Skip to main content

Google Collects Android Location Data Even When Location Service Is Disabled


Do you own an Android smartphone?

If yes, then you are one of those billions of users whose smartphone is secretly gathering location data and sending it back to Google.

Google has been caught collecting location data on every Android device owner since the beginning of this year (that's for the past 11 months)—even when location services are entirely disabled, according to an investigation conducted by Quartz.

This location-sharing practice doesn't want your Android smartphone to use any app, or turn on location services, or even have a SIM card inserted.

All it wants is to have your Android device to be connected to the Internet.

The investigation revealed that Android smartphones have been collecting the addresses of nearby cellular towers, and this data could be used for "Cell Tower Triangulation"—a technique widely used to identify the location of a phone/device using data from three or more nearby cell towers.

Each time your Android device comes within the range of a new cell tower, it gathers the cell tower address and sends this data back to Google when the device is connected to a WiFi network or has a cellular data enabled.

Since the component responsible for collecting location data resides in Android's core Firebase Cloud Messaging service that manages push notifications and messages on the operating system, it cannot be disabled and doesn't rely on what apps you have installed—even if you factory reset your smartphone or remove the SIM card.

When Quartz contacted the tech giant about this location-sharing practice, Google spokesperson replied: "We began looking into using Cell ID codes as an additional signal to further improve the speed and performance of message delivery."

Although it is still unknown how cell-tower data that helps identify a specific cell tower could have been helped Google improve message delivery, the fact that the company's mobile operating system is collecting location data is a complete violation of user's privacy.

Even in its privacy policy about location sharing, Google mentions that it will collect location information from devices that use its services, but has not indicated whether the company will collect data from Android devices when all location services are disabled.

"When you use Google services, we may collect and process information about your actual location," Google's privacy policy reads.
"We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points, and cell towers." Moreover, this location-sharing practice is not limited to any particular Android phone model or manufacturer, as the tech giant was apparently collecting cell tower data from all modern Android devices before being contacted by Quartz.

Although the company said that it never used or stored this location data it collected on its users and that it is now taking steps to end this practice, this data could be used to target location-based advertisement when the user enters any store or restaurant.

According to Google, Android phones will no longer gather and send cell-tower location data back to Google by the end of this month.

Comments

Popular posts from this blog

NiceHash: security breach leads to 60 million lost - Iceman is behind?

A dark day for crypto currency miners, NiceHash has been hacked. Closely to 60$ millions (4,736.42 BTC) have been stolen while the bitcoin is crossing the 14k$ mark for the first time.













The hacker's bitcoin address cleary shows the steal of  4,736.42 BTC in a window of 48 hours: https://bitinfocharts.com/bitcoin/address/1EnJHhq8Jq8vDuZA5ahVh6H4t6jh1mB4rq




NiceHash users are furious by the time of reaction of the team. It took about 24 hours to realise that big amounts have been stolen.

I've contacted a member of Iceman and knowing this security breach for some reason he explained that NiceHash actually owned their users bitcoin wallets in order to save transactions fees and collect unclaimed BTC. This issue leads to a massive security breach which allow access to all NiceHash wallets. He claimed that by reverse engineering of their miner client, Iceman group was able to access their API. Is Iceman really behind this attack?






NanoCore developper busted and senteced for 33 months

A hacker who was arrested and pleaded guilty last year—not because he hacked someone, but for creating and selling a remote access trojan that helped cyber criminals—has finally been sentenced to serve almost three years in prison.

Taylor Huddleston, 26, of Hot Springs, Arkansas, pleaded guilty in July 2017 to one charge of aiding and abetting computer intrusions by building and intentionally selling a remote access trojan (RAT), called NanoCore, to hackers for $25.

Huddleston was arrested in March, almost two months before the FBI raided his house in Hot Springs, Arkansas and left with his computers after 90 minutes, only to return eight weeks later with handcuffs.
This case is a rare example of the US Department of Justice (DOJ) charging someone not for actively using malware to hack victims' computers, but for developing and selling it to other cybercriminals.
Huddleston admitted to the court that he created his software knowing it would be used by other cybercrimina…

ICEMAN : Infecting Crystal Finance Millennium

Iceman gang member confirms that they are behind the introduction and spreading of malwares that have affected Crystal Finance Millennium, a Ukraine-based accounting software firm. Was this a political based attack? Read more to find out.
I’ve had a chance to speak to one of the gang member on XMMP and he confirmed that the Iceman group is behind this attack. They started by a simple web attack (SQLI which lead to web shell upload, no privilege escalation was needed) in order to gain access to the web servers of the company. He confirmed that the math was simple, the Ukrainian company had many clients in the financial and medical sector which facilitated the propagation of their malware. From the archived web page, it becomes apparent they provide accounting software, personalization of medical records, blood service and "full automation of the doctor's office" - contrary to what their company name suggests, it appears they are (mostly) focused on medical software.
The…