What if anybody could track your whereabouts by following your movements through your standard 3G mobile devices? As disconcerting as this may sound, it’s completely possible, and even people with the latest 3G phones are not immune. Apparently, these vulnerabilities can allow stalkers to track people’s movements internationally and even from within the same building.
Although there are solutions available to protect the privacy of mobile users, there would need to be the full cooperation of network providers who have been reluctant to deploy this type of technology due to its high level of complexity.
Image via Shutterstock
According to a recent report, researchers from the University of Birmingham, who worked alongside researchers at the Technical University of Berlin, will present their discovery of this vulnerability next Tuesday at the ACM conference for Computer and Communications Security in Raleigh, North Carolina.
The researchers discovered that there are two key flaws that enable stalkers to track 3G mobile users. One way is to trick the mobile device into revealing the temporary identity (TMSI) of the user by sending IMSI, or a static identity request. Another tactic is to then exploit the Authentification and Key Agreement (AKA) to track the user’s whereabouts.
The proposed solution that networks have found in the past to be too difficult to deploy is a type of encryption technology. According to Dr Eike Ritter of the University of Birmingham, “The solutions we propose show that privacy friendly measures could be adopted by the next generation of mobile telephony standards while keeping low the computational and economical cost of implementing them. We are endeavoring to work with the 3G standards organizations to achieve that.”
Because these vulnerabilities can carry such grave repercussions, hopefully these researchers can get through to network providers before it’s too late.
Edited by Brooke Neuman