Originally published at: Pluralistic: 21 Oct 2021 – Pluralistic: Daily links from Cory Doctorow
- Imperfections in your Bluetooth beacons allow for unstoppable tracking: Fingerprinting BLE with minor material variations in radio hardware.
- This day in history: 2011, 2016, 2020
- Colophon: Recent publications, upcoming/recent appearances, current writing projects, current reading
Imperfections in your Bluetooth beacons allow for unstoppable tracking (permalink)
It's often said that there is a trade-off between privacy and convenience – while that's often overstated, there are some ways in which it is inarguably true.
For example, it would be convenient to give all your devices radio chips that constantly broadcasted a unique number, and whenever one of our mobile devices encountered a radio beacon, it could log the event and the location.
Then, if we wanted to find something we'd lost, we'd have this great database of where-everything-is.
Likewise, if we wanted to do viral exposure notification, we could set our phones to broadcast a unique ID everywhere we went and log all the unique IDs it encountered.
When someone got a diagnosis, we could figure out who we might have been exposed to.
There's just one problem: privacy. Both of these applications would produce a record of every location you visited and who you went there with. It's a privacy nightmare.
Now, at this point, you may be noticing something curious: both of these services actually exist, and yet privacy advocates haven't been shouting down the heavens about the privacy implications of these things.
There's a good reason for that!
Beacons like Apple's Airtag and contact tracing apps that follow the privacy-preserving protocols established for covid exposure notifications do some incredibly clever stuff with cryptography.
Rather than sending out unique IDs, they send out encrypted, rotating identifiers that are designed to be opaque to anyone except the person who owns these devices. So no one but you can know that an ID is the tag on your keyring.
The cryptographic protocols have been subjected to rigorous analysis and debate and there's a strong sense among cryptographers that they work as advertised. But there's more than one way to track a radio beacon.
In "Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices," presented at the 2022 IEEE Symposium on Security and Privacy, a group of researchers reveal a profound weakness in this system.
The team, from UCSD, describe a means by which these radio beacons can be uniquely identified and tracked – not by decrypting the numbers they transmit, but by cataloguing the differences in their signals caused by minute manufacturing differences in the radios themselves.
You don't need a sophisticated device to do this tracking – a cheap, off-the-shelf software defined radio package has the sensitivity to pick up on these differences. The kinds of gear that only the NSA used to get is now for sale at $150 a pop.
These are problems inherent to Bluetooth radios and their antennas themselves. Even if we figure out how to fix this in future devices, it's unlikely that we can fix it for the billions (tens of billions?) of devices already in the field.
And while all manufacturers' devices share this risk, Apple's devices were observed most prolifically in the field, thanks to market dominance and the frequent handoffs between phones and watches. Apple's devices also send more powerful signals, making them easier to detect.
This is a huge deal, and while it affects billions of devices, it's better that we know about it now, before it affects trillions.
The published paper is paywalled, but the authors have posted an open access preprint:
This day in history (permalink)
#10yrsago Clockwork Fagin on Escape Pod https://hwcdn.libsyn.com/p/9/8/5/9856f0a69bce6f51/EP315_ClockworkFagin.mp3?c_id=3894040&cs_id=3894040&expiration=1634757932&hwt=35d95707b3e08d6f4138e423d012eb47
#10yrago Scenes From a Multiverse: wicked webcomic mixes science, net.humor, high weirdness https://memex.craphound.com/2011/10/21/scenes-from-a-multiverse-wicked-webcomic-mixes-science-net-humor-high-weirdness/
#10yrsago Red Light Properties: spooky and bawdy serial webcomic about realtors who specialize in haunted houses https://memex.craphound.com/2011/10/21/red-light-properties-spooky-and-bawdy-serial-webcomic-about-realtors-who-specialize-in-haunted-houses/
#10yrsago Copyright policy in the UK: an evidence-free zone https://www.openrightsgroup.org/publications/cant-look-now-finding-film-online/
#5yrsago At long last, America’s racist, deranged tough-on-crime prosecutors are losing electionshttps://papers.ssrn.com/sol3/papers.cfm?abstract_id=2828803
#1yrago Tom Lehrer in the public domain https://pluralistic.net/2020/10/21/each-drop-of-strych-a-nine/#poisoning-pigeons
#1yrago Trustbusting is stimulus https://pluralistic.net/2020/10/21/each-drop-of-strych-a-nine/#break-em-up
Today's top sources: Christian "quaddi" Dameff MD (https://twitter.com/CDameffMD
- Spill, a Little Brother short story about pipeline protests. Yesterday's progress: 251 words (25695 words total)
Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. Yesterday's progress: 1006 words (23573 words total).
A Little Brother short story about remote invigilation. PLANNING
A nonfiction book about excessive buyer-power in the arts, co-written with Rebecca Giblin, "The Shakedown." FINAL EDITS
A post-GND utopian novel, "The Lost Cause." FINISHED
A cyberpunk noir thriller novel, "Red Team Blues." FINISHED
Currently reading: Analogia by George Dyson.
Latest podcast: Breaking In https://craphound.com/news/2021/09/26/breaking-in-fixed/
- From Wayback to Way Forward: The Internet Archive turns 25, Oct 21
Lessons from the First Internet Ages (Knight Foundation), Nov 2-3
Keynote for SeaGL 2021, Nov 5-6
- Reconciling Social Media & Democracy, Tech Policy Press
- "Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The Washington Post called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html
"How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59 (print edition: https://bookshop.org/books/how-to-destroy-surveillance-capitalism/9781736205907) (signed copies: https://www.darkdel.com/store/p2024/Available_Now%3A__How_to_Destroy_Surveillance_Capitalism.html)
"Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
"Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p1562/_Poesy_the_Monster_Slayer.html.
- The Shakedown, with Rebecca Giblin, nonfiction/business/politics, Beacon Press 2022
This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
Mastodon (no ads, tracking, or data-collection):
Medium (no ads, paywalled):
(Latest Medium column: "Against the great forces of history," What Ada Palmer’s University of Chicago Papal election LARP can teach us about our own future https://medium.com/@doctorow/against-the-great-forces-of-history-4946651f2f80).
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla