back to article Latest 4G, 5G phone-location slurp attack is a doozy, but won't Torpedo Average Joe or Jane

A group of infosec researchers have uncovered neat ways to track a phone's location via 4G or 5G. However, the mechanics of the surveillance, while fascinating, are difficult to pull off for all but the most determined foe. The so-called Torpedo attacks are said to allow someone nefarious to trace a person's whereabouts by …

  1. Anonymous Coward
    Anonymous Coward


    I have often thought it was possible to locate a persons cell by simply calling or texting their number.

    I received a phone call a few weeks ago that showed three timestamps all for the same time from a number that was not in service when I called it back.

    "Just because you're paranoid...etc, etc"

    1. JetSetJim Silver badge

      Re: Interesting

      more likely the number that wasn't in service was just a spoofed header and that was from an ambulance chaser hoping for a hit with "we're calling about the accident you had which you were innocent of"

      1. JimPoak

        Re: Interesting

        That was brave calling a number you did not recognise. Spammers often order sim's and discard them when the dirty deed has done. This is a more determined attempt by lets say security services to find you and track you with the resources to make more profitable (Raspberry Pi and €1,100 of gizmos).

        1. Anonymous Coward
          Anonymous Coward

          Re: Interesting

          Small correction:

          "This is a more determined attempt by lets say security services THAT DO NOT HAVE ACCESS TO YOUR CARRIER ALREADY to find you and track you with the resources to make more profitable"

          I suspect that this is more likely to be used by smaller organisations (i.e. private investigators) rather than larger security firms with more resources to deliver more complex solutions such as fake base stations (cell sites on wheels).

          1. Graham Cobb Silver badge

            Re: Interesting

            Maybe, but I suspect most non-state organisations (private investigators, newspapers, criminal gangs) would find it a lot easier to just bribe a policeman. The only people doing this will be ones who really, really don't want anyone to know. Unless you have upset Mossad or the GRU I suspect this attack is unlikely.

            But this research is still valuable: it is possible that the vulnerabilities discovered here could be used in some other way the researchers haven't thought of yet so they need to be fixed.

  2. Anonymous Coward
    Anonymous Coward

    Not to worry only the State is likely to use this

    Similar claims were made when people became aware of computer viruses or recording Internet use, or SIM hacking or all the data and tools Facebook, and Google were collecting and permanently storing.

    Only State actors can or would use such methods, and we can trust them so nothing to see here move along please. And each generation moves along and now we are here where many other actors have and use such tools.

    Did we really want to be here? Have State actors really acting in our interests as promised, are they the only ones with tools that can be used against us?

    Too late, please move along.

    1. doublelayer Silver badge

      Re: Not to worry only the State is likely to use this

      Not the point. There are a few parts of your comment, but they are not reaching the reality of this issue.

      First, the state might do this, but doesn't have to. The state, should they want to track someone for whatever purposes, malicious or not, does not need such a flaky system to do the tracking. They don't need to crack your IMSI because the mobile company can simply tell them, and they can also make the mobile company tell them where you are. Done. If they don't want to do that, they have the hardware to deploy a fake cell tower that your phone will trust, and they have demonstrated that they don't have a problem using it. So whatever you think of a state, this particular attack is not much of a risk.

      Secondly, this is not a broad category like "computer viruses" or "data collection". It's a particular attack, and one that requires a lot of knowledge and resources. I couldn't simply obtain all the components and software necessary to do this as well as sufficient knowledge for it to be useful. In addition, the exploit is being patched, hopefully soon, so nobody can do it. If a criminal group wants to track you and has the knowledge, essential for this mechanism, of roughly where you will be at what time, you have much larger problems.

    2. tekHedd

      Re: Not to worry only the State is likely to use this

      No really, I don't see what you're getting so worked up about. The only groups that can get all the information to use this attack are big players like the state and organized crime, and of course Google. So we are completely safe, because history shows that the state and organized crime have never abused their power. As for Google et al, well, come on, I trust them utterly, don't you?

      1. doublelayer Silver badge

        Re: Not to worry only the State is likely to use this

        The point is that you need to know where the person is (roughly, what set of towers) at a specific time and also their identification data for the cell network. Let's assume the government, Google, and organized crime are all after you and are maximally malicious.

        Government: Does not need to use this. They can get all the information from mobile providers or their own more sophisticated hardware. Situation unchanged.

        Google: If using an android device, they could have the data already. If not, they could attack others' devices in your area to do a scan for your device. They do not need to establish this type of infrastructure when they already have some they could take over if they really were maximally malicious. Situation unchanged.

        Organized crime: They could perhaps use this, but they'd need a lot of technical information that is hard to get and a lot of hardware that is tricky to obtain and use. They probably would except they already have a perfectly good way to send a person to your general location and follow you. That's much cheaper, so they'd do that instead.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021