Mobile phone privacy becomes transparent in seconds, this is how the WIFI probe works →

1. Mobile phone privacy and security are not stable

Xiaobai: Big Dongdong, big Dongdong! Have you watched this year's 315 Gala? It's so scary!

Dadong: Are you talking about the WiFi probe box?

Xiaobai: Yes, as long as you turn on the WiFi of your mobile phone, this thing can obtain your mobile phone number. Don’t you think it’s scary? In this era of big data, mobile phone numbers are used everywhere. If it gets my mobile phone number, it will find the door to my personal privacy!

Xiaobai: The key is that these boxes are placed in various crowded places, such as shopping malls, supermarkets, convenience stores, and office buildings, and data information is obtained without the knowledge of our users.

Dadong: When you are shopping, visiting a supermarket, or buying things, your mobile phone number has already been obtained by others.

Xiaobai: It feels like being stripped naked in the street.

2. Pandora's Box

Xiao Bai: So when did this new technology called the probe box appear? It's so dark.

Dadong: Actually, WiFi probes are not new. They were already very mature in foreign countries seven or eight years ago. It was just that they did not show much harm in the past, so they did not generate large-scale discussions. Now it has attracted everyone's attention because it combines the power of big data and produces some amazing functions through technologies such as association matching, character profiling, and behavior analysis.

WiFi probe box (Image source: Baidu)

Xiaobai: Although this box is small, it is actually a Pandora's box. How is this done?

Dadong: In fact, its working process is very simple. When your mobile phone wireless LAN, or WiFi, switch is turned on, the mobile phone will send out a signal to search for wireless networks in the surrounding area. When the probe box detects this signal, it can quickly identify the MAC address of the user's mobile phone, then convert it into an IMEI number, and then into a mobile phone number.

Xiaobai: MAC address? I number? What are these?

Dadong: The MAC address (Media Access Control Address) of a mobile phone is the network card address of the mobile phone. In other words, it is the ID number of the mobile phone network card. The MAC address is also called the physical address or hardware address. It is used to define the location of a network device. It consists of a string of English and numbers and is globally unique. You can check the MAC address of your mobile phone in the WLAN settings of your mobile phone.

Xiaobai: Oh, it’s the mobile internet card!

Dadong: The IMEI number is the International Mobile Equipment Identity (IMEI), commonly known as the mobile phone serial number or "serial number" of a mobile phone. It is used to identify each independent mobile phone and other mobile communication devices in the mobile phone network. It is equivalent to the ID card of a mobile phone.

Xiaobai: I didn’t expect that a mobile phone would require so many documents!

Dadong: With the IMEI number, you can query the owner's information through the telecommunications operator.

Mobile phone information (Image source: Bing search)

3. Privacy theft

Dadong: The probe box is just the beginning of this privacy theft.

Xiaobai: I have a feeling the devil’s claws will reach my wallet.

Dadong: After obtaining the user's phone number through the Tanzhen Box, it matches and queries the database of hundreds of millions of user information in its background, and can even make an accurate profile of the individual, and then carry out a series of marketing, fraud and other behaviors.

Xiaobai: Where does such a large amount of data come from?

Dadong: Such a huge amount of data mainly comes from some software installed on users’ mobile phones. The service terms that we usually agree to are full of mysteries.

Xiaobai: I understand, the permission button!

Dadong: That’s right. Once the app’s permissions are enabled, “the company can use the user data generated when the user uses the software for commercial purposes.” This is the current status of app companies’ use of permissions.

Xiaobai: I have used so many apps, I don’t know how much of my personal privacy has been spread out!

4. Background non-perception monitoring

Xiaobai: App permissions are really hard to prevent! I even feel like when I talk to my friends about buying a phone, the next time I open a shopping app, it starts recommending phones to me before I even start typing!

Dadong: Well, what you said is technically possible.

Xiaobai: What?

Dadong: In the past few days, a team has verified the feasibility of background non-perceptible monitoring technology in the Android environment, and successfully obtained the user's voice information when the user's phone is locked.

Dadong: It's not just the Android system, the iOS system also has the same problem, but the security threshold of the iOS system is higher, and implementation requires greater technical difficulty.

Xiaobai: Can I exit the app manually?

Dadong: First of all, most users press the home button to return to the menu and switch apps. The process is always hanging in the background process, which does not kill the process. Even if the app is exited, the exited app can still use the combination attack method to be awakened by other apps.

Xiaobai: There are so many amazing operations!

Dadong: In addition, many mobile phone manufacturers will provide whitelists for some large Internet manufacturers. The apps of whitelisted manufacturers do not need authorization to obtain certain permissions, and this cannot be killed.

5. Defense in Action

Xiaobai: So we small users can only be slaughtered at will?

Dadong: In response to WiFi probe behavior, Apple, Google, and Microsoft have actually taken some measures to protect user privacy: In 2014, Apple added a new feature "MAC address randomization" to iOS 8 to protect user privacy; in 2016, Microsoft also added this feature to Windows 10 to help protect user privacy and prevent user tracking based on device MAC addresses. This feature has been added to the new Android P system, but it is still an experimental feature and users can enable it in the developer options.

Xiaobai: Come on! All major manufacturers!

Dadong: As an ordinary user, it is more important to enhance awareness of privacy and security and cut off the evil hands of bad manufacturers from yourself.

Xiaobai: Turn off the WiFi switch when going out and never connect to unfamiliar WiFi!

Dadong: You should also be careful when using apps.

Xiaobai: Don’t use abnormal apps, and don’t register on them to leak personal information. Be more careful when the app asks for operating permissions, and don’t easily choose “Always Allow”.

Dadong: Xiaobai’s summary is good.