Tuesday, August 2, 2011
Can Nook e-book readers be traced?
I was in Bellevue, Washington last Saturday to meet a consulting client who (due to a plane malfunction at his end) was unable to attend. Since I had some free time I headed for Barnes and Noble, where I ended up buying (among other things!) a Nook. I chose the Nook Color because I wanted to load my e-books on it, including the pictures in color.
As usual, I got to wondering, “Can a Nook Color be traced back to its owner, if a private investigator has unlimited funds behind him?” I e-mailed that question to a friend who is not only a PI but is one of the instructors in a PI school. His response:
“The Nook is traceable by way of the SIM card - used for 3G service - via triangulation. Barnes and Noble can identify which account a given device is signed into. An electronic handshake occurs which may or may not contain anonymized data by way of one-way encoding/encryption. ‘John Luna’ becomes ‘A654_fgrgOIN098’.
“Every device has a serial number that is associated with the other registration and service account identifiers in order to ‘blacklist’ them if the Nook is reported stolen. Blacklisted devices cannot be re-registered and access to ‘Store’ and ‘My Library’ features are deactivated to prevent further intrusion/fraud. The Digital Support Division would use identification information from the original account registration to verify the identity of the Client attempting to access a blacklisted device.
“The email function may also leak useful information in the headers of individual messages. So with unlimited funds we would be able to find a crack in Barnes & Noble or the device and track it.”
It is extremely rare that a PI has access to unlimited funds. Further, if the user (i.e., your humble servant) failed to submit valid information when setting up the account and when registering the device, then the trail will end there.