Cell Phones Reveal Locations

Using a cheap phone, readily available equipment, and no direct help from a service provider, hackers can listen in on unencrypted broadcast messages from cell phone towers.

Computer scientists in the University of Minnesota's College of Science and Engineering have discovered that cellular networks are leaking the locations of cell phone users, allowing a third party to easily track the location of the cell phone user without the user's knowledge.

Cell tower and radio antenna
Cell tower and radio antenna
"Cell phone towers have to track cell phone subscribers to provide service efficiently," researcher Denis Foo Kune explains. "For example, an incoming voice call requires the network to locate that device so it can allocate the appropriate resources to handle the call. Your cell phone network has to at least loosely track your phone within large regions in order to make it easy to find it."

The result is that the tower will broadcast a page to your phone, waiting for your phone to respond when you get a call. 

This communication is not unlike a CB radio. Further, it is possible for a hacker to force those messages to go out and hang up before the victim is able to hear their phone ring.

Cellular service providers need to access location information to provide service. In addition, law enforcement agencies have the ability to subpoena location information from service providers. The University of Minnesota group has demonstrated that access to a cell phone user's location information is easily accessible to another group—possible hackers.

"It has a low entry barrier," Foo Kune said. "Being attainable through open source projects running on commodity software."

Using an inexpensive phone and open source software, the researchers were able to track the location of cell phone users without their knowledge on the Global System for Mobile Communications (GSM) network, the predominant worldwide network.

In a field test, the research group was able to track the location of a test subject within a 10-block area as the subject traveled across an area of Minneapolis at a walking pace. The researchers used readily available equipment and no direct help from the service provider.





The implications of this research highlight possible personal safety issues.

"Agents from an oppressive regime may no longer require cooperation from reluctant service providers to determine if dissidents are at a protest location," the researchers wrote in a research paper presented at presented at the 19th Annual Network & Distributed System Security Symposium. 


"Another example could be thieves testing if a user's cell phone is absent from a specific area and therefore deduce the risk level associated with a physical break-in of the victim's residence."

Foo Kune and his group have contacted AT&T and Nokia with low-cost techniques that could be implemented without changing the hardware, and are in the process of drafting responsible disclosure statements for cellular service providers.



Source: "Location Leaks on the GSM Air Interface," presented at the 19th Annual Network & Distributed System Security Symposium in San Diego, California.
Ph.D. student Denis Foo Kune, associate professors Nick Hopper and Yongdae Kim, and undergraduate student John Koelndorfer.
Exploding The Phone
Exploding the Phone

The Untold Story of the Teenagers and Outlaws who Hacked Ma Bell
by Phil Lapsley


This is a work of technological history as profound as the invention of gunpowder, Watts' steam engine and the first telegraph. It tells the story of the early-day (1960s and 1970s) geeks who figured out how to exploit vulnerabilities in the world's telephone networks and, as a consequence, brought down the largest technology monopoly of its time and gave rise to the digital communications revolution that we experience today.

The story includes two prominent characters, Steve Wozniak and Steve Jobs, who developed and sold a "blue box" device as teenagers in 1972 that hacked into the phone system and allowed users to place calls for free. "If we hadn't made blue boxes, there would have been no Apple," Jobs recalled. The collaboration that gave rise to PCs and iPods and iPads began with a digital blue box made up of the chips used to build computers rather than the conventional analog components of the time. "I swear to this day" said Wozniak, who designed the revolutionary Apple computers, "I have never designed a circuit I was prouder of."




back out