My friend was going through a pretty massive depression after his mom passed. He'd been with my wife and I at our house for a number of hours talking through it, and apparently not texting his sisters back. They called in a welfare check.
We live in a reasonably dense suburb. Police showed up at our front door and asked to speak with him. They just wanted to make sure he was doing OK. He asked them "how did you find me?" and their response was just "we pinged your phone".
Watching my security camera, they did not stop at any of my neighbors houses first. It was very direct to my front door. This leads me to believe whatever sort of coordinates they had were pretty spot on. His car was parked well down the block and not in front of our house so that was no give away.
This was five years ago and always struck me as a "Huh"
Oh! So IIRC it used to be that the modem could only get a rough estimate of your location and typically Apple/Google's location infra(which combined wifi/blue and lately satellite position based shadow mapping) to determine a precise location. And law enforcement got precise info from _that_ infra(E911 requirements for every device).
Clearly they don't need that now because 5g cell towers have gotten precise enough? Also, if that's true then 5g being that precise might still not apply to urban dense areas, where more postprocessing is required to get better location accuracy...
5G isn’t inherently any more precise, but because of the higher frequency used in 5G, the radio signals are blocked by obstructions much more easily, so there must be many more 5G radios per unit area to provide coverage. And one feature of having many more base stations around is that triangulation of specific phone is much more accurate and precise because of how close the 5G base stations are to all 5G phones.
5G infrastructure isn’t limited to tall easily visible radio towers like 4G and before; 5G transmitters are small and relatively inexpensive, making them very common. My employer has a private 5G infrastructure, and we are not related to telecommunications in any way.
In 2009 I worked with a triangulation system in a dense populated area. The precision of location was comparable in average to GPS (meaning sometimes better) when indoors, it was orders of magnitude better as GPS. That was 3G, some yeras ago… I assume today is much better, as the density of cells increased
I'd be very interested in more info, but am going to doubt this for now. Usually just the intra-day deformations of the terrain between the towers through hydrological activity should far exceed what GNSS can achieve.
It is just VERY VERY hard to beat the predictability of orbits.
"and notify the user when such attempts are made to their device."
We aren't going to remove the security state. We should make all attempts to, but it won't happen. What needs to happen is accountability. I should be able to turn off sharing personal information and if someone tries I should be notified and have recourse. This should also be retroactive. If I have turned off sharing and someone finds a technical loophole and uses it, there should be consequences. The only way to stop the rampant abuse is to treat data like fire. If you have it and it gets out of control you get burned, badly.
I turned off all cell carrier tracking 5 years ago. 100% of it.
By canceling my cell phone subscription.
I know I know, I must be amish, I have heard it all. But I run two tech companies, travel, have a family, and do most of the things most around here probably do other than doom scrolling.
I have a hybrid approach with GrapheneOS. 99% of the time I only use WiFi on my phone via a Tor router. I have an anonymous KeepGo ESIM with global data that does not expire and use it when I have to when Im away from home.
How do you work on the go? I use personal hotspot quite often. Not only when on the go, but if there is unstable WiFi. It’s saved me on multiple occasions - both for live-site incidents and for random meetings.
Pardon my skepticism but I find it hard to believe you can actually participate in western society without choosing to have a government mandated tracking device?
Maybe you live somewhere this is possible but it's definitely not in the developed world
You can also just use google family link, make someone else your parent, and lock down the phone. I have a "dumb phone" that is just a refurbished Samsung s22 I bought. Only supports phone calls, messaging, and some credit cards basically.
What security state? They aren't doing this for anyone's safety. This is the surveillance and parallel construction state.
> What needs to happen is accountability.
No agency can have this power and remain accountable. Warrants are not an effective tool for managing this. Courts cannot effectively perform oversight after the fact.
> The only way to stop the rampant abuse is to treat data like fire.
You've missed the obvious. You should really go the other direction. Our devices should generate _noise_. Huge crazy amounts of noise. Extraneous data to a level that pollutes the system beyond any utility. They accept all this data without filtering. They should suffer for that choice.
Strictly speaking, this is not completely true. When you call an emergency number, it’s very good that they can see exactly where you are. That was how this was sold 15+ years ago. But of course, that’s basically the only use case when this should be available.
> Our devices should generate _noise_. Huge crazy amounts of noise. Extraneous data to a level that pollutes the system beyond any utility. They accept all this data without filtering. They should suffer for that choice.
I like the idea on principle, but I'll like it far less when I'm getting charged with computer fraud or some other over-reaching bullshit law.
For consequences, we need to do away with the notion of qualified immunity. Why should police officers, politicians, agents of the government have any immunity for their actions? They should carry personal liability for breaking the law and violating others’ rights. Otherwise, there is no reason they’ll change. Right now, at best you’ll sue the government and get some money, but all you’re doing is punishing other tax payers.
In the United States, qualified immunity is a legal principle of federal law that grants government officials performing discretionary (optional) functions immunity from lawsuits for damages unless the plaintiff shows that the official violated "clearly established statutory or constitutional rights of which a reasonable person would have known".
Under 42 USC § 1983, a plaintiff can sue for damages when state officials violate their constitutional rights or other federal rights.
Get rid of qualified immunity and enjoy no more fruit of the poisonous tree. I assume you are not familiar with the laws of evidence by your emotional position. One of the biggest problems the country faces is citizen literacy in all domains. If you improve citizen literacy across all domains you will solve all problems, until they take away our ability to vote. The "system" exploits those who cannot defend themselves.
We definitely won't get rid of it if we accept failure. I get that it seems extremely unlikely, but there's no use in trying to just mitigate the risk short term. One way or another that power will be abused eventually (if it isn't already).
Idealist views like this get us nowhere either tho.
The reality is somewhat more murky. On a long enough time horizon your point makes sense, we might be able to get rid of the security state by slowly chipping away at ig over hundreds or thousands of years.
Most of us are going to be dead in about 40 years tho. Security state isn't going anywhere in that timeframe.
Does it apply to the government like it applies to people? Is it enforced against governments like it is enforced against people and corporations? A core issue here is that laws, and the application and enforcement of laws, generally do not. Having said that I applaud the attempt and encourage pushing forward on the anti-surveillance aspects of GDPR while recognizing all laws are flawed.
If I send it to the company A, company B doesn't execute it unless they're a subsidiary of A (or A is their data controller) and my request was carefully crafted.
In the scenario you painted, that would mean that my _former_ friend has issued their request to me.
I’m not super sure about the specifics but having taken a 5G class, the professor made it quite clear that due to the latency and bandwidth requirements of 5G, precise tracking is required to allow towers to correctly do beam forming.
When talking about the 5G system, cell towers can request a users estimated velocity which when combined with the towers own location combined with the physical radio (that is communicating with the phone (UE)) you can get a pretty good position estimation.
What is new is that network providers are trying to sell this tower/5G data to other companies.
I could be wrong but from my understanding 5G has always required precise tracking of every device connected.
My knowledge on this is the tower should be able to optimise beams without location information. Channel information can be relayed back to the tower for beam optimisation. The tower needs to know the signal path characteristics but not explicitly the location.
Not disputing that location data is used for beam optimisation just that I dont believe it is required.
Exactly, the channel information is all that’s required but you can quite easily get the location information from that, which makes it easier to add additional features from a system point of view.
If I recall correctly, the tower will report channel information to the higher up controller system which will then decide which next tower should be notified of a phone that’s entering its range.
So while explicit positioning isn’t required when dealing with one tower, the system overall does need to determine a users position and velocity to handle tower to tower transfers.
In other words my opinion is that the difference between a towers channel information and a users position is almost one and the same. It’s a handful of math equations away.
This would not be a problem if you phone did not have IMEI and IMSI, and if the telco only provided an anonymous Internet channel. The problem is that you must have a phone number, often linked to your ID and pay with a bank card, linked to your ID, instead of cryptocurrency. Towers and beamforming are not a problem at all.
Yeah, whether or not precise location info is required, even coarse 24/7 location tracking is a huge privacy issue. Privacy was simply never a part of the core design of our phone system in the first place. That needs to change. Device anonymization would be a great first step.
Information about received power and SNR is relayed over the 5G data link to and from the tower, and beamforming happens that way. As a result, the tower doesn't need to know where you are at all. In fact, with higher frequencies, you often get weird bouncy paths for 5G radio signals so the "beam" that gets formed can be a rather odd shape while being optimal.
So when 5G was being deployed to the city I was working for and I could see permits, it struck me as really peculiar just in terms of economics because the density of towers needed is extremely high compared to the previous generation. As a user, I really can’t tell a difference in quality of service. So it seemed like an extremely large capital investment for no gain, which makes me think that the purpose of 5G is some dual use that is not public knowledge. That the intent was to create a high accuracy tracking system for us seems plausible to me given how much money is funded into other surveillance activity.
This community should be talking about meshcore more imho.
It's a peer to peer network based on Lora. It really only allows text messaging but with up to 20km hops between peers coverage is surprisingly huge. Incredibly useful if you go hiking with friends (if you get split up you can still stay in touch).
See https://eastmesh.au/ and scroll down to the map for the Victoria and now more widely Australia network that's sprung up.
Reticulum gets around a lot of these problems, as the (better) encryption is app-level (or even more fine-grained.) Its also not tied to lora, so you can interop easily with other transports. I made a websocket transport for it, and there is already TCP and UDP, and a couple non-lora radio transports. I also made a (works on web) js and Arduino client lib, and it has a few native client libs, so it can sort of be used on anything, even over traditional networks, or web clients. Meshcore and meshtastic are way more popular, but reticulum seems so much better, to me, for most things. It can still have overload problems, like any radio network, but no client is required to forward, so you can build a different kind of network ("only forward messages that are for my peeps" and marked correctly.) It also has "it costs compute PoW to send to me" which can greatly cut down on spam.
I only recently discovered Reticulum, only to then learn that the developer has retired from working on it. Do you know if there's still any community members carrying the torch?
I really want to get into these Lora based mesh tools but the range in my experience is terrible. Maybe I'm doing something wrong, maybe it's a lack of nodes in my area.
I just tested the other day. I'm in the midwest US so it's winter, no leaves. I managed to get about a quarter mile before my two portable nodes couldn't talk to each other. T-Echo with muziworks whip antenna.
Without a bunch of solidly placed, high elevation, high gain antenna nodes, this just isn't really that usable.
Plus, all the other issues others have highlighted.
> This community should be talking about meshcore more imho.
The fundamental problem of distributed networks is that you can either have centralized control of the endpoints, or your network becomes vulnerable to denial-of-service attacks. So meshcore/meshtastic are great because they are used only by well-meaning people. If they become more popular, we'll start getting tons of spam :(
This isn't great advice if it's supposed to be an alternative to text messaging with a carrier (especially if you're using encrypted RCS).
For one, meshcore doesn't do a fantastic job of protecting metadata. Advertisements include your public key, and if I'm reading this[0] right, your GPS coordinates.
Second, the default public channel uses effectively no encryption at all.
Moreover, the network doesn't exhaustively prevent someone who intercepts a packet from identifying who sent it. It's no Signal.
All telemetry is off by default, you have to explicitly tune it on and then optionally permit specific contacts to poll it.
The PKI is basic because these networks are tiny and merging. And running on tiny computers ($5 boards with no display)
Public channel is public and it uses the default encryption key because it's a default channel, so by definition everyone is invited to participate. Not sure what your critique is.
And no, it's not trying to be signal. It's also currently less reliable.
What does this have to do with mobile carriers tracking GPS data? If you're implying we should use it instead of mobile phones that's not practical at all.
You could get a rough location for free. Every time you send a message, “observer” nodes connected to the internet publish the packet, and in the packet is the repeater path taken, repeaters have known locations and the first repeater is going to be near you.
Meshcore isn't, the firmwares are proprietary. Meshtastic is, but they whine about trademark stuff all the time and cry when anyone mentions Meshcore in their channels. LoRa radios themselves are all proprietary Semtech turf. I guess it's possible to run over 2.4ghz but the range predictably sucks compared to 900mhz.
Meshtastic has terrible defaults (every node rebroadcasts everything, every node sends telemetry), which makes sense in the backwoods but not anywhere close to civilisation.
euhm, well. 112 programmer here. There are multiple levels. Cell tower triangulation come in automatically from providers. But they are only in tower numbers. They might be wrongly entered by engineers, hence the confirming question about where you are. Second is subscription information, as in registered address. Chances are if called from nearby your address, you are at your address. Next is a text to your phone number, which is intercepted by firmware and sends gps coords back. This can be turned off, since implementation.
American carriers have a different protocol than the EU. The EU (and probably EU derived networks) uses a """secret""" SMS format that's opt-in, but the 911 system works differently.
The 911 feature can be activated fully remotely, the 112 feature is supposed to only activate when dialing an emergency number.
Not by users. The new thing is that Apple allows users to disable this feature. Hopefully they still detect emergency calls on the phone and enable it unconditionally for those.
Note sure:
In my country exactly this feature is used by police & state enforcement to find locatin, because this "ping" message is not forwarded from the modem to the OS, so the OS is not aware of any of these messages
yeah, there always was. It's a service code, like getting your imei. But it was a weird long one, and manufacturer dependent. Now UI switches are created for it apparantly. Can't find it anywhere on the internet though. I don't work there anymore, so can't look it up.
Did you read the article or are you merely responding to the title? The article begins by acknowledging triangulation and then moving on to the point of the article. The article is about commands built into the UMTS and LTE specs for requesting GPS from the device. Your comment seems to be about everything but the main point of the article.
It isn’t restricted to Boost Mobile. It is only available on devices with the C1 or C1X modem, though. I assume this is because of specifics with the third party modems that most models in the wild have vs what Apple is doing in-house with their C1(X). If you call emergency services it will still provide precise location.
Serious question: will this limit the ability of 911 emergency services to help you?
I can imagine a scenario where emergency servies are authorized to send the ping to get your precise location and if you disable this, you may regret it. And a major feature of some phones/watches is the ability to automatically call 911 under certain fall/crash movement detection, where you might not have the ability to re-enable your GPS location.
But they still can track the cellular connection and do triangulation from that, no?
Basically, if you have any cell phone the government can track you. Buying a burner phone with cash (via strawman proxy) seems like the only way to temporarily obscure your location.
I imagine with the ubiquity of cameras in the commons and facial recognition and gait analysis they can knit that up even more.
I mean we kinda did when we decided that emergency services calls would be special and give first responders the ability to find you. Wireless carriers are required to provide GPS quality (actually better than GPS) location data to EMS and this is how they built it.
The only way to actually do this was develop a way to ask the phone because the tower isn't accurate enough. In the US it could have been more privacy preserving by being push but I imagine carriers don't want to maintain and update a list of current emergency numbers. "Sorry person in a car crash, we can't find you because cellular modem firmware is out of date and your emergency number isn't on list" is a PR disaster waiting to happen. Easier to coordinate with police and fire and let them do the asking.
911 is the only actual emergency number with regulations around it in the US. police and fire have _non_ emergency numbers that differ, my local hospitals will tell you to call 911; and gas, water, power, and other immediate risks to life safety are all 911 anyway (at least as the first call).
Sometimes it seems dumb, but as long as its an honest report I've never heard of anything more than an annoyed patrol officer. Felt stupid calling in an interstate sized sign hanging by a literal bolt-thread but the patrol shut down that lane.
It's perfectly reasonable to have the expectation that the cell phone network can provide location to emergency services but not the the telecom provider's marketing team or whoever they sell the data to.
In fact the apple feature the article talks about says [1]
> The limit precise location setting doesn't impact the precision of the location data that is shared with emergency responders during an emergency call.
So it actually now implements what it should have been all along. (except that it should be the default)
From the comments, it appears many are not aware that even the US government buys location data of users from data brokers - How the Federal Government Buys Our Cell Phone Location Data - https://www.eff.org/deeplinks/2022/06/how-federal-government... ... Apparently, US cell phone companies are one of the providers of this data - US cell carriers are selling access to your real-time phone location data - https://news.ycombinator.com/item?id=17081684 ...
We really have a societal problem in that we allow private entities to do things we don’t allow government to do. Furthermore, the issue is exacerbated by then allowing governments to bypass these issues by then just paying private entities to do the things it can’t do as a proxy for the same functional outcomes.
But we want to support privatization at all cost, even when privatization these days has significant influence on our daily lives, akin to the concerns we had when we placed restrictions on government. Seems like we need to start regulating private actions a bit more, especially when private entities accumulate enough wealth they can act like multi state governments in levels of influence. That’s my opinion, at least.
> We really have a societal problem in that we allow private entities to do things we don’t allow government to do.
Thats basically the foundational idealogy of the united states. Thats not the issue.
The real issue is your next sentence. The government can just loophole around their intentional limitations by paying private companies to work on their behalf.
>
allow private entities to do things we don’t allow government to do. Furthermore, the issue is exacerbated by then allowing governments to bypass these issues by then just paying private entities to do the things it can’t do as a proxy for the same functional outcomes.
<
Somehow this reminds me about Blackwater / Xe Technologies? :-/
(Im betting 100 USD that soon we will find out that ICE also deployed "private financed forces" to "support state actions"?)
>We really have a societal problem in that we allow private entities to do things we don’t allow government to do.
It really isn't, given that the government literally has a monopoly on violence, and therefore it makes sense to have more guardrails for it. That's not to say private entities should have free reign to do whatever it wants, but the argument of "private entities can do [thing] that governments can't, so we should ban private entities too!" is at best incomplete.
>Furthermore, the issue is exacerbated by then allowing governments to bypass these issues by then just paying private entities to do the things it can’t do as a proxy for the same functional outcomes.
Again, this is at best an incomplete argument. The government can't extract a confession out of you (5th amendment). It can however, interview your drinking buddies that you blabbed your latest criminal escapades to. Is that the government "bypassing" the 5th amendment? Arguably. Is that something bad and we should ban? Hardly.
This is why I advocate for making selling location/identifying data illegal. If nobody is allowed to sell it then the government cannot legally buy it.
I agree completely with your first paragraph, but I'm not sure what privatization has to do with it. Also, I agree that more regulation of private parties is needed. Or even better, break up the private companies that are like multi-state governments in terms of power.
Why not vote for some law limiting the government’s buying of this data? After all, I expect a say in how the government is run, so that seems like the appropriate path. I don’t see why I should expect a say in how AT&T is run. AT&T can’t raise an army, or enter my house, or shoot me.
Readit News
We live in a reasonably dense suburb. Police showed up at our front door and asked to speak with him. They just wanted to make sure he was doing OK. He asked them "how did you find me?" and their response was just "we pinged your phone".
Watching my security camera, they did not stop at any of my neighbors houses first. It was very direct to my front door. This leads me to believe whatever sort of coordinates they had were pretty spot on. His car was parked well down the block and not in front of our house so that was no give away.
This was five years ago and always struck me as a "Huh"
Clearly they don't need that now because 5g cell towers have gotten precise enough? Also, if that's true then 5g being that precise might still not apply to urban dense areas, where more postprocessing is required to get better location accuracy...
5G infrastructure isn’t limited to tall easily visible radio towers like 4G and before; 5G transmitters are small and relatively inexpensive, making them very common. My employer has a private 5G infrastructure, and we are not related to telecommunications in any way.
It is just VERY VERY hard to beat the predictability of orbits.
Dead Comment
Dead Comment
Dead Comment
We aren't going to remove the security state. We should make all attempts to, but it won't happen. What needs to happen is accountability. I should be able to turn off sharing personal information and if someone tries I should be notified and have recourse. This should also be retroactive. If I have turned off sharing and someone finds a technical loophole and uses it, there should be consequences. The only way to stop the rampant abuse is to treat data like fire. If you have it and it gets out of control you get burned, badly.
By canceling my cell phone subscription.
I know I know, I must be amish, I have heard it all. But I run two tech companies, travel, have a family, and do most of the things most around here probably do other than doom scrolling.
So much more time in my own head to think.
Maybe you live somewhere this is possible but it's definitely not in the developed world
That’s the reason most other people are (fundamentally) going to struggle.
What security state? They aren't doing this for anyone's safety. This is the surveillance and parallel construction state.
> What needs to happen is accountability.
No agency can have this power and remain accountable. Warrants are not an effective tool for managing this. Courts cannot effectively perform oversight after the fact.
> The only way to stop the rampant abuse is to treat data like fire.
You've missed the obvious. You should really go the other direction. Our devices should generate _noise_. Huge crazy amounts of noise. Extraneous data to a level that pollutes the system beyond any utility. They accept all this data without filtering. They should suffer for that choice.
Strictly speaking, this is not completely true. When you call an emergency number, it’s very good that they can see exactly where you are. That was how this was sold 15+ years ago. But of course, that’s basically the only use case when this should be available.
I like the idea on principle, but I'll like it far less when I'm getting charged with computer fraud or some other over-reaching bullshit law.
Its simply made for 911 calls.
In the 2G era there was no compute space to just put in extra evil shit for fun
https://en.wikipedia.org/wiki/Radio_resource_location_servic...
Qualified immunity is the only legal doctrine I can think of where piling on extra crimes reduces your liability.
Under 42 USC § 1983, a plaintiff can sue for damages when state officials violate their constitutional rights or other federal rights.
https://en.wikipedia.org/wiki/Qualified_immunity
Qualified Immunity only sets the bar or threshold that you have to meet in order to sue.
We definitely won't get rid of it if we accept failure. I get that it seems extremely unlikely, but there's no use in trying to just mitigate the risk short term. One way or another that power will be abused eventually (if it isn't already).
The reality is somewhat more murky. On a long enough time horizon your point makes sense, we might be able to get rid of the security state by slowly chipping away at ig over hundreds or thousands of years.
Most of us are going to be dead in about 40 years tho. Security state isn't going anywhere in that timeframe.
We should make it impossible for the data to be obtained without express user agreement.
Imagine you get Neuralink and your best friend files for the right to be forgotten. Then poof. All your memories together gone.
If I send it to the company A, company B doesn't execute it unless they're a subsidiary of A (or A is their data controller) and my request was carefully crafted.
In the scenario you painted, that would mean that my _former_ friend has issued their request to me.
In that case? Fair. Poof if that's their wish.
Otherwise? How do you imagine it work?
If anyone wants to look at the future of 5G (well ORAN) here it is: https://gitlab.eurecom.fr/oai/openairinterface5g
When talking about the 5G system, cell towers can request a users estimated velocity which when combined with the towers own location combined with the physical radio (that is communicating with the phone (UE)) you can get a pretty good position estimation.
What is new is that network providers are trying to sell this tower/5G data to other companies.
I could be wrong but from my understanding 5G has always required precise tracking of every device connected.
Not disputing that location data is used for beam optimisation just that I dont believe it is required.
If I recall correctly, the tower will report channel information to the higher up controller system which will then decide which next tower should be notified of a phone that’s entering its range.
So while explicit positioning isn’t required when dealing with one tower, the system overall does need to determine a users position and velocity to handle tower to tower transfers.
In other words my opinion is that the difference between a towers channel information and a users position is almost one and the same. It’s a handful of math equations away.
Deleted Comment
It's a peer to peer network based on Lora. It really only allows text messaging but with up to 20km hops between peers coverage is surprisingly huge. Incredibly useful if you go hiking with friends (if you get split up you can still stay in touch).
See https://eastmesh.au/ and scroll down to the map for the Victoria and now more widely Australia network that's sprung up.
I’ve deployed lots of nodes, and the technology reminds me of ipfs: people who don’t use it much vastly oversell its capabilities.
I just tested the other day. I'm in the midwest US so it's winter, no leaves. I managed to get about a quarter mile before my two portable nodes couldn't talk to each other. T-Echo with muziworks whip antenna.
Without a bunch of solidly placed, high elevation, high gain antenna nodes, this just isn't really that usable.
Plus, all the other issues others have highlighted.
I couldn't get ANYTHING on my first/test ESP32 (Heltec v2).
Anything. I didn't see any packets. Then I finally heard one station later when I held it high on the upper floor.
The I hanged it at the top of my roof and I currently have almost 130 repeaters and room servers.
In your scenario a couple of 5W handhelds woukd work better.
But I agree the usabity is very limited. This is why I think of hanging a couple of guerilla solar repeaters in my neighborhood :)
The fundamental problem of distributed networks is that you can either have centralized control of the endpoints, or your network becomes vulnerable to denial-of-service attacks. So meshcore/meshtastic are great because they are used only by well-meaning people. If they become more popular, we'll start getting tons of spam :(
For one, meshcore doesn't do a fantastic job of protecting metadata. Advertisements include your public key, and if I'm reading this[0] right, your GPS coordinates.
Second, the default public channel uses effectively no encryption at all.
Moreover, the network doesn't exhaustively prevent someone who intercepts a packet from identifying who sent it. It's no Signal.
[0] https://deepwiki.com/meshcore-dev/MeshCore/7.1-packet-struct...
The PKI is basic because these networks are tiny and merging. And running on tiny computers ($5 boards with no display)
Public channel is public and it uses the default encryption key because it's a default channel, so by definition everyone is invited to participate. Not sure what your critique is.
And no, it's not trying to be signal. It's also currently less reliable.
But it's still safer than Sms, by a country mile.
Handheld radios, meshtatic (not meshcore), and in 5 minutes you're set up and good to depart. Or ideally inreach indeed.
Based on the very “bursty” nature of LoRA, how much does an adversary need to spend to radiolocate it? What’s the threat model there?
The 911 feature can be activated fully remotely, the 112 feature is supposed to only activate when dialing an emergency number.
Source? Even if the phone isn't actively doing a 911 call?
Not by users. The new thing is that Apple allows users to disable this feature. Hopefully they still detect emergency calls on the phone and enable it unconditionally for those.
This is a system you can disable as a user, but it's not the on-modem feature discussed in the article.
> Next is a text to your phone number, which is intercepted by firmware and sends gps coords back.
A supported carrier: Germany: Telekom United Kingdom: EE, BT United States: Boost Mobile Thailand: AIS, True
Turn limit precise location on or off
Open Settings, then tap Cellular.
Tap Cellular Data Options.
If you have more than one phone number under SIMs, tap one of your lines.
Scroll down to Limit Precise Location.
Turn the setting on or off. You might be prompted to restart your device.
Only Boost Mobile in the U.S. Weird. About 7.5M subscribers. Maybe it requires 5G? Wonder if it works when roaming?
https://en.wikipedia.org/wiki/Boost_Mobile
https://en.wikipedia.org/wiki/List_of_mobile_network_operato...
https://en.wikipedia.org/wiki/5G_NR
I can imagine a scenario where emergency servies are authorized to send the ping to get your precise location and if you disable this, you may regret it. And a major feature of some phones/watches is the ability to automatically call 911 under certain fall/crash movement detection, where you might not have the ability to re-enable your GPS location.
Basically, if you have any cell phone the government can track you. Buying a burner phone with cash (via strawman proxy) seems like the only way to temporarily obscure your location.
I imagine with the ubiquity of cameras in the commons and facial recognition and gait analysis they can knit that up even more.
It is tiring. I am doing something about it by making technical contributions. If you are able to do the same, please do.
The only way to actually do this was develop a way to ask the phone because the tower isn't accurate enough. In the US it could have been more privacy preserving by being push but I imagine carriers don't want to maintain and update a list of current emergency numbers. "Sorry person in a car crash, we can't find you because cellular modem firmware is out of date and your emergency number isn't on list" is a PR disaster waiting to happen. Easier to coordinate with police and fire and let them do the asking.
Sometimes it seems dumb, but as long as its an honest report I've never heard of anything more than an annoyed patrol officer. Felt stupid calling in an interstate sized sign hanging by a literal bolt-thread but the patrol shut down that lane.
In fact the apple feature the article talks about says [1]
> The limit precise location setting doesn't impact the precision of the location data that is shared with emergency responders during an emergency call.
So it actually now implements what it should have been all along. (except that it should be the default)
[1] https://support.apple.com/en-us/126101
But we want to support privatization at all cost, even when privatization these days has significant influence on our daily lives, akin to the concerns we had when we placed restrictions on government. Seems like we need to start regulating private actions a bit more, especially when private entities accumulate enough wealth they can act like multi state governments in levels of influence. That’s my opinion, at least.
Thats basically the foundational idealogy of the united states. Thats not the issue.
The real issue is your next sentence. The government can just loophole around their intentional limitations by paying private companies to work on their behalf.
Somehow this reminds me about Blackwater / Xe Technologies? :-/
(Im betting 100 USD that soon we will find out that ICE also deployed "private financed forces" to "support state actions"?)
It really isn't, given that the government literally has a monopoly on violence, and therefore it makes sense to have more guardrails for it. That's not to say private entities should have free reign to do whatever it wants, but the argument of "private entities can do [thing] that governments can't, so we should ban private entities too!" is at best incomplete.
>Furthermore, the issue is exacerbated by then allowing governments to bypass these issues by then just paying private entities to do the things it can’t do as a proxy for the same functional outcomes.
Again, this is at best an incomplete argument. The government can't extract a confession out of you (5th amendment). It can however, interview your drinking buddies that you blabbed your latest criminal escapades to. Is that the government "bypassing" the 5th amendment? Arguably. Is that something bad and we should ban? Hardly.
Deleted Comment