Mobile Phone

GPS positioning used to spy on users?

A much-talked-about article points the finger at Qualcomm, accusing the company of using its positioning system to determine where each client device is located. How are things?

Positioning techniques GPS (Global Positioning System) are methods used to determine the exact location of a device using signals received from satellites. The GPS service was developed and implemented by the United States Department of Defense: the first techniques of GPS positioning they were developed and tested already in the 60s and 70s but the system was made public in 1983 and then reached full availability in the 90s.

In 1998, the European Union started the Galileo project, an independent satellite navigation system from the US administration, designed to ensure strategic independence in the navigation sector. Therefore, although the US GPS system had been made available in Europe since the 1990s, work was done in the Old Continent to develop an alternative satellite navigation system which became fully operational in December 2018.

How GPS works in a nutshell

All mobile devices have long integrated a modulo GPS that is, a receiver that collects signals from satellites, performs a series of calculations and establishes the user’s unique position on the earth’s surface.

I satelliti GPS they send encoded radio signals containing information about their location and the time of transmission of the signal. These radio signals are transmitted on multiple frequencies and carriers. For calculate the position to accurately geolocate the user, the receiver needs signals from at least four satellites of the GPS constellation.

GPS receivers measure the travel time of the signals coming from satellites: since the propagation speed of the radio signal is known, it is possible to calculate the distance between the receiver and each satellite using precisely the information on the travel time of the signal. Once the distances of the satellites have been calculated, the GPS receiver uses the principle of trilateration to determine your location with certainty. Trilateration involves the intersection of spheres of equal radius: the satellites are placed in the center and then the precise position of the receiver is established.

In addition to location, GPS receivers can use signals from satellites to calculate other information, such asaltitudethe speed with which the device is moving and the exact time.

The data flow is in one direction only: the device equipped with the GPS receiver does not exchange any information with the satellite constellation. The problem is that the traditional approach is rather complex: the receiver needs to know the exact position of the satellites in order to carry out the calculation, therefore it has to download the so-called almanac which contains information about the position and movement of each satellite. The complete recovery of the almanac can take some time, usually between 5 and 10 minutes.

The much faster alternative to GPS positioning is called A-GPS (Assisted GPS): it allows devices to download the almanac via the Internet in a few seconds. As per the original specification, only i satellite data actual available at the moment and thanks to a mechanism of weekly prediction of the positions of the satellites (Predicted Satellite Data ServicePSDS), receivers can speed up the coordinate calculation even if there is no network connection for a few days.

Qualcommone of the largest wireless and mobile communications companies, uses PSDS in its chip-level implementation for mobile devices: originally christened, in 2007, gpsOne XTRAhas since been renamed IZat XTRA Assistance in 2013 and, more recently, Qualcomm GNSS Assistance Service.

What is Qualcomm GNSS Assistance Service and how does it work

GNSS stands for Global Navigation Satellite System and refers to satellite-based navigation systems such as GPS, GLONASS and Galileo. Qualcomm GNSS Assistance Service provides GNSS assistance data to mobile devices, such as smartphones and tablets, to improve positioning performance and navigation.

As we noted earlier, acquiring satellite signals can take some time and requires good effort receiving signals by the device. In certain situations, such as inside buildings or in highly urbanized areas, the reception of GNSS signals can be hindered and satellite positioning becomes difficult, if not impossible.

Qualcomm GNSS Assistance Service offers a solution to these problems by providing useful data for the placement of each device (information on almanacs, ephemeris data or orbital indications of each satellite, clock corrections and other relevant information). This data is transferred to the user’s device via a Data connection mobile or WiFi, drastically speeding up the GPS system startup time, satellite acquisition and subsequent positioning. In this way it is possible to position the client devices even in conditions of poor signal reception.

SUPL geolocation methods and privacy

In recent years, as we have noted above, important efforts have been made to improve the solutions that allow the precise geolocation of the devices too indoor or in any case in areas where the GPS signal does not arrive correctly.

The solution Qualcomm GNSS Assistance Service is part of the larger set of tools for device placement called SUPL (Secure User Plane Location). If you notice, in fact, in the settings of our smartphones we generally refer to geolocation servicesnot to a specific service.

This is because any application installed on the mobile device that needs know the user’s locationobtains it from the operating system using the fastest and most accurate combination of methods available at the time.

So in the “basin” of SUPL solutions also converge other tools such as the mechanism that allows to establish the user’s position by examining the hotspot WiFi present nearby: in this case a triangulation is carried out by drawing on the centralized database available for example on Google’s servers.

All existing geolocation methods are therefore part of the SUPL standard, supported by mobile phone operators and developers of smartphones, microchips and operating systems.

Access to servizi SUPL should not, at least on paper, lead to problems of privacy of users but in practice some data is often collected and shared with some third parties. For example, when the smartphone approximates the geographic location of the user using the signals of base station of mobile networks detected and available in the vicinity, the mobile operator knows exactly which subscriber has sent the request and where he is at that moment. Google monetizes its location services recording the user’s location and identifier.

As far as the A-GPS system is concerned, the servers queried via the Internet can certainly provide the requested data without collecting any user identification or harvesting data. However, many developers do both.

The standard implementation of Android of SUPL services, for example, provides for the sharing of the IMSI code (unique SIM number) as part of the requests sent; the client Qualcomm XTRA on the smartphone it transmits “technical identifiers” and IP addresses attributable to each user of the service. As clarified by Qualcomm, the data comes anonymized after 90 days by deleting all records linking identifiers with IP addresses.

Is it true that Qualcomm can spy on users and establish the location of each mobile device that integrates its chips?

An article published on the NitroKey website has caused a stir pointing the finger at Qualcomm and pointing at the famous manufacturer of, among others, SoC Snapdragon to have played dirty by “knowingly” monitoring the position of all users. The analysis, which has hit the news these days, points out that smartphones with chip Qualcomm they would send users’ personal data to the company’s servers via the HTTP protocol, without using any form of encryption and without their knowledge. Proponents of the prosecution add that this would presumably happen without checks because the SUPL functionality is implemented at the hardware level.

As Kaspersky points out, also echoed by the GrapheneOS developers, the research that is being talked about so much in many ways is misleadingwould aim to scare users and would contain some inaccuracies.

In fact, in old smartphones, information could have been transmitted over insecure HTTP, but since 2016, Qualcomm has solved the problem by avoiding the clear data transfer. According to license agreement Furthermore, information such as the list of apps installed on each user’s terminal could actually be transmitted via the company’s XTRA services, but practical tests (package inspection and Android source code study) have shown no evidence that this actually happens.

Contrary to the claims of the researchers, then, the function of data sharing it is not built into the microchip baseband but implemented at the operating system level: its behavior can therefore certainly be controlled and possibly modified. In this regard, both the developers of the operating system and also the community can intervene modding (e.g. promoters of alternative Android ROMs).

Replace and disable specific SUPL services on a smartphone it’s something that has been done since at least 2012 but the various tools for managing accurate positioning were kept with the goal of making GPS work faster rather than for privacy reasons.

Leave a Reply

Your email address will not be published. Required fields are marked *