ICE's surveillance technology

lubiepomidory

So, basically, according to this article: [https://www.404media.co/inside-ices-tool-to-monitor-phones-in-entire-neighborhoods/](https://) ICE has access to new technology that allows them to scan for mobile devices in a given area, to identify them, and to locate them individually for an extended period of time (for example after a protest), giving them info about your workplace, place of residence, etc. What I'm wondering is, would this kind of technology work for GrapheneOS phones? Or does it depend on which location services you have turned on?

Hill_Sphere

lubiepomidory Or does it depend on which location services you have turned on?

Your cell service provider of course will always, by necessity, know your phone's location.

It's not known that cell providers are currently directly providing location information to gov't, so the location information Penlink's Webloc is using very likely comes from user installed apps, bought from data brokers. Penlink also scrapes the web to augment this information.

https://en.wikipedia.org/wiki/Pen-Link

It depends on the location service type and who you grant location access to.

with GNSS, in the US often called GPS, your device (e.g. phone or car dash mounted navigation device) is a passive receiver, so no way to track the receiver. Your phone still can pass GNSS location on to apps though!

AGNSS (assisted GNSS) augments GNSS with other radio sources and is NOT passive, so the radio source your phone/device communicates with can track the device if the device can be uniquely identified.

MAC spoofing, etc. attempt to mitigate this.

More: https://en.wikipedia.org/wiki/Assisted_GNSS

This paragraph from the article is key:

The material does not say how Penlink obtains the smartphone location data in the first place. But surveillance companies and data brokers broadly gather it in two different ways. The first is from small bundles of code included in ordinary apps called software development kits, or SDKs. SDK owners then pay the app developers, who might make things like weather or prayer apps, for their users’ location data. The second is through real-time bidding, or RTB. This is where companies in the online advertising industry place near instantaneous bids to get their advert in front of a certain demographic. A side effect is that companies can obtain data about peoples’ individual devices, including their GPS coordinates. Spy firms have sourced this sort of RTB information from hugely popular smartphone apps.

mr_r0bot

lubiepomidory
While they don't go into extensive detail in the article, they do reference the use of the same technology as Babel Street and Venntel. This would point at the use of a CAI based system. It is most likely keying off the Google or Apple Ad ID being sent to RTB networks or forwarded by app ad SDKs . The quickest way to blind it to most data would be to remove the ad ID. More thoroughly, you could ensure the play services are either not installed or do not have location, and that any app using them doesn't either. But without the ID to correlate on there's limited tracking capability. At least to date, anything involving cell tower data should require a warrant, but CAI is not considered protected because it is shared under EULAs of apps.

cupcake-alibi

I don't know how ICE locates individuals, but I think there are two main ways they could collect location information: location services (GPS) and mobile network (SIM card/IMEI/IMSI).

So if you installed Google Play Services, gave it location permission, and logged in with your Google account, ICE could "politely" ask Google to share your location. Similarly, if you inserted a SIM card and/or kept Airplane mode off, ICE could use track your location using an IMSI catcher, for example.

I don't use a Google account, I haven't inserted a SIM card into my phone, and I keep Airplane mode on. If you plan to participate in a demonstration, it is advised to leave your phone at home (bring a dedicated device if you need it). EFF: https://ssd.eff.org/module/attending-protest

There are, of course, more extreme ways of collecting (location) information (Pegasus, 0-day exploits, etc.), but these would be far more expensive, so they're used for targeted surveillance of activists, journalists, lawyers, politicians, etc.

EverettHitch

Since the article mentions tracking of "neigborhood data", it is linked to cell tower connection data which network operators surrender gladly to government (purchased from tax payer money) in order to do their business peacefully in the country. Disgusting.

gristle-cause

EverettHitch it is linked to cell tower connection data

that's an assumption, 404 did not receive any documents detailing the source of location data

They could just as easily be using zip codes associated with advertising IDs obtained through data brokers to distinguish neighborhoods

It's not a bad assumption, and folks should never assume location data is private when connected to a cell network. But there's no evidence to confirm this particular tool is using cell network location

BeepBeep

Got interested and investigated briefly. ICE reportedly using 2 tools from a company called Penlink, Tangles and Webloc.

Tangles uses open source intelligence which could have been created by you or someone else, about you, potentially without your knowledge (e.g. your photo in the background of someone else's social media at a determinable location or near other identifiable people). You can limit your own digital exhaust. It's harder to limit everyone else's. Either way, it's not really a GOS matter.

Webloc uses data from commercially available ad networks. It seems to me that this data would be leaking from ordinary phones but that GOS could help prevent your inadvertent participation in those.

mmobder

If to speculate further, apart from your smartphone itself, there are other potential identifiers available, like BT addresses of your accessories, be it headphones or smartwatch, not all of them are "silent" when paired/connected.
Having network location ON, public servers used for network location, typically receive a bunch of available identifiers around (including ssid,...) as a part of request, so ID may be leaking massively if there is somebody to collect.
So if it's not your phone "emitting", it may be arbitrary person standing at your right who unintentionally shares your IDs.

Though I dunno if there are actual solutions that uses it.