Bounty hunters track targets by buying realtime location data generated by T-Mobile, Sprint, and AT&T




I haven’t found a reliably good mobile VPN yet, they all seem to “leak”. But if you’re really paranoid you can do a SOCKS proxy through the VPN and have robust cutomizable firewalling with randomized packet forwarding delays to a remote TOR client. All of that together is almost unusably slow but you can mix and match depending on which Orwellian dictatorship’s firewalls and spyware you’re avoiding while travelling.


:-/ In my happy place… Lalalalalalala! I can’t hear you! Lalalalalalala! :frowning_face:


Anyone know if this is also true of the secondary carriers, like Consumer Cellular, etc?


With a few very rare and extremely localized exceptions (I think there’s still one in the Virginia hill country) there are no secondary carriers or independent providers, only resellers of primary carriers. The primary carrier still knows your name, number, IMEI etc.


Approved of by the Church of Scientology!




@!#%#!&%##×@^& !!!

Ill ask this once, nicely, but frothing with rage- can someone please direct me to a technological solution to this? I’m not a criminal, have no criminal record, but I’m fucking sick of this shit. If its not the phone companies abusing this, its the NSA, and now dog the damn bounty hunter.

I’m serious. I would pay for the ability to be left the fuck alone. And don’t even bother with the destroy your phone comments. I want someone who knows what the hell they are doing to explain if there is a way around this. I’m thinking Faraday Cage or lead cell phone holder, ala Dilbert.

I’ve lost count of the endless privacy violation stories due to technology through databases and cell phones over the last even two years. We need an organization that actively fights this stuff at a technological level, and makes the results comprehensible by normal public. Ive had it with modern society.


Tried Algo?

As a bonus since it’s self hosted many systems don’t notice it’s a VPN that otherwise would whine. (Though Netflix always seems to know. Damn you Hollywood!)


There essentially isn’t one. Cellphones leak at least rough location information just in order to work. Don’t know what tower you are near, don’t know where to direct your call. In cases where you have multiple towers in range and are trying to get the optimal result you get some triangulation opportunities and the precision rises.

I don’t doubt that location capabilities as implemented are as good as they are in part because of reasons beyond pure technical necessity; but even a full good faith implementation is pretty revealing.

About the most you can get without this is certain types of pager service(since they rely on ‘dumb’ unidirectional broadcast and the device passively listening); but once you get to bidirectional communication and/or demand data rates that won’t allow the ‘broadcast all the messages everywhere’ approach to work it’s only a question of how long and how often you are willing to fire up the radio vs. remaining silent; and how often you switch burners.

The odds of getting a policy solution aren’t so hot; but at least there’s no fundamental barrier in principle to making a policy of harvesting the responsible parties for organs whenever the behavior is discovered; unlike any of the technical options.


When I started renting out a room in my house, I discovered that I could get anyone’s credit record by just presenting a real (or forged) rental application. Since then I just don’t trust privacy protections. My solution is just to bury my head in the sand. If I ever really have to be on the run from someone, or travel internationally, I’ll leave my phone at home. Until then having the spooks or creeps monitoring my spam folder and daily errands is probably just giving them a bit more noise in the system.


Why not? I think the discomfort of “hey, you can be tracked at any time my anyone” might be enough to incite some politicians to campaign on banning the the practice entirely. It’s not as if this is a huge revenue source for the phone companies (as far as I can tell). They just do it because they can.

In fact, all you might need is one company to decide that trading the few million they make on selling the data is worth the extra customers gained by advertising that they’re the only company that doesn’t put your location on the open market…


Well, it looks like one of the middle man companies totally burned a bail bond company as CWA, from the link:

“The request came through a licensed state agency that writes in approximately $100 million in bonds per year and passed all up front credentialing under the pretense that location was being verified to mitigate financial exposure related to a bond loan being considered for the submitted consumer,” Microbilt said in an emailed statement. In this case, “licensed state agency” is referring to a private bail bond company, Motherboard confirmed.

“As a result, MicroBilt was unaware that its terms of use were being violated by the rogue individual that submitted the request under false pretenses, does not approve of such use cases, and has a clear policy that such violations will result in loss of access to all MicroBilt services and termination of the requesting party’s end-user agreement,” Microbilt added. “Upon investigating the alleged abuse and learning of the violation of our contract, we terminated the customer’s access to our products and they will not be eligible for reinstatement based on this violation.”

That is a load of BS, calling the bail agent a “rogue” agent given that the subject tracked by phone in the article volunteered to be tracked, as per the article. Unless by “rogue” they mean exposing this unsavory practice to the public :-/


Well, easier than a Faraday pouch is just turning the phone off, or sticking it in aeroplane mode, when you don’t need it.
Wifi access might be tracked, depending on who’s providing the wifi, and what you’re accessing over that wifi. That information won’t be as easily packaged up as the mobile networks make getting your location though, so you probably wouldn’t have to worry about bounty hunters tracking you that way (instead it would be bored hackers).
If you need to be contactable all the time then you could sign up for something like Google Voice (or other number forwarding system), and then rotate through a series of burner phones every week or so. Not exactly cheap though.

Realistically though, if you need to have a mobile phone and you’re not willing to constantly throw them away each week, then you’re going to be trackable.


Working over wifi + using a VPN mitigates a large chunk. It’s not perfect but you’d not constantly pinging cell towers.

On a practical note, once I ditched FB and Instagram and started relying on wifi, I was able to use a tiny (<2gb data) plan to save money.

Think about it - how often do you expect a phone call out and about? And mapping apps can save directions offline.


Anything else is a compromise and you evaluate the risk accordingly.


I wasn’t very clear in the description above, the “VPN” is just on the phone to block apps that don’t need to get out and as a preliminary filter to restrict those that do from unnecessary hosts. Any traffic passing that initial stage goes through the SOCKS proxy to an SSH tunnel to private hosting where more capable firewalls can do deep content inspection and filter further, (SSL and friends are handled with an intentional MITM attack on myself). This is because some apps do need to get out but are more “chatty” than they should be, (e.g. one filter checks for the phone’s MAC address, IMEI, and current IP address). From there it can (if necessary) get proxied through TOR.
Ironically, I have no need for any of this, I set part of it up originally for travelling and then expanded because I was annoyed by all the tracking and curious how much effort it would be.
And even with all this it’s not really “secure”. I am trusting the app manufacturers to not be maliciously exfiltrating data in hidden ways and it would be easy for a state actor to get my real physical cell phone numbers at any time by looking at the bills I pay and asking the carriers. From there it’s game over.
All I’ve really done is hide from Fuckerberg’s ilk and randos.
But that’s my low-risk situation, and it was still a lot of work. I sure wouldn’t want to be in a Snowden-like scenario, my brain hurts just thinking of all the wrinkles in that attack surface!


Pretty sure Richard Stallman knew.


I Gave a Bounty Hunter $300. Then He Located Our Phone

This reminds me of that scene in Goodfellas. You know, the one where the narrator describes how Pauly absolutely refused to ever use the phone. He wouldn’t even have one in his house.


This topic was automatically closed after 5 days. New replies are no longer allowed.