Digital rights group: Some Android phones may tell location history

Jul 04, 2014 by Nancy Owano weblog
Credit: Peter Griffin/Public Domain

Is your phone a calling companion or callout snitch? The Electronic Frontier Foundation delivered findings about some Android phones on Thursday—concerning newer, not older, models. According to EFF findings, a number of newer Android devices could serve up a privacy headache by broadcasting your whereabouts. The phone could turn snitch in revealing the most recently connected wi-fi networks that a device has joined while the mobile device is in sleep mode. The EFF article's headline read, "Is Your Android Device Telling the World Where You've Been?" The report's authors, EFF's Peter Eckersley, technology projects director, and Jeremy Gillula, staff technologist, had some other questions: "Do you own an Android device? Is it less than three years old? If so, then when your phone's screen is off and it's not connected to a Wi-Fi network, there's a high risk that it is broadcasting your location history to anyone within Wi-Fi range that [sic] wants to listen."

Eckersley and Gillula discovered many of the Android phones tested "leaked the names of the networks stored in their settings (up to a limit of fifteen). And when we looked at these network lists, we realized that they were in fact dangerously precise location histories."

What is causing the leaks? The researchers traced the problem to a feature that was introduced in Honeycomb (Android 3.1). The feature is Preferred Network Offload (PNO), which "is supposed to allow phones and tablets to establish and maintain Wi-Fi connections even when they're in low-power mode (i.e., when the screen is turned off). The goal is to extend battery life and reduce mobile data usage." They said many of the phones running Honeycomb or later and even one running Gingerbread broadcast the names of networks they knew about when their screens were turned off. The EFF brought this to the attention of Google. In its response, Google said, "Since changes to this behavior would potentially affect user connectivity to hidden access points, we are still investigating what changes are appropriate for a future release."

EFF reported that, additionally, "a Google employee submitted a patch to wpa_supplicant.which fixes this issue." The authors said they were glad the problem was addressed so quickly, but they also noted that it will be some time before that fix "gets integrated into the downstream Android code."

Not every single Android device is affected but for those that are, the EFF suggests, for any user concerned about this issue, a workaround. The person can go to the 's Advanced Wi-Fi settings and turn the "Keep Wi-Fi on during sleep" option to "Never." This, added the EFF, will cause a moderate increase in data usage and power consumption. The workaround is available for most devices but not all.

"Location history is extremely sensitive information," the EFF said. "We urge Google to ship their fix as soon as possible, and other Android distributors to offer prompt updates containing it."

Explore further: Review: Windows Phone advances with 8.1 update

More information: www.eff.org/deeplinks/2014/07/… rld-where-youve-been

add to favorites email to friend print save as pdf

Related Stories

QR code security vulnerability found with Google Glass

Jul 18, 2013

Engineers at Lookout Mobile Security have discovered a previously unknown security vulnerability with Google's project Glass wearable headset. Marc Rogers reports on the company's web site that engineers found that when pictures were taken of pri ...

Recommended for you

Turning bio-waste into hydrogen

26 minutes ago

Whilst hydrogen cars look set to be the next big thing in an increasingly carbon footprint-aware society, sustainable methods to produce hydrogen are still in their early stages. The HYTIME project is working on a novel production ...

Pfizer's 2Q profit sinks 79 pct but tops forecasts

50 minutes ago

(AP)—Pfizer's second-quarter earnings plunged 79 percent from last year, when the world's second-largest drugmaker booked a business spinoff gain of more than $10 billion. The latest results still edged ...

Aetna 2Q profit rises 2.4 percent

52 minutes ago

Aetna's second-quarter profit climbed more than 2 percent, as gains from an acquisition helped the health insurer beat analyst expectations and raise its 2014 earnings forecast again.

Merck 2Q profit more than doubles

52 minutes ago

A big one-time gain and a tax benefit helped drugmaker Merck & Co. more than double its second-quarter profit, raise the lower end of its profit forecast and easily top analysts' expectations.

User comments : 0