[guardian-dev] detecting mobile phone location

The Doctor drwho at virtadpt.net
Wed Feb 12 15:15:20 EST 2014

Hash: SHA1

On 02/12/2014 08:00 AM, Hans-Christoph Steiner wrote:

> Even with mesh however, you are emitting a radio signal, that is 
> trackable via your MAC hardware address, and so on. Location
> tracking of wifi signals via MAC is now a fairly common skill that
> even ad marketers are using, so I wouldn't put it beyond a
> government.

For what it is worth, the mode the wi-fi chipset is in seems to make a
difference.  When tests were run in Syria a few years ago ad-hoc mode
seemed to fly under the radar (so to speak..) while managed mode did
not.  We did not try raw injection in AP mode.

> Most mesh systems are built for humanitarian purposes and not 
> adversarial situations, and so the state of their security and 
> anti-surveillance features is quite minimal.

We could always use help on the node-side of things.  IPsec is a
fickle beast under the best of conditions.

> I would agree. If you are being actively targeted for bombing, I
> would avoid using radio emitting systems at all. Netbooks or cheap
> laptops

I concur.  Minimize emissions as much as possible.

> usually radiate less than 50mW. That's a lot less than 3000mW.  The
> risk is that wifi still radiates a unique ID (the MAC address).
> But if you use a MAC

For certain values of 'unique' (on a strictly technical basic) but
your point stands.

> changer, then you can change the MAC address every time the device
> uses a different wifi, and that will make it very difficult to
> track.

There is software to automate that part of the process, and it works
quite well.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

"Don't touch that!!" --Alton Brown, _The Next Iron Chef_

Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/


More information about the Guardian-dev mailing list