Three billion WhatsApp users are at risk - an expert has developed a tool that could spy on everyone, and you would never know about it
Three billion WhatsApp users are at risk - an expert has developed a tool that could spy on everyone, and you would never know about it
I’ve read the article - but what can an attacker actually DO using this technique? Drain battery? The article mentions ‘tracking’, but in what way?
I guess that it could also be used to compare different people. Do they have fast and slow connections at about the same time? Then they might be spending time together.
This is clearly not for mass espionage, but at least a theoretical approach to confirm a suspicion.
It could be for mass espionage just by retaining metadata in a database and running continual analysis of it.
Then you’d start to see oatters and associations, so you know where to dig deeper.
If you want “mass surveillance” with thousands of suspects, millions of requests per subject (the paper mentions 20 requests per second IIRC), over weeks … you probably get blocked and/or caught.
Also, your suspects will be “significantly unhappy” if your espionage costs them 11-18% of their battery per hour. Even without other usage, the battery would be dead by noon.
And lastly, this attack uses so much bandwidth that video streaming is impacted. I would guess that it probably needs about 1 MBit, which is 11 GB per 24 hours.
The article states patterns could be drawn from response times. Fast response times could indicate a high-availability, low-latency network (such as being at home), where longer response times could indicate the phone is away from that network, whether on the road or at a store or business, etc.
https://lemmy.pierre-couy.fr/comment/2733652