Automatic Surveillance Via Cell Phone

Your cell phone company knows where you are all the time. (Well, it knows where your phone is whenever it's on.) Turns out there's a lot of information to be mined in that data.

Eagle's Realty Mining project logged 350,000 hours of data over nine months about the location, proximity, activity and communication of volunteers, and was quickly able to guess whether two people were friends or just co-workers....

He and his team were able to create detailed views of life at the Media Lab, by observing how late people stayed at the lab, when they called one another and how much sleep students got.

Given enough data, Eagle's algorithms were able to predict what people -- especially professors and Media Lab employees -- would do next and be right up to 85 percent of the time.

This is worrisome from a number of angles: government surveillance, corporate surveillance for marketing purposes, criminal surveillance. I am not mollified by this comment:

People should not be too concerned about the data trails left by their phone, according to Chris Hoofnagle, associate director of the Electronic Privacy Information Center.

"The location data and billing records is protected by statute, and carriers are under a duty of confidentiality to protect it," Hoofnagle said.

We're building an infrastructure of surveillance as a side effect of the convenience of carrying our cell phones everywhere.

Posted on July 28, 2005 at 4:09 PM

Comments

Francois KashyJuly 28, 2005 4:36 PM

Bruce, don't you always say that technology is a tool which can be used for good or evil like any other tool? Do you think this can have beneficial as well as harmful applications?

RichardJuly 28, 2005 4:54 PM

"We're building an infrastructure of surveillance as a side effect of the convenience of carrying our cell phones everywhere."

I couldn't agree more with Bruce on this one. Combined with other invasive privacy-robbing programs such as city-wide surveillance cameras, National ID cards, and random bag searches, we Americans are steadily having our privacy chipped away with each passing day. This is just another facet of a growing problem. Ultimately, it doesn't matter where the surveillance comes from; corporations can and probably will abuse the information just as badly as the government.

Bruce SchneierJuly 28, 2005 4:58 PM

@ Francis Kashy

Yes. Of course there are beneficial applications, and the article writes about some of them. But on the balance, universal surveillance of everyone is a bad thing. The companies who are collecting this data have a lot of control of its use and dissemination, and that's a bad thing. And people don't realize that this surveillance is happening, which is also a bad thing.

My main objection is that we're building a surveillance society as a side-effect, and not by design. I don't think this kind of surveillance is a good thing, and I'm happy to debate that issue with others. But having it slipped into society without debate...that's the worst.

NickJuly 28, 2005 5:03 PM

The recent innovation of 'phones with built-in GPS' also touches upon this; I believe there's already a third-party product that would allow an employer to track an employee who is carrying one of those phones. Question is, how secure is the identity of the person being tracked; that is, could someone other than the employer obtain the same program and track people upon obtaining the necessary data?

ArikJuly 28, 2005 5:25 PM

@Bruce

I don't think there is any way to stop it from happening.

There is another way to level the playing field: make surveilence data available to everyone.

AndrewJuly 28, 2005 5:39 PM

This particular case was done with people who volunteered for the project. They were given the phones and told explicitly what was happening. The phones were special bluetooth enabled phones, and sensors were placed on campus in order to pick up these signals. When a person was roving, it would log the calls and bluetooth handshakes with other known phones (in order to tell who you were standing near), and then report those results when it got back in touch with the bases.

Just so people don't start freakin' out about their own phone....yet. ;)

Rob MayfieldJuly 28, 2005 6:28 PM

It wont be long - 'I want to divorce her because her phone and my best friends phone both meet in the neighbouring town twice a week late at night when she tells me she's at the local bingo night ...'

Rob MayfieldJuly 28, 2005 6:34 PM

@Andrew - 'Just so people don't start freakin' out about their own phone....yet. ;)'

My understanding is that it's technically possible to triangulate position on the GSM system reasonably accurately - not close to the accuracy of GPS, but close enough to make physical location search practical (ie finding a missing person or locating a vehicle accident), and probably close enough to satisfy a number of evidentiary requirements.

KevinJuly 28, 2005 6:49 PM

I wonder just how helpful the information really would be? Tracking by cellphone makes a dangerous assumption - the assumption that I am with the cellphone.

For instance, what if I put my cellphone in the trunk of my wife's car when she goes to work in the morning? If I commit a crime when my cellphone is not in my possession, I could "try* to make the case that I was not at the scene of the crime.

Scarier still. What if a crime was committed in the vicinity of my wife and my cellphone was mistakenly left in her car? Could I be suspect because my cellphone was in the vicinity of the crime scene?

Sure - its a far stretch - but it shows how the cellphone tracking can be faulty.

Bruce SchneierJuly 28, 2005 7:02 PM

"I wonder just how helpful the information really would be? Tracking by cellphone makes a dangerous assumption - the assumption that I am with the cellphone."

I think it's better than that. Call records provide specific points when the person and phone were together. And I'll bet with enough tracking you can figure out when the person is holding the phone and when he is not.

Chris WJuly 28, 2005 7:07 PM

@ Arik - "There is another way to level the playing field: make surveilence data available to everyone."

This would be an extremely bad idea if any of the phones were in any way identifiable. And anonymous tracking is pretty much impossible; you can always manually locate an individual and then check which phones are listed as being in the area.

A thief could check a house to see if anyone's inside, and a stalker would find it much easier to track en's prey. I'd prefer it if the phones themselves sent no GPS information until an emergency number was called or an override signal was received. Then an attacker could send the override signal and track a particular individual, true, but that would be just one more step for an attacker to make. And it'd also be simple to put a timer on the GPS tracker--have it automatically turn off every twenty minutes or so.

Tracking everyone all the time is helpful for criminal investigations, granted, but not helpful enough. I would say that this sort of surveillance is not capable of 'substantial noninfringing use'.

KevinJuly 28, 2005 7:18 PM

"Call records provide specific points when the person and phone were together."

Unless there is something more insidious happening, I would assume that call records can only provide specific points when *A* person and phone were together.

RandomJuly 28, 2005 7:44 PM

If you combine some kind of location (e.g. signal triangulation, or GPS) with good base maps (such as the various location based service map sets available) and some kind of rule based engine (if person x is near person y and a motel... to use the example above) then you can do a LOT in near-real time. Not sure this is a good thing, but we already have this working (though with GPS units, not with cell-phones) for safety applications...

Per HedetunJuly 28, 2005 8:06 PM

There's a simple solution to this problem:

1) Keep your cell phone turned off at all times you don't want Big Brother knowing where you are.
2) Get a one-way pager and forward your incoming cell phone calls to it. (Remember, cell phones can be configured so that calls are only forwarded when the phone is turned off).

One-way pagers can't be traced since they are simple receivers. Problem solved!

KevinJuly 28, 2005 8:30 PM

I don't have deep knowledge of cell phone technology. So, this is a question...

My cell phone can run applications (AIM, games, etc). Is it posible to develop, upload and at a predetermined time execute an app that would dial a number?

Because then, a person could really create the illusion he was somewhere he was not!

BarushkaJuly 28, 2005 9:34 PM

Bruce Schneier said:
"My main objection is that we're building a surveillance society as a side-effect, and not by design. I don't think this kind of surveillance is a good thing, and I'm happy to debate that issue with others. But having it slipped into society without debate...that's the worst."

Have you ever written a response to David Brin's ideas? I search your site for his name, but nothing much came up.

ScoteJuly 28, 2005 10:51 PM

The report said "People should not be too concerned about the data trails left by their phone, according to Chris Hoofnagle, associate director of the Electronic Privacy Information Center."

Well, that was before this study proved how useful the data. As with so much data, the Patriot Act allows the Federal Government to request cell phone records without needing a Judge's order. Also, the carriers are free to sell the the data as "anonymous" data which data aggregators may have enough information to guess at who the individual users are.

Davi OttenheimerJuly 28, 2005 11:39 PM

"85 percent of the time" is good, but it's not good enough. My guess is that the study will be a stepping-stone for a grant to research how to achieve systems with enhanced predictibility, if it isn't already...

The whole idea of intelligence gathering in a free society should probably always be predicated upon somewhat clear notions of reasonable cause or threat. Isn't it obvious that at least some form of justification is necessary to avoid seriously disrupting civil rights?

In addition, investigations are typically better performed if they are narrowly defined with a specific purpose. But more and more I am hearing about cases where it is considered acceptable to not only perform broad-based surveillance (a huge dragnet instead of a fishing line) but that it also is acceptable to use anything and everything that turns up (the ends justify the expedient clear-cutting means).

The impact of all our mobile technology means that security practitioners and legislators should re-emphasize the simple point that without proper cause and caution, it is a rights violation to allow secret surveillance data to be compiled and analyzed.

Bruce SchneierJuly 29, 2005 12:05 AM

"Have you ever written a response to David Brin's ideas? I search your site for his name, but nothing much came up."

I haven't. I've talked about it at conferences, most recently at CFP in Seattle. Maybe I should write up my definitive refutation.

Bruce SchneierJuly 29, 2005 12:16 AM

"My cell phone can run applications (AIM, games, etc). Is it posible to develop, upload and at a predetermined time execute an app that would dial a number?"

I don't see why not.

Bruce SchneierJuly 29, 2005 12:18 AM

@ Arik

"There is another way to level the playing field: make surveilence data available to everyone."

That doesn't level the playing field. That's the fundamental problem with Brin's vision. When there's a significant power imbalance, those with the power can make use of surveilence data more than those without the power.

WoodyJuly 29, 2005 12:45 AM

""My cell phone can run applications (AIM, games, etc). Is it posible to develop, upload and at a predetermined time execute an app that would dial a number?"

I don't see why not."

It depends on the handset platform in use. GSM might allow it, on a phone with a J2ME implementation, I'm not familiar with those.

CDMA phones, OTOH, running BREW, I know are rather unlikely to be able to do anything "covert" like dialing for you. The carriers tightly control what apps can be put on the phones, and applications that are downloadable normally aren't priviledged with those portions of the phone's API.

They can talk data (e-mail/IM), but not voice.

GPS is a very interesting feature. It's there in the CDMA phones, but not enabled normally unless the 911 emergency mode is activated. As it's a GPS supplemented with tower information, it's a VERY accurate locator. Much more so than the cell triangulation that's often used by highway patrol for accident reports (and blocking the 100th and later callers in an area around an accident, all calling to report the same accident without stopping ).

RogerJuly 29, 2005 2:03 AM

Of course if your cellphone OS doesn't allow automatic generation of outgoing calls, in many cases you can probably still achieve it by connecting it to your PDA (or laptop, or whatever) and writing the app on that. Most phones can be given AT commands, or the equivalent, through a Bluetooth, USB or serial link.

Having said that, Per Hedetun's pager idea seems more practical. I often turn off my phone if I'm pretty sure I'm not going to receive a call, however the proportion of time when that is the case is too low. The pager solves this.

In the bigger picture, how do we solve this for the general public? This is really a remarkably dangerous database. Forget about governements spying on you; now the value is known, it won't be long before some phone company employee is bribed to provide this data to criminals. It clearly facilitates burglary, extortion, robbery, kidnapping, stalking, rape and murder. The government is not going to be interested in my proposed solution ("Delete all this data at once, and stop collecting it."), so what else can we do?

Stephan EngbergJuly 29, 2005 2:08 AM

Hi Bruce,

On the dot - the problem is that it is both harder and require motivation to build more secure systems with these security destructive properties.

This presentation from the European Security Taskforce workshop in Bruxelles have both some deeper analysis on the problem. But it also announce some specific ways to solve this type of problems focussing on a ongoing change in the perception of security.
http://www.securitytaskforce.org/dmdocs/workshop2/stephan_engberg.pdf

As to the transparant society followers - sure in theory, but as today the strong, criminal and the ressourcefull can always protect themselves whereas the citizen will be made a moving target. This theory is based on giving up on security and will prove seriously destructive not only to freedom but to free markets as such as any company need confidentiality to compete and make a profit to pay for investments.

GrasshoppermindJuly 29, 2005 3:26 AM

Siemens have been spending R&D money on geotagging. I remembered this article from February: http://future.iftf.org/2005/02/turn_off_your_p.html
And on the security concerns here: http://spaces.msn.com/members/grasshoppermind/Blog/cns!1pNPTKgLXmMUGaBNr63ZDKww!133.entry

As long as these "features" are user configurable and can be turned off or on at will then I will be happy to carry this type of device.

Perhaps we will see a new market emerging around secure VOIP as a direct result of privacy concerns.

GrasshoppermindJuly 29, 2005 3:30 AM

Siemens have been spending R&D money on geotagging. I remembered this article from February: http://future.iftf.org/2005/02/turn_off_your_p.html
And on the security concerns here: http://spaces.msn.com/members/grasshoppermind/Blog/cns!1pNPTKgLXmMUGaBNr63ZDKww!133.entry

As long as these "features" are user configurable and can be turned off or on at will then I will be happy to carry this type of device. If you're aware you can make a choice.

Perhaps we will see a new market emerging around secure VOIP as a direct result of privacy concerns with GSM.

ursusJuly 29, 2005 3:39 AM

Hi,

just wanted to add that we had the police using this data here in Austria yesterday.

A woman killed her 2 sons while they slept. She then fled the crime scene. Nobody knew where she went and police found her by homing in on her mobile phone.

Am not really sure how I feel about that - of course it's good that she was caught, cannot help wondering when the police are allowed to use the mobile phone companies data to track someone :o(

ursus

GrainneJuly 29, 2005 4:26 AM

@ursus

A similar incident happened here (Ireland). There was a high profile case about a year ago where a nine yr old boy went missing in the country. The police were able to find his body by tracking his phone. He was really remote, so I don't think he would have been found otherwise.
I don't know what it's like in the US, but in Ireland most kids have phones. The new target market is nearly pre-school age as they are marketing phones with free toys etc.
I can't imagine that the restriction on privacy is a good thing, but mobile tracking does have good uses when criminal behaviour is involved.


Also: "My cell phone can run applications (AIM, games, etc). Is it posible to develop, upload and at a predetermined time execute an app that would dial a number?"
- i know this has been replied to already, but I know that in college last year some of my friends did different projects involving mobiles. Some wrote their own java games and uploaded them onto their phones. It wasn't a hugely complicated task.


NeighborcatJuly 29, 2005 4:44 AM

Any cellular system engineers out there?

As I understand the system, the position of a cellular phone is triangulated so that the information transfer can be routed through the best link or handed off if the phone is moving.

Is there a reason why the phone could not have a "receive only" mode, in effect making it a pager when the user is not intending to send data? Would this require modification of the call routing scheme, or just the phone?

J.

NeighborcatJuly 29, 2005 5:18 AM

This isn't new, and isn't exactly on the subject, but is another interesting side effect of the ever increasing cellular network coverage. The Brits at Roke Manor can detect the presence, if not the location of Stealth aircraft using a cellular network as a passive radar system. See:
www-tech.mit.edu/V121/N63/Stealth.63f.html

J.

StalkeeJuly 29, 2005 7:18 AM

@Arik:

Great way to facilitate the stalker! :-(

(And yes, I'v been stalked (off-line) by someone who developed her interest in me online.)

DaedalaJuly 29, 2005 9:44 AM

I found this article neat because it's such a _good_ demonstration of the power of traffic analysis, which is an often-neglected point of vulnerability.

Also, if they can do this, we should at least make them find my stolen cell phone!

RvnPhnxJuly 29, 2005 10:10 AM

@J. With any frame-relay networking scheme you need to know how to route the data. As it is right now the cellphone companies collect location data from the handsets (basically a heartbeat ping) anywhere between every 5 minutes and every couple of hours--with the parameters that vary this time most likely different from carrier to carrier. Some phones are purported to "ping" the towers themselves--but I doubt that this is often done on a regular basis anymore.
There is likely a "time-to-live" set on any routing data generated by the cellphone network's routing system--therefore potentially unnecessarily expiring a client's location data, and forcing another location ping. This is why places like hospitals often ask that you turn your cellphone off the moment you step in the door (aside from the fact that re-barred concrete and metal structures can dampen the cellphone RF signals and cause the phone to ramp up in transmitted power) as the phone has the potential to interfere with things inside the building.
This is only an outline of the basics, off the top of my head. There are likely more reasons why the providers don't want to let the handsets have receive only modes (despite the fact if would increase available standby time drastically). Also, remember how small the common network cell is, and how ineffcient doing something like an ARPing would be on the cellphone network. It is complicated, to say the very least ;-).

DonJuly 29, 2005 10:21 AM

Not cell-phone engineer, but know wireless systems...

The basic concept of cell technology is reusing the same bandwidth in many cells, with landline-based communication between the cells. A critical part of this sharing is communication between base and mobile elements, especially for the handoff from one cell to another, and the dynamic assignment of available bandwidth to individual mobiles.

For a cellphone to receive a call, the system needs to know what cell it is in, and what channel it is assigned to. If it just broadcast messages to every cell, then a nationwide cell system would be swamped with just those messages alone.

TrustJuly 29, 2005 10:40 AM

I have watched and read most of the threads concerning surveillance and the use and abuse of the gathered data silently for some time. The technical details are all very interesting and valid, but:

What it comes down to is not what good or harm can be done with such data. Not what data can be combined with other sources to build profiles. It is all about trust. Can I (we) trust the government with this information? Can we trust companies with this data? Trust is earned and it's a two way street. The government has not earned my trust; to the contrary they have proven that they can NOT be trusted to be honest about their intentions when it comes to surveillance data. Companies are the same. They have proven to NOT be trust worthy.

If this data, take video surveillance as an example, were used only in positive ways (London bombing investigations as one example) and the authorities could be trusted to not use the data in intrusive ways (profiling of our movements), I would smile for the camera

I'd rather be getting a discount at the supermarket, but I don't trust them. I’d rather use my credit card for everything, but I don't trust them. I'd like to get a free pass at the airport security checkpoint, but I don't trust them. I don't enjoy having to sweat pgp keys for everyone I exchange private or proprietary information with. But I do and will continue to do what I can to remain private until the "powers that be" prove they can be trusted. Makes one hearken back to the days when all we had to worry about were the crooks and thieves!

This trust will not come easy; they are starting out in the hole... It's a shame, really, that I have to think of my Government and Industry as an adversary. Worse yet is the fact that my government feels that "we the people" (sorry I couldn't resist...) are the enemy...

Jeff CarrollJuly 29, 2005 11:18 AM

As others have pointed out, cellular networks have to know what cell any user is in, in order to be able to route calls. The government requires that the additional precision provided by AGPS be resident in the network in order to enable authorities to respond to emergencies; there is a substantial debate focused around whether AGPS information is actually accurate enough to be of much use to emergency responders in urban settings. On the network I use, it's possible to buy handsets on which AGPS can be disabled.

Our wireline phone legacy has lulled many into a false sense of privacy about the device they call a "telephone". Our government has exacerbated that illusion, in my opinion, by outlawing the possession of devices capable of eavesdropping on cellular conversations.

Cellular "phones" are not phones in the traditional sense; they are radios. Cellular users should educate themselves about the physics of radio, the basic design principles of cellular networks, and the privacy implications of both.

Jeff CarrollJuly 29, 2005 11:32 AM

and to answer another question: the telephony API (ability to initiate calls under program control, etc.) is a feature of Personal Java that was omitted from J2ME. It's possible that it could eventually be reintroduced through the JSR community process or in a later release of J2ME, but I think that's unlikely inasmuch as telcos don't particularly want third-party developers to have access to that functionality.

BlairJuly 29, 2005 12:45 PM

I'm torn about the usefullness of all of the potential surveillance data.

Obviously it can be of great use. See the London bombings... through security cameras they were able to track suspects. Without it, they might still not even have suspects.

As an american I understand the obsession with privacy. I do not believe the government or corporations should have access to the kind of information about me that they can get through GPS-enabled cellphones, data brokers, surveillance cameras, etc without probable cause.

As history has proved several times, if something is available as a tool to law enforcement they will use or abuse it. This has proven both useful and detrimental, witness the Hoover era FBI and the London bombings.

I don't see our soceity moving away from all of this information and data on people. It's proved too useful to everyone. There are too many vested interests to get rid of it. But what kind of compromise can be forced on it that isn't overly onerous? Perhaps it should be onerous, then companies might no longer be interested in collecting it. Strong legal requirements for auditting the use of the data and prohibitions against personalized data mining would go a long way to preserving some illusion of privacy and stop some abuse...

Personally I've accepted the fact that carrying a GPS-enabled cell-phone means that theoretically my movements can be tracked. I believe that until my movements have some kind of commercial benefit for a corporation, I'll just be a data point lost in a sea of other data points.

RegulusJuly 29, 2005 4:09 PM

I keep it off all the time and simply use email instead of that pager. What bothers me is that in army we usually not only turn phones off, but also have to disconnect the battery. Anyone knows, is it possible to "wake-up" the phone remotely?

Per HedetunJuly 29, 2005 6:53 PM

Regulus:

The reason why you are instructed to disconnect the battery is most likely so that phones which may have had their firmware compromised are eliminated.

It is possible to modify the firmware so that the microphone is picking up audio, and then the cell phone sends this data to a preset number - WITHOUT any indication whatsoever that the phone is "awake".

Thus the phone effectively becomes a "bug" without anyone knowing!

Also often referred to as a "trojan phone".

Davi OttenheimerJuly 29, 2005 7:25 PM

@Michael Slater

Thanks for the link. I thought this line was insightful:

"Wireless companies are obliged by law to keep records of the unique data that each phone exchanges with the cell network as well as the numbers to which calls are placed..."

BryanJuly 30, 2005 12:03 PM

It seems to me that someone could/should write a paper which definitively answers the following questions:

1) Which phones have position reporting ability (GPS) built in?

2) For those phones which do *not* have such ability, what is the accuracy of triangulation methods? Does this accuracy change depending on what radio technology is being used (EDGE, GSM, CDMA, etc)? How about where towers are far apart? Assumption: if only one tower is in range of your phone, you're located somewhere inside a large, fuzzy donut shape printed on top of the map. Even if three towers are in range, you're within a smaller triangular-shaped area - but is that triangle as big as a person, or as big as a county, or somewhere between?

3) Do cellcos routinely save enough information to provide (or calculate) a location trail for each individual phone user? If yes, how *long* do they save this? And if yes, how hard is it for the cellco to retrieve the location trail data? Is it as simple as asking a database, or does it require extra steps? What if any laws/regulations cover the storage and use of this information?

Andrew made an excellent point above - that the methods used to track phones (special bluetooth sensors placed throughout campus) in the study Bruce discusses are *not* available to cellcos/government. So, these three questions attempt to get a better understanding of the data these people *do* have at their disposal.

Erik NJuly 31, 2005 6:23 AM

According to the news sources

http://news.bbc.co.uk/2/hi/europe/4730265.stm

one of the suspects of the 21J London bombing attempt was traces by his cellphone. However, he was not traced by triangulation but by his phone calls.

However, I recall some years ago a 12year old girl was murdered, sexually abused and burried. They found her from the phone signals that were sent untill the battery died.

Answering some of the previous posts: The cellphone needs to continually roam the closest antennas in order that the phone calls can be routed to the best antenna. Every given time interval the cellphone will scan and bind to the best antenna and the mobile central will update any changes in the routing.

(This is also why cellphones must be turned off on airplanes because as they loose signals they will try roaming for better antennas. Installing a microcell on the plane solves that.)

I don't believe that a receive only pager will solve this problem, it need to be located so that information can be sent to it.

The triangulation becomes more accurate as next generation cell phones uses higher frequencies. With higher frequencies you need more antennas to cover a given area, hence you can get more precise location. AFAIK you can locate with 20m accuracy with GSM1800 in larger cities, with 3G phones this becomes more accurate. However, it is not posible to locate vertically very accurately as most antennas are in the same height.

So, while it is posible to locate your phone it is more difficult to tell that you did actually use it: Bruce wrote in his blog about a crypto attack against bluetooth:

http://www.schneier.com/blog/archives/2005/06/attack_on_the_b_1.html

What he forgot to mention was the bluesniper rifle that is basically just a very good antenna that lets you attack devices beyond the range defined in the bluetooth standard. Here's a how to build:

http://www.tomsnetworking.com/Sections-article106-page1.php

So, taking these two together you really never know who called...

Per HedetunJuly 31, 2005 5:48 PM

Erik N:

Pagers are based on a tried and tested technology, and are trusted by many for "mission critical" applications.

Of course, reception may vary depending on your location, type of pager, paging system, and your paging system operator.

However, considering that most one-way paging systems operates on VHF, instead of microwave, reception of a page in "difficult" locations (such as in tunnels, big buildings, etc) is certainly easier than the reception of a cell phone call on microwave bands.

JohnJAugust 1, 2005 11:40 AM

Regarding programming a phone to dial, there's a whole world of smartphones beyond J2ME-based devices. PalmOS and PocketPC devices could probably very easily be programmed to 'dial on demand'. The phone app on my Treo, for instance is not only hacked to show different startup/shutdown screens, but also shows a map of the country/state where any caller is located. Other apps are used to schedule the phone's on/off times for battery conservation. 3rd-party ROMs can replace the system ROM, totally replacing the phone app with one that could do practically anything.

another_bruceAugust 1, 2005 12:01 PM

per hedetun sounds like a real smart guy who's on top of this. all i would add: pay cash for your cellphone and pager, if you're concerned about surveillance cams at the radio shack, pay the unemployed guy on the barstool next to you $20 to go in there in get it for you. prepaid cell plans are the ones with minimum documentation and online activation, which can be from anywhere (in a retrospectively hilarious episode when online activation failed, i had to call tracfone's help number and got a girl in eastern europe who sounded like one of the gabor sisters except that she was develepmentally disabled). the other advantage of keeping your cellphone off when not using it is that people won't disturb you when you're driving, and any doubts about the security of a turned-off phone can be resolved by tucking it into your girlfriend's faraday fendi baguette clutch bag.

SandraAugust 13, 2005 7:17 PM

Is there a way for me to know if someone is tracking me on my cell phone?
Would my cell phone company know?

romeoandjulietAugust 31, 2005 12:24 PM

i recently found out that my boyfriends parents were tracking all of his cell phone calls, printing out all of our conversations. at first i didn't believe that it could be done, but i guess i was wrong......all we want to do is be together but his parents won't allow it. Threatened to cut him off and throw him out if we stayed together. But we are both adults.I was wondering if there is any way around this, a way for us to talk without them being able to track it. He said it's only if he picks up the phone when i call, but can they get his voice mail and text messages too???? Should i go out and buy him a seperate cell phone to call me with???

RonSeptember 8, 2005 6:07 AM

i recently found out that my boyfriends parents were tracking all of his cell phone calls, printing out all of our conversations. at first i didn't believe that it could be done, but i guess i was wrong......all we want to do is be together but his parents won't allow it. Threatened to cut him off and throw him out if we stayed together. But we are both adults.I was wondering if there is any way around this, a way for us to talk without them being able to track it. He said it's only if he picks up the phone when i call, but can they get his voice mail and text messages too???? Should i go out and buy him a seperate cell phone to call me with???

Posted by: romeoandjuliet at August 31, 2005 12:24 PM


This is really disturbing to read. Is this possible?

Thomas SprinkmeierSeptember 8, 2005 7:42 PM

@Ron,

""... tracking all of his cell phone calls, printing out all of our conversations. ""

"This is really disturbing to read. Is this possible?"

yes, it's called an "itemised phone bill"

DougOctober 7, 2005 2:57 PM

I am concerned that law enforcement will get restricted in their use of this technology, and that it will handicap their ability to protect you and me from nutcases like Osama's followers. I'm not worried about them misusing it. An isolated case may happen -- but it's ludicrous to hamstring the police because of an occasional misstep.

I am much more worried about private companies who see a market opportunity. They will sell access to these records to anybody. For instance a sex pervert who wants to stalk a particular woman or little boy of his dreams.

There is no easy solution to this issue.

ellenOctober 25, 2005 6:21 AM

I think my husband is cheating! He has only his company cell phone how can i find out his phone conversations and number that occurs?

ChiDecember 30, 2005 3:09 PM

How do I stop the police from getting my cell number when I call 911 to report a crime?
In some cities the police and gang members are partners in crime.

chiJanuary 8, 2006 7:04 PM

"Use someone else's phone."
Not an option the other person will become the target of the “dirty cops��?and gangs.

Is their a device that will allow me to block my cell number and location?

rolloJanuary 22, 2006 3:24 PM

That is ok Doug. The police are the new terrorists. Make friends with the crooks, it is cheaper,and safer. I enjoy tracking you guys,with an old tv set that picks up the old channel 60 to 83. Just turn the uhf antenna sideways,point it twords a cell tower,adjust the bandwidth and finetune.Viola. an untracable tracking device.

ConcernedGuyFebruary 26, 2006 1:16 PM

I foolishly called an ex-girlfriend who was harassing me to tell her to leave me alone. I called from my cell phone and used *67 to block my new number. In a subsequent email she informed me that she pinged my phone to determine my location. She is very tech-savvy and may have used a service like ICU (?) to actually try it. Also, she has a lot of friends who work in law enforcement. She's in California and I'm in New England. I have a few questions:

1. Is there any way to determine if my phone was actually pinged and whether or not it was successful?
2. Does using *67 to block a number eliminate the ability to have a phone pinged?
3. Is there any way for someone to actually override *67 and somehow view a blocked number?
4. My phone is equipped with GPS, but I have the option set that only law enforcement can locate the phone. Should I turn the GPS feature off entirely?

Thank you in advance for your response.

Mr_eMarch 1, 2006 4:59 PM

I would just like to further mention. That the majority of these capabilities are for sale to the general public. It is a truely sad state of affairs that anyone can buy information on you if they have your phone number and the bucks to make it happen. I am shocked that our information is so insecure and the main culprit is the providers. Heck look at the spam we now recieve on our cell phones and land lines. Wow look how low we have come.

Mr_eMarch 1, 2006 5:06 PM

Oh and I appologize this topic is a really sore spot for me. Gets my blood boiling. Another source of anxiety for me on this subject is this.
How many employees abuse Lexus-Nexus just because they can how many DMV personell abuse thier access to DMV records. How many Authority figures abuse thier capabilities? Some would say not many? But 1 is too many I personally had to call a police precent and speak to the sargent to get the officers of my area to stop harrassing my fiance at the time. She was strikingly beautiful and it seems the local police department couldnt stop pulling her over at least 3 times a week and asking her for her licence and registration but not writing a ticket or even mentioning an infraction of the law. I only mention this to say like the gentle man above pointed out it is not the capabilities but the level of trust I have for the people who wield these powers that is at issue here.

Mr_eMarch 1, 2006 5:41 PM

Lastly I would like to offer advise on avoiding people publicly Phishing your information reguarding Cell Phones. Follow these Guides (choose the ones that suit your need):

1) Get a 1 way pager as one gentleman above mentioned.

2) Turn off your caller ID on your cell phone. Let people know if they have blocking you won't return thier calls.

3) Have your calls to your Cell forwarded from a land line phone. Give people that number only.

4) Call your Cellular provider and tell them that you wish to have an account password activated on your account and that you do not want the online option for changing your password, you will come into a store if you wish to change it.

5) Turn off detailed billing on your Cell phone. (the down side on this is you wont have access to your call logs either)

6) Become active in forums like this and others and reclaim your liberties.

nicholasMarch 5, 2006 1:30 PM

hi... i like to ask a few things here...
firstly, does the internet have sales of tracking devices for handphones?
that could be installed in handphones..
secondly, my handphone is stolen, the simcard has been disable... any chance the police can track the phone using its IMEI or serial number over the GSM network?

AnonymousMay 19, 2006 9:16 AM

i am not of this hip & computer savvy generation...a gentleman i met on line wants to call me..i do not want him to ever be able to locate me...can he track me easily if i give him my cell pho.# ?

Pat CahalanMay 19, 2006 11:44 AM

@ Anonymous

> can he track me easily if I give him my cell phone #?

Depending upon your definition of "easily", yes. If someone has a phone number (cell, business, or home) and a couple hundred dollars, they can probably get a P.I. to give them a billing address relatively quickly.

If you don't trust him enough to give him your phone number, you probably shouldn't talk to him on a phone :)

KwaggaMay 22, 2006 4:37 PM

Interesting reading. Not much of a buff, but would like to track some of my customers as well. Might be really profitable... Any advice out there?

EricJuly 1, 2006 2:27 AM

Can anyone help me? I'm looking the person who took my mobile phone. I have the phone's IMEI but i don't know how to track it. Is there a device that can be used to track the location of my lost phone? pls email me at ericsa_1011@yahoo.com.ph
thanks.

artlantisOctober 2, 2006 8:26 AM

Interesting what technology can do. I have been working on a kind of universal phone software system and I've been wondering if anyone has ever developed a system that is capable of tracking one's cellphone location?

abhisheikOctober 3, 2006 12:42 AM

i lost my bank account debit card, Person who found it used it in shopping and bought a gsm phone. I traced down the imie number of that phone. Can anybody help me in tracing that Person.

A Little WorriedOctober 23, 2006 3:30 PM

My best friend is going through a divorce right now and things are getting really nasty. She has been texting a guy that she really likes and some of their texts are a little bit erotic. She's worried that her husband could somehow get ahold of her text messages and use them in court. Tell me if that is possible please. I'd like to ease her mind but honestly I don't know the answer. Thanks

Nickname is Jane DoeOctober 24, 2006 11:47 PM

All you have to do is take your battery out of your phone to disable most GPS sensors. It tracks on my phone about every 30 minutes, 2 minutes off the whole and half hours. I know this because there is rf disturbance in nearby electrical equipment when my phone is nearby.

How did I find out about this to research it? Some years ago, I was at the scene of a fire and called 911. I told the lady I could give her a roundabout address for the fire department. The operator told me never mind the address, she knew I was at a precise street number through the GPS on my phone. I asked her when that came about. She said after 9/11 law was passed that phones had to have this GPS with intermittant signals so emergency response could find people better.

I immediately felt violated. I sought ways to stop the intrusion. I don't do anything illegal that I know of, but I dislike the idea. Let's put it this way, if I can call emergency 911 to help me, I am at least still alive enough to put the battery back on the phone to hook it up to make the call. This way, I get my privacy, and then give out my whereabouts only when I make the/a call.

Luckily, I have a phone that you simply take one piece off the back of the phone to disable it- the battery itself. I worry that phones will be made in the future that will not be so readily disabled.

Track SMSNovember 8, 2006 1:02 PM

I was wondering I have been receiving text messages from a number I dont know, when I phone the number it goes to voice mail. I heard that when someone sends a text message the IMEI number of the phone is also send with it. Is this true? Will I be able to track the person with that? I think that the number is a prepaid number though. The text messages are very personal and harrasing.

DuneNovember 16, 2006 12:38 PM

Something Tim May has stuck with me for years and I always remember his words when I see this sort of stuff. It went something like:Governments have a horrible track record when it comes to private citizens information. (Sorry, I don't know the exact quote). This of course applies to private enterprise as well. When we give up control of our private information to companies and governments we are looking for real trouble.

AnonymousNovember 23, 2006 11:01 PM

I lost my phone and don't know how to track it. plse someone help me track it down and the person for justice. plse help. I'm mike by the way...

lillieDecember 7, 2006 5:28 PM

My husband is a spy satelite engineer. He has hurt me and I have responded by leaving crazy messages on his cell phone. Not long ago, in june Iguess he blackmailed me by forwarding ome of them to my phone. It was scary.I have a concern that everything that I say on my phone and, vioce mail messages that I left him that I called the cell phone company afterwards to see if I could delete,, angry, not threats, well I deleted them,, but I used that ability to ventthings that I had no intention of him hearing.. If I deleted them prompty, I know it sound bad, are they GONE like the cell phone company says they are. I ask this because he had ome tuff on my computer, CIS telecommunication???? alo he had a number on his cell that was baed in a little town in canada where I was going when I left those messages I deleted.....I learned he has been having several affairs,, I am miling and laughing now, it is so wild, I think he mut have tapped into the latin local dating online ervice... well anyways. he hurt me becaue I wouldn't give hime the phone,,,,the evidence i have a protective oder now... I am afraid that he is going to use against me in court the voicemail messages I sent him that I promptly deleted. because, he is extremely intelligent. And messe with my computer too... I am still laughing over this.. I mean it i horrible....What can he do to me??????? I realize he can't love me so divorce is there but,, I don't want to even pres charges againsthim for ASSAULTING me over that gosh darm cell phone, I thought he wasgoing to kill me,, he said I was going to ruin him, and he wanted that phone... part becaue of the 4 girlfriends but that numberthat went to the town I went to, I called it the next day and it wasbusy the whole time, then it saidmy phone wa restricted from it and then,,,ITWASDISCONNECTED.. what wa going on. he has a top level security clearance for the government, what was he doing and arethosemessagesthatiIdeletedgone???mycellphonecarrieraidthattherewanocallforwardingutse ota..qe tryingI I vw/serdainmwomilltefriosloagesthejmi

Concerned&ConfusedDecember 14, 2006 11:39 PM

Been searching the web. I am concerned and confused. Perhaps you can help. DO GSM CELL PHONES SOLD IN THE UNITED STATES have - or do they not have - GPS hardware? For example, the Motorola T720g? But also, if you could answer that question "in general". Thanks. Concerned&Confused.

EddieDecember 18, 2006 8:02 PM

How does one go about getting information verifying his cell phone is being tracked by former business partner.
The cell phone company is not very cooperative in giving this information due to legal liablity.

krisJanuary 1, 2007 10:44 AM

hello,

my mobile was stolen. I reported that fact to the police and to my operating company (Era GSM) in Poland. My surprise was even bigger when I heard from Era that they are not able to track down my stolen mobile's IMEI no. How can that be??

Kris.

brandanMay 29, 2007 5:44 AM

looking for my phone,was wondering if it could be located with its gps device.needing info

HassaanJuly 7, 2007 3:02 AM

my cell phone is stolen and i want you to track it down. it's IMEI # is 356682010371826. And my cell # is 00923465390994.

annJuly 30, 2007 6:01 PM

my husband is cheating. he has only his company cell phone. how can i find out his phone coversations and who he is talking to.

Terry McDanielAugust 19, 2007 7:10 PM

IMEI # 35447004914211 Stolen Treo650 ANY HELP- It could be in England or Ireland by now being that is where most college students from Poland seem to run off to.
An English teacher in Poland. tlmcdaniel1@yahoo.com

Pauline DanagherDecember 13, 2007 2:06 PM

My cellphone has been hacked and am being stalked from home and at work by a real estate broker who obviously gave all my personal information to someone in the building where I applied for an apartment on the west side of Manhattan
How do I alleviate this problem..I have told the police -- but now I still have this going on with my cellphone.

Comments on this entry have been closed.

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..