Feeds

Mobile networks: the state's new bloodhounds?

Dial L for location

Providing a secure and efficient Helpdesk

And what about the handset?

If the handset is a smartphone, it could be using GPS to record your location, along with the time, and sending it off to who-knows-where over a data connection without the network operator, or you, being any the wiser.

Of course, getting the GPS to work when the phone is in your pocket won't be easy, so that's not a big concern unless your phone is labelled i-Kids in large friendly letters.

The handset does know the name of the local cell tower, which in Germany is usefully set to the tower's longitude and latitude (at least on O2's network), but elsewhere the spy will need to convert tower name to location , though that's not difficult.

A smartphone application which logs cell towers and sends that data over the mobile network wouldn't be too hard to write, and could easily be invisible to the user once installed.

Turning the handset off will prevent any information being created or logged, assuming the handset isn't just pretending to be turned off. Such handsets are available from various spy supply stores. Though these are generally used for recording and transmitting voice, they would work equally well tracking people.

The art of tracking

All network operators store where you've been for at least 12 months, but getting at that information costs money.

If you fall into the master criminal category a police officer might want to know if you really were in that club at that time, and can make a request to his SPOC (Single Point Of Contact, nothing to do with rubber ears or silly accents) to get the data out of your service provider.

The SPOC is responsible for dealing with all aspects of the RIPA, but location requests on mobile phones are pretty commonplace, with a large force handling hundreds a day. This number has been going up over the last couple of years as coppers get familiar with what they can, and can't, find out.

The requests are supposed to be pretty detailed: "Where was this phone at this time", rather than "What were the movements of this person over the period of a month or two", and it's up to the SPOC to ensure requests are necessary, proportionate, and lawful (as specified by RIPA). Any additional information that turns up, outside what was requested, is supposed to be discarded.

This isn't to say that any copper can just call up the SPOC when they feel like it. A typical request must be authorised by an inspector and will take a couple of days to complete. When the data is needed urgently, such as tracking an at-risk missing person, a Superintendent can give verbal permission and the data turns up faster, but that costs a lot more.

Mobile operators are only supposed to charge enough to cover their expenses, but as each network has different systems they all charge different amounts and have different ideas about how important the information is. Certainly, they charge enough to make police think twice before making an information request, which is no bad thing, but some operators also refuse to provide data they can't deliver within a few days - so you might get lucky if you choose a network operator with particularly errant computer systems.

Providing a secure and efficient Helpdesk

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
'Serious flaws in the Vertigan report' says broadband boffin
Report 'fails reality test' , is 'simply wrong' and offers ''convenient' justification for FTTN says Rod Tucker
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.