1 / 8

How they know where you are

How they know where you are. GEO PRIV @IETF88. GPS. Privacy/Surveillance : OK Performance: Um…. 1500 bits@50bps = too damned long. A-GPS. Terrestrial networks are waaaay faster Send ephemeris that way. A-GPS Modes. Device-based “I am here, send me ephemerides”

navarro
Download Presentation

How they know where you are

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How they know where you are GEOPRIV@IETF88

  2. GPS Privacy/Surveillance: OK Performance: Um… 1500 bits@50bps= too damned long

  3. A-GPS Terrestrial networks are waaaayfaster Send ephemeris that way

  4. A-GPS Modes • Device-based • “I am here, send me ephemerides” • Often tied to another location technology • Cell-based positioning is often performed by the server • A very coarse seed is often sufficient • Device performs final calculation • Device-assisted • “Duh…” • Can use arbitrarily-accurate location • Fast methods are preferred • Server tells Device where to look for signals • Device just looks for signals and reports code phases • Server performs final calculation

  5. Control vs. User Plane • Initial A-GPS deployments used the cellular control channels: SLOW • Secure User Plane Location replaces that • Operates over the Internet • “Secure” because it’s TLS • Inherits most of the architectural characteristics • Server command and control • Roaming arrangementsand policy enforcement models • Application requests a core part

  6. Realities of SUPL Deployment • A few very large providers • Cellular carriers and mobile OS vendors • All of these have your location • Even in Device-initiated, Device-based A-GPS, the server tends to get a copy of the result • SUPL is typically baked into silicon and not visible to the mobile OS • Most people don’t even know how to access config “Go to the phone’s dialer and enter the number ##1472365##“ • Disabling the GPS is for most, the only option

  7. A Solution • Make assistance data free • GPS does anyway • Just make it available faster • No strings attached • Don’t request location-specific assistance • …but • This field is IPR-rich and many have staked a claim • No strong incentive to give assistance data away • Invalidates some location integrity options

  8. Other Location Technologies in Active, Wide Deployment • WiFi access point databases • Servers almost mandatory due to volume of data • Servers use GPS results to improve their datasets • Cell-based and enhanced cell-based • Based on existing network/radio management data • Some use Device-reported measurements • OTDOA and UTDOA • Based on observed time difference of arrival at Device or cell towers respectively • OTDOA uses Device measurements; again probably invisible • UTDOA is measured in the network; can be done without Device being aware that it is happening; kinda pricey though

More Related