Elementary S01E22 - Risk Management
Phone tracking.
Sherlock figures out that the victim's cell phone was intercepted. He deduces that the phone was tampered with, and the victim was tracked. |
| The return-label that made Sherlock suspicious. |
It would be relatively easy to modify an intercepted phone so that the location is also sent to a different server. Given enough resources and time, it would furthermore almost impossible to detect that the phone has been tampered with (and I'm not just talking about the average user, but other really skilled professionals).
Another attack would require to hack the phone without physical access to it. While this is far more difficult, it may be possible. In most cases it requires the victim to do some action (like visiting a web-page from his phone), though. Physical access makes it really tremendously easier.
Finally there is the option to track a user through the cell-phone provider. They already know (usually with less precision) where their users are. This has the additional advantage that any phone, and not just smartphones, can be tracked. The biggest obstacle is that providers don't like to give this data away. As far as I know, it normally requires a court order (at least in the US).
However, some providers sell (or sold?) this data in some anonymized version. For example, Austrian A1 proposed in 2009 a new product "A1 Traffic Data Stream". The service seems to be defunctional now, but here is its news-entry on German heise.de. Telefonica O2 seems to do (or did) the same, as announced here.
Clearly, these providers take steps to anonymize their data, but an article in nature makes it doubtful that these efforts are enough: http://www.nature.com/srep/2013/130325/srep01376/full/srep01376.html
The second phone tracking in this episode (at ~39:00, when Watson joins Sherlock 30 seconds after he had arrived at his destination) is plausible but unrealistic. It gets better if you discard her and his explanation, but it's still a stretch. At the very least you would expect some delay in the positioning data. Synchronous position reporting is possible, but is usually only active when the GPS is activated. A continuously running GPS would however drain the phone's battery like crazy.
Bug Sweeping
While this isn't my area of expertise I couldn't let this slide...At ~16:00 Sherlock sweeps for bugs. He emphasizes that they really don't want anyone to record what he has to say.
 |
| Bug Sweeping |
- It seems unlikely that neither protagonist carries a mobile phone.
- I'm not sure what Sherlock's bug sweeper is looking for, but I doubt it could catch all recording devices. Sherlock is talking to a professional who would probably have access to really good technology.
- They are in a silent park! It would be trivial to record them from a huge distance.
It's the last bullet that really makes this so ridiculous. Why go through all the trouble of bug sweeping if you are in the public in a quiet area where you can record from far far away.
Elementary S01E23 - The Woman
No computers.Elementary S01E24 - Heroine
Sherlock determines that a body at the morgue is related to Moriarty because the victim owned a phone that was modified to contain an open-source operating system. |
| Sherlock discovers the modified phone. |
Sidenote: Android is not the only open-source operating system. Firefox-Os, Ubuntu and Maemo are other examples (among many others).
This episode also featured a correct statement about public key cryptography. At ~22:30 Detective Marcus Bell states that their CCS? guys looked at the phone and they found messages that "were encrypted with a public key code. - Can't be broken."
He is absolutely right. The current consensus among scientists is that a message, encrypted with a sufficiently long public key cannot be broken.
Comments
Post a Comment