floating car data from smartphones what google and waze
play

Floating Car Data from Smartphones: What Google And Waze Know About - PowerPoint PPT Presentation

Nov 13, 2022 •415 likes •951 views

Floating Car Data from Smartphones: What Google And Waze Know About You and How Hackers Can Control Traffic Black Hat | Europe March 12-15, 2013 Tobias Jeske Institute for Security in Distributed Applications TU Hamburg-Harburg

  1. Floating Car Data from Smartphones: What Google And Waze Know About You and How Hackers Can Control Traffic Black Hat | Europe March 12-15, 2013 Tobias Jeske Institute for Security in Distributed Applications TU Hamburg-Harburg tobias.jeske@tu-harburg.de Tobias Jeske: Floating Car Data from Smartphones p. 1/53

  2. Agenda Agenda • Introduction • Protocol Analysis Google Protocol Waze Protocol • Evaluation Privacy Authenticity / Attack • Solution Requirements Zero-Knowledge Protocols Protocol Discussion • Conclusion Tobias Jeske: Floating Car Data from Smartphones p. 2/53

  3. Introduction Agenda • Introduction • Protocol Analysis Google Protocol Waze Protocol • Evaluation Privacy Authenticity / Attack • Solution Requirements Zero-Knowledge Protocols Protocol Discussion • Conclusion Tobias Jeske: Floating Car Data from Smartphones p. 3/53

  4. Introduction TMC • Navigation devices receive traffic reports on the Traffic Message Channel (TMC) • Sources → the police, traffic cameras, inductive loops, volunteers... • Radio stations transmit TMC data in the non-audible range of the FM frequency band • TMC is widespread, however,... • traffic reports are often out of date • low transfer rate • In 2007 Andrea Barisani and Daniele Bianco showed how counterfeited TMC messages can be sent to navigation devices [3] • TMC data is not transmitted encrypted but... • it is necessary that the navigation devices are in the range of the transmitter Tobias Jeske: Floating Car Data from Smartphones p. 4/53

  5. Introduction Google Live Traffic • In 2007, Google added Google Live Traffic to Google Maps [7] • Google uses position data of smartphones with Android operating system [2] • Floating Car Data (FCD) • Real-time traffic information • Since 2011, Google Live Traffic has been used to optimize route calculation in Google Navigation [9] → traffic jams avoidance! Tobias Jeske: Floating Car Data from Smartphones p. 5/53

  6. Introduction Waze • Free GPS application, which uses FCD of smartphones in order to generate traffic information in real- time [12] • The application can be installed on Android, IOS, Windows Mobile, Symbian and BlackBerry • In the iTunes Store top 20 of free apps → 36 million users end of 2012 • Users can add new roads, report accidents, traffic jams and speed traps directly via the Waze-App Tobias Jeske: Floating Car Data from Smartphones p. 6/53

  7. Protocol Analysis Agenda • Introduction • Protocol Analysis Google Protocol Waze Protocol • Evaluation Privacy Authenticity / Attack • Solution Requirements Zero-Knowledge Protocols Protocol Discussion • Conclusion Tobias Jeske: Floating Car Data from Smartphones p. 7/53

  8. Protocol Analysis Google Protocol • Smartphone data is transmitted to https://www.google.com/loc/m/api • Man-in-the-middle attack using mitmproxy [1] • Google Nexus S smartphone with Android 4 • Install root certificate from mitmproxy • Configure a system-wide proxy server • Analyze packets and source code (only available for older Android versions, Apache License version 2.0) smartphone mitmproxy Provider Tobias Jeske: Floating Car Data from Smartphones p. 8/53

  9. Protocol Analysis mitmproxy MASF header is marked red compressed protobuf payload is marked blue Tobias Jeske: Floating Car Data from Smartphones p. 9/53

  10. Protocol Analysis Google Protocol • The protocol is a request/response protocol and based on MASF (Mobile Application Sensing Framework) The Google Protocol in a nutshell: • Smartphone sends Google status information of the GPS, wireless and mobile unit → data amount depends on the units activated and the system configuration • Google responds with the (approximate) location of the phone → speeds up later location determination Tobias Jeske: Floating Car Data from Smartphones p. 10/53

  11. Protocol Analysis MASF Request Message 00 02 00 a 0 . . . a ℓ x b 0 . . . b 7 c 0 c 1 c 2 c 3 00 “g” app name, app fixed cookie encoding MASF version, platform ID, body length distri. channel plain 01 00 d 0 d 1 “g:loc/ql” 00 00 e 0 e 1 e 2 e 3 f 0 . . . f ℓ f block ID service URI service payload length payload version (protobuf) zipped 01 01 d 0 d 1 “g:loc/ql” 00 00 6 d 72 00 00 “ROOT” 00 e 0 e 1 e 2 e 3 f 0 . . . f ℓ f “g” g block ID service URI service MIME ROOT payload length payload version (protobuf) Tobias Jeske: Floating Car Data from Smartphones p. 11/53

  12. Protocol Analysis MASF Response Message j 0 . . . j ℓ j k 0 k 1 k 2 k 3 n 0 . . . n ℓ n 00 02 g 0 g 1 g 2 g 3 81 00 h 0 h 1 i 1 i 1 response status fixed overall length ID encoding payload length payload type code (protobuf) Tobias Jeske: Floating Car Data from Smartphones p. 12/53

  13. Protocol Analysis Protocol Buffers Payload • Protocol Buffers [8] to encode payload • Data format developed by Google to serialize data structures • Binary format → high processing speed and data density • Open source since July 2008 • Request: • Request element contains zero, one or more profiles → Cellular , Wifi and Location (GPS) • Platform profile Platform → android/google/soju/crespo:4.0.4/IMM76D/ 299849:user/release-keys Platform Key → pseudonym to track smartphone • Response: • Current position (if possible) • Location of individual Wi-Fi AP and radio towers • New Platform Key (optional) Tobias Jeske: Floating Car Data from Smartphones p. 13/53

  14. Protocol Analysis Protocol Buffers Payload (Request) message LatLngMsg message RequestMsg required fixed32 Lat = 1; message PlatformProfileMsg required fixed32 Lng = 2; required string Version = 1; optional string Platform = 2; message LocationProfileMsg optional string PlatformKey = 3; optional LatLngMsg LatLng = 1; optional string Locale = 5; optional int32 Accuracy = 3; optional int64 Timestamp = 6; message CellularPlatformProfileMsg optional int32 LocType = 8; optional int32 RadioType = 1; optional int32 Altitude = 10; optional string Carrier = 2; optional fixed32 Speed = 16; optional int32 HomeMnc = 4; optional bool PluggedIn = 17; optional int32 HomeMcc = 5; optional CellularPlatformProfileMsg CellPlatformProfile = 6; message CellMsg required int32 Lac = 1; required PlatformProfileMsg PlatformProfile = 1; required int32 Cellid = 2; message RequestElementsMsg optional int32 Mnc = 3; optional int32 Mcc = 4; message CellularProfileMsg optional int32 Rssi = 5; required CellMsg PrimaryCell = 1; optional int32 RadioType = 10; required int64 Timestamp = 2; optional CellularProfileMsg CellularProfile = 1; message WifiDeviceMsg required string MAC = 1; message WifiProfileMsg optional string SSID = 2; required int64 Timestamp = 1; optional int32 Rssi = 4; repeated WifiDeviceMsg WifiDevice = 2; optional WifiProfileMsg WifiProfile = 2; optional LocationProfileMsg LocationProfile = 3; repeated RequestElementsMsg RequestElements = 4; Tobias Jeske: Floating Car Data from Smartphones p. 14/53

  15. Protocol Analysis Protocol Buffers Payload (Response) message LatLngMsg message ResponseMsg required fixed32 Lat = 1; required int32 Status = 1; required fixed32 Lng = 2; message LocReplyElementMsg required int32 Status = 1; message LocationProfileMsg optional LocationProfileMsg Location = 2; optional LatLngMsg LatLng = 1; optional int32 Accuracy = 3; message DeviceLocationMsg optional int64 Timestamp = 6; optional LocationProfileMsg Location = 1; optional int32 LocType = 8; optional CellMsg Cell = 2; optional int32 Altitude = 10; optional fixed32 Speed = 16; optional WifiDeviceMsg WifiDevice = 3; optional bool PluggedIn = 17; repeated DeviceLocationMsg DeviceLocation = 3; message CellMsg repeated LocReplyElementMsg LocReplyElement = 2; required int32 Lac = 1; optional string PlatformKey = 3; required int32 Cellid = 2; optional int32 Mnc = 3; optional int32 Mcc = 4; optional int32 Rssi = 5; optional int32 RadioType = 10; message WifiDeviceMsg required string MAC = 1; optional string SSID = 2; optional int32 Rssi = 4; Tobias Jeske: Floating Car Data from Smartphones p. 15/53

  16. Protocol Analysis Agenda • Introduction • Protocol Analysis Google Protocol Waze Protocol • Evaluation Privacy Authenticity / Attack • Solution Requirements Zero-Knowledge Protocols Protocol Discussion • Conclusion Tobias Jeske: Floating Car Data from Smartphones p. 16/53

  17. Protocol Analysis Waze Protocol • Simple request/response protocol • Complete source code is released under the GNU General Public License v2 • Position data is transmitted in the clear • TLS for login • Use mitmproxy to record packets • Transmitted data is encoded as an ASCII string • User usually registers himself before using the app • User gets a server ID and a cookie from the server • All subsequent messages contain the ID and the cookie Tobias Jeske: Floating Car Data from Smartphones p. 17/53

Recommend

Compar ing Waze and T MC Data Aug ust 25, 2020 Chie f, T MC Ope ra tio ns, Jason Dic e mbr

Compar ing Waze and T MC Data Aug ust 25, 2020 Chie f, T MC Ope ra tio ns, Jason Dic e mbr

Compar ing Waze and T MC Data Aug ust 25, 2020 Chie f, T MC Ope ra tio ns, Jason Dic e mbr e MDOT SHA Offic e o f T ra nspo rta tio n Mo b ility & Ope ra tio ns (OT MO) Dire c to r o f I nfo rma tio n Re se a rc h, AE M Co rpo ra

266 views • 16 slides
on Smartphones & Tablets with Trusted Computing Stefan Saroiu Microsoft Research (Redmond)

on Smartphones & Tablets with Trusted Computing Stefan Saroiu Microsoft Research (Redmond)

Protecting Data on Smartphones & Tablets with Trusted Computing Stefan Saroiu Microsoft Research (Redmond) Smartphones have displaced PCs as the primary computing device Smartphones Store Sensitive Data Sensor Readings Have Value

1.34k views • 83 slides
Agencies Data September 14, 2017 I-95 Corridor Coalition - Crowdsourcing Summit 1

Agencies Data September 14, 2017 I-95 Corridor Coalition - Crowdsourcing Summit 1

Rob Bamford TRANSCOM Integrating Waze data with Public Agencies Data September 14, 2017 I-95 Corridor Coalition - Crowdsourcing Summit 1 Integrating Waze Data with Public Agencies Data TRANSCOM I-95 Crowdsourcing Summit September

624 views • 27 slides
There are three prime targets for attackers: Data : smartphones are devices for data

There are three prime targets for attackers: Data : smartphones are devices for data

Security & Knowledge Management a.a. 2019/20 There are three prime targets for attackers: Data : smartphones are devices for data management, and may contain sensitive data like credit card numbers, authentication information,

334 views • 10 slides
Floating Point Data CSCI 125 & 161 / ENGR 144 Floating point numbers are not exact

Floating Point Data CSCI 125 & 161 / ENGR 144 Floating point numbers are not exact

Floating Point Data CSCI 125 & 161 / ENGR 144 Floating point numbers are not exact Value 0.1 is very close to 1/10, but not Lecture 13 precisely equal to it 0.1 10 = 0.000110011001100110011... 2 Cannot rely on accuracy of

313 views • 3 slides
FLOATING POINT REPRESENTATION ABOUT FLOATING POINTS Integer Data Type 32-bit unsigned integers

FLOATING POINT REPRESENTATION ABOUT FLOATING POINTS Integer Data Type 32-bit unsigned integers

FLOATING POINT REPRESENTATION ABOUT FLOATING POINTS Integer Data Type 32-bit unsigned integers limited to whole numbers from 0 to just over 4 billion What about national debt, Avogadros number, Googlethe number? 64-bit

229 views • 22 slides
Unobtrusive Sleep Monitoring using Smartphones Ying Wang

Unobtrusive Sleep Monitoring using Smartphones Ying Wang

Unobtrusive Sleep Monitoring using Smartphones Ying Wang https://play.google.com/store/apps/detail s?id=org.bewellapp About the Application Sleep quality and quantity impacts personal health. --blood pressure --high stress --anxiety

301 views • 19 slides
Google Analytics Overview Whats Google Analytics? The Google Analytics

Google Analytics Overview Whats Google Analytics? The Google Analytics

Google Analytics Overview Whats Google Analytics? The Google Analytics implementation formula. Steps involved in installing Google Analytics. Tracking events, campaigns and ecommerce data. Creating goals and funnels

652 views • 40 slides
Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur

Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur

ECE 0142 Computer Organization Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur floating-point programming. Floating point greatly simplifies working with large (e.g., 2 70 ) and small (e.g., 2 -17 )

638 views • 30 slides
Big Data on Google Cloud Using Cloud Dataflow, BigQuery, and friends to process data the Cloud

Big Data on Google Cloud Using Cloud Dataflow, BigQuery, and friends to process data the Cloud

Big Data on Google Cloud Using Cloud Dataflow, BigQuery, and friends to process data the Cloud way William Vambenepe, Lead Product Manager for Big Data, Google Cloud Platform @vambenepe / vbp@google.com Agenda 1 Big Data at Google 2

969 views • 38 slides
Privacy on Smartphones Presentation by Claude Barthels Roadmap TaintDroid: An

Privacy on Smartphones Presentation by Claude Barthels Roadmap TaintDroid: An

Privacy on Smartphones Presentation by Claude Barthels Roadmap TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones MockDroid: Trading Privacy for Application Functionality on Smartphones

429 views • 38 slides
A First Look at Deep Learning Apps on Smartphones Mengwei Xu 1 , Jiawei Liu 1 , Yuanqiang Liu 1

A First Look at Deep Learning Apps on Smartphones Mengwei Xu 1 , Jiawei Liu 1 , Yuanqiang Liu 1

A First Look at Deep Learning Apps on Smartphones Mengwei Xu 1 , Jiawei Liu 1 , Yuanqiang Liu 1 Felix Xiaozhu Lin 2 , Yunxin Liu 3 , Xuanzhe Liu 1 1 Peking University, 2 Purdue University, 3 Microsoft Research Deep learning is popular Google is

828 views • 36 slides
Google Charts Display live data on your site 1 Using Google Charts

Google Charts Display live data on your site 1 Using Google Charts

Google Charts Display live data on your site 1 Using Google Charts https://developers.google.com/chart 2 3 we want to represent this data 4 Step 1 create a container div inside an html page 5 Step 2 create a .js fi le with the following

216 views • 20 slides
6/29/2017 Floating Point Integer data type 32-bit unsigned integers limited to whole numbers

6/29/2017 Floating Point Integer data type 32-bit unsigned integers limited to whole numbers

6/29/2017 Floating Point Integer data type 32-bit unsigned integers limited to whole numbers from 0 to just over 4 billion What about large numbers (e.g. national debt, bank bailout Floating point representation bill, Avogadros

186 views • 7 slides
arXiv:1706.03762v5 [cs.CL] 6 Dec 2017 Llion Jones Aidan N. Gomez ukasz Kaiser

arXiv:1706.03762v5 [cs.CL] 6 Dec 2017 Llion Jones Aidan N. Gomez ukasz Kaiser

Attention Is All You Need Ashish Vaswani Noam Shazeer Niki Parmar Jakob Uszkoreit Google Brain Google Brain Google Research Google Research avaswani@google.com noam@google.com nikip@google.com usz@google.com

295 views • 15 slides
Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point

Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point

Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point operations and rounding Lessons for programmers Many more details we will skip (its a 58-page standard) See CSAPP 2.4 for more detail. 1

381 views • 15 slides
Looking to the Future: Use of Smartphones & Beyond Mick Foy 15 th September 2014 Vigilance

Looking to the Future: Use of Smartphones & Beyond Mick Foy 15 th September 2014 Vigilance

Looking to the Future: Use of Smartphones & Beyond Mick Foy 15 th September 2014 Vigilance and Risk Management of Medicines Agenda Use of smartphones & social media What does this mean for pharmacovigilance Introducing WEB-RADR

498 views • 20 slides
Programming and Data Structures (PDS) (Theory: 3-1-0) The IEEE Floating Point Numbers (IEEE 754

Programming and Data Structures (PDS) (Theory: 3-1-0) The IEEE Floating Point Numbers (IEEE 754

CS11001/CS11002 Programming and Data Structures (PDS) (Theory: 3-1-0) The IEEE Floating Point Numbers (IEEE 754 format) Floating Point Numbers (reals) To represent numbers like 0.5, 3.1415926, etc, we need to do something else. First, we

286 views • 10 slides
15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics

15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics

15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics IEEE Floating Point Standard Rounding Floating Point Operations Mathematical properties class03.ppt 15-213, F06 Floating Point

1.03k views • 34 slides
Mobile and Ubiquitous Computing on Smartphones Lecture 6a: Mobile and Location-Aware Computing

Mobile and Ubiquitous Computing on Smartphones Lecture 6a: Mobile and Location-Aware Computing

Mobile and Ubiquitous Computing on Smartphones Lecture 6a: Mobile and Location-Aware Computing Emmanuel Agu Locations in Android: Some Updates Location My slides: Covered Android.location: As I mentioned, Google would prefer you NOT use

696 views • 41 slides
Google Cloud for Data Crunchers Patrick Chanezon, Developer Advocate, Cloud @chanezon,

Google Cloud for Data Crunchers Patrick Chanezon, Developer Advocate, Cloud @chanezon,

Google Cloud for Data Crunchers Patrick Chanezon, Developer Advocate, Cloud @chanezon, chanezon@google.com Ryan Boyd, Developer Advocate, Apps @ryguyrg, rboyd@google.com Kirrily Robert, Data Engineer, Freebase.com @skud, skud@google.com

853 views • 68 slides
Information as Bits What kinds of data do we need to represent? - Numbers integers, floating

Information as Bits What kinds of data do we need to represent? - Numbers integers, floating

CSC 2400: Computer Systems Information as Bits What kinds of data do we need to represent? - Numbers integers, floating point, - Text characters, strings, - Images pixels, colors, shapes, - Sound - Instructions -

782 views • 53 slides
Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations !

Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations !

Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations ! Mathematical properties Next time ! The machine model Chris Riesbeck, Fall 2011 Monday, October 3, 2011 Checkpoint Monday, October 3, 2011 IEEE

1.07k views • 28 slides
9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point

9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point

9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point standard: Definition Floating Point Example and properties Rounding, addition, multiplication CSci 2021: Machine Architecture and

339 views • 7 slides

More recommend