Not only did LocationSmart leak this data to anyone who knew a simple trick for exploiting a common class of website bug, but a Vice reporter was able to obtain the real-time location of a phone by paying $300 to a different service. Both companies either tracked or sold locations of customers collected by the cell towers of major cellular carriers. Adversaries may also subscribe to services such as those offered by Securus and LocationSmart, two services that The New York Times and KrebsOnSecurity documented, respectively. Adversaries may be able to tap into location data that app developers, advertising services, and other third parties receive from apps and then store in massive databases. The cost of convenienceīut these features come at a cost.
Mapping, location tracking of lost or stolen phones, automatically connecting to Wi-Fi networks, and fitness trackers and apps are just a few of the things that require fine-grained locations to work at all. The officials also admit that the recommended safeguards are impractical for most users. NSA officials acknowledged that geolocation functions are enabled by design and are essential to mobile communications. “It can reveal details about the number of users in a location, user and supply movements, daily routines (user and organizational), and can expose otherwise unknown associations between users and locations.” “Location data can be extremely valuable and must be protected,” an advisory published on Tuesday stated. The National Security Agency is recommending that some government workers and people generally concerned about privacy turn off find-my-phone, Wi-Fi, and Bluetooth whenever those services are not needed, as well as limit location data usage by apps.
0 kommentar(er)
