IdeaWell

Project ideas from Hacker News discussions.

Mobile carriers can get your GPS location

Original Article

Hacker News Discussion

📝 Discussion Summary (Click to expand)

Five key themes that dominate the discussion

# Theme Representative quotes
1 How the “silent GPS ping” actually works “The phone could literally pop up a consent alert… or just not honor the pings unless you dialed 911 within the last hour.” – roywiggins
“The baseband SoC provides this information… the phone OS does not get a chance to decide.” – winstonwinston
2 Privacy, consent and regulatory disclosure “None of this should be happening without the user’s knowledge and consent.” – Etheryte
“Between buying a phone and reading the OS EULA… I can count at least three disclosures of this feature.” – TheNewsIsHere
3 Accuracy vs. usefulness for emergency responders “Cell tower triangulation does not provide the same precision as GPS.” – mcculley
“In cities, triangulation can be down to an individual building.” – superkuh
4 Carrier‑ and manufacturer‑specific implementation “Apple made a good step in iOS 26.3 to limit at least one vector of mass surveillance.” – mcny
“Only Boost Mobile in the U.S. can currently disable the feature.” – instagib
5 Broader surveillance debate (data brokers, warrants, qualified immunity) “The US cell carriers are one of the providers of this data.” – thisislife2
“Qualified immunity is the only legal doctrine that gives government officials a shield.” – SilverElfin

These five themes capture the technical, legal, and ethical threads that run through the conversation.

🚀 Project Ideas

PhoneGuard: Real‑Time Baseband Location Logger

Summary

  • Monitors every GPS ping request from the phone’s baseband and carrier, logs timestamps, source, and payload.
  • Notifies the user instantly when a location request occurs and offers an on‑the‑fly block/allow toggle.
  • Provides a searchable audit trail for privacy audits and legal compliance.

Details

Key Value
Target Audience Privacy‑conscious smartphone users, legal teams, regulators
Core Feature Real‑time interception, logging, and user‑controlled blocking of baseband location requests
Tech Stack Android/iOS native modules, low‑level network hooks, SQLite, push notifications, optional cloud sync
Difficulty Medium
Monetization Revenue‑ready: subscription + enterprise audit licensing

Notes

  • HN users like “michaelt” and “roywiggins” want to know when carriers ping GPS; this tool gives that visibility.
  • Enables discussions on “how to audit carrier location requests” and can be used by law‑enforcement oversight bodies.

SafeCall: Consent‑Based Emergency Location Service

Summary

  • Sends precise GPS coordinates to emergency dispatch only after explicit user consent, even during automated crash‑detected calls.
  • Stores a signed, tamper‑proof consent record that can be presented to authorities if needed.
  • Integrates with RapidSOS and local 911 dispatch APIs for seamless handoff.

Details

Key Value
Target Audience Emergency responders, smartphone users, privacy advocates
Core Feature Consent‑driven GPS sharing with audit trail for emergency calls
Tech Stack Mobile SDK (Android/iOS), secure enclave, REST API, blockchain‑based audit log
Difficulty High
Monetization Revenue‑ready: licensing to EMS agencies + optional consumer app freemium

Notes

  • Addresses concerns from “kotaKat” and “yeni” about automatic location sharing without user knowledge.
  • Sparks debate on “should emergency services have un‑consented access?” while providing a compliant solution.

MeshSafe: Offline‑First Mesh Network for Emergencies

Summary

  • A low‑power, LoRa/Wi‑Fi Direct mesh that allows users to send emergency alerts and location data without cellular service.
  • End‑to‑end encrypted, with optional GPS blurring for privacy.
  • Works in disaster zones, rural areas, or when carriers are compromised.

Details

Key Value
Target Audience Outdoor enthusiasts, disaster‑prone communities, privacy‑focused users
Core Feature Mesh‑based emergency messaging with optional GPS sharing
Tech Stack ESP32/LoRa modules, custom firmware, mobile app, open‑source mesh protocol
Difficulty Medium
Monetization Hobby (open source) with optional hardware sales

Notes

  • Resonates with “meshtastic” and “meshcore” discussions; offers a practical alternative to carrier‑dependent emergency calls.
  • Provides a platform for community‑driven disaster response and privacy‑preserving communication.

CarrierAudit: Compliance Dashboard for Location Requests

Summary

  • Aggregates logs of all location requests from carriers, cross‑checks against regulatory requirements, and flags anomalies.
  • Provides carriers and regulators with a tamper‑proof audit trail and compliance reports.
  • Supports GDPR, FCC, and local privacy laws.

Details

Key Value
Target Audience Mobile carriers, regulators, compliance officers
Core Feature Centralized logging, anomaly detection, compliance reporting
Tech Stack Cloud backend (AWS/GCP), secure log ingestion, BI dashboards, API
Difficulty High
Monetization Revenue‑ready: subscription for carriers + consulting services

Notes

  • Directly addresses “nkrisc” and “tastyfreeze” concerns about unchecked carrier location logging.
  • Enables public transparency and accountability, fueling policy discussions.

KillSwitch: User‑Controlled Baseband Location Toggle

Summary

  • A hardware‑aware toggle that physically disables the baseband’s ability to request GPS data.
  • Provides a clear on/off indicator and logs any attempts to override the switch.
  • Works on supported devices with isolated radios (e.g., GrapheneOS, Pixel).

Details

Key Value
Target Audience Security‑savvy users, privacy activists, hardware developers
Core Feature Physical kill‑switch for baseband location requests with audit logging
Tech Stack Custom PCB, firmware, mobile app interface, secure boot
Difficulty High
Monetization Revenue‑ready: hardware sales + firmware updates

Notes

  • Meets “iamnothere” and “strcat” demands for a tangible way to stop carrier tracking.
  • Encourages discussion on hardware isolation and user sovereignty over phone internals.

BlurShare: Privacy‑Preserving Emergency Location

Summary

  • Allows users to share an approximate, differentially‑private location with emergency services or apps.
  • Generates a location “blob” that guarantees a minimum radius of uncertainty while still useful for dispatch.
  • Users can set radius preferences (e.g., 50 m, 200 m) and revoke sharing at any time.

Details

Key Value
Target Audience General smartphone users, privacy‑conscious communities
Core Feature Differentially‑private location sharing with configurable granularity
Tech Stack Mobile SDK, differential privacy library, secure enclave, optional cloud sync
Difficulty Medium
Monetization Hobby (open source) with optional premium privacy tiers

Notes

  • Addresses the “privacy vs safety” debate highlighted by “tastyfreeze” and “kotaKat”.
  • Provides a practical compromise that satisfies emergency responders while protecting user privacy.

Read Later