privacy.
For example, the act of violating somebody's privacy would be observed by potentially many third parties, some of which might not be friendly. Doing so covertly would get a lot harder and now would have a risk of legal escalation. In fact doing anything covertly would become extremely hard. People will get to watch each other, but not covertly and probably under some very strict and extremely hard to dodge rules.
This vision reminds me of David Brin's "Transprent Society"[1], which I believe doesn't take in to account that the wealthy and powerful will be able to afford much more privacy and surveillance than poor people. The former will also be able to bend laws, technology, and the rest of society to their benefit and to the detriment of less powerful, poorer, and less well-connected people.
The key thing is that there will need to be an arms race in people's ability to defend themselves against unwanted attention. And of course there are no guarantees. So assuming privacy when you actually have no way to guarantee you have it becomes dangerous if you start breaking rules and laws.
And of course you having little side chats with other people about helping you out in exchange for something would count exactly as a situation where that conversation might not actually be private anymore.
You don't need to control people if you can control machines. Once AI is there, society will fundamentally change.
I would assume that in hundred years, people will spend most of their time in virtual worlds. Would it be important what people do and think if all they do is moving some bits around?
Do Apple security updates include firmware for the radio basebands? If a radio baseband has been compromised, how can it be restored to a known-good state, e.g. would iOS reinstallation via Apple Configurator also restore the baseband firmware?
Oh god, I'm not insane. This is definitely not a new surveillance vector and there are clear techniques to overcome it without meaningfully interfering with signal or performance.
It also reminds me of some of the older copy-protection technologies which relied on a comparable idea of checking for expected variation at a level above the actual data stream.
I think all Apple devices at this point randomly change the MAC for both Wi-Fi and BT, and have done for a few years at least. Specifically to prevent that tracking.
Targeting variation in the signal itsel (rather than the content) seems on its face to be much harder to prevent. But I am not a radio (or any electrical) engineer so what do I know? :)
This is true of ALL wireless communications platforms/hardware. I remember reading that this technique was exploited by the CIA and was used against the drug cartels from the 80's onward.
> All wireless devices have small manufacturing imperfections in the hardware that are unique to each device. These fingerprints are an accidental byproduct of the manufacturing process. These imperfections in Bluetooth hardware result in unique distortions, which can be used as a fingerprint to track a specific device.
>For Bluetooth, this would allow an attacker to circumvent anti-tracking techniques such as constantly changing the address a mobile device uses to connect to Internet networks.
It's like sci fi movies where they track ships based on their engines. Turn off your transponder and they still know who you are, unless you really try to camouflage yourself.
Address randomization helps but it's not enough. The phone still transmits at a regular cadence so it's pretty easy to figure out which old address has changed into which new address and keep tracking the same device.
By tracking all devices, noting when one address disappears and a new one appears, and correlating it with the perceived signal strength to reasonably guess whether this is the same device vs. a new one entering your detection radius. On top of that, there is often a fair amount of information besides the address in the contents of the advertisement packet, the set of services this device implements, battery level, manufacturer data fields, ... - much like browser fingerprinting by checking for fonts and canvas edge cases.
Maybe not easy, but also not hard. The only thing that screws you up is someone playing with the airplane mode toggle of their phone while moving within your detection radius.
I'm not particularly worried, but it's good to know.
If I'm ever in such a horrible police state that I would want to turn bluetooth off, I would be more worried about the mandatory ankle bracelet all citizens would probably be wearing.
How is this "for the first time?" I saw a well established company demonstrating this technology 5 years ago. They were selling it on being able to either track your employees (this was gov fwiw) or other people in your building. They could do it both through WiFi and Bluetooth and uniquely identify you. While I think this technology is concerning, I'm confused what's new here and trying to read through the marketing.
For BLE, there is address privacy; for classic Bluetooth, I believe that devices do not broadcast their own address except when explicitly discoverable (for pairing).
Philz Coffee in Palo Alto, CA and major department stores in the US have been doing this for years to track foot traffic. If you don't want to be tracked, turn off BT and Wifi and demand the protocol stds body and mfgrs support even stronger randomized hw addresses.
If you're on iPhone, you're still beaconing if you turn it off in the swipe down control center, the only way around this is to go into Settings and turn it off there.
Also of interest, your iOS BLE "Random" MAC transmits every few seconds and can take up to 48 hours to change. I wrote some software for the Pi that would allow me to enroll a phone when someone was nearby (By RSSI) and then with a directional antenna later in the day, you could confirm presence in a house / building.
You can also infer presence of anyone in a house because of this. Oh hey, 2 iPhones in the ex girlfriends apartment, Wonder what's going on in there...
Was this not apparent when every manufacturer was working on Covid tracking in the open? Were people really not aware of the technologies being employed? That technology now exists on every phone that has had any semblance of an update in the past two years. There is no privacy, you have always been and will always be completely trackable.
You can even use ultrasonic sound signatures so your phone doesn't even need to be broadcasting using bluetooth, wifi, or cell. Just the speaker alone at a pitch you cannot hear is enough to track you.
Edit: I enjoy how this gets downvoted for pointing out that technology has downsides...
You're being downvoted because this is a completely different technology from the covid tracking. For one thing, the covid tracking had to be explicitly installed and enabled, whereas this works passively.
>BLE [snip] imperfections are introduced by the shared I/Q frontend of the chipset (Figure 1). They result in two measurable metrics in BLE and WiFi transmissions: Carrier Frequency Offset (CFO) and I/Q imperfections, specifically: I/Q offset and I/Q imbalance.
links to the paper:
https://cseweb.ucsd.edu/~nibhaska/papers/sp22_paper.pdf
https://www.researchgate.net/publication/360655420_Evaluatin...
Git repo: https://github.com/ucsdsysnet/blephytracking