Are you curious about the inner workings of popular messaging apps like WhatsApp and Signal? Look no further! This innovative project demonstrates how to track device activity patterns using Round-Trip Time (RTT) analysis. By measuring RTT, you can detect when a user is actively using their device, in standby mode, or offline.
The research behind this project, "Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers," by Gabriel K. Gegenhuber and colleagues at the University of Vienna & SBA Research, reveals a significant privacy vulnerability in WhatsApp and Signal.
What's Possible with RTT Analysis?
By measuring RTT, you can:
- Detect when a user is actively using their device (low RTT)
- Identify when the device is in standby or idle mode (higher RTT)
- Potential location changes (mobile data vs. WiFi)
- Track activity patterns over time
Security Implications: A Privacy Concern
This project demonstrates a significant privacy vulnerability in messaging apps that can be exploited for surveillance.
Getting Started with the Tracker
Clone the repository and install dependencies:
git clone https://github.com/gommzystudio/device-activity-tracker.git
cd device-activity-tracker
npm install
Run the application using Docker:
docker compose up --build
The application will be available at:
- Frontend: http://localhost:3000 (or your configured
CLIENT_PORT) - Backend: http://localhost:3001 (or your configured
BACKEND_PORT)
Terminal Mode
To start the tracker in terminal mode, run:
npm run start:server
npm run start:client
Open http://localhost:3000 and scan the QR code with WhatsApp. Then, enter the phone number to track (e.g., 491701234567).
Example Output
`
╔══════════════════════════════════════════════════════════════