RE: Location Escrow anyone ?
Hello all,
"Swisscom has stored data on the movements of more than a million mobile phone users. It can call up the location of all its mobile subscribers down to a few hundred meters and going back at least half a year," the paper reported.
They probably say a few hundred meters so the people don't feel their privacy is too ridiculously invaded / soften the blow.
If this is a GSM network then I think they can probably pinpoint your location down to 2 possible locations within a few meters due to the digital timing involved with the very precise spread spectrum radio. Or maybe your actual location within a meter or 2.
I have heard of digital mobile phones that have a feature in their test/diag mode that displays the distance to the current base station in meters, and also displays info of a second base station that it would most likely switch to when moving out of the current cell. Even if the telco only had the distance info to your phone within a meter from 2 of their base stations, they could calculate where you are if need be to 2 possible locations within meters. Surely though they would have the capability of recording distance info from 3 base stations, pin pointing you exactly during a call or the exact spot your phone requested a cell change.
And during a call, if need be, they could probably plot your position at around 10,000 samples per second. :) Though for them to be keeping this much info on you, you are obviously being investigated.
Isn't it ironic that people who use GSM for it's "security" can have this much info of their whereabouts known to big brother/whoever? Not to mention their actual conversation.
Imagine Mr.Drug Dealer turns up to court and watches as the jury is presented with a floorplan on screen and an animated pinpoint of his phones position while a recording of his conversation is played in sync?
The world just about, has no idea! To say big brother is watching is a gross understatement. :)
He's gunna find out who's naughty and nice.
Bye for now.
Pearson Shane wrote:
Hello all,
"Swisscom has stored data on the movements of more than a million mobile phone users. It can call up the location of all its mobile subscribers down to a few hundred meters and going back at least half a year," the paper reported.
They probably say a few hundred meters so the people don't feel their privacy is too ridiculously invaded / soften the blow.
If this is a GSM network then I think they can probably pinpoint your location down to 2 possible locations within a few meters due to the digital timing involved with the very precise spread spectrum radio. Or maybe your actual location within a meter or 2.
it is a GSM network, however, I doubt that they try to know more than just the cell you're in... but you never know [snip]
Imagine Mr.Drug Dealer turns up to court and watches as the jury is presented with a floorplan on screen and an animated pinpoint of his phones position while a recording of his conversation is played in sync?
yes... except that everybody but Mr.Drug Dealer use these mobile phones (marketed under the name "Natel-D"). In switzerland, you can buy GSM phones that works with prepaid cards. No trace, no name. The location can still be pinpointed, but nobody know who's owning the phone. This is called "Natel Easy" (what a name). It cost much more, but depending on the business you're conducting, it's not a problem... To conclude: everybody is watched, except Mr.DD...
The world just about, has no idea! To say big brother is watching is a gross understatement. :)
this is the problem in switzerland. When I first heard about this story (and believe me, it's not the only one of that kind... it's not even the worse), I tried to ask people around me to see what they think about this, and I was amazed by their reaction. "There is no problem, I'm not doing anything wrong." The media are beginning to relate this kind of facts, but the people are still incredibly naive. One more thing we can say about this story: Switzerland's telecom market is now free (since 1.1.98), and this story may give some people (altough I'm not sure...) a reason to change their telco (when possible). Another fact of the 1997 year in switerland: the largest retailer in switzerland (Migros http://www.migros.ch) launched the M-Cumulus card. Each time you buy something by Migros, you can present this card and get a 1% rebate (wow...) and you may also get special rebate "tailored to your needs". But, to get this card, you have to sign an agreement that allows Migros to record what you buys. On the 20th november 1997, 1.6mio of citizen were in the database (about 1/4th of the swiss population). When requesting this card, you also provide the name and date of birth of each in the household (you're not forced to do so, but 97% of the M-Cumulus owners filled this information). (source: partially "Le Nouveau Quotidien", 20th nov 1997) The federal government was supposed to issue a warning. If a warning was issued, I may have been sleeping at that time... Swiss Federal Data Protection Commissioner: http://www.edsb.ch/ mostly empty... not a word about these 2 stories. you see how the swiss people are informed... alex
-----BEGIN PGP SIGNED MESSAGE-----
it is a GSM network, however, I doubt that they try to know more than just the cell you're in... but you never know
They can't really (the cell relay equipment is not up to the task).
What about the new digital phones? Best wishes and fresh-roasted peanut taste, The Sheriff. -- ***<REPLY TO: sheriff@speakeasy.org>*** - --- As kinky as it sounds, finger me to see my PGP key and confirm the signature attached to this message. Either that, or head for pgp.ai.mit.edu on the WWW and search for my e-mail address. - --- Any and all SPAM will be met with immediate prosecutory efforts. Solicitations are NOT welcome here! - --- ----BEGIN INFLAMATORY BLOCK---- Version: 160 (IQ) Comments: Definitely one of their greatest misses. Reporter: "Do you know what Public Enemy is?" - --- Citizen: "Public enemy?" [long pause] "Probably somebody in office." -----END INFLAMATORY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0 for non-commercial use <http://www.pgp.com> Charset: noconv iQEVAwUBNK4VhQBMw4+NR29ZAQHBPggAhJ2CnjBM0+5R6gHoWIOktua6OTjRQZK+ RUN6nRF3HezE1ZHrpIx6HO0fSCjyCCO0YUFu7VY66rTQ0FfwP3Czax1965xmKOpw QN7zvyvcBeiO4Pc2K9RhpwcskYlOFVUwwkoxFOEKEb9TL7urk4G3K8pTkx8ArW0+ x/rSQ3SKomzZKHJVOQq5IV8q+fFxGSSDElyKOnE0gSf//OuLpxHpUtMTIciMT6xd 8lGSFlFopONAOGixCFalbAJl1wE+LnYFuSRjCQVlNx18z0DsFWvtvDNBzZ353gfj 4Ma0w2XTQT8LEWoZfGceSHE+8gr+BVsWwLljf5Qmr7dpBxMCAOC4IQ== =2wNG -----END PGP SIGNATURE-----
At 22:24 02.01.98 +0100, you wrote:
Pearson Shane wrote:
Hello all,
"Swisscom has stored data on the movements of more than a million mobile phone users. It can call up the location of all its mobile
subscribers down
to a few hundred meters and going back at least half a year," the paper reported.
They probably say a few hundred meters so the people don't feel their privacy is too ridiculously invaded / soften the blow.
If this is a GSM network then I think they can probably pinpoint your location down to 2 possible locations within a few meters due to the digital timing involved with the very precise spread spectrum radio. Or maybe your actual location within a meter or 2.
it is a GSM network, however, I doubt that they try to know more than just the cell you're in... but you never know
They can't really (the cell relay equipment is not up to the task).
Imagine Mr.Drug Dealer turns up to court and watches as the jury is presented with a floorplan on screen and an animated pinpoint of his phones position while a recording of his conversation is played in sync?
yes... except that everybody but Mr.Drug Dealer use these mobile phones (marketed under the name "Natel-D"). In switzerland, you can buy GSM phones that works with prepaid cards. No trace, no name. The location can still be pinpointed, but nobody know who's owning the phone. This is called "Natel Easy" (what a name). It cost much more, but depending on the business you're conducting, it's not a problem...
To conclude: everybody is watched, except Mr.DD...
The world just about, has no idea! To say big brother is watching is a gross understatement. :)
this is the problem in switzerland. When I first heard about this story (and believe me, it's not the only one of that kind... it's not even the worse), I tried to ask people around me to see what they think about this, and I was amazed by their reaction. "There is no problem, I'm not doing anything wrong." The media are beginning to relate this kind of facts, but the people are still incredibly naive.
You should have asked me instead :), I'm a bit more paranoid than most. (Yes, I most certainly don't have a Cumulus card and I have a Natel D-Easy for fun.)
One more thing we can say about this story: Switzerland's telecom market is now free (since 1.1.98), and this story may give some people (altough I'm not sure...) a reason to change their telco (when possible).
Until somewhen in 1999 you can only do international calls through alternate carriers (only Swisscom has access to the home so far, unless these cable operators really get serious, which they won't, because Swisscom owns more then 30% of their stock) and you have to prepend a 5 digit number to do a call until autumn (I don't think people without a pbx that can be programmed to automatically do that will switch carriers).
Another fact of the 1997 year in switerland:
the largest retailer in switzerland (Migros http://www.migros.ch) launched the M-Cumulus card. Each time you buy something by Migros, you can present this card and get a 1% rebate (wow...) and you may also get special rebate "tailored to your needs". But, to get this card, you have to sign an agreement that allows Migros to record what you buys. On the 20th november 1997, 1.6mio of citizen were in the database (about 1/4th of the swiss population). When requesting this card, you also provide the name and date of birth of each in the household (you're not forced to do so, but 97% of the M-Cumulus owners filled this information). (source: partially "Le Nouveau Quotidien", 20th nov 1997)
It is a bit worrying, but on the other hand, I don't consider my shopping list a very personal thing, after all, hardly anyone (except Monty Python) gets killed by a banana.
The federal government was supposed to issue a warning. If a warning was issued, I may have been sleeping at that time...
Well, I guess everybody was...
Swiss Federal Data Protection Commissioner: http://www.edsb.ch/ mostly empty... not a word about these 2 stories. you see how the swiss people are informed...
Now this guy (Odilo Guntern) seems to have no clue about anything... Wanna get more paranoid? Some companies log all Internet traffic of their employees that passes through their proxy (which you have to use for anything to work) for some weeks (Weren't you the one chatting on #really-naughty-bits for more than 1 hour on Monday??). And of course, phonenumbers you call in your company are logged, too. See you, Remo ----------------------------------------------------- Fate favors the prepared mind. (from "Under Siege 3") ----------------------------------------------------- Remo Pini T: +41 1 350 28 88 Pini Computer Trading N: +41 79 216 15 51 http://www.rpini.com/ E: rp@rpini.com key: http://www.rpini.com/crypto/remopini.asc -----------------------------------------------------
The LPD (law on data protection) : http://193.5.216.40/ch/f/rs/235_1/index.html http://193.5.216.40/ch/f/rs/235_11/index.html (in french, italian, german only) The LPD states that you can get a copy of your database entry printed on paper, for a cost of max 300SFrs (about US$200), unless some special cases which have to be specified in the law. Since the debate is based on the fact that there is no legal text that allows swisscom to record these informations, there is no legal text that allow them not to communicate your informations on request. I'm not a jurist, but it may be an interesting path to follow. If they store the location of your phone every 3 secs, for 6 month, this means 5'241'600 locations. Printed on 70 lines/page paper, this means 74'880 A4 pages. Do you think they'd be happy to print and send you 74'880 pages for 300SFrs ? There is certain rules that allow them to postpone your request. However, they have to tell you before. Just wondering what would happen if 100'000 people asks for their last 6 month of positions...
Swiss Federal Data Protection Commissioner: http://www.edsb.ch/ mostly empty... not a word about these 2 stories. you see how the swiss people are informed...
Now this guy (Odilo Guntern) seems to have no clue about anything...
Last month, I was thinking about launching a web site to inform swiss citizen about these issues. A kind of swiss EPIC. However, I can't do this alone. If anybody is interested by this idea, drop me a mail.
Wanna get more paranoid? Some companies log all Internet traffic of their employees
hmmm... no need to become more paranoid, enough is enough.
that passes through their proxy (which you have to use for anything to work) for some weeks (Weren't you the one chatting on #really-naughty-bits for more than 1 hour on Monday??). And of course, phonenumbers you call in your company are logged, too.
swisscom does it. They log all the internal/external mail of their employees... alex
Tracking your position in real time is one thing - recording the tracks is quite another. The system does need to know, in real time, the cell for each phone that's currently talking, and needs to know quickly where any phone that's being called is (could be implemented either by constantly tracking every phone, or by sending out requests when the call is made, probably starting with the usual suspect locations and then branching out farther, or using some kind of roaming notification.) But does it need to know where you've been? It wouldn't be surprising if the telco recorded location (at least cell site) at the beginning of each call, to resolve billing disputes with customers, and of course they record minutes of use and roaming information for users who make calls outside their home territory. They probably also record calls per cell site and handoff information, but probably not by user. For police purposes, if you want to find somebody right now, and the cellphone system can only give you precise locations right now, just call them - "Hey, Suspect! We know where you are, and it's costing you money for us to call you and tell you! Have a nice day!" - and the system knows even if they don't answer. At 02:42 PM 01/03/1998 +0100, Alexandre Maret wrote:
If they store the location of your phone every 3 secs, for 6 month, this means 5'241'600 locations. Printed on 70 lines/page paper, this means 74'880 A4 pages. Do you think they'd be happy to print and send you 74'880 pages for 300SFrs ?
They could probably deliver it on industry-standard 9-track tape :-) 5 bytes is enough to locate you within 62m anywhere on Earth - 16 bits gets you 1km of lat or long on a 40000km planet), though 4 bytes is probably enough to identify a cell plus some precision bits since the whole planet doesn't have cell sites. So it's really only 20-25MB of data per user to track that much data, and it compresses extremely well (e.g. 1 byte/sample is plenty for phones that are moving, and run-length coding radically reduces the location of the phones that aren't moving, which probably covers 23 hours a day for most people.) Call it 250KB/day, max? I'd be surprised if they really kept that much, and the economics are bad, but they could do it, and they'll be much happier to mail you a floppy of compressed data for your 300 francs, or print it in very tiny print... Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
participants (5)
-
Alexandre Maret -
Bill Stewart -
Pearson Shane -
Remo Pini -
The Sheriff