For many people, the spread of tracking devices via Bluetooth or ultra-wideband (UWB or Ultra WideBand, a separate article is devoted to this technology) is not only interesting as a technology, but also has a direct need. It’s pretty easy to lose or steal a smartphone, not to mention keys or wireless earbuds that might just slip out of your pocket unnoticed. Recovering a loss can be very frustrating for any wallet, with good headphones often costing over $ 200 and the new Samsung Galaxy Z Fold 3 is comparable in price to a powerful gaming PC. Being able to track your belongings can save you many hundreds of dollars, especially if you are prone to losing them.
But there is no rush to introduce such a new technology into everyday life, as it can create serious privacy problems. We all know that the governments of many countries use every possible tool to spy on some suspects, even if it is not entirely legal. Also, we should not forget about companies that make money on the resale of data obtained from user tracking. In this article, we will look at how intruders use pocket trackers in pursuit, surveillance, and how you can fight it.
Harassing and spying on users in real life
Many people are not even aware of such a large and rather obvious threat. Pocket Bluetooth trackers can easily slip into someone’s bag, car, or clothing pocket. So, your briefcase can easily become a kind of “beacon” that will transmit your exact location to the attacker, and the only serious limitation can be only the battery of this device. The range is seemingly limited to the range of the Bluetooth wireless connection, but companies such as Tile and Apple have long been able to bypass this limitation. To constantly maintain the relevance of the tracker’s location, the surrounding networks created by many smartphones of ordinary passers-by are anonymously used. For example, you can hide this “smart tile” in your bike, and in the event of a theft, your chances of successfully finding it are greatly increased.
Examples of the misuse of pocket trackers, namely harassment, have been found on the Internet for a long time. For example, in 2018, a woman from Houston told ABC 13 that she found such a mark on the front console of her car. As it turns out, her ex was using the tracker to spy on her. Of course, he was charged with a serious misdemeanor. What if the tracker had never been found and the woman would have been attacked in the future? In the everyday world, such tracker use cases can be used in which, for example, a jealous husband can control his spouse, or an overly caring mother can prevent her child from going anywhere except school or home.
Credit goes to Apple for working out scenarios for using their AirTags for illegal surveillance. So, if your iPhone detects someone else’s AirTag next to it for a long time, then after a while it will start reporting this on the smartphone screen, and after 8-24 hours it will make the tag beep, giving out its location. But an important note is the fact that such a system works “out of the box” only on the iPhone, but Android users will have to install a special application that will protect its owner from being tracked through AirTag. Therefore, this is unlikely to help unsuspecting victims who use Android without a special utility, because it will be three full days before AirTag starts beeping.
Samsung SmartTag uses a similar model of operation, but requires users to manually scan trackers through a dedicated app. So, even users of smartphones from the South Korean giant will not serve as “location update points” for trackers, which severely limits their use as a “weapon”, which cannot be said about Tile, which does not offer any protective functions against harassment at all.
Tracking users online
There are suspicions that hacking may be more effective than installing a tracker, since people have long been accustomed to carrying their smartphones with them. Thus, having gained access to the victim’s device, attackers can take possession of a much larger amount of confidential information than the location, of course, if they can overcome all the obstacles associated with data encryption. The combination of always-on mobile devices and pocket trackers can greatly enhance hackers’ surveillance capabilities.
The whole problem is contained not so much in the devices as in the applications that users use for tracking. Software such as Google Find My Device or Apple Find My is built-in “from the factory” into smartphones, and if they have been hacked, an attacker can gain access to the location data of all the victim’s gadgets connected to the application. If you have a strong password or have two-factor authentication configured, then the threat of such a hack is extremely low.
Poor security practices have always been a major concern for users. Not all companies have sufficient resources to maintain the proper level of protection, like those of Apple or Google, which means that there are no “barriers” for intruders. For example, Tile, which has earned the trust of users around the world, does not use two-factor authentication at all at the time of writing.
The more data a user wants to track for himself using third-party services, the more complex the follow-up can be. Let me give you an example of a situation in which you installed the tracker on a backpack or laptop. If your smartphone and tracker are sent to a certain unchanging place every morning, then we can assume that you are leaving home and heading to work or school. Let’s say you put another tracker on the TV remote to make it easier to find it every night. However, this way you open the exact location of your house to hackers right down to the apartment. By leaving the tracker in your car, attackers will be able to find out the places that you often visit, such as a gym or a cafe.
Things get even more daunting in 2021 with the introduction of ultra-wideband trackers like AirTag and SmartTag Plus. Yes, in order to successfully detect and change the operating mode from Bluetooth to UWB, the phone must be literally 10 meters away, but using the latest technology allows you to find out the location of the device with an error of up to several centimeters. It is not hard to imagine the dire situations that can happen with this technology, like robberies or even murders.
Fortunately, this technology has several limiting factors. For example, tracking devices with UWB is a fairly new feature that is only available on relatively recent devices such as the S21 Plus or iPhone 12. In other words, to get the most accurate information, the victim must have a modern ecosystem of devices. Of course, as time goes on, more and more users are buying new gadgets with support for ultra-wideband communications, thanks to which the problem of the outdated ecosystem gradually subsides, and, I hope, this will not create many new dangerous vulnerabilities.
What to expect in the future
We can face hard times. More and more, we see reports of new ransomware attacks against regular users. It is possible that various tracking applications will become a new coveted target for cybercriminals. An attack on such software can give some individuals access to the most confidential information, which will also jeopardize companies that prioritize the safety of their users. If you imagine that in 20 years, all our things, from shoes to a car, will contain a tracking device, then most likely you will not even realize that someone is tracking you.
Even if we imagine that the number of crimes involving infringement of confidential user data will be reduced to a minimum, then the problem of government interference still remains, especially in authoritarian countries. For example, Chinese law requires users’ personal data to remain on servers domestically. On the one hand, this is a great idea that will help prevent the leakage of confidential data of people from the country. But on the other hand, if the special services or the police send a request to the company, which contains this data, they will easily receive a full set of various information about a person up to his current location. The following rule works here: the more devices that are capable of collecting at least some information about the user, the more efficiently the state will be able to influence various processes within itself.
There are obvious things that all tracking device manufacturers must do to maintain the privacy of their users. First, two-factor authentication should be used everywhere to minimize the possibility of hacking. Secondly, in all possible ways it is necessary to continue to fight harassment, as is already done in AirTag and SmartTag.
Of course, if you have any concerns, you can take some simple steps yourself to enhance your privacy. For example, managing the access of various applications to your location, as well as carrying out regular cleaning of the history of visited places, if the corresponding software has such functionality. Do not neglect using a VPN, which will help mask your IP address and increase your online security quite noticeably. Finally, consider if you really need to use tracking trackers. Sure, the idea of making it easier to find lost or stolen items is great, but how often do you need help and are you willing to take the risks of your privacy to do so?
This is a translation of the Android Authority stuff.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
