
Don't want to be tracked?
Turn it off....the only way these days. Although I'm sure some phone probably don't actually turn off and still harvest data, y'know, for convenience.
Wi-Fi networks can tease IMSI numbers out of nearby smartphones, allowing pretty much anyone to wirelessly track and monitor people by their handsets' fingerprints. Typically, if you want to stalk and identify strangers via their IMSI numbers, you use a Stingray-like device, or any software-defined radio, that talks to …
@Terry Cloth - "Isn't it sufficient to turn off the Wi-Fi? Who needs it if she's not actually surfing?"
The article does mention WiFi calling in passing and the clue is The Underground. WiFi calling is becoming handy for many to receive phone calls when one's mobile network is weak/non-existent, especially true in places like The Tube. So it's becoming more useful to keep WiFi on and allow the phone to join apparently known networks as one walks around, simply in order to use the phone as a phone, not just an internet browsing device.
Of course 'useful' in this context is a synonym for 'very dangerous'.
The article does mention WiFi calling in passing and the clue is The Underground. WiFi calling is becoming handy for many to receive phone calls when one's mobile network is weak/non-existent, especially true in places like The Tube.
There's also the whole play of location services which use WiFi to be more accurate - somewhere there must be a feedback loop there as well. I know that anything using location facilities immediately starts to whinge when I kill off WiFi.
That said, being out of reach was actually one of the benefits of Tube travel :(. I personally only have WiFi on when I actively need it (and usually I don't as I prefer a decent keyboard for online use).
> There's also the whole play of location services which use WiFi to be more accurate - somewhere there must be a feedback loop there as well.
Ah, that. I suspect that Google maps WiFi APs by collecting 'telemetry' from Android phones with WiFi and GPS both enabled. Some years ago they got busted for doing that with their Streetview cars, but their wifi location services are accurate even in neighborhoods never mapped by Streetview, so it's probably phones now.
I guess most people have already learned to turn off GPS and WiFi to avoid wasting battery on being tracked. And the rest won't be swayed this latest news, unfortunately.
Isn't it sufficient to turn off the Wi-Fi? Who needs it if she's not actually surfing?
Leaving WiFi on is convenient as it auto-disconnects when one leaves home and reconnects when one gets back. That is handy for getting email, alerts, news, weather and app updates without having to remember to switch WiFi back on.
My phone has an expired SIM, is only used as an internet device, so it's convenient for me to have it auto-connect to all the freebie hotspots it can when out shopping. I get almost unlimited free WiFi and that suits me fine.
The phone tells you so, of course! I'm sure it's telling you the truth. You're the phone's owner, with full control over every aspect of your device, not the multitude of corporate and government interests who are stakeholders in your phone's ability to gather personal data.
You mean turn it off and take the battery out.
If you have a phone where you cannot remove the battery, get yourself a phone-sized Faraday cage.
You might get away with wrapping it in Aluminium foil or woven copper mesh.
Anon: they don't want you to know this.
Implant the whole device in our bodies, and use them to run the device. No exploding batteries is a bonus to boot. Then we'll have antennae poking out of our heads and everybody will know as much as they want.
I think prisoners are ahead of you. But they don't have the aerial sticking out of their head..
2FA is you on your computer going to a web page that sends an SMS with a code to your phone, code that you have to type in on your computer keyboard to access the web site. I fail to see how your computer could capture the SMS and get the code and use it on its own. The procedure described a method to get your phone's IMSI code, but the article specifically and clearly indicates that it cannot be used to spy on your messages or calls.
So no, your computer is not going to self-2FA. Not without growing some arms to grab your phone and some eyes to find the SMS and the code it contains. If it does have those functional extensions, I would be very interested in the software that would make them accomplish such an act.
Personally, I only have wi-fi activated when I am using it to connect to the Internet. I can't leave it on like that or my battery will be flat in half a day. Funnily enough, using the 3G connection does not deplete my battery so fast.
Most phones have a built in web browser. So software with enough access could connect to a web site, invoke 2FA, catch the incoming SMS and paste the code back into the web site.
Which is why 2FA using SMS is not a fully secure system because you need two clearly different delivery channels for the two factors, not just two applications on the same device.
Quite frankly if you use some random WiFi hotspot from your mobile you are always taking a potentially big risk.
So a trade off of security vs how much you really want to see those cat vids (or whatever).
Plus no mobile signal on the train has the advantage of plausible deniability when you say you never received that text to pick up a carton of milk / loaf of bread / whatever on your way home that you forgot / CBA to do