News

Researchers can track Android users’ location with energy consumption

By admin
Spread the love

Researchers have managed to track an Android user based on the phone’s energy consumption. The ‘attack’ does have considerable limitations: an attacker must already know roughly where someone is.

The researchers at Stanford University were able to track someone in an area they had previously mapped, with only access to the battery and network connection. In addition, the network connectivity was only used to send the user’s location to the attacker, not to actually find out the location: access to the energy consumption was enough for that.

In addition, it is good to know that the permission for network access is not sufficient to determine the location of a user: apps that only have access to the internet are not allowed to read the signal strength and the IDs of the cell towers. Otherwise, with network access it would be possible to find out the location of users anyway, but Android has a separate permission for that.

The attackers are able to determine the location because the energy consumption of telephones depends on the distance from the transmission tower. The closer a phone is to the cell tower, the less energy it consumes. By mapping the energy consumption of cell towers in advance, the attackers were able to correlate the energy consumption to the location. This will have to be done on the same network as that of the intended victim.

The tricky part is that the energy consumption of a phone does not only depend on the network connection, but also on user activities, such as unlocking the device and using apps. However, the researchers managed to see through this with machine learning; after a few minutes they managed to filter the energy consumption of the antennas relatively accurately from the measured voltages.

A major limitation is that a user’s location can only be traced when he is in motion. The fact that the area must be mapped in advance is also a limitation. Nevertheless, according to the scientists, the research is relevant: they emphasize that they have succeeded in reading someone’s location without asking the necessary permissions. This could make the attack suitable for targeted espionage.

“We only ask for network access and energy consumption,” the researchers said. “It’s pretty normal to request access for that, and it’s not likely to make a user suspicious.” The researchers only tested the tactic over 3G; it is not yet known how successful the attack on a 4g network is. It is unknown which Android version the researchers are using; they just say they’ve tested “popular smartphones” with “significant market share,” suggesting they’re running a relatively recent Android version.

The researchers think the “attack” could be prevented in a number of ways. For example, the power consumption of the antennas could be omitted at the voltages that apps can access. The Play Store could also sound the alarm if an app needs both network access and access to the battery, although apps can theoretically circumvent that limitation. One app could record the location, while a second app forwards the location.

You might also like
News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Tesla has started production of Cybertruck, almost four years after its unveiling

News

Bambu Lab announces P1S 3D printer

News

Honor announces thinnest foldable smartphone to date

News

Meta announces Roblox for Quest headsets

News

Rumor: Meta wants to release open source language model LLaMA as a paid product

Exit mobile version