Digital rights group: Some Android phones may tell location history

Jul 04, 2014 by Nancy Owano weblog
Credit: Peter Griffin/Public Domain

Is your phone a calling companion or callout snitch? The Electronic Frontier Foundation delivered findings about some Android phones on Thursday—concerning newer, not older, models. According to EFF findings, a number of newer Android devices could serve up a privacy headache by broadcasting your whereabouts. The phone could turn snitch in revealing the most recently connected wi-fi networks that a device has joined while the mobile device is in sleep mode. The EFF article's headline read, "Is Your Android Device Telling the World Where You've Been?" The report's authors, EFF's Peter Eckersley, technology projects director, and Jeremy Gillula, staff technologist, had some other questions: "Do you own an Android device? Is it less than three years old? If so, then when your phone's screen is off and it's not connected to a Wi-Fi network, there's a high risk that it is broadcasting your location history to anyone within Wi-Fi range that [sic] wants to listen."

Eckersley and Gillula discovered many of the Android phones tested "leaked the names of the networks stored in their settings (up to a limit of fifteen). And when we looked at these network lists, we realized that they were in fact dangerously precise location histories."

What is causing the leaks? The researchers traced the problem to a feature that was introduced in Honeycomb (Android 3.1). The feature is Preferred Network Offload (PNO), which "is supposed to allow phones and tablets to establish and maintain Wi-Fi connections even when they're in low-power mode (i.e., when the screen is turned off). The goal is to extend battery life and reduce mobile data usage." They said many of the phones running Honeycomb or later and even one running Gingerbread broadcast the names of networks they knew about when their screens were turned off. The EFF brought this to the attention of Google. In its response, Google said, "Since changes to this behavior would potentially affect user connectivity to hidden access points, we are still investigating what changes are appropriate for a future release."

EFF reported that, additionally, "a Google employee submitted a patch to wpa_supplicant.which fixes this issue." The authors said they were glad the problem was addressed so quickly, but they also noted that it will be some time before that fix "gets integrated into the downstream Android code."

Not every single Android device is affected but for those that are, the EFF suggests, for any user concerned about this issue, a workaround. The person can go to the 's Advanced Wi-Fi settings and turn the "Keep Wi-Fi on during sleep" option to "Never." This, added the EFF, will cause a moderate increase in data usage and power consumption. The workaround is available for most devices but not all.

"Location history is extremely sensitive information," the EFF said. "We urge Google to ship their fix as soon as possible, and other Android distributors to offer prompt updates containing it."

Explore further: Review: Motorola's new Moto E has a nice price, but lacks features

More information: www.eff.org/deeplinks/2014/07/your-android-device-telling-world-where-youve-been

Related Stories

QR code security vulnerability found with Google Glass

Jul 18, 2013

Engineers at Lookout Mobile Security have discovered a previously unknown security vulnerability with Google's project Glass wearable headset. Marc Rogers reports on the company's web site that engineers found that when pictures were taken of pri ...

Recommended for you

Google's Waze app to alert kidnappings in LA

Apr 22, 2015

Alerts about hit-and-runs and kidnappings in Los Angeles will soon pop up on traffic app Waze, along with road closure information, the West Coast city's mayor said.

How the first smart shopping mall in Europe works

Apr 21, 2015

Researchers from Zendos Tecnología and the IMDEA Networks Institute have developed an innovative tool to analyze the behavior of customers and visitors to shopping malls. The result is a technological platform called Ubicua ...

Energy-tracking app encourages sustainable behaviors

Apr 21, 2015

For a generation motivated by technology and fast-moving information, a professor at the University of Wisconsin-Madison has created an energy-tracking app to make reducing day-to-day energy usage more accessible.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.