Evangelos Bitsikas, who is pursuing a PhD in cybersecurity at the Northwestern University in the US, applied a new machine-learning program to data gleaned from the SMS system of mobile devices.

Receiving an SMS inevitably generates Delivery Reports whose reception bestows a timing attack vector at the sender. Bitsikas developed an ML model enabling the SMS sender to determine the recipient’s location with a 96% accuracy for locations across different countries, the researcher says in a study.

The basic idea is that a hacker would send multiple text messages to the target phone, and the timing of each automated delivery reply creates a fingerprint of the target’s location. These fingerprints have ever been there but weren’t a problem until Bitsikas’ group used ML to develop an algorithm capable of reading them. They can be fed into the machine-learning model, which then responds with the predicted location.

According to the researcher, it doesn’t matter whether or not the communication is encrypted.

  • tiredOfFascists@reddthat.com
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Again, point me to apple’s attempts to implement or help create a texting standard. Unless you’d like to instead say that standards are not an extremely important part of human society. Because unless you believe that, their actions are indefensible and that’s a separate issue from how fucked up Google is.

    • conciselyverbose@kbin.social
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      A standard controlled by Google is many times worse than a standard not existing.

      An actual acceptable standard must come from an impartial third party. Apple should absolutely not be proposing one either.

      • tiredOfFascists@reddthat.com
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I’ll take this as an upfront admission that apple is not only opposed to standards but actively avoidant of them when it is profitable, rather than the deflection it was meant to be.

        You seem knowledgeable enough to know that standards are usually contributed to by corporations and that this has many many times not ruined them. The whole web is built on this fact. But unfortunately your zealotry blinds you to what your priorities ought to be, standards for everyone’s benefit.