Last night, Facebook unveiled its newest tool for Facebook users. Known as Facebook Places, it’s designed to let people ‘check in’ and share their current location, along with what they’re doing there. For users of previously established services like Gowalla and Foursquare the idea is nothing new. They’ve been reporting and recording their travels for some time now. Users of the social media platform Twitter are more likely to be aware of what location-based check in services are, since they’re accustomed to reporting their own whereabouts or, in some cases, seeing others do it.

For the average Facebook users, though, the idea may be totally new. Basically, users of the iPhone Facebook app, as well as other smartphone users whose devices support Facebook’s mobile interface and geotagging (or geolocation, as it’s also known), will be able to check in at their current location, say what they’re doing, and who they’re with. While it may sound benign enough, Facebook’s past privacy gaffs lead many to wonder if this is just another marketing opportunity for Facebook, at the expense of the unwitting user. Of course, this is definitely the ‘Jason Bourne’ way of looking at it. Is Facebook Places as evil as privacy groups would lead us to believe or is it a useful tool that, if properly configured, can be used to our benefit?

What is Facebook Places supposed to do anyway?

In a perfect, non-commercial world, Facebook Places would be great. One wouldn’t have to worry about the information being used to verify if one’s actual whereabouts were the same as they said they would be. One also wouldn’t have to worry that the information posted would be used by advertisers to target them with specific ads and offers.

Of course, Facebook insists that the only information shared is that which the Facebook user allows to be shared. The truth is that past experience with Facebook has shown that locking down (and keeping locked down) personal and posted information is as easy as plugging the leak in the Titanic. Facebook is a huge ship that just keeps growing. The larger it gets, the harder it is to manage.

Facebook CEO Mark Zuckerberg insists that the purpose of Places isn’t to identify a user’s location. Moreover, he maintains that the new tool will allow users to broaden their horizons by discovering places that their friends have shared. Conversely, their friends will also be able to learn about the places at which they check in. Sounds fabulous, right? Well, as usual, the pesky privacy questions continue to pop up.

Where are the settings for Facebook Places located?

It has been reported that by maintaining the setting of ‘Places I check in’ set to ‘Friends Only’ will ensure that only your ‘real’ friends can see where you’ve checked in. Unfortunately, your friends can also check you in, without your explicit permission, unless you navigate Facebook’s account settings and specifically disable the option. Unlike other settings which allow you to customize on a per-user basis who can do what with your information, photographs, etc, it doesn’t exist for the setting to allow others to check you in. That means you can’t allow some and disallow others. At this point, it’s either everyone or no one, and no one may be the better option.

Within the same settings screen, users can also decide whether they want to be shown on the list of ‘People Here Now’ after they check in somewhere. Below are a few screen shots that will make it easier to locate and change the default settings if you so choose.

Could Facebook Places really be as evil as some say?

If Privacy Settings are customized to ensure that users have granular control over each category of their information. Additionally, if properly used by ethical people with pure hearts, Places could be an interesting and fun tool to use. Unfortunately, there are inevitably cases where good things go horribly wrong. We’ve outlined a few scenarios where Facebook Places might not be in your best interest. Imagine if you were to tell one friend you can’t help them move because you have to work, yet they see you check in at a bar with another friend, with the comment, “Enjoying happy hour.”

Obviously, this wouldn’t sit well with your friend in need. There are other less than pleasant scenarios that one could conjure up. The chances of it happening might be improbable, but it is possible. Additionally, not checking yourself into a place and not disallowing the ability of friends to check you in could also come back to haunt you. Overall, if you’re doing things that you don’t want others to know about, you probably shouldn’t be using any type of social media. Thusly, the possibilities mentioned above probably shouldn’t be of too much concern.

Alternative viewpoints on privacy in the digital age.

In the end, privacy is whatever you define it to be. Some people don’t like coworkers to meet their families. For others, telling everyone within earshot about their personal life is a full-fledged hobby.

For people like Robert Scoble, the noted technical evangelist and blogger, sharing information is just a way of life. He regularly tweets (@Scobleizer) his exact whereabouts and has more than once tweeted his cellular telephone number encouraging people in the area he’s visiting to call him for a meet-up. For him, such practices are part of the job he does and persona he maintains.

For other social media users, though, such unrestricted visibility may not be the best idea. There are family members, friends, employers…as well as the occasional enemy…who might discover something that you really didn’t want discovered. For some, each bit of information must be measured before it’s shared, to ensure that the potential doesn’t exist for it to haunt them later.

A few final points.

Ultimately, anyone who joins a social media platform, such as Facebook or Twitter, should reasonably know that they are, to an extent, giving up any real expectation of privacy. Writing anything on a computer that goes beyond the network or wireless card means that it will likely exist somewhere in the cloud for all of eternity.

Additionally, there is no lack of debate regarding the growing concern among netizens about the privacy and protection of their digital information. The risk will never be eradicated. We can only hope to minimize it by ensuring that any platforms or forums we use incorporate adequate privacy controls, which we have examined closely and later revisit to ensure things are as we left them. This will allow for a balance between the benefits of social media and the risk of our personal information being compromised.

Yes, the key is to maintain a balance between our real and virtual lives. And in case you didn’t remember, that’s what Geek Shui Living is all about.

Source:  The Facebook Blog – Who, What, When, and Now…Where

Since posting a pieced entitled A joint policy proposal for an open Internet on its Public Policy Blog on Monday, Google has once again put on the villain hat, in the minds of many. If you read it, the implications aren’t really that nefarious. When coupled with the potential deal with Verizon last week, Google doesn’t come across quite so heroic. Essentially, Google is doing its part to reshape what net neutrality is and evolves into, as well as how the rules therein will apply to service providers like Verizon.

We won’t pretend that it’s a simple issue. In truth, it is complex and its implications far-reaching. Ultimately, it will affect how each and every person uses the internet each and every day. Last week we posted news of the potential Google, Verizon deal. Is it a net neutrality killer as some have painted it? Alternatively, is Google simply telling the truth about collaborating and contributing to an FCC-approvable definition of net neutrality, when they posted, “We stand ready to work with the Congress, the FCC and all interested parties to do just that.”

Before one can form an educated opinion, it’s necessary to understand what the concept of net neutrality really means. Luckily, our very own Phineas Delgado posted an insightful piece on the FCC’s net neutrality initiative in April of this year. Hopefully, those who read it will be equipped with, at a minimum, a basic understanding of what the concept of net neutrality is, so they can decide for themselves whether efforts by Google, Verizon, and other major players are good or evil. If you’re not in agreement, let someone know. Write your Congressman, Representative, the FCC, or whomever you think might listen. After all, the FCC’s final decision on how to handle this fragile will affect you.

Take a few minutes to get smart on the subject:

Net Neutrality – Americans Finally Root for the FCC. Should They?

Once you’re smart on it, then act, while you still have the chance, by signing this petition:

Emergency Petition to Google: Don’t be evil – stand up for the free and open Internet

Yesterday, AT&T admitted that the personal data of Apple iPad 3G customers had been exposed due to a security flaw. The news was first reported by Gawker and was later confirmed by AT&T.

According to the company, the exposure of personal information was limited to the email addresses of iPad 3G customers, who will be notified formally of the data exposure. In an electronic statement, AT&T spokesman Mark Siegel said, “This issue was escalated to the highest levels of the company and was corrected by Tuesday; and we have essentially turned off the feature that provided the email addresses.”

Notification of the successful exfiltration of the data was provided to Gawker by an unnamed hacker group. The flaw allowed for the exposure of an integrated circuit card ID, within the iPad. For its part, AT&T insisted the only information that could be obtained is the user’s email address.

The company concluded by saying that a full investigation is underway, into the matter.

Source: Gawker Media

According to a Wired report published yesterday, U.S. Senators Joe Lieberman and Susan Collins have co-sponsored a bill that would empower Department of Homeland Security to assume control over the United States’ “critical infrastructure” in the event of an “imminent cyber threat.”

Over the last decade, U.S. dependence upon its cyber-infrastructure has continued to increase. Critical services and operations are increasingly structured around government networks, which are often interconnected via the magic of Al Gore’s internet. This means that any internet outage, local or nationwide in scope, has the potential to decrease the ability of the government to operate. The question is, though, just how much control Homeland Security officials would wield and when and how they would be authorized to use it.

The intent of the bill is to ensure the U.S. government has the ability to maintain the internet alive and useable. One of the possibilities mentioned includes the establishment of internet-based surveillance to assist the business sector. The proposed bill actually takes this idea a step further and would allow President Obama, or whomever succeeds him, to essentially declare a state of cyber emergency. At that time, the National Center for Cybersecurity and Communications, an arm of Homeland Security, would implement emergency measures aimed at preserving critical operations and the communications on which they rely.

One of the issues that arises is just how much control government can exercise over corporate networks. While it is feasible to mandate the development and implementation guidance for government agencies, forcing companies to do the same is a far more difficult task. Adding mandatory, precautionary controls and response measures would require many companies to expand their current IT staff and ensure it includes employees who are specially trained to deal with computer and network security issues.

The definition of what exactly constitutes an emergency would also have to be clearly identified. According to the Wired report, a presidential declaration would require “…knowledge both of a massive network flaw – and information that someone was about to leverage that hole to do massive harm.” This can be compared to law enforcement rules, such as opportunity, means, and intent, all of which have to be present for a crime to occur.

An important point to consider is that the proposed bill contains nothing more, in the way of preventive and reactionary measures, than those that both business and home users should be doing already. These are all part of the programs that computer and network security professionals should develop, update, and test, prior to an emergency occurring. They may have technical names like Continuity of Operations Plans (COOP), Disaster Recover Plans (DRP), and Incident Handling Plans, but they include basic preventive measures like installing and updating antivirus, intrusion prevention, and firewall software and appliances, as well as ensuring installed operating system and software security patches are installed, as soon as they are released by the vendor.

The Lieberman/Collins legislation certainly isn’t the first of its kind. Previously introduced bills have failed to pass, based on the complexity of identifying just how far the government’s reach can extend, when it comes to control of an internet that doesn’t have one single, irrefutable owner. It is certain, though, that some type of contingency plan that will be accepted and, more importantly, embraced by the private sector must be developed. Otherwise, the drama that played out in 2007’s Live Free or Die Hard may become more real than anyone would really like to see.

Source:  Lieberman Bill Gives Feds ‘Emergency’ Powers to Secure Civilian Nets

In an event held at the company’s New York headquarters today, Facebook CEO Mark Zuckerberg announced plans to fix what the now infamous Facebook Social Graph broke. Responding to weeks of internet-based complaints and, even worse, congressional discussion, Zuckerberg explained that simplified options to configure privacy settings are in the works and should be rolled out within the next several weeks.

Following the obligatory remarks on the company’s evolution and growth, Zuckerberg got straight to the point and told people what they wanted to hear. In the official Facebook blog, Zuckerberg writes, “Today we’re starting to roll out some changes that will make all of these controls a lot simpler. We’ve focused on three things: a single control for your content, more powerful controls for your basic information and an easy control to turn off all applications.” Basically, this means that Facebook’s privacy settings will be fixed and the Facepocalypse can be averted. This of course means you won’t have to worry about securing your profile or, even worse, deleting it altogether.

What are the planned changes to the previous changes?

• A single, simplified control that lets users decide who (only friends, friends of friends, or everyone) can view their content. This one control will apply to everything (past, present and future) that you publish on Facebook

Potential benefit: One-click privacy for your content.

• Simplified controls that allows a user to opt-out of new features such as instant personalization and sharing of their information with third-parties

Potential benefit: One-click blocking of the release of your personal information

• The ability to opt out of sharing your list of friends and liked pages, with others

Potential benefit: One-click privacy for you, your friends, and the stuff you like

• Simplified controls to control how non-friends find you and what they can see

Potential benefit: One-click privacy from non-friends

When and how will the changes take effect?

As mentioned above, the changes should start to take effect within the next several weeks. One can be certain that today’s announcement follows weeks of work, in preparation for the changes. As is customary, Facebook will let users know when the changes go live, via the display of a message and/or the sending of an email to the account they used at the time of registration.

When they finally do roll out, we’re interested to know if you find them easier, worse, or just the same. Please take a few minutes to let us know via comment or through the contact page.

__________

Source:  The Facebook Blog – Making Control Simple

This past Friday, May 14, 2010, Google Inc (GOOG) admitted that, since 2006, the company has inadvertently been collecting private network traffic from unsecured wireless connections. How did they do it? Did they strategically position satellites around the globe? Did they deploy sophisticated keystroke logging software to unwitting Gmail users? No, in a move straight from a Scooby Doo villain’s playbook, they strapped a camera to a car and drove around neighborhoods disguised as harmless cartographers.

That’s right. It seems Google’s fleet of cars responsible for driving around cities in more than 30 countries has been taking more than photographs for Google Maps. The tricked out vehicles also picked up and recorded private information, such as user names, passwords, and other unencrypted traffic. So, who is affected? Should we be worried?

Fortunately, if your home or business’ wireless connection was encrypted (i.e. WEP, WPA-2, etc.), you don’t have to worry. The mistake admitted to by Google only affects those wireless network connections which were unsecured and broadcasting at the time of the drive-by.

In an official Google blog post, Alan Eustace, Senior Vice President of Engineering and Research, told readers, “…we have been mistakenly collecting samples of payload data from open WiFi networks.” In what can only be construed as part of a rapid response plan to mitigate the potential public relations damage, Google reports it has already begun notifying the appropriate government agencies in affected countries, such as the United States, Germany, France, Brazil and Hong Kong.

Google made it very clear that the information collected was never used. In their defense, the company contends that wireless network detection tools were utilized but were intended only to map Wi-Fi hotspots for inclusion in Google’s location-based services. They go on to assert that they didn’t even realize what information had been collected until the surprise discovery last week. At that time, Google’s cartographic fleet was temporarily recalled, until changes could be made to the offending software code to preclude further collection.

Ultimately, the likelihood of Google’s vehicles being in one place long enough to collect enough data to be useful is highly improbable. In the wake of the ongoing drama surrounding Facebook’s perceived, blatant disregard for user privacy, though, Google’s notoriety is likely to be amplified. One of the big questions that hasn’t been answered is whether or not the governments of countries involved will openly accept Google’s apology and assume the mistake was unintentional. Another important question relates to how Google plans to effect, confirm, and provide evidence of the data’s destruction.

If there is a lesson that computer users can take away from the story, it is the basic reminder that unsecured Wi-Fi access is never a good idea. Home and business wireless users should ensure their wireless routers and access points are configured to be private and encrypted. In addition to simply enabling encryption (WPA-2 is recommended), it’s also a good idea to turn off the SSID broadcast and enable restrictions by MAC address.

The same also applies even if you’re using free Wi-Fi at a restaurant, library, or other public place. You never know who is grabbing packets from inside the wired network or via Wi-Fi, across the street. If you have no other choice and are forced to use them, do all of your surfing through free or paid web-based anonymization providers, which tunnel your traffic via https:// connections. This will greatly decrease the likelihood of your data being intercepted and used against you.

One of yesterday’s big tech stories was Facebook’s unveiling of the its Social Graph concept. While CEO Mark Zuckerberg may have gone to great lengths to emphasize the benefits of connecting all of the dots on the internet, privacy and security experts almost immediately began cautioning that the changes could be detrimental in terms of user privacy.

As has been the custom in past updates, the social media giant illogically turns on new options by default and advises the user, via an attractive graphic, that they have the choice to “Understand your privacy” and read the details of the change. Even then, the wording is ambiguous, at best. How good or bad are the changes? In the interest of objectivity, it’s still too early to form an educated opinion. In light of the significant changes, though, it is a good time to review some simple steps that every Facebook user should consider, when determining what and how much information they share.

First of all, let’s preface this with the caveat that the suggested settings shown herein are pretty close to maximum Facebook security. They represent the configuration options that users can make to share the least amount of information possible. While not hard, it will take a few minutes to navigate to and fro, in Facebook’s menu hierarchy. If the goal is to have 8,750 friends, around the planet, read no further. Without a doubt these suggestions are for people who value their privacy and don’t want their every Facebook move subject to market analysis. Each of the images will open in a new window, to give you a clear view of the actions described.

Account > Privacy Settings:

On this screen, their are five sub-menus. Users should go through each one and verify each item. Remember, Facebook changes things and turns them “on” by default. You might be surprised what you find. Below, we go through each of the sub-menu items.

Account > Privacy Settings > Profile Information:

On this screen, the privacy conscious can make it easy. Set everything to “Only Friends”. Why? Do you tell strangers on the street or your friend’s friends your birthday, where you live, the names of your children, and finish things off by showing them all of our family photo albums? No, you probably don’t, or at least we hope you don’t. Keep your information within your circle of friends. Also, it’s a good idea to uncheck “Friends can post to my Wall”. It’s like letting someone speak for you, to everyone you know. Not necessary.

Account > Privacy Settings > Contact Information:

This screen is similar to the Profile Information one, above. The goal is the same. Share only information with “Only Friends”. To be even safer, don’t even fill in the fields for phone numbers, hometown, etc. They’re optional. If the person is really your friend, they’ll already have the information. If they don’t they could send you a message on Facebook and ask you for it. No need to publish this kind of stuff when you don’t have to do so. Another good idea is to use a unique email address for Facebook that you will not give to anyone else, register on a website, etc. This way, you can be certain that any message you receive there, to include unwanted and SPAM ones, was generated from Facebook or using your Facebook profile information.

Account > Privacy Settings > Applications and Websites:

Here, again, we have several sub-menus that need to be reviewed and tweaked. Here, you can block applications and check your ignored friends (which might indicate that someone in this scenario isn’t really a very good friend). Here we see the new “Instant Personalization” option Facebook referred to on the home screen. Wow, they made it really easy to find, right? If you don’t plan on “Liking” websites or going to ones just because someone else “Likes” them, uncheck the box. You’re not going to miss out on anything, yet. Also, it’s a really good idea to set who can view your activity in games and applications to “Only Me.” Why? If you’re “Friends” with your boss or coworker, do you want them to see all the time you spend tending vegetables on your farm, while sitting in your cubicle after lunch?

It’s also a good idea to edit the settings of “What your friends can share about you,” on the next screen (accessed via “Edit Settings” from the above screen). Here’s the why behind this one. Your friends should not be able to share your life’s story with anyone else. Think your friends all have enough common sense not to do it? Think again. Everyone has lapses in good judgment. You don’t want it to be with your information. In the example below, we’ve restricted the information that can be shared to our website and our “About me” bio.

Account > Privacy Settings > Search:

Accessed from the “Privacy Settings” menu, here we only have a couple options. It’s time for a decision. Do you want people to be able to search for and find you on Facebook. If you don’t need it, restrict it to “Only Friends”. Even if you choose to leave it set to “Friends of Friends” or “Everyone,” you should at least consider unchecking “Allow” for “Public Search Results”. What’s the difference. People have to be logged in to Facebook to do the first one. They don’t need to be logged in to do the second one.

That pretty much takes care of the “Privacy Settings,” so we can move on to the “My Account” settings.

Account > My Account > Facebook Ads:

Facebook ads are likely part of the inspiration behind the “Social Graph” concept. This one isn’t a huge privacy issue, but if someone is your friend, don’t they know what you like and dislike, for the most part? It’s a good idea to change the setting to “No one” or, at a minimum, “Only friends”.

The last area we’ll take a look at is the Application Settings, to see what we allow and how much we allow it to do.

Account > Application Settings:

This is where we can see what connected apps can do, with our information. You should change the view to show “Allowed to Post” and “Authorized,” since these are the ones that have the potential to share more than you might want. Once you can see the full list, review each and every application. If you don’t use it anymore, get rid of it. If you use, make sure that things like “Access my data when I’m not using the application” and “Publish recent activity to my wall” are unchecked, whenever possible.

In Summary:

Again, the suggested configuration verification and changes listed above do not constitute every possible measure you can take to secure your Facebook profile. They are intended to give you a good foundation of privacy and information security. Even if you implement each and every one, you should periodically review them again, to make sure that newly connected applications haven’t allowed unwanted sharing, based on Facebook’s “Fail-Open” policies. Have a tip not mentioned here? Post it as a comment to let us know and help others, too.

Facebook’s intentions are not evil. They are diligently trying to make the web a better place, through increased opportunities for social interaction. That’s a good thing. Convenience and enjoyment should never make us forget about safety and security, though. Hopefully this information helps a few, interested people tighten things down and better understand the complex hierarchy of permissions that is Facebook. Once you’re done, you can breathe easy and get back to Farmville or finish that bank heist you need have pending in Mafia Wars.

Today the Library of Congress announced, via a tweet, that they are set to obtain the entire archive of tweets. That’s right….every tweet. Specific details have yet to be published, but, reportedly, archives dating back to March 2006 will be kept for their historical value. At first glance, it does make sense, and they’re doesn’t seem to be anything heinous about it. Some tweets are historic in nature.

Take for example the first tweet from President Barack Obama, shortly after winning the 2008 Presidential elections, where he said…or tweeted: “We just made history. All of this happened because you gave your time, talent and passion. All of this happened because of you. Thanks” Just like a letter written by President Roosevelt to Winston Churchill discussing the Allied Alliance or an apology note from President George H. Bush to the Japanese Prime Minister regarding his unfortunate regurgitation, a simple, 140-character tweet can carry significant historical weight.

What about all those other tweets, though? You know…the ones that you may not have given much thought to before hitting the tweet button?

There are several categories of tweets that one wouldn’t want archived. Let’s separate them into two basic areas: Embarrassing Tweets and Potentially Incriminating Tweets.

Embarrassing Tweets

These are the tweets that you posted, without ever really thinking that they would be saved for posterity in the U.S. Capital. Below are a couple of examples found at random, via Twitter search.

• Example #1 – “#awkward a youtube video started when I put my phone in my back pocket, while in the restroom. I was hearing mumbling.”
• Example #2 – “As the Co Chief Napping Officer, you need to implement a napping regime for all employees. Naps are essential, like bacon. “
• Example #3 – “There are three people huddled around my boss ‘ desk admiring her Farmville farm…“

While there is nothing particularly awful about these tweets, they are not what one wants their life’s legacy based upon. I’m sure each of these Twitter users have tweeted some very intelligent, insightful and meaningful tweets, either before or after these. Unfortunately, these go in with the body of work, at the Library of Congress. The bottom line here is that you have to be careful what you tweet, when you tweet it, and where you tweet. Why? It’s Twitter. Someone else is always tweeting…or lurking and reading your tweets.

Potentially Incriminating Tweets

This category is potentially bothersome if you are averse to the idea of being put on trial and spending time in prison. These are the tweets that generally slide by because they’re “tweeted” in the heat of the moment and simply constitute a way to vent one’s frustrations. In a worse case scenario, though, they could…and likely would…be used against you in a court of law. Here are a couple of examples of ill-posted tweets, found via Twitter search.

• Example #1 – “If she cheats burn her whip n dump it in the desert! Cancel her insurance on the low prior 2 burning her car. She’ll be mad lol via my sis!”
• Example #2 – “Also, I steal from work every day I work; I don’t need a special day for it.”
• Example #3 – “I don’t carry a gun because I hate the government. I carry a gun because I understand the limitations of government.”

Technically, there is nothing criminal about these tweets. They do not violate any U.S. laws, statutes, etc. If something were to happen, and law enforcement authorities came across these, they could theoretically be used to augment other evidence and make you a “person of interest” or even worse an official “suspect”.

Putting It in Perspective

The purpose of this article is not to discourage one from tweeting, generate paranoia, or create a conspiracy theory. It is designed to simply heighten awareness regarding what people choose to post on Twitter. More than likely, an individual user’s tweets would never become an issue. The concern that arises, though, is the following:

• Will private Twitter feeds be included in the archives?
• Will non-U.S. Twitter feeds be included, as well?
• Where will the archives be held, and what safeguards are in place to protect the data?
• How will access to the archives by law enforcement and other government agencies be regulated?

These things come into question because, as it stands now, deleting your Twitter account will remove your posts from public view. Will they still be archived on Twitter’s vast array of backup servers, tapes, etc? Of course they will. Generally, though, those are not something that becomes accessible to the U.S. Government, its agencies, and law enforcement officials. Looking beyond government agencies, will anyone be able to file a Freedom of Information Act (FOIA) request to obtain copies of your tweets?

There is no doubt that others will ask the same type of questions regarding personal privacy. Hopefully, the Library of Congress already has safeguards and policies in place that cover this. If not, they will certainly have to get moving and put something together. After all we are talking about ensuring U.S. Constitutional rights are afforded, as prescribed.

Again, generating fear is not the purpose. This article is simply intended to be a reminder to anyone who uses social networking platforms, like Twitter, Facebook, etc., or, for that matter, the internet at all that privacy is a reasonable expectation. Unfortunately, it is not one that is always delivered. So, the next time you’re ready to tweet a remark regarding your distaste with someone’s choice of website name, think about it for a minute or two. You may decide that’s not how you want history to remember you.

Note: The example tweets listed above were obtained via search query on Twitter.com, using simple keywords. The identities of the Twitter account users are intentionally omitted to protect their privacy.

So you’re watching the next suspense-filled, albeit repetitive, episode of 24. Everyone has a cell phone. Even the bad guys. Every now and then one of the CTU agents will pull up a screen on their workstation to triangulate the location of someone’s cell phone. And within less than a minute, they’ve located their suspect. Welcome to the 21^st century.

In my last article, Landlines: The Drama of Tracing a Phone Call, I discussed how tracing a call over a land line didn’t quite match up with what Hollywood likes to show you. However, with cell phone technology there are quite a few differences, but you’ll be pleased to know that Hollywood isn’t far off the mark. Herein, we will cover the basics of a cellular network and discover how a cell phone call is traced and how the phone can be tracked.

How cellular calls actually work

The medium for cell phones is radio signals that are transmitted and received by multiple radio towers in a given area. Each tower covers a small area called a cell (hence cellular network). The cell tower with its transmission equipment is called a cell site. Each cell site’s precise location is known via GPS. Most cell radio towers today are usually equipped with three directional antenna arrays. Each array usually of three transceivers. This configuration aids with multilateration, which we will discuss later on. More towers within a given area ensures better cell phone coverage and lower power consumption by each cell site, as opposed to one site covering a larger area which requires the tower to transmit a stronger signal

Cell sites are constantly transmitting on predetermined frequencies. No two adjacent towers will transmit the same frequencies so that one call doesn’t override another. When you power on your cell phone, it registers with the closest tower. When you are moving between cell sites, your phone will register with the next site as you get closer to it and receive instructions from the new cell site to switch to a new and available frequency from that site. This happens within milliseconds. And if you are on a call, it prevents your call from being dropped. This process is called a handoff or a handover.

When you place a call on your cell phone, its radio signals are received by the tower at the cell site and are converted to electrical impulses. These impulses are transmitted over copper and/or fiber optic cable to the switching center for cell phone traffic. From here similar protocols apply to those we discussed in the last article, concerning the termination of phone call into a switch; each number has a termination in the switch and Call Return information is logged. At any time your cell phone number is known to the switch, and whether or not a call is in place. This information can be viewed by the cell provider. What is also known, by the switch, is the cell site to which you are currently connected.

How tracing is accomplished

Are you a bad guy running from the law? Don’t carry a cell phone. Your cell phone is always communicating with the nearest tower, which is ready to complete a call as soon you dial. With landlines you don’t rove around town. Your phone stays put. The switch never needs to know when you’re moving from house to house. But the cellular network is different in this regard. Your cell phone registers with each tower with which you come into range. This is necessary so that when you move out of your local area, the switches know how to route your call. The cellular network ensures your phone and the closest tower are always in communication.

In response to the terrorist attacks on the U.S. on September 11, 2001, the FCC now requires that cellular carriers provide a means to track each cell phone via GPS. Most providers began equipping their phones with GPS receivers, while few adapted a technology to measure the time and direction of a cell phones signal to calculate where the phone is in relation to the cell site. Most of the cell phones equipped with GPS are not GPS enabled, meaning the subscriber (you) cannot access that information on your phone. But what happens is in the event that a 911 call is placed from that phone, the GPS information is sent to the carrier and to emergency services.

Whether or not your cell phone is GPS equipped, the signal from your cell phone is still measured and calculated by cell sites within range; your position can still be determined by this process, although it is debatable whether it is any more accurate than using a GPS measurement. The cell phone signal is measured in a process called multilateration, which is similar to triangulation. Where triangulation uses a minimum of two fixed points to determine the direction of incoming signals, multilateration uses measurements from a minimum of three cell sites to provide a more accurate point on the map. Again, when a call is placed, this information is available in the cellular network switch.

How it works in real life

So now that the basics are covered, let’s put all this together in a potential, real life scenario:

You’re visiting a city to which you have never been, but fate and circumstance are not on your side because you have collided with another vehicle. The driver of the other car is unconscious and bleeding profusely. You become hysterical as you pull out your cell phone and dial 911. The dispatcher asks for directions to the scene and your cell phone dies before you can finish. But don’t worry, you placed a call and your Call Return information has already been registered in the switch serving the local cellular network; along with the tower to which you connected. Before your cell phone died, it got pinpointed by several cell sites; the sites have measured the distance from the tower to your cell phone and your location. Your position is now known within a few feet. Depending on the local protocols, the 911 dispatcher is being fed this information before you feel the tingle in your fingers from hyperventilating. The EMS crews are already on their way to you.

In summary, we can look at cellular call tracing from two viewpoints, the positive and the negative. In the event of an emergency, the tracing and mulitlateration will aid in your rescue. If, on the other hand, you are a criminal. Every step you take is tracked. While no one may be watching right now, once law enforcement officials know for whom they are looking, you can be certain the potential exists to find you. The important thing for you to know is that for wrong or right, carrying a cellular phone makes you trackable. It is often said that convenience comes at a price, and, as we now know, cellular telephones are no exception.