1

Let's say someone uses GSM network mobile phone to pursue his/her online activities on social networking platforms. The mobile phone is Android and all online activities are done through a VPN tunnel (Droid VPN). Posit He/She runs a Facebook account that cannot be identified whose account is it in person.

Can the origin/owner (by tracing mobile phone number/ location) be identified by anyone tracing that social platform or mobile activities? If yes how that can be thwarted?

Scenario example:

CellX(a GSM mobile phone) is on BTSY (network tower under which cellX resides).

On May 6, 2018 at 24:30:02:2034 owner of cellX posted on Facebook and BTSY adds timestamp, IME, apps that generated that packets, geolocation, destination of the packets etc.

Authority later collects all packets between 24:30:02:2034-5 seconds and 24:30:02:2034+5 seconds i.e. timestamp filter.

From those packets authority applies further filters like geolocation (of suspicious places) and more filters just to track the original poster. Likewise more filter to be applied utill the poster is pinpointed! All these processes are done while the authority is unaware of the content of the packets due to encryption, let alone if the authority is able to decrypt the packets! Could you suggest a way of being pseudonymous?

SIslam
  • 59
  • 6

1 Answers1

2

Well, that is hard to answer. He should not be identifiable by the GSM internet connection thanks to the VPN, but the native Facebook/Messenger app will almost certainly identify him by grabbing data of his phone if allowed. Facebooks core business is gathering data about people and they do not shy away from that with their apps. They try to grab all contacts, phone number, GPS position, SMS and just generally everything they can get their hands on.

If you want to remain anonymous/pseudonymous I would strongly recommend avoiding Facebook if at all possible. If not, there is an opensource app that allows access to Facebook and tries to not reveal private information that is not voluntarily provided. It may or may not be successful at preventing identification of the user.

Peter Harmann
  • 7,728
  • 5
  • 20
  • 28
  • @ Peter Harman thank you! let alone native facebook! But I have heard that something that there is a stored procedure in the BTS (network tower under which that device resides) that adds unique token to the each packets generated from each phone. based on the timestamp of the facebook post those packets are filtered and suspicious packets are sorted out.Based on several other filtering(I do not know those but heared) those previously filtered packets can be further sorted and sorted untill original facebook poster is identified!!! enlighten those please. – SIslam May 04 '18 at 12:16
  • @SIslam I never heard about those and I am not sure if those actually exist. The network tower can locate any phone. That is just sad technical inevitability. But the tower should not be able to identify what packet is what in a VPN tunnel, so while correlation attacks are possible, they would probably be expensive, especially if you use your phone for other purposes. But it could be possible in theory. – Peter Harmann May 04 '18 at 12:19
  • @ Peter Harmann If I use facebook app to post and messenger to chat, can third party (say govt. of a country in Asia) see the content of post or chat? I am referring to official facebook and messenger app in this case. – SIslam Jun 20 '18 at 04:38
  • @SIslam As for the network tower: No. A VPN tunnel encrypts everything. They can somewhat guess where you are sending the data using correlation attacks as I said, but they certainly can't see the content. Of course a government should be able to just request the content from Facebook. Facebook stores all posts and messages that are not part of their secret conversation feature. – Peter Harmann Jun 20 '18 at 12:49