Digital rights group: Some Android phones may tell location history

July 4, 2014 by Nancy Owano weblog
Credit: Peter Griffin/Public Domain

Is your phone a calling companion or callout snitch? The Electronic Frontier Foundation delivered findings about some Android phones on Thursday—concerning newer, not older, models. According to EFF findings, a number of newer Android devices could serve up a privacy headache by broadcasting your whereabouts. The phone could turn snitch in revealing the most recently connected wi-fi networks that a device has joined while the mobile device is in sleep mode. The EFF article's headline read, "Is Your Android Device Telling the World Where You've Been?" The report's authors, EFF's Peter Eckersley, technology projects director, and Jeremy Gillula, staff technologist, had some other questions: "Do you own an Android device? Is it less than three years old? If so, then when your phone's screen is off and it's not connected to a Wi-Fi network, there's a high risk that it is broadcasting your location history to anyone within Wi-Fi range that [sic] wants to listen."

Eckersley and Gillula discovered many of the Android phones tested "leaked the names of the networks stored in their settings (up to a limit of fifteen). And when we looked at these network lists, we realized that they were in fact dangerously precise location histories."

What is causing the leaks? The researchers traced the problem to a feature that was introduced in Honeycomb (Android 3.1). The feature is Preferred Network Offload (PNO), which "is supposed to allow phones and tablets to establish and maintain Wi-Fi connections even when they're in low-power mode (i.e., when the screen is turned off). The goal is to extend battery life and reduce mobile data usage." They said many of the phones running Honeycomb or later and even one running Gingerbread broadcast the names of networks they knew about when their screens were turned off. The EFF brought this to the attention of Google. In its response, Google said, "Since changes to this behavior would potentially affect user connectivity to hidden access points, we are still investigating what changes are appropriate for a future release."

EFF reported that, additionally, "a Google employee submitted a patch to wpa_supplicant.which fixes this issue." The authors said they were glad the problem was addressed so quickly, but they also noted that it will be some time before that fix "gets integrated into the downstream Android code."

Not every single Android device is affected but for those that are, the EFF suggests, for any user concerned about this issue, a workaround. The person can go to the 's Advanced Wi-Fi settings and turn the "Keep Wi-Fi on during sleep" option to "Never." This, added the EFF, will cause a moderate increase in data usage and power consumption. The workaround is available for most devices but not all.

"Location history is extremely sensitive information," the EFF said. "We urge Google to ship their fix as soon as possible, and other Android distributors to offer prompt updates containing it."

Explore further: Google adds voice and video to Google Talk on Android smartphones

More information:

Related Stories

QR code security vulnerability found with Google Glass

July 18, 2013

Engineers at Lookout Mobile Security have discovered a previously unknown security vulnerability with Google's project Glass wearable headset. Marc Rogers reports on the company's web site that engineers found that when pictures ...

Recommended for you

Customizing 3-D printing

September 3, 2015

The technology behind 3-D printing is growing more and more common, but the ability to create designs for it is not. Any but the simplest designs require expertise with computer-aided design (CAD) applications, and even for ...

Team develops targeted drug delivery to lung

September 2, 2015

Researchers from Columbia Engineering and Columbia University Medical Center (CUMC) have developed a new method that can target delivery of very small volumes of drugs into the lung. Their approach, in which micro-liters ...

Magnetic fields provide a new way to communicate wirelessly

September 1, 2015

Electrical engineers at the University of California, San Diego demonstrated a new wireless communication technique that works by sending magnetic signals through the human body. The new technology could offer a lower power ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.