"New Smartphone Vulnerability Discovered by Northeastern Ph.D. Student Reveals Hackers Could Track Your Location"
According to Evangelos Bitsikas, a Ph.D. student at Northeastern University, a recently discovered vulnerability in text messaging may allow attackers to track a user's location. His research team found the flaw by applying a sophisticated Machine Learning (ML) program to data extracted from the relatively primitive SMS system that has dominated mobile phone texting since the 1990s. Bitsikas, who will formally present his research at the 32nd USENIX Security Symposium, explains that it is possible to locate a victim simply by knowing their phone number and having normal network access. Eventually, this leads to the user's global location being tracked. Bitsikas says that SMS security has marginally improved since its initial creation for 2G systems 30 years ago. When a user receives a text message, their phone automatically responds with a notification to the sender, which is essentially a delivery receipt. A hacker would send multiple text messages to the user's phone through Bitsikas' method. The timing of their automated delivery replies would allow the hacker to triangulate their location, regardless of whether the user's communications are encrypted. This article continues to discuss the possibility of hackers using ML to exploit a text messaging vulnerability.