Asa Ex Dev

Google knows where you are.

METHOD 1. GPS

Imagine this. You hear someone break into your home so you lock your bedroom door and call 911. But there’s an issue. Your phone is on 1%. The phone rings and the operator answers. You tell them someone broke into your house and the operator asks you for your address. Right before you can tell them, your phone dies. How will the police know how to get to you?

Wait! GPS! Your phone has GPS that was pinging your location. But you realize that your phone was at 1% which meant the battery saver mode was on. This mode disables GPS in many devices because of the high power cost.

You lose hope and hide in the closet begging for your life… A few minutes go by and you are relieved to hear sirens show up to your house and your door broken in. The police found you! But how…? Mega-corporations and governments always know where we are.

|

METHOD 2. CELL TOWER TRILATERATION

Before you had even called 911, your phone was pinging against nearby cell towers. It would ping against Tower A and would conclude that it was 20 miles away. Then it would ping against Tower B and would think it’s about 8 miles away. It would use this data from the cell towers in order to find out where you are.

This method does not require GPS. With this single method alone, if your phone is turned on and it is has a SIM card, then the exact position of your phone is always known… But who has this information?

For all of these methods of surveillance you can assume that the FBI has access 100% of the time. You can also assume that the company involved has the data. For example, in this method, your data carrier is that company. So the FBI and companies have this information, but local police departments need to issue a subpoena, or a legal document to these companies in order to say “We suspect this person did something and need to search these records to verify it.” When you call 911, they don’t need to get a search warrant for your online data, but outside of that, they often do.

I have a new scenario for you. Imagine there is a stabbing that takes place on Main Street. The police don’t know who did it but they know the stabbing specifically takes place on Main Street on Friday at 9PM. They could technically issue a subpoena and ask the cell towers to tell the police what phones were on Main Street at the time of the murder.

But the police don’t know if the murderer was using Verizon or AT&T or Sprint, etc. so they don’t know which cell towers to ask. But there is an easier way to know who was on Main Street at the time of the murder. This is called geo-fencing with Bluetooth scanning.

|

METHOD 3. BLUETOOTH SCANNING

Let’s say you lost your iPhone so you grab a family member’s and go to the “Find My iPhone” app. Now you can see exactly where your phone is! But how? This technology isn’t using GPS and it isn’t even using cell tower trilateration.

Instead, it makes your phone send out an encrypted Bluetooth signal. If there is an iPhone within Bluetooth range, or about 30 feet, then it picks up on the signal and tells you where it is.

Often times this is enough for you to find your phone because there is likely someone walking near it. If you are in a rural area, then at least the app will tell you that your phone was “last seen” at a specific location which is very helpful. This same information can be used against criminals (and civilians).

Let’s go back to the murder on Main Street. The police don’t know who did it, but they know the location and time. They get a search warrant and ask Google what devices were on that street at that time and Google gives them a list.

If the murderer was using an iPhone, then the police are probably out of luck because the way Apple sends and stores this location data doesn’t make it very convenient to give information to the police. But up until 2023, before Google changed it’s ways to more closely match Apple, it was very easy to geo-fence areas using Google’s Bluetooth scanning off nearly all android devices.

Since 2023, it has been harder to do this because of backlash but you can definitely assume that this method is still being used by police departments, and DEFINITELY being used by the FBI. And there is something that is even more scary about this method: Modern phones are still scannable with this method even when powered off.

If someone steals your phone and turns it off, then you can still find it and track it, but the government can do the same thing to you. Even if your phone runs out of battery and dies, this signal can still last for up to 24 hours on devices like the Google Pixel 8 for Google, and iPhone 11 and newer for Apple. This gives you precise location data which could be useful to retrieve your phone, and in the same way it’s useful to the government to solve crimes.

|

METHOD 4. WIFI POSITIONING SYSTEM (WPS)

A MAC or Media Access Control address is a unique identifier assigned to every WiFi and Bluetooth chip, but for the purposes of this discussion you only need to know that this is an identifier for each WiFi router. For example Google might call the WiFi router at Starbucks router 1 then call the WiFi at McDonald’s router 2 then call the WiFi at your home router 3.

But how does Google know the location of every WiFi router in the world? They use your phone to collect data for them. When you walk around with an android phone, it periodically checks and goes “Oh is there any WiFi networks nearby that we could connect to? Oh yeah there IS one called router 504 and it has a really good signal strength, I bet it is about 40 feet away!” It sends this data to Google who adds it to their database.

You can assume that almost every WiFi router in the world is logged in this way. What this means is that every time you walk around, even if GPS is disabled, and even if you don’t have a SIM card so you aren’t pinging against cell towers, and even if there are no nearby Google devices to Bluetooth scan from, they STILL know where you are. Your phone looks at nearby WiFi networks and determines how far you are from each of them. It uses this information to pinpoint your exact location.

To Google’s credit, you can easily turn off Bluetooth scanning and WiFi scanning in your android settings. However the description says that this information will still be provided to 911 in the case that you call.
Even though your phone is no longer contributing to their massive database of WiFi routers and geo-fencing with these settings turned off, you can assume that the police and feds can still access this data.

|

METHOD 5. IP ADDRESSES

When you connect to a WiFi network, your IP address changes to that of the WiFi network. This information is sent to both Google and the internet service provider or ISP. A different IP address is assigned to every network and it has a lot of powerful information behind it. Many times hackers are caught because the police simply call up AT&T or whoever owns the internet and they ask who they gave the router to that has that IP address.
Because of this, you can assume that if your IP address is known then your location is known.

|

METHOD 6. YOU

Google knows where you are because the GPS on your phone. Google knows where you are because of cell tower trilateration. Google knows where you are because of Bluetooth-scanning from nearby devices. Google knows where you are because of their WiFi positioning system. Google knows where you are because of the IP addresses that you connect to. And Google knows where you are because.. you tell them.

When you use Google maps, you might save a location as home and save a location as work and save a location as the gym. All of this information is combined with your location data and used to build a complete map of your life.

It’s great when you wake up in the morning and Google maps sends you a notification saying “Hey there’s extra traffic this morning, you probably want to leave to work early!” But that data is used in every facet of the Google framework and that includes Google ads and data sent to other advertisers. And as I have been mentioning, everything that Google knows, the FBI knows and local police departments can know just my sending a subpoena to Google.

Security and privacy is almost impossible today especially when you are fighting the government. Almost every hacker in the United States is either arrested or the FBI decided not to waste their time to pick them up. Many hackers are successful because they are in countries like China and Russia and even working for the North Korean government where their country doesn’t care if they are hacking and they even support it. They won’t extradite them to the United States and they won’t convict them in their own courts. In the United States, online anonymity is a myth.

But… I am working on a guide that can teach hackers, journalists, and those who respect their privacy how to remain anonymous on the internet to the best of their ability. If you aren’t hurting people or doing anything to make the government want to hunt you down, then the methods discussed in that guide should make it difficult enough to find you that it isn’t worth anyone’s time.

asa

Leave a Reply

Your email address will not be published. Required fields are marked *