Android phone users may turn off their location services settings, take out their SIM card or restore their device to factory settings, but Google still collects their location data, according to a new report.
For the past 11 months, devices running on Android software have been sending “Cell ID codes,” which contain data on the addresses of nearby cellular towers, to Google, according to a report from Quartz.

After Quartz discovered the devices were collecting data, Google admitted to the practice.
“In January of this year, we began looking into using Cell ID codes as an additional signal to further improve the speed and performance of message delivery,” a Google spokesperson told Quartz.

Every time a device with a cellular data or WiFi connection came within range of a new cell tower, it would broadcast the addresses of nearby cellular towers and send the data to Google. However, the company said the data is “distinctly separate” from Location Services, which sends a device’s location to the applications.

Cell ID data only provides an approximate location of a mobile device, not a precise GPS location. However, a hacker could use other nearby cell towers to triangulate a user’s location to within a quarter-mile radius. A more narrow radius could be obtained for users in urban areas, where cell towers are much closer together.

There are more than 200,000 cell phone towers in the US, with a maximum range of less than 22 miles, according to Statistic Brain.
Google noted that the Cell ID data sent to their servers was encrypted, but Quartz noted that a hacker could divert the data to be collected by a third party through the use of spyware or other means.

Quartz found that the location-sharing was occurring on all modern Android devices. The report states that Android devices were sharing their location even when there was no SIM card installed and the user disabled location services.
Google’s privacy policy states that users may have their location data collected through “various technologies,” including “IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and cell towers.”
Google began using the Cell ID codes to boost their push notifications and messaging management system called Firebase Cloud Messaging, a source familiar with the matter told Quartz.
A source told Fox News that the Cell ID was used to ensure the devices “remain connected and that people get their messages.”

“In order for Android users to receive notifications and messages quickly, an Android device needs to maintain a persistent connection to Google servers using Firebase Cloud Messaging,” the source said. “To maintain this connection, devices need to ping the server at a regular interval.”

The Cell ID was never incorporated into Google’s network sync system and all the data was “immediately discarded,” the company said. The tech giant promised to roll out an update that removes the cell ID collecting feature by the end of this month.



Smartphone apps track Android users with 'clandestine surveillance software'

 Smartphone apps such as Tinder and Snapchat are being used to secretly monitor the activities of Android phone users, according to new research. 
 
The joint study from Yale Privacy Lab, an initiative linked to Yale Law School, and French non-profit research group Exodus Privacy, looked into 25 trackers found hidden in popular Google Play apps such as Uber, Tinder, Skype, Twitter, Spotify and Snapchat. The samples were taken from a total of 44 suspected smartphone trackers identified by Exodus Privacy.
 
Smartphone apps track Android users with 'clandestine surveillance software'
The apps Tinder, Spotify, Uber and Amazon Echo in particular were identified as using Crashlytics, a Google-owned service designed to monitor app crash reports but which was later found to be providing firms with insights into users’ activities.

“Publication of this information is in the public interest, as it reveals clandestine surveillance software that is unknown to Android users at the time of app installation,” Privacy Lab said in a blog posted to its website. “These trackers vary in their features and purpose, but are primarily utilized for targeted advertising, behavioral analytics, and location tracking.”
Exodus says more than 75 percent of the apps analyzed contained signatures of trackers – and the group fears that apps classed as “clean” simply contain trackers they have not learned to identify yet.The groups are now calling for “increased transparency” over the number of trackers found in Google Play apps.

“The Exodus platform identifies trackers via signatures, like an anti-virus or spyware scanner, and thus can only detect trackers previously identified by researchers at the time of the scan,” the Privacy Lab statement read.

Post a Comment Blogger Disqus

 
 
Top