Why wouldn't carriers be able to ask your phone about what it thinks its location is?
> Apple made a good step in iOS 26.3 to limit at least one vector of mass surveillance, enabled by having full control of the modem silicon and firmware. They must now allow users to disable GNSS location responses to mobile carriers, and notify the user when such attempts are made to their device.
They never said "triangulate" but read phone for information. Your inner monologue swapped what was written with an already understood technical method.
And just because access to GPS has never been confirmed publicly before does not mean they previously only relied on tower triangulation.
Worked for Sprints network team before they bought Nextel. We had access to eeeeverything.
The crux of the argument seems to come from this
> It’s worth noting that GNSS location is never meant to leave your device. GNSS coordinates are calculated entirely passively.
OK so? The fact that GPS is calculated passively means nothing about the phone being asked what its position is after the fact.
The article admits this capability is no secret
> These capabilities are not secrets but somehow they have mostly slid under the radar of the public consciousness.
If the article just wants to say phones should block that ability, fine. But don't pretend this is some shady BS.
It is shady BS, and it’s why this phrase appeared in the article. Just because industry insiders are aware doesn’t mean it’s not shady.
The same applies to modern cars reporting their information back to manufacturers.
The cell network does not need to know where you are down to the meter and phones have no business giving this information up.
Generally I'd not expect them actively triangulate my exact location, but I'd realise that's at least possible - but GPS data, wake my phone up, switch on the GPS radio, drain it's battery, send that data back... no. That wouldn't be legal where I live either, let alone expected.
Where does the article claim this turns on the GPS if off?
While this is an important question, I don't see the sources mentioning it, what the standards mandate, and how the phones behave.
For example the wiki article https://en.wikipedia.org/wiki/Radio_resource_location_servic... describes the protocol as using the GPS and not as getting the location info from Android.
> The limit precise location setting doesn't impact the precision of the location data that is shared with emergency responders during an emergency call.
The fact that something has some good side effects does not make it good or even reasonable.
Even the article mentions this.
> I have served on a jury where the prosecution obtained location data from cell towers. Since cell towers are sparse (especially before 5G), the accuracy is in the range of tens to hundreds of metres.
I've also personally witnessed murder cases locally where GPS location put a suspect to "100 meters away". The rest of the evidence still pushed the case forward to a guilty verdict, and the phone evidence was still pretty damning.
Certain devices (especially tablets) don't have GPS or various sensors integrated and still can tell you your approximate location, if WiFi is enabled.
Is it a coincidence most smartphone manufacturers were suddenly all on board with removing the 3.5mm jack and forced Bluetooth? A mesh network of sorts like Amazon is doing with Ring. I even sometimes forget to save my battery and turn Bluetooth off when I'm not using my earbuds. It's probably a false sense of security having it disabled because I'm sure it's doing something in the background anyways. I can't say for sure though. Kind of like years ago with Google getting caught with the whole location data thing. I'm sure the average Joe doesn't care if Bluetooth is enabled 24/7.
I try and not be on the tin foil bandwagon, but every once and a while I come across things that make you go hmmm...
A supported carrier: Germany: Telekom United Kingdom: EE, BT United States: Boost Mobile Thailand: AIS, True
Turn limit precise location on or off
Open Settings, then tap Cellular.
Tap Cellular Data Options.
If you have more than one phone number under SIMs, tap one of your lines.
Scroll down to Limit Precise Location.
Turn the setting on or off. You might be prompted to restart your device.
Why does it list specific carriers, then?
Only Boost Mobile in the U.S. Weird. About 7.5M subscribers. Maybe it requires 5G? Wonder if it works when roaming?
https://en.wikipedia.org/wiki/Boost_Mobile
https://en.wikipedia.org/wiki/List_of_mobile_network_operato...
Basically, if you have any cell phone the government can track you. Buying a burner phone with cash (via strawman proxy) seems like the only way to temporarily obscure your location.
I imagine with the ubiquity of cameras in the commons and facial recognition and gait analysis they can knit that up even more.
It's a peer to peer network based on Lora. It really only allows text messaging but with up to 20km hops between peers coverage is surprisingly huge. Incredibly useful if you go hiking with friends (if you get split up you can still stay in touch).
See https://eastmesh.au/ and scroll down to the map for the Victoria and now more widely Australia network that's sprung up.
Based on the very “bursty” nature of LoRA, how much does an adversary need to spend to radiolocate it? What’s the threat model there?
Not by users. The new thing is that Apple allows users to disable this feature. Hopefully they still detect emergency calls on the phone and enable it unconditionally for those.
This is a system you can disable as a user, but it's not the on-modem feature discussed in the article.
The 911 feature can be activated fully remotely, the 112 feature is supposed to only activate when dialing an emergency number.
But we want to support privatization at all cost, even when privatization these days has significant influence on our daily lives, akin to the concerns we had when we placed restrictions on government. Seems like we need to start regulating private actions a bit more, especially when private entities accumulate enough wealth they can act like multi state governments in levels of influence. That’s my opinion, at least.
It really isn't, given that the government literally has a monopoly on violence, and therefore it makes sense to have more guardrails for it. That's not to say private entities should have free reign to do whatever it wants, but the argument of "private entities can do [thing] that governments can't, so we should ban private entities too!" is at best incomplete.
>Furthermore, the issue is exacerbated by then allowing governments to bypass these issues by then just paying private entities to do the things it can’t do as a proxy for the same functional outcomes.
Again, this is at best an incomplete argument. The government can't extract a confession out of you (5th amendment). It can however, interview your drinking buddies that you blabbed your latest criminal escapades to. Is that the government "bypassing" the 5th amendment? Arguably. Is that something bad and we should ban? Hardly.
You're right, it should be even more scandalous for the government to get information out of my drinking buddy, because the information I told him was in confidence, and he promised he wouldn't tell anyone. My cell phone provider, on the other hand, clearly says in their ToS who they'll share data with and in what circumstances.
Anyone who offers them money?
> 'Does Drinking Buddy exist?' 'Of course he exists. The Party exists. Drinking Buddy is the embodiment of the Party.' 'Does he exist like you or me?' 'You do not exist', said O'Brien.
> Oceanic society rests ultimately on the belief that Drinking Buddy is omnipotent and that the Party is infallible. But since in reality Drinking Buddy is not omnipotent and the party is not infallible, there is need for an unwearying, moment-to-moment flexibility in the treatment of facts.
Thats basically the foundational idealogy of the united states. Thats not the issue.
The real issue is your next sentence. The government can just loophole around their intentional limitations by paying private companies to work on their behalf.
https://ballotpedia.org/States_with_initiative_or_referendum
Regulations say the baseband MUST control: all wireless signals (including wifi and GPS), all microphones and speakers, and it must be able to disable the camera electrically. It must have a tamper-resistant identifier (IMEI number ... kind of).
Oh, it must allow calling the emergency services. If in this mode, during a call to the emergency services it MUST be able to send the exact GPS position (not just once, continuously) to the emergency services at the request of the emergency services (ie. NOT the user, and carriers must facilitate this)
By the way, it's worse: as you might guess from the purpose, it doesn't matter if your phone is on the "spying" carrier or not, other carriers can send commands to other carriers' phones' basebands (because "get off this frequency" is required: spectrum is shared, even within countries. Since phones may go from one tower to another and be required to vacate frequencies, you need this command). It doesn't even matter if you have a SIM in your phone or not (ever tought that if eSIM works, it must of course be possible for any provider to contact and send instructions to the phone, so it opens up an end-to-end encrypted connection to the javacard that the actual phone cpu cannot intercept). In some phones it doesn't even matter if the phone is on or not (though of course eventually it dies). So "meshtastic" or anything else cannot make a phone safe.
And in practice it's even worse. A lot of phone manufacturers "save on memory" and use the same memory chips for the baseband processor and the central cpu. Which means that it's a little bit cheaper ... and the baseband has access to all the phone memory and all peripherals connected through the memory bus (which is all of them in any recent phone). It may even be the case that these chips are integrated in the cpu (which I believe is the case for recent Apple chips). Oh and the regulations say: if there's a conflict over control over (most) peripherals, including the microphone and speaker, the baseband processor MUST be guaranteed to win that fight.
Oh and because governments demand this, but of course neither fund nor test these devices, they are old, bug-ridden and very insecure. This also means that despite the government requiring that these features be built into phones, governments, carriers and police forces generally do not have the equipment required to actually use these features (though I'm sure the CIA has implement them all). Not even carriers' cell phone towers: they have to pay extra to allow even just frequency sharing ...
Here is an article about baseband and baseband processors.
https://www.extremetech.com/computing/170874-the-secret-seco...
This is simply not true.
Source: I own a phone where this is not the case. Many Linux phones internally attach their wireless devices via USB, so there is good separation.
Also many upscale phones have decoupled the baseband from things that were once connected to it, as an attempt to improve security. (On iOS for instance the main CPU controls wifi.)
I am entirely, 100% certain that my telco can't just enable the microphone on my iPhone and record me, short of some 0-day exploit. I simply cannot make that bet on many other devices.
That assertion is a bit overblown. And people can easily find out it's overblown with a bit of research.
But at the same time, my whole philosophy is never let it touch any network connected device at all if it is critical. I don't care if it's an Apple device.
Here's reality, mobile carriers have been able to get your location from nearly the inception of mass market mobile phone use. I'm not sure anyone really believed their location was somehow secret and not discoverable. If you're using the phone or internet networks, you're not anonymous. Full stop.
Forget whatever anyone told you about your VPN, or whatever other anonymization/privacy machine that Mr McBean is selling Sneetches these days. Assume everyone is tracked, and some are even watched. Therefore everything you do or say with your devices should be considered content that is posted publicly with an uncertain release date.
The article touches on this by saying Apple is making the baseband/modem hardware now. Something they should have done since day one, and I’m not sure what took them so long. However, it was was clear they didn’t have the expertise in this area and it was easier to just uses someone else’s.
https://www.rfwireless-world.com/terminology/cellular-tower-...
FTA:
> But this is not the whole truth, because cellular standards have built-in protocols that make your device silently send GNSS (i.e. GPS, GLONASS, Galileo, BeiDou) location to the carrier.
2017 Broadband Consumer Privacy Proposal
https://www.congress.gov/bill/115th-congress/senate-joint-re...
So I don't think a single foil sticker would make much difference.
We aren't going to remove the security state. We should make all attempts to, but it won't happen. What needs to happen is accountability. I should be able to turn off sharing personal information and if someone tries I should be notified and have recourse. This should also be retroactive. If I have turned off sharing and someone finds a technical loophole and uses it, there should be consequences. The only way to stop the rampant abuse is to treat data like fire. If you have it and it gets out of control you get burned, badly.
This is all automatic and completely pervasive. Worrying about GPS and userspace computers in the smartphone is important but even if you protect that you've already lost. The baseband computer is announcing your position by the minute. Cell phones couldn't really work without the basestations deciding where you are and which will handle you.
kayodelycaon•1h ago
This isn’t a new capability and shouldn’t be surprising.
michaelt•1h ago
hammock•1h ago
roywiggins•1h ago
This is a specific service inside the phone that looks for messages from the carrier requesting a GPS position, it could just refuse, or lie. It's not the same as cell tower triangulation.
winstonwinston•1h ago
roywiggins•1h ago
winstonwinston•54m ago
hammock•51m ago
kortilla•1h ago
cosmicgadget•1h ago
yetihehe•1h ago
Last time I called 911 (well, it's 112 in my country) my android phone asked if I want to provide gps coordinates. I did, but they still asked for address, so probably this is not integrated/used everywhere.
nkrisc•1h ago
kotaKat•1h ago
https://rapidsos.com/public-safety/unite/
When the call comes in they can click a button and query RapidSOS for current 911 calls for that number and pull the information inwards.
https://www.baycominc.com/hubfs/2025%20Website%20Update/Prod...
cenamus•31m ago
anonymousiam•1h ago
Tons of "free" and crapware apps are also recording location, and sending it to data brokers.
https://www.wired.com/story/jeffrey-epstein-island-visitors-...
jeroenhd•1m ago
https://5g-tools.com/5g-nr-timing-advance-ta-distance-calcul... shows an example of the parameters necessary. I don't think you can get your smartphone to dump those stats for you, but the granularity of the individual distance measurement is in the tens of centimeters.
Etheryte•1h ago
cosmicgadget•1h ago
TheNewsIsHere•1h ago
Between buying a phone and reading the OS EULA to providing an E911 address to my carrier, I can count at least three disclosures of this feature.
Nothing is secret or magic here.