Hacker News new | ask | show | jobs
by ng55QPSK 1396 days ago
Both informations are abstract identifiers and are decoded in a database to 'real' values only, PHY doesn't care about your decrypted ID. If the operator keeps that database closed, a reasonable privacy of who and where can be done.
2 comments
octoberfranklin 1396 days ago
Yeah, so I can blend into that huge crowd of people who both (a) sleep in the same bedroom as me and (b) work at the same office as me.

Great anonymity set you've got there.

link
ng55QPSK 1396 days ago
So you have ID41323 and ID53242 over night (or at daytime) in the same location, how do you map this back to names?

It's not impossible, but you need data that exists (like house-to-name mapping) from databases outside of the reach of the operators.

And the location information in the network is only as precise as needed. Most of the time this is a cell area, so 100s of m2.

link
harry8 1396 days ago
> If the operator keeps that database closed

Serious question, how much would you stake on that happening?

link
ng55QPSK 1396 days ago
Serious answer: I have seen operators taking this serious. It's also a european trend not to blindly accept law enforcement requests to open data anymore.

For US companies: read something on the recent twitter example.

link
harry8 1395 days ago
No, you have not understood. I'm not asking your opinion about seriousness.

I'm asking how much. So far you've shown a willingness to stake absolutely nothing, which is fair. Is that your response?

If not, how much?

link
ng55QPSK 1394 days ago
i still don't understand. Should i put a bet (like €50), i can find an operator that closes such databases, or that you find an operator that doesn't?

I'm part of the mobile communication industry (while being in research) and part of my job is interacting with operators.

link
harry8 1388 days ago
It's one thing to say "Oh yes, it's taken very seriously" when you have nothing riding on it.

It's another to pledge you will donate $100,000 to the FSF or whatever if data gets out in the next 5 years.

The first is worth nothing. The second claim is possible to have some weight.

The stuff gonna get hacked and we both know it. Why pretend otherwise?

link