Hackers Find Cell Phone Location

Tuesday, February 21, 2012 @ 01:02 PM gHale

Cellular networks leak the locations of cell phone users, allowing a third party to easily track the location of the cell phone user without the user’s knowledge, according to new research.

“Cell phone towers have to track cell phone subscribers to provide service efficiently,” said University of Minnesota computer science Ph.D. student Denis Foo Kune. “For example, an incoming voice call requires the network to locate that device so it can allocate the appropriate resources to handle the call. Your cell phone network has to at least loosely track your phone within large regions in order to make it easy to find it.”

RELATED STORIES
Apple Deals with App Privacy Issues
Cracking Apple iWork Encyrption
Apple Supplier Hit by Hack
Struggle to Secure Mobile Devices

The result is the tower will broadcast a page to your phone, waiting for your phone to respond when you get a call, Foo Kune said. This communication is not unlike a CB radio. Further, it is possible for a hacker to force those messages to go out and hang up before the victim is able to hear their phone ring.

Cellular service providers need to access location information to provide service. In addition, law enforcement agencies have the ability to subpoena location information from service providers. The University of Minnesota research group showed access to a cell phone user’s location information is easily accessible to another group — possible hackers.

“It has a low entry barrier,” Foo Kune said. It is “attainable through open source projects running on commodity software.”

Using an inexpensive phone and open source software, the researchers were able to track the location of cell phone users without their knowledge on the Global System for Mobile Communications (GSM) network, the predominant worldwide network.

In a field test, the research group was able to track the location of a test subject within a 10-block area as the subject traveled across an area of Minneapolis at a walking pace. The researchers used readily available equipment and no direct help from the service provider.

The implications of this research highlight possible personal safety issues.

An “example could be thieves testing if a user’s cell phone is absent from a specific area and therefore deduce the risk level associated with a physical break-in of the victim’s residence.”

Foo Kune and his group have contacted AT&T and Nokia with low-cost techniques they could implement without changing the hardware, and are in the process of drafting responsible disclosure statements for cellular service providers.

Foo Kune, working with associate professors Nick Hopper and Yongdae Kim, and undergraduate student John Koelndorfer, described their work in paper “Location Leaks on the GSM Air Interface” at the 19th Annual Network & Distributed System Security Symposium in San Diego, CA.



One Response to “Hackers Find Cell Phone Location”

  1. […] Here is the original post:  Hackers Find Cell Phone Location | isssource.com […]


Leave a Reply

You must be logged in to post a comment.