Researchers from Stanford University have come up with a technique that makes it possible to track Android phones without the need to access their GPS or Wi-Fi data.
Dubbed PowerSpy, the system accomplishes this by examining a phone’s power consumption over the course of time. It benefits from the fact that cellular communication consumes more power the more distant a user is located from a given cell tower. However, a phone’s battery can get used up while performing several other functions, such as taking voice calls, playing music or videos, browsing maps, or surfing the web.
Distance from a cell tower affects battery drain and that can be used to track phones
In order to collect more accurate data, the creators have devised an algorithm that filters out the irrelevant power consumption patterns from the equation. The learning algorithm takes long-term trends into account and treats spikes in power consumption, where the user may be taking a call or using a power-hungry app, as “noise”. The lengthier the power measurement, the more accurate the phone’s projected location can be.
That said, PowerSpy does have its limitations, which were brought to light during a series of tests that were performed on phones using the 3G network. The tracker needs to know a phone’s power usage patterns, in advance, across set out routes. In addition, the technique isn’t very precise when it comes to pinpointing the exact location of a phone. The researchers are currently working to improve their tracking mechanism in both areas.
The research is a wake up call to invest more time and money into finding privacy issues
It is common for apps to seek permission for network connectivity and access to data pertaining to battery usage. To date, there are a total of 179 Android apps on Google Play that request this information at the time of installation. The researchers at Stanford see PowerSpy as the representation of a significant issue with user privacy. They hope that it serves as a wake-up call for Google as well as users who grant access to untrusted apps.
The full research paper can be seen here.