**Session Date/Time:** 23 Jul 2024 16:30 # dult ## Summary The DULT working group meeting focused on reviewing the individual drafts for detecting unwanted location trackers. Drafts 4, 3, and aspects of 1 & 2 were discussed. The goal was to assess their readiness for working group adoption. Key topics included threat modeling, crowdsourced network architecture, and protocol specifications. The group also discussed finding a volunteer to write document 2. ## Key Discussion Points * **Threat Model (Draft 4):** * Discussion of in-scope and out-of-scope technologies, attacker profiles, and victim profiles. * Considered the scenario where the tracker owner is also the victim. * Agreement that the document is a good starting point for adoption. * **Crowdsourced Network Architecture (Draft 1):** * Explored the current state of unwanted tracking and existing crowdsourced finding networks. * Identified issues with existing frameworks, such as anonymous uploading/downloading of reports, counterfeit devices, and potential for tracking legitimate tag owners. * Discussed ideal properties and features for crowdsourced networks, including authentication, privacy preservation, and prevention of spoofing. * Outlined five stages for architectural proposal: initial pairing, accessory setup, nearby owner mode, separated/lost mode, and owner device query. * Considered the use of partial blind signatures for authentication. * **Accessory Protocol (Draft 3):** * Covered the protocol between accessories and non-owner nearby devices, including data formats. * Discussed Bluetooth Low Energy, NFC, location tracking, payload of advertisements, and Bluetooth MAC addresses. * Addressed service data at TLV, network ID, near/owner bit, advertising interval, Bluetooth connections, and proprietary company payload. * Explored accessory information (opcodes), disablement identification, owner registry, and accessory category information. * Identified the need to potentially reorganise the document to be transport agnostic. * **Unwanted Tracking Detection Algorithm (Draft 2):** * Needed a volunteer to author this document, which would define the algorithm for detecting unwanted tracking by legitimate trackers. * Discussion of example scenario involving malicious tracking. * **Active Scanning** * Discussion around active scanning definition and how platform could expose active scanning tools. * Active Scanning in the context of domestic violence situations. ## Decisions and Action Items * **Draft 4 (Threat Model):** A working group adoption call will be initiated. Issues and pull requests for adding details on compromised states for tracker manufacturers should be added to the GitHub repo or mailing list. * **Draft 3 (Accessory Protocol):** A working group adoption call will be initiated. Editorial reorganisation should take place *after* adoption. * **Draft 1 (Crowdsourced Network Architecture):** The document will be published and a working group adoption call will be initiated. * **Draft 2 (Unwanted Tracking Detection Algorithm):** Alex Heinrich to be approached to author the document. * **Charter Updates**: The mailing list will be used to discuss the alert requirements for different OS's and potential charter updates. ## Next Steps * Start working group adoption calls for drafts 4, 3 and 1. * Recruit Alex Heinrich to author document 2. * Open mailing list discussion on OS alerts and charter updates.