Hackr News App

<@Ylpertnodi> Since I'm not seeing any other references, here's a timestamp for a YouTube video where an ex-undercover op is interviewed and such thing is mentioned: How FBI Undercover Agents Actually Work | Authorized Account | Insider https://youtu.be/h6au3ppTm7g?t=1123

<@theoreticalmal> That would require plugging into the wiring. At that point you no longer need a battery and can just use the car's power.

<@avidiax> Using the GPS signal to detect motion is the most power-expensive path though.

The cheapest in terms of power consumption is a simple Accelerometer/Gyroscope component. The difference can be months or even years in longer battery runtime compared to GPS.

<@avidiax> Probably the most effective technique for detection would be attained by spoofing the GPS signals, like the IRGC did to capture multiple US' drones?

https://www.gpsworld.com/gps-circle-spoofing-discovered-in-i...

I wonder how easily GPS can be spoofed, locally ...

https://rntfnd.org/2021/10/28/cheap-and-easy-gps-gnss-spoofi...

Seems someone already had the idea:

https://www.reddit.com/r/hardwarehacking/comments/10na5c8/sp...

<@chneu> I think per-AP randomisation of wifi mac has been the default on any mobile device I've checked in the past five years at least. Haven't examined bluetooth as closely.

<@speedgoose> Wait, why on earth are these wireless? Apparently they're battery powered too??

What possible reason is there for them not to just be plugged into the car's power and computer? I'm sure there is a reason, but it never once occurred to me that that would be the case. What a strange system.

<@speedgoose> This is tire pressure monitors for those that don't know.

Didn't even cross my mind...

<@reactordev> Way back in the day (2010), I worked for a company using Bluetooth scanners to measure traffic speeds. We could get about a 500' range with custom hardware.

The real fun part at the time was that every Bluetooth device pretty much was always in pairing mode, and that MACs didn't rotate...

Eventually those both happened, but in ways beyond my comprehension (I worked on the software side), the hardware guys could still pick up the signals to track cars.

<@reactordev> BLE transmissions go much further last time I experimented with them [0]. However the problem of anonymity comes into play since they frequently generate new MAC addresses.

[0]: https://news.ycombinator.com/item?id=38252566

<@reactordev> > Bluetooth doesn’t have the signal strength beyond 20ft

Oh dear.

I think you will find a directional antenna can rather increase this by several orders of magnitude.

<@reactordev> I can almost assure you NYC subway does this.

<@SchemaLoad> That event would go in the same bucket as the other ten million alerts where the system got confused between visually near identical models or some de-badged sports car.

The fact of the matter is that the powers that be can't overtly use the dragnet in the way that the "how dare someone skip a $2 toll" and "muh two ton death machine" crowds would like to see because the other 99.5% of the public will be all "hey WTF" and politicians will pass laws to pander to those people. The dragnet operating powers that be would rather retain the ability to use the dragnet unfettered even in bad ways so they normally reserve its use for "serious" things.

<@euroderf> Just search for it.

I found video review of $80 in seconds.

There's also videos online of cars flipping it right before they cross a toll by plate.

I would not do this. This is serious fraud and antisocial behavior.

<@sodality2> I noticed that in Abrego Garcia's recent indictment they were able to figure out he was in 2022 based on ALPR pulls that showed he was actually putzing around Texas. My understanding was most ALPRs were being stored for no more than 30 days but apparently that isn't the case, since it appears they did not start to build the trafficking case until this year.

<@sodality2> And Lowe's (hardware store) has signed an agreement with them to put them on their properties. Vote with your wallets.

"Retail giant Lowe’s is another customer, according to two former Flock employees and confirmed by the company. Scott Draher, vice president of asset protection at Lowe’s, said in a statement that Flock cameras are “just one example of a multifaceted approach” to combat shoplifting. He declined to comment on how many of its stores have Flock cameras or if it provides camera feeds to law enforcement."

https://ourcommunitynow.com/P/americas-biggest-mall-owner-is...

<@sodality2> Private ANPR in public spaces is unlawful in the entire EU. The US needs to get a GDPR equivalent to protect basic human rights from corporate surveillance.

<@sodality2> Interesting I had actually considered getting a job there at one point ha... it's like Anduril you know, seems like a cool company but the purpose... Also doubt I'm qualified but yeah.

<@myself248> I would also want to be able to check for trackers regularly, which excludes a full teardown. I would want to check these particular kinds of cars after every event they go to for example.

That said, whilst it is a known threat vector, I have no data on how often its actually exploited. It might be a lot of work for nothing.

<@timewizard> It doesn't necessarily say where you aren't. What if you get in somebody else's car? (Not uncommon for me as we typically carpool to trailheads.)

<@weinzierl> I’m not sure what point you’re really trying to make here. This is a thread about detection methods of an extremely invasive (and rare) method of stalking, which yes is a subset of a data privacy issue. The fact that data brokers can get a lot of location and other data about you is irrelevant to the discussion.

> or do you believe you can hide from a stalker if everyone else under the sun knows you location.

I’m not sure anyone is claiming that the detection methods described in this study are going to make you completely undetectable to any party at all times. Again, not sure what point you’re trying to make here and it feels irrelevant to the larger thread. The original comment seemed to indicate that the article hadn’t been read at all.

<@weinzierl> The security nihilism is thinking "why try to defend yourself if there are so many attack vectors". Also, my phone has no malicious apps. (It's a GNU/Linux phone.)

<@weinzierl> IT's easy to replace a phone, a car not so much

<@weinzierl> I figure it's probably about 1000x easier to gain sufficient access to someone's car to put a tracker on it than their phone

<@weinzierl> Then can you explain why special hardware still keeps showing up in victims' cars?

<@weinzierl> I don't think the economics are a problem. I think it'll be the fed they call in to testify that will shed crocodile tears about how some murdering pedophile was brought to justice using this data.

Very similar to how we lost a ton of civil liberties because shows like 24 bombarded the country with ideas that the only way to stop terrorism was torture.

Unfortunately, a good number of people will happily sacrifice liberties that will be abused simply because it might catch a single bad guy.

<@weinzierl> > We'd need a hard crackdown on location privacy ....... Good luck with mobilizing enough "political will"

Genuine LOL

Here we have the GDPR. It works. (Contrary to much tech-bro propaganda spouted on here).