The Citizen Lab Bad Connection: Uncovering Global Telecom Exploitation by Covert Surveillance Actors
citizenlab.ca
Our investigation uncovers two sophisticated telecom surveillance campaigns and, for the first time, links real-world attack traffic to mobile operator signalling infrastructure. The findings expose how suspected commercial surveillance vendors (CSVs) exploit the global telecom interconnect ecosystem, leverage private operator networks, and conduct covert location tracking operations that can persist undetected for years.

This read is interesting and makes me wonder how can we fight back. I don’t undrstand much of this but what i have figured out is that its based on tracking phone IMEI. Presumably OSs like GrapheneOS cannot spoof the IMEI because its used to route traffic to your phone isn’t it? I know it can use a different MAC for different eifi connections, trace reducing the footprints you leave behind but i guess it can’t do this for IMEI?

  • MalReynolds@slrpnk.netEnglish
    4·
    2 days ago

    Yup, tracking mobiles from towers is a transmitter level vulnerability, pretty unavoidable (although gOS airplane mode and some other airplane modes actually works against this) if you’re using the network. Maybe open hardware at the modem level would give an option to spoof, but that doesn’t exist in the wild to my knowledge.

    The article goes deeper into persistent international (state level threat operators, SLOs) tracking, and it’s actually somewhat reassuring in so much as they need to use SMS exploits to embed trackers (so gOS updating the image every week or so would likely bork it as described if a rootkit is not available). Paranoia suggests this is well below the actual capabilities of the SLOs but you do what you can. If there’s a significant threat to life or liberty, leave the phone at home. If your threat model also includes international usage (wherein these exploits exist), burner at each country.

    Disclaimer : I am not an expert, just a rando interested in liberty.