Re: Dual boot == information leakage
I don't think you've thought through what I wrote.
I'm not saying you can track the secure side. I'm saying that you can track the insecure side - this is the basis of all targeted advertising.
If you can identify an asset whose location you wish to track, and can positively track the insecure side of their phone, then when they switch to the insecure side, you can track their location. This is information leakage about the location of the phone, leaked from the insecure side. It is irrelevant there is a secure side, because the two cannot be in different locations.
If you are able, somehow, to get close enough to Sgt Bloggs to compromise his phone, what's the point in planting "tracking data", you already know where he is and can use the same techniques used to locate him in the first place.
Obviously, with targeted attacks, the first step is identifying your target and infecting them. Dumping lots of 'Free mobile XXX' flyers outside bars in Fort Bragg for instance, soldiers wouldn't do that on the secure side of their phone, they'd switch to the insecure side.
Whammo, a bunch of infected devices. Watch their locations as they pop up..... Fort Bragg, Fort Bragg.... Oh look, Sgt Bloggs wanted some down time in Abbottabad. Bosh, information leakage about the location of personnel from their "secure" phone.