RaazNet

RaazNetBeta

KNOWLEDGE BASE
On This Page

Location Tracking and Mobile Telemetry

A comprehensive guide to how mobile devices are tracked via cellular networks, GPS, and applications, with a specific focus on Iran's SIAM infrastructure and countermeasures for Iranian users.

Time15 minutes

Location Tracking and Mobile Telemetry

In the modern digital landscape, the mobile phone is the primary tracking device used by surveillance states. For Iranian users, the threat is twofold: global commercial tracking (via apps and ads) and direct, state-mandated surveillance infrastructure managed by the Islamic Republic.

Unlike in many Western jurisdictions where legal warrants are often required for location data, the Iranian security apparatus (including FATA, the IRGC, and the Ministry of Intelligence) has direct, warrantless access to telecommunications data through systems like SIAM. Understanding how this tracking works is the first step in mitigating the risk.

1. Mechanisms of Tracking: How It Works

Location tracking operates on three distinct layers: the Network Layer, the Device Layer, and the Application Layer.

A. Network-Level Tracking (Cellular Triangulation)

Even if your GPS is turned off and your data is disabled, your phone must communicate with cell towers to receive calls or SMS.

  • Cell Site Location Information (CSLI): Mobile Network Operators (MNOs) like MCI (Hamrah-e Aval), Irancell, and RighTel constantly log which cell tower your phone connects to. By comparing signal strength between three or more towers (triangulation), your location can be pinpointed to within a few hundred meters.
  • Data Retention: In Iran, operators are legally required to retain these logs for extended periods, creating a historical map of your movements.

B. Device-Level Tracking (Sensors)

  • GPS (Global Positioning System): Uses satellites to determine location with high precision (5–10 meters). This is calculated on the device but shared with apps and the OS.
  • WiFi and Bluetooth Scanning: Phones constantly scan for available WiFi networks and Bluetooth devices. Tech giants (and potentially state actors) map the physical location of WiFi routers (BSSID). Your phone sees a router, looks it up in a database, and knows exactly where you are, even without GPS.

C. Application-Level Tracking (SDKs and Ad-Tech)

Many mobile applications include third-party code called Software Development Kits (SDKs). These SDKs collect location data to build advertising profiles.

  • Background vs. Foreground: Some apps track you only when open; others track you continuously in the background.
  • Ad-ID Linking: This data is linked to your Advertising ID (Ad-ID), allowing different data brokers to aggregate your movements over time.

2. The Iranian Context: State Infrastructure

In Iran, the threat model shifts from commercial data brokers to direct state access.

The SIAM System

The SIAM (Samaneh Estelam-e Etelaat-e Moshtarakin) system is a regulatory framework and technical infrastructure that grants Iranian security agencies direct, remote access to mobile operator databases.

  • Capabilities: It allows operators to manipulate connection speeds, cut off service, and critically, geolocate users in real-time without a court order.
  • Identification: Since SIM card purchase in Iran requires a National ID (Cod-e Melli), every location point is immediately tied to a verified legal identity.

Domestic Apps and Super-Apps

The push for the "National Information Network" (Internet-e Melli) promotes the use of domestic applications (e.g., Rubika, Eitaa, Snapp, Neshan, Balad).

  • Server Location: Data generated by these apps is stored on servers inside Iran, making it legally and physically accessible to security forces.
  • Permissions: Many domestic apps require extensive permissions (location, contacts, storage) to function.
  • Super-Apps: Apps like Rubika combine messaging, social media, and financial transactions, creating a centralized repository of behavioral and location telemetry.

IMSI Catchers (Stingrays)

During protests and in sensitive areas (e.g., near government buildings or squares like Azadi or Enghelab), security forces deploy IMSI Catchers.

  • Function: These devices mimic legitimate cell towers. Your phone connects to them automatically.
  • Attack: They capture your IMSI (unique SIM identity), usually force the connection down to 2G (breaking encryption), and can intercept SMS or precise location.
  • Geofencing: This technology allows the regime to "geofence" a protest zone and later send threatening SMS messages to every mobile number detected in that area during a specific timeframe.

3. High-Risk Scenarios: Protests and Movement

When moving through high-risk areas or attending gatherings, standard privacy settings are insufficient.

The "Burner" Problem in Iran

In many countries, buying a "burner phone" (anonymous prepaid SIM) is a standard counter-measure. In Iran, the strict requirement to register SIMs with a National ID makes true anonymity difficult.

  • Mitigation: If you must carry a phone to a protest, do not use your primary device. Use an old device with a SIM card not directly linked to your primary circle, or a SIM that has not been active in your home location for long periods. Note: This does not guarantee anonymity, but separates your protest identity from your daily life.

Digital Hygiene Before Movement

  1. Leave it Home: The only 100% secure option is not to bring a mobile device.
  2. Faraday Bags: If you must travel with a phone but want to go "dark," place the device in a radio-frequency (RF) shielding Faraday bag. This physically blocks all cellular, GPS, WiFi, and Bluetooth signals.
  3. Power Down: Turning the screen off is not enough. Fully power down the device. However, be aware that sophisticated malware (though rare) can mimic a shutdown.
  4. Disable Biometrics: Turn off FaceID and Fingerprint unlock before entering high-risk zones. Use a strong, alphanumeric alphanumeric passcode (6+ digits). This prevents forced unlocking if detained.

4. Countermeasures and Defense Strategies

A. Reducing the Attack Surface

  • Audit App Permissions: Ruthlessly revoke "Location" permissions for apps that do not strictly need it.
    • Android: Settings > Privacy > Permission Manager > Location.
    • iOS: Settings > Privacy & Security > Location Services.
  • Use "While Using App" Only: Never grant "Always Allow" for location access unless absolutely necessary.
  • Disable Ad-ID:
    • Android: Settings > Google > Ads > Delete advertising ID.
    • iOS: Settings > Privacy > Tracking > Allow Apps to Request to Track (Turn Off).

B. Location Spoofing and Mock Locations

To confuse apps (though this does not fool the cellular network/SIAM):

  1. Enable Developer Options on your Android device.
  2. Select Mock Location App: Install a trusted location spoofing app (e.g., from F-Droid).
  3. Set Location: Pin your location to a plausible but false area (e.g., a cafe across town).

C. VPNs and IP Location

While VPNs do not hide your GPS location or Cellular triangulation, they mask your IP Address location.

  • Recommendation: Always use a trusted, obfuscated VPN (e.g., V2Ray/Xray configurations, Psiphon, or robust paid VPNs like Mullvad/IVPN) to prevent IP-based tracking by websites and domestic ISPs.

D. Managing Domestic Apps

  • Web Versions (PWA): Instead of installing Snapp or Digikala as native apps, use their web versions via a browser. Browsers can isolate data better than native apps.
  • Sandboxing: If you must use domestic apps, install them in a "Work Profile" (using tools like Island or Shelter on Android) to isolate them from your main contacts and data.

5. Emergency Response

If you suspect your location is being tracked or you are entering a security checkpoint:

  1. Emergency Shutdown: Android and iOS have shortcuts to disable biometrics and force a passcode entry (e.g., holding power + volume on iPhone).
  2. Physical Removal: If you are being pursued, removing the SIM card stops cellular triangulation, but the phone can still be tracked via GPS/WiFi if not powered down or in a Faraday bag.
  3. Battery Removal: On older devices where possible, removing the battery is the ultimate kill switch.

Summary Checklist

ThreatMitigationEffectiveness
Cell Tower TriangulationAirplane Mode (Partial), Faraday Bag, Leave Phone HomeHigh
GPS TrackingDisable Location Services, Mock Location AppsMedium
WiFi/Bluetooth SniffingTurn off WiFi/BT scanning, Faraday BagHigh
App Telemetry (Rubika/Snapp)Uninstall, Use Web Versions, Revoke PermissionsMedium/High
IMSI CatcherUse 4G/5G only (disable 2G), End-to-End Encrypted MessagingMedium

Disclaimer: This guide is for educational and defensive purposes. In the context of the Islamic Republic, legal protections for privacy are minimal. Operational security (OpSec) relies on layers of protection; no single method is foolproof.

Source:
Edit

Was this article helpful?

Your feedback helps us improve our wiki content.