> Ping: The network sends a message to the phones internal GPS receiver to report it's location (must see min. of 4 satellites. GPS coordinates of device and suspected radius from tower e-mailed(or through L-Site website) every 15 minutes for 30 days. Can be done manually every 5 minutes.
I wonder if this is facilitated by one of those infamous "carrier app" backdoors included in stock OS but not e.g. in GrapheneOS:
You don't even need a traditional app backdoor to do this. The carrier can just send the message to the baseband radio itself, which has a direct connection to your GPS receiver, among other things (usually) like the camera and microphone. That means these peripherals are accessible (in theory, Snowden says it has been done in the past) even if the main app OS is shut down.
GPS in 3G or later is integral to Baseband Processor which is a separate ARM CPU that runs its own RTOS. If your adversary gets to push BP patch over SMS you're probably owned no matter what OS you run on Application Processor.
> Ping: The network sends a message to the phones internal GPS receiver to report it's location (must see min. of 4 satellites. GPS coordinates of device and suspected radius from tower e-mailed(or through L-Site website) every 15 minutes for 30 days. Can be done manually every 5 minutes.
I wonder if this is facilitated by one of those infamous "carrier app" backdoors included in stock OS but not e.g. in GrapheneOS:
https://grapheneos.org/faq#cellular-tracking
https://gist.github.com/thestinger/171b5ffdc54a50ee44497028a...
https://github.com/dan-v/rattlesnakeos-stack/issues/69#issue...