Researchers from the University of Minnesota presented a paper earlier this month detailing how a person in the know could use cheap hardware and open source software to determine what cell phone tower a GSM based cell phone is using. This could conceivably give criminals, governments, and businesses access to rough position without having to ask cell networks for permission.
The researchers suspect that approximately 80% of the 5 billion cell phones in the world suffer from this vulnerability, leaving around 1 billion devices that are not subject to being tracked in this way. It is also important to note that the position data is extremely coarse and at best can locate a phone within a square km area. This is not GPS tracking.
The paper, Location Leaks on the GSM Air Interface (.pdf), was presented at the 19th Annual Network & Distributed System Security Symposium and was the work of Denis Foo Kune, John Koelndorfer, Nicholas Hopper, and Yongdae Kim.
Here is what some of the typical news media coverage on this topic looks like, whether it is in print or broadcast news:
The news casters are obviously trying to make people watch the program and make it memorable, but in so doing they put the emPHAsis on the wrong syllABLE.
For starters, not all people can be tracked using the method outlined in this paper. The number of people susceptible to this security flaw is somewhere in the neighborhood of 136 million in the US, which represents the number of cell phone users subtracted by the number of smartphone users. There are about 234 million cell phone users age 13 and up in the US, according to reports from comscore. About 98 million are smartphone users. There are some smartphones at risk, especially those on the T-Mobile and AT&T network according to the paper.
Another important thing to understand is that this only affects phones that use the GSM network technology (i.e. old phones). GSM, or 2G technology, is older networking infrastructure that is on its way out in the US but is still used extensively by the vast majority of the world. The importance of the researchers findings are certainly more important for the rest of world than it is for those in the US.
Also, phones on certain cell phone carriers, like AT&T, are susceptible – smartphone or not. AT&T, which allows users to talk and surf the internet at the same time, has to use two different technologies to accomplish this. One of these technologies is GSM. This makes pretty much all their phones susceptible to being tracked using the method outlined in this paper.
Hackers also must have your cell phone number, a working map of the cell phone towers in your area, sophisticated computer skills, and a land line in order to pull off this hack. Chances are that there are very few people with all those components who are also willing to track you down.
The paper does end by suggesting some methods carriers could implement to secure GSM networks from this security flaw.