[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

CBDC Digital Currencies: A Recipe for Global Slavery

The Counterrevolution Against the Constitution

Conservatives in Congress Pushing to Repeal Military Covid Vaccine Mandate via NDAA

Gov’t Criminally Ignoring Vax-injured Living in Hell on Earth

There’s No Natural ‘Carrying Capacity’ for the Human Population: An Essay Inspired by the Happy News that the Human Population Has Reached Eight Billion

Turkey Expects More Extraditions From Sweden for NATO Membership

As the Pentagon Fails Another Audit, Congress Wants to Spend Even More on "Defense"

Danger Zone: On Religion, America Is Becoming More Like China

World Court Must Rule on Climate Justice: UN "Youth" Delegate

California Reparations Task Force Proposes $223K Per Person for Black Residents

Renowned Cardiologist: mRNA Vaccines May be “Changing the Human Genome”

New York Forces Websites To Monitor 'Hateful' Speech. A New Lawsuit Says This Violates the First Amendment.

Congress inches toward year-end government funding deal

Russian Oil Price Cap, EU Sanctions Come Into Effect

Born on the Tenth of January

Word and Sacrament: The marks of the church

SCOTUS Appears Favorable to Web Developer in Lawsuit Against Colorado Anti-discrimination Law

Semiconductor Manufacturers Don't Need More Subsidies. They Need Less Government.

Supreme Court Debates Whether Web Designers Can Be Forced To Make Gay Wedding Pages

NATO Exists To Solve The Problems Created By NATO's Existence

Life insurance companies sound DEATH ALERT warnings over nearly 100,000 excess deaths per month happening right now in the USA

Iran Says It Won’t Resume Nuclear Deal Talks ‘Under Pressure’

US Army Plans ‘Dramatic’ Increase in Ammunition Production as Ukraine Aid Drains Stockpiles

WSJ: US Secretly Limited Range of Weapons Sent to Ukraine

Imagining a Revived, Twenty-First Century Capitalism

Ukraine war: Fighting will be at 'reduced tempo for months' US intelligence experts say

Nigerian President Says Weapons From Ukraine are Winding Up in Africa

Ukraine Says Oil-Price Cap Won’t Dent Russia’s Ability to Fund War

Russia Rejects EU’s $60 Oil Price Cap

Macron Says Security Guarantees for Russia Needed for Future Peace Deal

Old Testament: Isaiah 7:10-17 (Advent 4: Series A)

Doing His Duty

Raytheon Gets $1.2 Billion Contract to Produce Air Defense System for Ukraine

Gospel: Matthew 1:18-25 (Advent 4: Series A)

NRA Files Lawsuit Against Oregon Gun-control Law

The Woman Who Spearheaded Prohibition's Repeal

How to replace the welfare state

Will Your State Reject the Fed’s Digital Dollar?

Rep. Adam Smith Says Calls for Ukraine Aid Oversight are ‘Russian Propaganda’

Epistle: Romans 1:1-7 (Advent 4: Series A)

Almost No One Noticed the Hate Speech Law That Just Took Effect — or the Lawsuit Against It

After a Crackdown on a Pain Clinic, a Tragic Double Suicide

11th Circuit Says a Judge Should Not Have Interfered With the FBI's Review of the Mar-a-Lago Documents

Police thought his cash was suspicious. So they took it. And won’t give it back.

REAL ID Requirement for Travelers Delayed Until May 2025

Lavrov Says Russia, China Stepping Up Military Cooperation in Response to NATO

A Tribute to the U.S. Marine Corps

Church Fathers on Christmas: St. Augustine

Russia Is the Last Remaining Christian Country

Zelensky’s Long History of Crushing Dissent


Status: Not Logged In; Sign In

Computers-Hacking
See other Computers-Hacking Articles

Title: Spies Can Track You Just by Watching Your Phone’s Power Use
Source: [None]
URL Source: http://www.scribd.com/doc/256304846 ... g-Mobile-Device-Power-Analysis
Published: Feb 19, 2015
Author: ANDY GREENBERG
Post Date: 2015-02-19 23:43:45 by A K A Stone
Keywords: None
Views: 1392
Comments: 6

Smartphone users might balk at letting a random app like Candy Crush or Shazam track their every move via GPS. But researchers have found that Android phones reveal information about your location to every app on your device through a different, unlikely data leak: the phone’s power consumption.

Researchers at Stanford University and Israel’s defense research group Rafael have created a technique they call PowerSpy, which they say can gather information about an Android phone’s geolocation merely by tracking its power use over time. That data, unlike GPS or Wi-Fi location tracking, is freely available to any installed app without a requirement to ask the user’s permission. That means it could represent a new method of stealthily determining a user’s movements with as much as 90 percent accuracy—though for now the method only really works when trying to differentiate between a certain number of pre-measured routes.

Spies might trick a surveillance target into downloading a specific app that uses the PowerSpy technique, or less malicious app makers could use its location tracking for advertising purposes, says Yan Michalevski, one of the Stanford researchers. “You could install an application like Angry Birds that communicates over the network but doesn’t ask for any location permissions,” says Michalevski. “It gathers information and sends it back to me to track you in real time, to understand what routes you’ve taken when you drove your car or to know exactly where you are on the route. And it does it all just by reading power consumption.”

PowerSpy takes advantage of the fact that a phone’s cellular transmissions use more power to reach a given cell tower the farther it travels from that tower, or when obstacles like buildings or mountains block its signal. That correlation between battery use and variables like environmental conditions and cell tower distance is strong enough that momentary power drains like a phone conversation or the use of another power-hungry app can be filtered out, Michalevsky says.

One of the machine-learning tricks the researchers used to detect that “noise” is a focus on longer-term trends in the phone’s power use rather than those than last just a few seconds or minutes. “A sufficiently long power measurement (several minutes) enables the learning algorithm to ‘see’ through the noise,” the researchers write. “We show that measuring the phone’s aggregate power consumption over time completely reveals the phone’s location and movement.”

Even so, PowerSpy has a major limitation: It requires that the snooper pre- measure how a phone’s power use behaves as it travels along defined routes. This means you can’t snoop on a place you or a cohort has never been, as you need to have actually walked or driven along the route your subject’s phone takes in order to draw any location conclusions. The Stanford and Israeli researchers collected power data from phones as they drove around California’s Bay Area and the Israeli city of Haifa. Then they compared their dataset with the power consumption of an LG Nexus 4 handset as it repeatedly traveled through one of those routes, using a different, unknown choice of route with each test. They found that among seven possible routes, they could identify the correct one with 90 percent accuracy.

“If you take the same ride a couple of times, you’ll see a very clear signal profile and power profile,” says Michalevsky. “We show that those similarities are enough to recognize among several possible routes that you’re taking this route or that one, that you drove from Uptown to Downtown, for instance, and not from Uptown to Queens.”

Michalevsky says the group hopes to improve its analysis to apply that same level of accuracy to tracking phones through many more possible paths and with a variety of phones—they already believe that a Nexus 5 would work just as well, for instance. The researchers also are working on detecting more precisely where in a known route a phone is at any given time. Currently the precision of that measurement varies from a few meters to hundreds of meters depending upon how long the phone has been traveling.

The researchers have attempted to detect phones’ locations even as they travel routes the snooper has never fully seen before. That extra feat is accomplished by piecing together their measurements of small portions of the routes whose power profiles have already been pre-measured. For a phone with just a few apps like Gmail, a corporate email inbox, and Google Calendar, the researchers were able determine a device’s exact path about two out of three times. For phones with half a dozen additional apps that suck power unpredictably and add noise to the measurements, they could determine a portion of the path about 60 percent of the time, and the exact path just 20 percent of the time.

Even with its relative imprecision and the need for earlier measurements of power use along possible routes, Michalevsky argues that PowerSpy represents a privacy problem that Google hasn’t fully considered. Android makes power consumption data available to all apps for the purpose of debugging. But that means the data easily could have been restricted to developers, nixing any chance for it to become a backdoor method of pinpointing a user’s position.

Google didn’t respond to WIRED’s request for comment.

This isn’t the first time that Michalevsky and his colleagues have used unexpected phone components to determine a user’s sensitive information. Last year the same researchers’ group, led by renowned cryptographer Dan Boneh, found that they could exploit the gyroscopes in a phone as crude microphones. That “gyrophone” trick was able to to pick up digits spoken aloud into the phone, or even to determine the speaker’s gender. “Whenever you grant anyone access to sensors on a device, you’re going to have unintended consequences,” Stanford professor Boneh told WIRED in August when that research was unveiled.

Stanford’s Michalevsky says that PowerSpy is another reminder of the danger of giving untrusted apps access to a sensor that picks up more information than it’s meant to. “We can abuse attack surfaces in unexpected ways,” he says, “to leak information in ways that it’s not supposed to leak.”

Read the full PowerSpy paper below.

Click for Full Text!

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

#1. To: A K A Stone (#0)

The spies who track me are very bored men.

Vicomte13  posted on  2015-02-20   6:37:03 ET  Reply   Trace   Private Reply  


#2. To: A K A Stone (#0)

I would bet that Google is recording tower signal strength for this purpose as it rolls its mapping cars around the country, the same way they record your router's MAC address and SSID.

Tooconservative  posted on  2015-02-20   7:32:09 ET  Reply   Trace   Private Reply  


#3. To: Vicomte13 (#1)

The spies who track me are very bored men.

I wonder how many in the old Soviet Union said the same exact thing.

I hear people say this constantly. It's quite annoying.

Tooconservative  posted on  2015-02-20   7:39:39 ET  Reply   Trace   Private Reply  


#4. To: TooConservative (#3)

I wonder how many in the old Soviet Union said the same exact thing.

I hear people say this constantly. It's quite annoying.

In this country the authorities will plant drugs on you, guns in your car, and child porn on your computer if they want to "get" you. Nobody who itemizes business expenses can stand up to a hostile audit of his life's finances, and there is no statute of limitations on tax fraud. The sins of our youth can be brought back up and thrown in our faces at any time, and given the general relaxing of statute of limitations, things long forgotten can be renewed, and things that never happened can be "proven" by manufactured evidence.

Therefore, to spy assiduously on a middle class wage slave is quaint and wasteful. They don't need to have the TRUTH to imprison us, and they can execute us by cop ("He was resisting") any time they want to. Our political system is corrupt: as you have well noted no third party is possible, and trying to accomplish any fundamental change through either of the two bought- and-paid-for crony capitalist parties is like the gerbil trying to get somewhere on that wheel. The effort is entirely a waste.

What, then, to do?

Well, there are two tracks: the Long March track, which starts very St. Francis Peace Prayer style: Let there be peace on earth, and let it begin with me.

And then there's the high track, the Lottery Win track, which is really just the same thing but rapidly expanded to cover other people. Perhaps I should make a whole thread about this, and call it Vicomte de Mores or something like that, and invite you and start. You'll demur and protest, but you'll read: I know you. My spy will too. Maybe he'll even be persuaded and join the fiefdom. After all, it was Putin who put together guards to fend off the KGB guys in their attempted coup in St. Petersburg at the end of Gorbachev's reign.

Vicomte13  posted on  2015-02-20   10:42:56 ET  Reply   Trace   Private Reply  


#5. To: Vicomte13 (#4)

After all, it was Putin who put together guards to fend off the KGB guys in their attempted coup in St. Petersburg at the end of Gorbachev's reign.

The Gorbachev coup was fake.

A K A Stone  posted on  2015-02-20   10:54:27 ET  Reply   Trace   Private Reply  


#6. To: A K A Stone (#5)

The Gorbachev coup was fake.

So is our Rule of Law.

Vicomte13  posted on  2015-02-20   12:49:46 ET  Reply   Trace   Private Reply  


TopPage UpFull ThreadPage DownBottom/Latest

[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

Please report web page problems, questions and comments to webmaster@libertysflame.com