>“Every phone has two operating systems,” explains Gary S. Miliefsky, CEO of SnoopWall, “One that connects to cellular networks, and one that interfaces with the consumer. Airplane mode may only disable features in the consumer facing operating system, such as Android or iOS, but not in the OS used between the phone and the carrier network. A phone may be giving out a ‘ping’ and you’d never know it.”
Surely that defeats the whole idea behind airplane mode. i.e. stop the phone from sending crap that (supposedly) messes with airplanes?
As an RF engineer who has tested frequency spectra and radiated powers of various consumer electronics including cell phones, I've never seen a cell phone (specifically an iPhone 5, A Nexus, a Samsung Galaxy S4, and a razr flip phone) transmit with airplane mode turned off.
It's not just airplanes that could be susceptable to cell phone emissions, but back in GSM days, the number of handoffs while in flight would effectively jam the cellular network in a 200mi radius. Nowadays cell phones are much smarter and don't do that, and the EMC risk in aircraft is extremely low.
>>I've never seen a cell phone (specifically an iPhone 5, A Nexus, a Samsung Galaxy S4, and a razr flip phone) transmit with airplane mode turned off.
I think you meant "on"? If airplane mode was on, RF emissions were a strict test case executed in the lab Faraday cages where we ran new terminals through their paces prior to launch rollouts.
Correct, typo. We were specifically testing the radiated and conducted (through its charging cable) emissions from the cellphone's processors, display, etc, and needed the radios off in a reverberation chamber.
No way to tell if it's listening though. It could be silent and still be processing every it can detect.
Who knows if there are secret commands that can be sent to it to override airplane mode settings, or instructions to do other nefarious things and broadcast once out of air plane.
Every radio has a signature that it's turned on by listening to its Local Oscillator. [0]
We weren't testing the presence of the LO, but instead characterizing the phone's radiated and conducted emissions from it's non-phone radio functions like its processors, displays, BMS, etc. There were discrete frequencies which were certainly from oscillators, but we didn't determine whether or not that was the receiver(s') LO(s) when airplane mode was on. There's probably a dozen other oscillators within phones for memory, CPU, displays, etc. So, you might be right, but this can be tested in the right lab.
However, that might be complicated with software defined receivers that don't have a typical receiver architecture, very low level signals, and very tiny PCB traces.
He means listening to the radio. A phone might have special baseband firmware that, e.g., turns on for a minute every hour and listens for a particular coded sequence (such as the date, and a mask of serial numbers, encrypted to a key in firmware etc), which would then cause the phone to do a number of things, such as turn on the radio for rx, or tx the RSSI of nearby towers, etc. All without telling the main CPU.
Colour me dubious. If the phone is in airplane mode then the carrier doesn't know where it is. Are you suggesting they broadcast this information on all their cell towers? Or that they have a secret system to predict/guess where a dark handset might be so they can target it? Either sounds extremely unlikely.
As to the practicalities, it wouldn't need to use the carrier network, just put it in a plane. Like the plane they have circling D.C. right now, or a drone. And your location is often known approximately.
Android does this routinely with wifi listening, if not GPS. It's a feature, and you can't turn it off. Haven't tested if GPS spoofing (a debug interface) overrides that.
Iphones now do this too, privacy violation by relay to nearby iPhones, over Bluetooth and possibly with the new mm wave RADAR too.
A while back, I experienced a technical problem with my carrier. As a result, my subscription stopped working. That meant that for everyday I used the internet connection, I was to be charged 4 euros.
The solution was obvious: airplane mode! You know what? It didn't help. They kept charging me 4 euros a day. Then I replaced the APN in the network settings with a fake one and suddenly the daily charges were gone.
Airplane mode didn't help, some byte was still passing through.
The phone was an android phone. The carrier refunded me right after fixing the problem (which took them a month and half).
How? I don't think there's any way a phone could know if someone has a spectrum analyzer looking at it's antennas, so it wouldn't be able to distinguish between a user enabling airplane mode because they want to vs. someone testing it.
Why? Airplane mode is a software feature right, you just don't enable whatever power transistors you use to amplify your transmission. However a receiver won't give measurable EMF, you could still listen and detect any abnormally low noise floor. You could probably even employ a heuristic like "only call home if the noise floor has been very high for at least one hour".
That would still be catastrophic for people trying to avoid tracking in demonstrations for example.
Your phone's (rootkit?) would have to passively measure the room before any remote action, that's true and reduces the utility. Still it would require accessing the sensors in the faraday cage which might make some noise.
Plenty of VM evasion stuff has been caught in the wild so it would up the game regardless, which is all you can really hope for against hackers and malicious parties. They almost always go for the easy targets who don't think of this stuff anyway.
From a friend that is an amateur radio enthusiest "It's because your phone connects to so many towers (50-100 at a time) at once that it's an issue versus bringing the plane down".
It isn't plausible that the baseband is routinely incorporating backdoors. However it is very plausible that nation states do lots of testing of baseband firmware, with an eye towards exploiting it. If baseband protocols were as easy to test as wifi we would probably see more vuln reports about them.
It is unlikely that they would be able to remotely update the baseband firmware though, especially on an iPhone. Also, an increasing number of baseband systems use highly verified kernels, such as sel4.
As to phones in flight mode routinely pinging, this is incorrect. It would easily be detected by standard tools and counter-surveillance equipment.
It isn't plausible that a modern phone would interfere with a modern jet IMO, but I still turn it to flight mode. Doesn't mean a passenger couldn't cause problems if they wanted too though -- turn on a GPS jammer and ADS-B/mode-S spoofer while onboard and watch everything go kooky.
A more realistic security problem is that of phones listening to wifi when turned off for geolocation purposes. Just the listening is exposing the stack to some degree.
> It isn't plausible that the baseband is routinely incorporating backdoors.
Intel and AMD effectively incorporate a back door into every processor, one that they refuse to document or give the keys for (but which likely some government agencies have, whether provided willingly or not). Why is it implausible that basebands incorporate something similar?
Features like Intel ME were actually requested by major IHVs, like Dell/HP etc. VISA is a debug system you need ring 0 access to use.
In contrast, Qualcomm/Intel clients like Apple are very concerned to not have magic backdoors (Apple bought Intel's bandband IP and team recently, supposedly to make their own 5G chip). In any case, there are plenty of garden variety vulnerabilities in bandband chips, no need for NSA voodoo.
Intel ME could have been used as a backdoor in a circumstance where they knew it wouldn't be analyzed, but that is a small percentage of jobs. Really only when you know a JDAM is coming through the roof soon after, or it's a no fail type of mission, i.e. taking over NK ground control during a missile launch. It isn't going to be wasted trying to hack the Kremlin, where everything gets logged.
For baseband chips, I haven't heard of Qualcomm having these types of interfaces at all. Fleet management happens via MDM at the iOS/Android level. I don't think NSA would be able to coerce Qualcomm to introduce a huge feature like ME in secret, and besides that isn't their MO, there would be a standards process etc. I really don't think something like that could be kept completely under wraps, and then as soon as you used it once it would be burnt.
Chinese chipsets not so sure. So far Huawei has so many bugs in everything they have implausible deniability. Like dozens of level 10, full RCE exploits. That's a good reason to ban them.
JFYI, at least on iOS 13, airplane mode disables only the mobile connection, while WiFi and Bluetooth remain on. This is not hidden in any way, the buttons remain active in Control Center.
I assume that only mobile signal has enough power to be considered dangerous. Maybe someone can explain what's the reasoning behind this choice.
I feel like this aligns with what "airplane" mode should be. I find it annoying when I turn on airplane mode and it disables my bluetooth and I have to re-enable it (Android X/Api 29 and below)
The reasoning is that airlines used to ban all wireless communication during flight. Now they permit Bluetooth and WiFi but still forbid cellular. The iOS behavior is calibrated to the air travel rules.
I believe iPadOS/iOS 13 by default will leave Bluetooth on while in airplane mode (likely for watches and headphones). If you turn bluetooth off while in airplane mode, it remembers that as a preference.
It's been like that for a while if you have your wifi/Bluetooth on when airplane mode is on, it will do it the same way next time you turn on airplane mode. I used that frequently on my 5S, spare 6, and iPhone X.
The reasoning was so that WF on flight, and BT/WF peripherals like AirPods, Apple Watch, and (for the iPad) the pencil, connected keyboards, and so on, can continue to work.
Phones affecting airplanes is already not that much of a risk (even if indeed existing), and besides, as the article claims, the phone might still just sent a periodic ping, which is going to be practicable unnoticeable for any equipment.
UTC 0830
Smart devices mimic what they hear around them so they can blend in. For example, for wifi using the same MAC address and IP info as something transmitting frequently. You'd have to check the sequence numbers or use multi-directional gear to detect it reliably.
Conceivably it would use a different waveform with lower energy when transmitting clandestinely, but that would be insanely expensive to achieve, probably need to add a separate chip, and it wouldn't work for people who change phones regularly.
I'm reminded that a while back the Shin Bet modified a phone to have a chunk of plastic explosive, used to kill a Hamas bomb maker. It was detonated remotely with a non-phone protocol (as the phone channel was in use by the target).
Meta data from regular operation, combined with data from apps, and OS telemetry is probably be such a treasure trove that backdooring the baseband processor is probably overkill in most cases, and while I suspect there are phones backdoored in this manner the real threat will not likely be government agencies for most people; it's the risk that non-government actors discovers it and abuses it for criminal purposes.
I suspect various alphabet agencies are perfectly aware of this, and that they're actively avoiding such measures unless they're considered strictly neccesary. After all, imagine the media shit-storm if some North-Korean hacker group managed to start mining bitcoin with 2 billion Android devices and it turns out that NSA put in the back door that allowed it.
Notably, appeals to not having your phone on in an airplane and airplane mode are more due to the extensive reach of an airborne cellphone and the effect this has on cells and hand-over protocols, as the phone connects to a plethora of cell towers in rapid succession, by this seriously harming available capacity. So this is intended more to protect the earthbound infrastructure than the cockpit electronics. I'd guess, subverting any countermeasures by means of the baseband system would be contrary to the interest of those involved and profiting from this.
"stopping the phone from sending crap that (supposedly) messes with airplanes" was never the goal of airplane mode. If phones could bring down an airplane they would have never been allowed on board.
The technical problem was always that planes cross cells at speeds for which the gsm handover protocol was not designed. The business problem was phones would eat into the juicy onboard services turnover.
> It is unclear whether enabling airplane mode stops this tracking. The only way to make sure is to remove the SIM card and battery from the phone.
It is possible for a handset to attach to a network without a SIM card for the purposes of making an emergency call. Please don't think removing or swapping your SIM card stops tracking.
I've yet to see 2G or 3G phones try and talk to a local network in aeroplane mode (though you shouldn't believe me). I did see some oddness years ago when testing an early and proprietary LTE handset, but I'm not sure I'd believe that either.
It also seems like phones have their own tracking ids that they report, it's not just the sim card.
There was a great talk about some of this from black hat; how the CIA renditioned Abu Omar out of Italy and how they were found out: https://youtu.be/BwGsr3SzCZc
There are two numbers on the cellular network that matter: international mobile equipment identifier (IMEI). This identifies the cellular radio in question, usually the phone but a dual SIM phone will have one for each slot.
The second is the international mobile subscriber identifier, IMSI. This is the identifier the SIM sends to ask the network for functionality.
Even without a sim installed, the phone may transmit and will transmit its IMEI when doing so. This is so that cell towers can talk back to the device (a bit like ssids in WiFi networks). As mentioned in other replies to you you can often dial emergency numbers and your calls are routed. To do that you need to know which device is calling.
So yes you can track individual phones. You can also tell when a phone has changed SIM or a SIM has changed phone and so on. No idea if networks do this, but the data is there.
All GSM phones have at least one of these (multi-SIM devices have multiple), they uniquely identify devices with SIMs and are held in databases shared intentionally amongst many nations for blacklisting and such.
If a phone is reported stolen in the UK and reported, it's IMEI can be added to this list and the device becomes useless in participating countries, say for example, Spain, or Germany or the US.
My point is, it's a globally unique identifier; tempering with, modifying or cloning them is illegal in some countries.
The SIM itself is almost irrelevant, but, with the information mobile providers hold, it's trivial to link a SIM account, a device identifier and a person (particular given some countries require ID by law to obtain a SIM).
Furthermore, being criminalized in some countries has caused discussion of how to change IMEIs to be censored in technical forums everywhere. The obvious draw is stolen phones, so nobody wants to touch the topic with a ten foot pole, despite its straightforward relevance to privacy.
That attitude reflects the dead ends I've experienced when looking around for how to change IMEIs for various phone models I was interested in. Also note all the disclaimers in the thread you linked.
Maybe recent phones are still so straightforward with QPST that any time the question is actually asked it's bound to get flooded with crap? It certainly doesn't feel that way. Eventually I'll get around to setting up another Windows VM and seeing what modern QPST can actually do.
Will removing the battery but leaving the SIM card in be enough, though? It seems surprising that the phone would be able to send a signal without the battery for very long
"airplane mode means no transmission. The phone can still receive and might be remotely activated by a so-called silent text."
I don't think that's workable.
Remember, the phone is not a walkie-talkie - it's a node on a cellular network and has to participate on that network to be addressable and receive messages.
This means it is answering status requests, sending ACKs, etc. In order to receive a text, the phone has to be sending TX outward.
Is it possible that there could be a phone network built to send RX only transmissions to network nodes (handsets) that were otherwise silent ? Sure - but I don't believe any of the GSM/3G/LTE specs define any such behavior.
In short, if your phone is truly in an RX mode, I don't think it can receive a SMS - or participate on the cellular network in any way.
Back when I worked with LTE (now 4G) there was no such thing in the S1AP protocol at least.
Me, and a colleague, where actually the first to get a paging through from network to a UE in LTE. Sure, it was a test UE the size of a small refrigerator, and the network was a simulated network. But still. All layers involved.
The paging, at the time, was the only way for the network to silently contact the UE, and that message didn’t contain any information. It was basically just a: “Hello IMEI X, are you here?”
Airplane mode means no radio. Handsets will not transmit anything, and thus obviously will not attempt to connect to a network, in airplane mode.
The article is largely fear mongering, though. The way the system is designed means that the location of every connected device is known at least at cell level. If that wasn't the case you could not be called!
Edit: by law they have have to keep location data, though I'm not sure to what extent.
The author of this article does not seem to know the topic but makes sweeping, borderline conspiratist, claims...
Oddly it turns out that these days airplane mode doesn mean turn off all RF transmissions. e.g. it can mean "configure for use in an aircraft under fcc jurisdiction" which means turn off cell radio but keep Wifi on.
Apparently Apple phones will silently phone home an SMS as an iMessage heartbeat when you turned off data.
I bought a SIM card in France, loaded 10 EUR for a 9,95 plan. But my balance declined to 9,85 despite having data turned off and not making any calls/SMSs.
There was no record in Messages, but my provider showed me sending a text.
Ugh. Another 5 EUR added just to buy the 9,95 plan.
> Apparently Apple phones will silently phone home an SMS as an iMessage heartbeat
I recently traveled abroad and bought a local SIM card, and when I first activated it I got a dialog asking if I approved of it sending the iMessage activation SMS. It wasn't silent.
Seems new. I still dunno why Apple made it such a secret.
Drove me bonkers when my carrier claimed I sent an SMS but my phone showed I had not.
Edit: others reported that there’s a message that said “Your Carrier May charge for SMS messages used to activate iMessage” that would still send even if you hit “Cancel”.
Seems like a lot of providers don’t charge for this SMS, but for those that do, it can be a costly int’l SMS.
The solution will be to have a slider that physically disconnects the networks. Slide it down and the hardware is no longer physically connected. The phone still have all it's no-connection features. Slide it up and you are back online.
We cannot trust software to actually disconnect as advertised. It is not in the network operator's interest. Unfortunately, it is also not in the phone manufacturer's interest to have you disconnect. Wake up, this is only a dream.
I've tested two of those. It's hit and miss. If it's not closed perfectly flat (and it's metal-lined fabric, it's not always perfectly flat even if you're careful), it'll receive phone calls just fine.
Hi 'm463, you seem knowledgeable about this subject, so I have a few questions. Could you please answer the questions below or direct me to where I can learn more?
1. If a phone is off e.g. iOS’s General->Shut Down, then can it still receive and transmit signals?
2. What is the best kind of cheap case / enclosure for a cellphone that would prevent signals from being transmitted or received? Can I just wrap a cellphone in aluminum foil and place said wrapped cellphone in a Tupperware / plastic sandwich container?
3. What is an effective way for an RF layperson like myself to detect whether or not my phone is transmitting or receiving signals while it appears to be off e.g. RF tool or measurement device?
I just want a way to know and be completely certain that “off” means “off”.
Those are good questions and I'm not an expert. I was a part of a discussion once where someone mentioned that faraday cages mostly work for signals entering.
However:
1a) You don't know (because your phone can pretend to be off). You need to remove the battery (and also remove hidden batteries)
1b) some phones support NFC, which can theoretically be used when the phone is off.
If you can't trust a manufacturer to make software that does what you're told it does, what makes you trust the same manufacturer to make hardware that will physically disconnect?
Similar steps would have to be taken for monitoring the device to ensure the hardware switch does what it's told, same goes for the software.
Software blocks aren't good enough because a compromised system can lie and say something is blocked when it isn't. Hardware disconnects you don't need to worry about.
Nothing really helps when everyone is voluntarily buying always on surveillance tubes, headphones and glasses with Alexa/Google assistant that's always listening
I considered doing that and using an external microphone, but I don't trust my skills to get everything back together in one piece. Even getting access to the board to do it seems to require the use of destructive force. I'd probably be perfectly fine with a phone that didn't include a mic and required an external one though. While I do use it to place and answer calls sometimes, it's almost exclusively used for texting, and I haven't run into an occasion where loss of audio while recording video would matter.
A few comments here claim that aggregated data is fine. An interesting read is [1]. It discusses how trajectories of individuals can be recovered from aggregated mobility data with high accuracy. It's a great read because it breaks down the approach into small logical steps, but the end result (recovering individual's trajectories from aggregated data) sounds bizarre at first.
People are often able to get personally identifiable information from aggregated/anonymized data. At this point, I think people should be automatically skeptical that their personal habits are protected when a company claims they only collect/use/sell aggregated/anonymized data. In practice, it might not be protected at all.
Having gps trajectrories and two locations in the city, like home and job address, it should be quite easy to find corresponding trajectory and thus deanonymising a single person. No need for imsi or any other data. Therefore to make data anonymous it should be encoded in terms of number of subscribers in given time and area. My guess would be it isn't
[UPDATED. It seems that the recording will happen after the elections, not before, so apparently spying the political preferences of people would not be the motive (yet). I had removed those parts]
Is easy to stablish a probable connection between this sudden need to watch all phones in relation to the disturbs in Catalonia coordinated by sms messages and apps.
Would be trivial to connect the pool of "people that went to the place X at the day Y", and the part of the city or neighborhoods where they mainly go to sleep after the disturbs. Many other sensible things can be disclosed from that, like how many people came from Euskadi to join the disturbs for example, and if they joined to eat before in a special place).
Nobody signed to accept to participate in this, and there is not a way that allow you to be excluded.
Is totally "1984" level, is outrageous, breaks many red lines all "in your face european parlament", and somebody should pay for that.
go to etsi.org go to the search form for standards and enter "lawful interception" without quotes. Read / browse all the relevant standards (titles and content). This has been going on for years and years
Also in Spanish news: there was a separation movement leading to the arrests and jailing of separatist leaders after 90% of the population votes for separation. The leaders got something like 15 years of jail time. There have been massive protests for weeks now
While true, the number of 90% is a little misleading. The vote was declared unconstitutional and illegal by Spanish government, so many people against a separation did not show up to vote. However with a voter turnout of 43%, it is still a strong signal in favor of separation.
The last wave from the Centre d'Studis d'Opinió from the Generalitat (Local Government), measures support for independence at 44% vs 48% who wish to remain part of Spain.
"Altogether, parties supporting Catalan independence received 48 percent of the vote."
48>40
So from far away, I would question the neutrality of the Centre d'Studis d'Opinió.
Also, if the numbers are right, then why on earth does the spanish government escalate and not just let them have a referendum which fails and have peace afterwards?
> So from far away, I would question the neutrality of the Centre d'Studis d'Opinió.
They are the "Department of Statistics" of Catalonia, and they are controlled by the local government (pro-independence), so i am not sure why would they be biased to report lower support than the actual one.
Our Constitution does not consider secession of part of a territory. To hold a referendum, they will have to change the constitution first, which is unlikely to happen in the short term.
Also, I am not sure that a referèndum is the best way to settle this conflict. I think that other options that can gather the support of more than 50% of the population would offer a better solution. (i.e., how do you build a new country when half of the population feels strongly about it?)
> how do you build a new country when half of the population feels strongly about it
this is exactly the current situation with spain! About half of catalans feel very strongly against the spanish state. This is obviously not sustainable. But the spaniards prefer to bully the catalans, to earn votes elsewhere, than to solve the problem once and for all by holding a binding independence referendum.
I for one couldn't care less anymore about the spanish position. I do not consider spain a legitimate state, and we will have to free ourselves from it by any means necessary.
GP was essentially saying: we'll just do the referendum, people will vote "no" and then we'll be done. That's more or less what happened with Brexit, except that people (against all expectations) voted "yes" in the end, which has led to something of a mess.
>"Altogether, parties supporting Catalan independence received 48 percent of the vote."
> 48>40
Support for independence and voting share of parties supporting Catalan independence are two different things. Heavily correlated, sure, but not equivalent.
15 years in prison? that's nuts. that had better be manslaughter or armed robbery or stealing zillions of pensions etc...
there is no way you can present holding a controversial referendum as worthy of a jail sentence at all, let alone 15 years.
"broke the law"... i mean, crossing the street when the light is red is "breaking the law". buying weed is "breaking the law".
it is a provocative heavy-handed foolish move by the Spanish Supreme Court, that will only serve to inflame tensions, as it now provides an air of martyrdom.
it's all thoroughly unnecessary and gratuitous.
it would be enough to say "well that referendum result doesn't count, sorry. nope." and you'd have a bit of protest and another "illegal" referendum every few years, but you wouldn't be feeding the popularity of the Catalonian independence movement.
it was a stupid move.
hubris appears unattractive to the global lens.
mind you, I couldn't have given 2 hoots about any of this, just reporting on how it appears on the world stage.
The sentencing also includes misappropriation of public funds to pay for their personal project, wildly out of the target of that money and their mandate.
So yes: it actually was a case of stealing millions.
Secession movements have a big chance of killing a ton of people and violating the civil rights of many more, so a 15 year sentence is very plausibly appropriate, in comparison to armed robbery.
So basically you're saying that somebody should be jailed for N years because maybe, in the future, someone else related with the same movement might use some level of violence to achieve... something we still don't know, in circumstances we still don't know?
Wow.
Scotland did the referendum in agreement with British Law and Westminster pairlament. This, note there is no British Constitution that forbids them to do referendums.
About Flakland Islands I don't know, so I don't have an opinion.
I imagine it's dependent on boundaries not individuals. A nation, an island, a state, or a city might ask for independence, but not a person or a group of people. In the US we even have semi-independent spaces like reservations and embassy buildings where a single complex or structure is considered separate from the nation that surrounds it.
a lot depends on the outcome. you can bet that the british empire didn't "let" the colonies secede, but they did anyway, persevered, and eventually the british "let them" by way of not pursuing the war.
and so, here we are. the same could happen with spain, or a state in the US, or w/e. winners tend to write the history books, as well as perspective on past events.
> after 90% of the population votes for separation
No matter how many times this was repeated it feels still relevant to explain it; cows do not fly and 1,6 millions is neither the 90% of 46,7 millions, nor the 43% of 46,7 millions.
Well, launching a study that could potentially endanger the privacy of millions while the prime minister and his staff compares to terrorists thousands of protesters who happen to have organized themselves via mobile apps..
> the prime minister and his staff compares to terrorists thousands of protesters who happen to have organized themselves via mobile apps
Organized themselves to create non-stop disturbes, block repeatedly several main roads, attack systematically police (to the point of almost killing a policeman and hurting thousands), burn cars and bikes, and creating damages only to the street furniture in Barcelona valued in 3,5 Million euro. The aditional damage to the economy and tourism has been estimated in more than three hundreds millions euro lost.
I would love to hear your definion of terrorism. Must be a very interesting one.
This does not change the fact that the massive surveillance that the government is announcing, has never happened before, sets a very dark precedent, has surpassed all reasonable limits and is an error. The secret services must be running wild and at full power without nobody trying to stop them
My definition of terrorism does not include voting, I can tell you that much.
Peaceful demonstrations were also organized, and there’s no ex ante way with this system to target the violations to perpetrators (or to set up any judicial safety check, although in Spain I’m told that would not make much of a difference).
Spain keeps crossing all of the red lines we have set as europeans, and yet our governments will do nothing because they want to avoid troubling the euro even more. This is a recipe for disaster if I ever saw one.
> in Spain I’m told that would not make much of a difference
If you are told that, is simple. You are being lied (and pretty gullible).
Lied by the same people that keep repeating "Spain is baaad!, baaad!, baaah!, baaah!, baaah!".
Okay, Lets talk about judicial safety procedures. The entire trial was public, transparent, broadcasted in direct on TV, and can be watched in internet if you want to freely make your own opinion (and die of boredom). The sentence was justified in 493 pages that you can also read in this link, because... surprise! we, the PIGS, had the same ancient laws than in the rest of the stupendous Europe. We adopted this laws earlier in fact and Roman law is still studied and relevant for lawyers.
Please read it, watch it, explore the truth by yourself and don't hesitate to tell me if you find that there was something pigilesque and "uneuropean" here and in what part this people did not enjoyed the right of defense and a fair trial.
> Peaceful demonstrations were also organized
Oh, then is all fine. Lets continue this Anschluss and burn the city
> If you are told that, is simple. You are being lied (and pretty gullible).
Maybe I’m being lied, and maybe I’m too gullible, but it’s a hard sell to say that everything is fine and dandy on Spain.
Just this year you had quite a scandal with the supreme court changing a decision about mortgage taxes by quite a margin. Not forget that your current foreign affairs minister got caught red handed trading with inside information, something that warrants jail in all other western countries.
there's a massive ongoing police operation to suppress the catalan independence movement. This data allows to massively track everyone. Not that the government couldn't access this data already, but now they are making it explicit via this scare propaganda.
what do you mean "independent"? All the major catalan and spanish newspapers are talking about this (with quite different points of view, depending on the political leaning of the mediun).
In Spain it is legal to want independence, it is legal to create political parties that go for it, legally, BUT it is not legal to go against the law.
Creating a referendum is not legal because in Spain the sovereignty is in the general Spanish population, not in the local population.
This is not Scotland, Catalonia has never been a sovereign state that decided to join a union preserving its sovereignty. Spain was created as the union(by marriage) of the reigns of Castilla and Aragón, that included Catalonia.
The secesionist organized a referendum and they themselves counted the votes, like Stalin said it is not important who votes but who counted the votes. They added a million to the real number.
The local population holds over 50% of secessionist votes.
BTW the joke of gobertment that Spain has given the Catalan local Government(managed by secessionist!!) the management of prisons there. So they will be released soon after the elections, because the president is there thanks to the support of secessionists.
I thought that something like this would not be allowed due to the general monitoring clause as per article 15 of the directive 2000/31/EC.[0] But reading it again I'm not sure anymore.
I see the same thing in some apps that use GPS/location. If it can't get your location because you're underground battery use increases as it keeps trying and trying.
Still wouldn't do nothing except waste battery power.
I had all kinds of older phones, and in older times 20-25 years ago there were tons of places with zero signal (villages, islands, places out of the city, national parks, and so on) and the phones survived just fine.
That's as zero as in a faraday cage, as far as the phone is concerned -- no tower to talk to at all, 0 bars for hours or days on end.
Yes, I meant a dead battery. The "solution" I was replying to was suggesting keeping your phone in a Faraday cage to thwart government surveillance, presumably a small portable cage that you would take with you wherever you go. If you leave your phone running in there, there's a pretty good chance that the battery will be dead when you take it out to use it, which defeats the entire purpose of carrying a phone in the first place.
Controlled compromise of privacy for the sake of scientific insight seems like a good idea, until you realize that we either get profoundly non-replicable junk "science", or continued and unlimited re-breach of privacy for the sake of replication. Neither is any good.
While I'm normally all for access to raw data used in research, that's pretty hard to do with IRS data without massively violating Americans' privacy and exposing them to identity theft. It's fair to be skeptical of anything using locked-up data, but I don't see a good way around the problem.
The problem is that carriers have being retrieving this data for a long time. This news is that they're giving the data to the government for statistical analysis and we cannot do anything about it...
it is very innocent to believe that the carriers would not provide these data already to the government if asked (e.g. by a court order), and they have probably been asked many times.
"With a court order, this data can be used to identify and track an individual...
... which means that it is stored de-anonymized in the carrier servers"
No, it does not mean that it's stored de-anonymized. It means that it can be de-anonymized if required by a court order.
EDIT because all the downvotes, this is not nitpicking. The deanonymizing data is ELSEWHERE, not on the servers. It takes a court order to obtain it, employees cannot use it. It's an important point.
The idea that 24/7 minute-by-minute location data can somehow truly be "anonymized" is beyond ridiculous. It's easy for any organization (or even a single researcher who has cash to spend) to deanonymize it by merging w any number of other datasets that are available for purchase.
"Anonymizing" this kind of data is really just saying "for some of these users, it'll be somewhat expensive to unmask them. for others it will be trivial."
What would you say if a SaaS told you that they store your password hashed, but that they can reverse it and get it out in plain text, if someone with authority asks?
No, it's not the same. It could be stored anonymized, and the de-anonymizing data is somewhere else, and it can ONLY be accessed with a court order. I don't know why my original comment is being downvoted, it's an important distinction.
Edit: stop with the downvotes please. Whether you agree or not, anonymizing something does not always mean it cannot be de-anonymized. And who can do it (and under what circumstances) is important.
Anonymizing does not mean that it has to be one-way. You can give other people an anonymized version of your data, but you can keep the key to deanonymize that data (and hand it out selectively). I don't know who is assuming that anonymizing means the information has to be thrown away and lost to EVERYONE.
If someone can use that information to identify you, then the data is by definition not anonymized. It doesn't matter how exceptional the circumstances where that's allowed to happen are. "Fully 100% anonymous, unless we label you a terrorist" is not the same as anonymous.
If you're going to nitpick like that, then no data is ever anonymized if it contains any information at all. When you start combining pieces of data, they all contribute information that helps you narrow down individuals until there is only one possible match.
Read up on differential privacy and k-anonymization. There are commonly implemented best practices for measuring and preserving anonymity in a dataset in non-reversible ways. It usually involves aggregating clusters of data and dropping clusters with too few unique contributions.
These techniques have a long track record in the private sector and with public entities such as the US Census, with a lot of formal research to back it up.
It's not nitpicking. Your definition of "anonymized" leads people to believe they are anonymous when they are not. That can lead to serious consequences.
It’s not my definition. You’re twisting words. Location data is just not “anonymizable” at all because it’s always possible to combine it with other sources.
This does not work for most location datasets. It is easy to Re identify users in this type of dataset with a few lines of code. The identifying information is embedded in the locations and time stamps themselves. Research shows 4 randomly selected location points from a phone is all that is needed to uniquely identify 95% of the population.
Depends on your definition of "the data". If they store all the data, split it in two, and you only count one half as "the data", and the other half as... something else, then yes, it can be both anonymized and de-anonymizable. But I think privacy advocates (myself included) count everything collected and stored as "the data", and don't find some red tape securing it particularly reassuring.
Then that isn't anonymized at all. Anyone who thinks it is is a fool. It's just 2 step identification, and pretty typical of overreaching governments. No one should be tracked unless a warrant is issued and at that point meta data can start being collected.
Can you explain this to the layman? How does it work? Does it mean they store IMSI hashes with location data in one database and customer names and their IMSI in another and nobody supposedly should have access to both databases at the same time?
That's the explanation I'd expect the answer to be. In Europe it'd be classified as pseudo-anonymous, and would still be personally identifiable data in the legal sense, and therefore not truly "anonymised".
The network stores the location of connected users at cell level (group of cells, sometimes) because that information is required to page (ie receive calls) and then to route traffic.
If you can de-anonymize so-called "anonymous" data through some well-known (intended, even) procedure then said data is not anonymous. This is trivially, definitionally true.
It does, see my other comment. It means employees CANNOT deanonymize the data. If done properly, the key is off network and off premises, only retrievable with a lot of red tape.
Then it isn't anonymized. It can't be unmaskable by any procedure and anonymous at the same time. You need to stop calling it anonymous and call it what it is:
Bound to an individual, but not actionable via the collecting agency without outside input.
An interesting point is that they have yet the data of the phone owner, because is required by the new laws that you send they your name, phone number and your email in order to receive some notifications from the government. This has happened since the last two years or so.
Well, you would think this kind of mass surveillance would help Spanish authorities put Russian mobsters (with connections to Putin and Co.) in jail... but instead they get acquitted:
This seems a bit exaggerated. I work for one of these ISPs, but I'm not involved in this project.
GDPR explicitly states that no permission is required if the data is anonymised. The data shared with the INE will be movement of batches of at least 5000 people. The movements will be between 3500 zones. There are more than 60.000 cell phone towers in Spain, so they could have made the movements much more precise if they wanted (at the cost of anonymity of course). If less than 5000 people cross from a zone to another it will not be shared. No IMEI/IMSI/MSISDN will be shared.
I understand that there might be concerns of de-anonymisation, but it makes no sense. If the Spanish government wanted to track someone they already can, with a court order. Spanish phone providers are required by law to store this data for 6 months minimum up to 2 years maximum. (https://www.boe.es/buscar/doc.php?id=BOE-A-2007-18243). The government is going to receive data from 4 working days, 1 weekend day, a holiday and two days in Summer. Tying this with Tsunami Democratic is a bit strange. There is an ongoing investigation, so they can already track people tied with the movement as long as they have some form of personal information (IMEI, IMSI, MSISDN). Honestly, a massive protest one of those days might throw off the statistics in Catalunya.
And by the way, this data is already being sold to third parties for profit:
> I understand that there might be concerns of de-anonymisation, but it makes no sense. If the Spanish government wanted to track someone they already can, with a court order.
Since October 14th, there are ongoing mass protests in Catalonia (a part of Spain with a strong pro-independence sentiment), demanding freedom for their political prisoners jailed by Madrid (for 9–13 years). Hundreds of thousands people are on the streets. Barely reported by media. Barcelona Airport was overtaken for one day.
And most of the current prisoners are not politicians and have never been.
Regarding the politicians, may these traitors rot in jail. They betrayed their people and surrendered themselves when everybody was on the streets ready to fight.
No, it's not related at all. Jesus guys, this is not reddit, you don't need all of this to know the location and track a mobile phone. Every carrier in the world can do this with very basic tooling.
That was my first thought too but seems the dates are between 18 and 21 november. If they wanted to track the current widespread protests in Spain, they would have done it right now.
they are of course tracking us right now. This announcement is just an explicit reminder that they can do so, to try to scare the people. The dates are irrelevant.
I currently work for an spanish ISP, and I can tell you that this test will put a lot of stress in the ISPs network. Querying, for example, cellid for so many phones simultianeously is going to be a problem. Other data like IMSI and so on is not a problem because it's stored in a database.
For people who is scared of this, ditch your phones because extracting your location, subscriber id and other info is, honestly, trivial. It is not to do at scale, but if someone wanted to spy on you and had access to the ISP network, be it via hacking into it (very difficult in the one I work for, but may be possible), or using a law, they can know where are you with very little effort.
"As long as data is not de-aggregated and de-anonymized there is no issue here"
Awfully hopeful there.
"The other political statements and comparisons he makes, well are unrelated and sincerely looks like political propaganda to me."
I would say the same about your assertions of innocence and presumption that the data can not be de-anonymized. If the "propaganda" is supporting user privacy I'd say you're on the wrong side of this discussion.
>“Every phone has two operating systems,” explains Gary S. Miliefsky, CEO of SnoopWall, “One that connects to cellular networks, and one that interfaces with the consumer. Airplane mode may only disable features in the consumer facing operating system, such as Android or iOS, but not in the OS used between the phone and the carrier network. A phone may be giving out a ‘ping’ and you’d never know it.”
Surely that defeats the whole idea behind airplane mode. i.e. stop the phone from sending crap that (supposedly) messes with airplanes?