The content of the article
Imagine this situation: an unknown person calls from a disposable telephone and demands a ransom for the person stolen by him. The next day, the offender calls again. The victim contacts the police, and after half an hour they will find out not only the real number of the caller, but also the entire history of his movements and calls. And all this without complex equipment, fake base stations and signal interception.
We regularly write about vulnerabilities of smartphones, data networks and the security of cloud services. We are so used to “thinking hard” that we completely forget about the existence of much simpler and more effective methods available to the police of different countries.
Often the police will not even try to hack or intercept something, but simply make a request to the mobile operator, and the latter will give not only the call history, but also a lot of other interesting information. As an example: article about an Australian journalist, which analyzes the information collected about the journalist by his mobile operator over the past two years (and only it).
Under Australian laws, mobile operators are required to store certain information about network users, the database for two years Call detail record. This includes information about the location of the device at any time (by the way, a precedent has recently been created in Sweden: this information alone is not enough to pronounce a sentence), a call log, including information about another subscriber, and data about Internet access sessions. As for SMS, according to the Australian law on the protection of privacy, without prior authorization to listen, the operator has the right (and is obliged) to save only metadata: time of sending, message size and addressee. The content of the messages themselves (and especially voice calls) is not saved.
This is the information gathered by the operator about the journalist.
Places visited by the journalist on April 1, 2015.
Places that he most often visited during a given time period.
Link Interactive versions of this data are available.
Metadata includes information about who the user called and wrote messages about, the duration of calls, and which base stations the telephone was connected to at what point in time (this information allows you to accurately determine the location of the device). In some countries (we will not point fingers, but this is the United States), operators not only provide information about the location of the police user, but also bargain with such data.
The most interesting thing is that mobile operators are available (and issued to the police, as well as sold to anyone) details about the use of the Internet, including website addresses and the amount of data transmitted. This is a completely separate topic for discussion; data is collected by tracking requests to the provider's DNS servers. With this data, operators are also happy to bargain; the feeder is so attractive that the operators even tried to block clients from using third-party DNS servers.
By the way, devices issued (imposed) by stationary Internet providers (usually a combined cable or ADSL modem + router) often do not allow changing the DNS server on the router. If you want, change it on the computer, on each individual phone, smart TV and speaker, but the user will not be able to protect his privacy completely by simply setting the router settings.
US mobile operators are also required to keep CDR records. In addition, in the United States, intelligence agencies maintain a single base. MAINWAY, records in which can be stored much longer than legally permitted by the mobile operators themselves.
In Russia, the so-called spring law, which obliges mobile operators to store metadata for three years (their list almost completely coincides with the Australian version of the law). In addition, since October last year, operators are required to store for at least 30 days (but not more than six months) text, voice, video and other user messages. Accordingly, in Russia, any call must be recorded by the operator and provided to the police upon legal request.
Not just CDR
In the above study, journalist Will Oakenden used an iPhone. A correctly executed request to Apple (in the terminology of the company – Device Request, that is, a request in which the police have nothing but a hardware device identifier – IMEI) will allow the police to receive the data that Apple collects about the user, and it includes almost everything with rare exceptions. Here, for example, looks statistics of requests to Apple in Russia.
For comparison, in the United States over the same year, the police requested information on 19,318 devices (81% of requests were successful). Google offers an interactive schedule that can be viewed at the link.
And if Apple does not provide the police with data such as user passwords, device usage statistics, SMS / iMessage messages and “Health” data (a history of the user's physical activity, including the number of steps and heart rate in a given time interval, is a useful thing for catching as criminals spouses), then Google will give everything, including passwords (to be completely technically correct, I will add that backup encryption has appeared in Android 9; accordingly, the police will not receive any backups or store their SMS and call logs).
Continuation is available only to participants
Materials from the latest issues become available separately only two months after publication. To continue reading, you must become a member of the Xakep.ru community.
Join the Xakep.ru Community!
Membership in the community during the specified period will open you access to ALL Hacker materials, increase your personal cumulative discount and allow you to accumulate a professional Xakep Score!
I am already a member of Xakep.ru