Forgot your password?
typodupeerror
Android Cellphones Electronic Frontier Foundation Privacy Wireless Networking

Android Leaks Location Data Via Wi-Fi 112

Posted by Soulskill
from the we-all-know-about-your-addiction-to-krispy-kreme dept.
Bismillah writes: The Preferred Network Offload feature in Android extends battery life, but it also leaks location data, according to the Electronic Frontier Foundation. What's more, the same flaw is found in Apple OS X and Windows 7. "This location history comes in the form of the names of wireless networks your phone has previously connected to. These frequently identify places you've been, including homes ('Tom’s Wi-Fi'), workplaces ('Company XYZ office net'), churches and political offices ('County Party HQ'), small businesses ('Toulouse Lautrec's house of ill-repute'), and travel destinations ('Tehran Airport wifi'). This data is arguably more dangerous than that leaked in previous location data scandals because it clearly denotes in human language places that you've spent enough time to use the Wi-Fi."
This discussion has been archived. No new comments can be posted.

Android Leaks Location Data Via Wi-Fi

Comments Filter:
  • Wrong title (Score:5, Insightful)

    by crashumbc (1221174) on Friday July 04, 2014 @09:08AM (#47383083)

    Should be popular SMART PHONES leak WiFi data.

    Sensationalist bullshit

    • Also according to the article. Somehow iOS manages to have reasonable Wi-fi battery power without using this trick.
    • They actually track which stores you visit to monetize ads. If you opt out then a lot of things including Google Now stop working.

      http://digiday.com/platforms/g... [digiday.com]

      They even do the same thing on iOS if you use Gmail, Chrome or Google Now apps.

      It is easiest for Google to conduct this passive location tracking on Android users, since Google has embedded location tracking into the software. Once Android users opt in to location services, Google starts collecting their location data as continuously as technologically possible. (Its ability to do so is dependent on cell tower or Wi-Fi signal strength.)

      Android is currently the leading mobile OS in the U.S. with a 45.9 percent market share in 2013, according to eMarketer. A little more than a fifth (20.3 percent) of the U.S. population uses Android smartphones.

      But Google can also constantly track the location of iPhone users by way of Google apps for iOS, Apple’s mobile operating system. IOS is just behind Android in U.S. market share with 38.3 percent of users, per eMarketer. Nearly 17 percent of the American populace uses an iOS smartphone.

      When an iPhone user stops using an app, it continues running “in the background.” The user might not realize it, but the app continues working, much in the same way tabs function on a Web browser.

      Google’s namesake iOS app — commonly referred to as Google mobile search — continues collecting a user’s location information when it runs in the background. This information is then used to determine if that user visited a store and whether that store visit can be attributed to a search conducted in the app. Store visits can also be tracked via Google’s other iOS apps that use location services. If iOS users open their Chrome, Gmail or Google Maps app in a store, their location can be deemed a store visit.

      And they recently stopped snooping on the free Google Apps and email for Schools and even businesses after doing it for a long time to build ad profiles after they didn't dare telling the same lies in federal court that they were telling to the public about snooping on

      • But hey, it's Google so they get a free pass here while if MS did anything even close to that people would be shouting from rooftops.

        That's because MS has been convicted in court of abusing this power. So far, Google appears to have stayed within the law in how it uses this data.

        Except that's not true: Google's got into plenty of trouble for grabbing too much data, then not deleting that data when ordered to by the court.

        I think you'll find that Google is well on its way to becoming the new MS -- and not just in the market sense. People ARE starting to grumble, and avoid using Google services for some things.

        • "Google is well on its way to becoming the new MS "

          Google has already become just like MS and Apple. They all rank at the top of the most successful companies in the world. These companies have been an integral part of the PC and Internet technical revolution. A revolution that has changed the world of communications and commerce. You can question some of their methods but you should try and balance the good and bad when forming your opinions on their "evilness". None of these companies have ever claimed

        • I believe you are referring to the wi-fi data picked up promiscuously by Google fleet of camera vehicles while taking street view pictures. Their excuses about that were pretty thin as I remember.
          • I believe you are referring to the wi-fi data picked up promiscuously by Google fleet of camera vehicles while taking street view pictures. Their excuses about that were pretty thin as I remember.

            Not as thin as their excuses for not deleting all of it. After saying they had deleted it.

  • Not just Android (Score:5, Insightful)

    by AmiMoJo (196126) * <mojo @ w orld3.net> on Friday July 04, 2014 @09:13AM (#47383099) Homepage

    The sensational headline fails to mention that most operating systems, including OSX and Windows, are affect. In fact most wifi devices are and we have known about this problem since the early days of wifi.

    I wish I had the time to mod the shit down before it hit the front page.

    • Re:Not just Android (Score:5, Informative)

      by jrumney (197329) on Friday July 04, 2014 @09:29AM (#47383175) Homepage
      The headline also fails to mention that only manually configured networks are affected (or perhaps old versions of Android, I don't remember the details from the comments to the story about 6 months ago regarding the exact same "flaw" in iOS). This is why it is a BAD idea for security to turn off access point beacons - because if your access point is not sending out beacons to identify itself, then the clients need to send out connection requests blindly - wherever they are.
      • The headline also fails to mention that only manually configured networks are affected (or perhaps old versions of Android, I don't remember the details from the comments to the story about 6 months ago regarding the exact same "flaw" in iOS). This is why it is a BAD idea for security to turn off access point beacons - because if your access point is not sending out beacons to identify itself, then the clients need to send out connection requests blindly - wherever they are.

        That's only if the name is revealing. I called my "The NSA" so people that connect to it are broadcasting that everywhere. I have one neighbor that for some insane reason named his after his address. 123 Johnson road

        • by Nutria (679911)

          I called my "The NSA"

          How clever you must feel for sticking to The Man.

          for some insane reason named his after his address.

          Why is that insane?

          • Re: (Score:2, Insightful)

            That's not sticking to the man. That's making the hysterical NSA alarmists go nuts. So, quite the opposite.

          • for some insane reason named his after his address.

            Why is that insane?

            I don't know why either. My wifi is named after my wife's place of origin.

            NABOO.

            That's why we call our daughter Princess.

          • by yacc143 (975862)

            It's insane because it distributes data that is unnecessary.

            Depending upon how "hackable" the WLAN is, if an unauthorized person accesses it, it gives the first clue what to enter in all these address boxes online.

            Ok, somebody mentioned being able to contact the responsible person if there is an issue. Now that kind of presumes that the typical operator of a home wifi spot knows how to fix the issue or even can fix the issue (it's incredible what kind of trash is being sold nowadays as a wifi router, and in

            • by itzly (3699663)
              Of course, with a directional antenna, it's pretty easy to find the street address of an access point.
              • by Nutria (679911)

                Or with the signal bars and a bit of driving.

                • by sumdumass (711423)

                  Or with just the name of the ssid broadcast and a general geographic area.

                  You can use sites like wigle to search it out. If enough entries are put in, it prety much accurately trianglstes the location on the map. It has my old neiborhood down to withing a few feet of the apartments. A signal meter on a smart phone should get you to the front door.

                  I know of at least one reverse hacking incident (the hacker got hacked by its target while trying to penetrate a network) where the hacker was tracked down by rea

        • by jones_supa (887896) on Friday July 04, 2014 @10:22AM (#47383453)

          I have one neighbor that for some insane reason named his after his address. 123 Johnson road

          He is just politely revealing who is the owner of the station. In this way it can also be seen as a responsible thing. If that particular station is causing some kind of problems to others, it is easy to contact the owner to discuss about it.

        • by itzly (3699663) on Friday July 04, 2014 @10:36AM (#47383525)

          I have one neighbor that for some insane reason named his after his address. 123 Johnson road

          Even worse, I have a neighbor who has his house number plainly visible right next to his front door, and the name of the street is clearly marked at the intersection. Total nutcase, if you ask me. Anybody who knows his address can just go and visit him.

          • by Anonymous Coward

            They probably also have a mailbox outside their house that is TOTALLY UNSECURED.

      • Unfortunately, that just isn't true. The affected Android devices leak all known networks, not just the manually configured ones. Go ahead and test it.

    • by Anonymous Coward

      Would be sweet if everybody stopped using "hidden" wifi. Since that needs this continuous broadcasting of the name by the clients.

    • Re: (Score:2, Informative)

      by Dixie_Flatline (5077)

      It's marginally more relevant that Android does it. There are a lot more Android devices than portable Windows and OS X devices that actually move around. (That is, not even the full population of laptops is necessarily being moved from hotspot to hotspot; I know plenty of people that have laptops that stay at home and are just for portability around the house.)

      Anyway, the headline is reasonably sensational, but not false, and the summary clarifies. I've seen a lot worse (bad headlines, worse summaries; etc

    • The sensational headline fails to mention that most operating systems, including OSX and Windows, are affected.

      Since when is it sensationalist to understate the situation? I think the word you're looking for is "provocative", since most of the readers are android users.

  • I've noticed this before but haven't been able to figure out how to delete it. I guess it has to do with the device searching for stored WiFi networks to establish a connection? Still annoying. According to the article, if you connect to hidden networks then you won't be able to get around this, unfortunately that's almost all the networks I connect to. Couldn't it just do a scan of nearby networks and look up the MAC address of the hidden networks, and, on a match, then try to establish a connection?
    • by jrumney (197329) on Friday July 04, 2014 @09:34AM (#47383205) Homepage
      Its the scan of nearby networks bit where it needs to send out the WiFi networks it wants to connect to. That's why making your SSID hidden is a security anti-pattern. Tell the owners of the networks you connect to to stop doing it - anyone nearby can see all the clients making requests to join your network, so it isn't adding any security in your near vicinity, and elsewhere, others can still see your clients trying to connect to your network wherever they are, because to connect to hidden networks you have to go out and proactively look for them.
      • Most devices are broadcasting known ssid regardless of the ap being hidden, there is quite an industry around sniffing this data.

      • Does is matter if the connection has encryption enabled? Or is the first exchange un-encrypted anyway?

        • by Anonymous Coward

          Encrypted networks also transmit the SSID in the clear in management frames. A "hidden" network only removes the SSID from the beacon frames. Disabling "SSID broadcasts" will cause clients to broadcast the SSID in search of the network wherever they go. That is not news (although the clients could arguably be a little more clever about this). The news is that Android actively searches for networks which are not hidden and which could easily be found by passive listening.

  • by geogob (569250) on Friday July 04, 2014 @09:21AM (#47383137)

    "[...] because it clearly denotes in human language places that you've spent enough time to use the Wi-Fi."

    I though driving by an open hotspot on the highway was enough time to use it. At least they would know on which Highway I drove.

    • by jrumney (197329)

      I though driving by an open hotspot on the highway was enough time to use it.

      Only with 802.11p which allows data transfer without associating to the access point, and maybe the still under development 802.11ai, which aims to speed up the time required for association to under 100ms.

  • No, it doesn't "show you've spent enough time to use the wifi." For fun, grab an Android app called WifiCollector. On a 200-mile drive through three Eastern states a few weeks ago, it sniffed out over a thousand WAPs (most of them not open). Anyone using that to imply I was actually at any of those locations long enough to use the wifi is probably just about smart enough to work in a government intelligence job.

  • by Lawrence_Bird (67278) on Friday July 04, 2014 @09:45AM (#47383263) Homepage

    So basically it sounds like anything using the wpa_supplicant code may do this? I can understand why it may be necessary for a hidden network, don't understand why the connecting party would ever transmit anything about past connections for public networks. Isn't SSID included in the beacon every 100ms or so?

    • by itzly (3699663)
      In order to receive the beacons you would have to keep the receiver powered up for longer times, wasting battery.
    • PNO is implemented in the Wi-Fi firmware, and generally only active if the main device CPU is asleep.

      wpa_supplicant tells the Wi-Fi firmware which networks it is interested in, then when the main CPU sleeps, the Wi-Fi chip keeps scanning for those networks periodically, which takes less power than waking the main CPU periodically to do this. In PNO's scanning process, it broadcasts all the names. There's no technical reason this is needed aside from hidden SSIDs (and indeed non-PNO wpa_supplicant scans don'

  • ok control, we've discovered that the suspect is called, or knows someone called, 'Tom', and that he once visited a McDonald's... maybe.
  • "What's more, the same flaw is found in Apple OS X and Windows 7."

    Clickbait, maybe?

  • by pcjunky (517872)

    I think we kind of figured this already.

    Just how is my phone "leaking" this information. I you get my phone then you may know where I have been but I am not going to give you my phone if I want to conceal this information.

  • Free Wifi (Score:4, Interesting)

    by AndyCanfield (700565) <andycanfieldNO@SPAMyandex.com> on Friday July 04, 2014 @10:07AM (#47383361) Homepage
    Here in Thailand / Laos I have recently seen massage parlor signs advertising "Free Wifi". You get in a room with a beautiful lady and she rubs her hands all over your body. Why would you want to check your e-mail? And certainly you would not "Exotic Massage" to show up in your wifi list. But remember that phones are like that. I manually checked my wife's call history to see if she had telephoned my girlfriend.
    • by tepples (727027)

      If by "wifi list" you mean the list of known SSIDs on a device, that can be solved by using your device's user switching and making some SSIDs private to one user. Unfortunately, Android doesn't seem to implement multi-user for devices with screens smaller than 7 inches, and I don't know whether known SSIDs are user-specific or system-wide.

      If by "wifi list" you mean the topic of the article (a list collected by someone listening for probe requests for hidden SSIDs), an SSID will appear only if 1. it has

  • If this is for looking up hidden SSIDs, then why not ping looking for know-hidden SSIDs?

    • by T-ice (1069420)
      Because it's easier to De-auth 1 visible connected client, and listen to the probe requests as it tries to reconnect. I believe that's called SSID decloaking, or something like that. There are enough of the right tools to be able to do this automagically while driving down the road with a laptop and a gps dongle. If there isn't a tool that does all the magic, I'm know that a mix of them could easily make all the necessary output that could be put together after a 2 hour drive through town. People still
  • by Anonymous Coward

    On rooted Android, one can configure wpa_supplicant to _not_ "scan_ssid" globally but individually, for the hidden APs. Also, one can set the "bssid" of the access points he connects to. There was a need for a better interface a while ago...

  • ... that the names assigned to WiFi access points have any relationship to reality. Where I'm sitting, I can see 'MoeBalls', 'Hide Yo Kids, Hide Yo WiFi', 'Mac', 'Get off my LAN', 'It Hurts When IP', 'Bala Yoga', .....

    • by msauve (701917)

      This assumes that the names assigned to WiFi access points have any relationship to reality.

      Do you get your coffee from the Urban Coffee Lounge or the Starbucks before going to Juanita Beach Park, there in Kirkland, WA?

      Nope, no relation to reality whatsoever.

      • by PPH (736903)

        Oops. Didn't think Bala Yoga was a unique location. However, given the list without that, I wonder how well WiFi based location would work. That is: in either a residential neigborhood or near a Starbucks (which all have one of a few common AP names).

        • by msauve (701917)
          MoeBalls [wigle.net] is more unique. But if you have enough SSIDs, the intersection of them can give a unique location even if each individual one can be found in many locations.
  • This is _really_ old news. I've been to two or three talks about this. How can anyone still be surprised?
  • Got this from a previous discussion on /.

    http://forum.xda-developers.co... [xda-developers.com]

  • What's more, the same flaw is found in Apple OS X and Windows 7.

    So why only"Android' in the headline? Why not use "Smartphones"?

    • by Jabrwock (985861)
      Because OS X and Windows 7 aren't mobile OSs? The article does address that, and states that it doesn't believe the risk to laptop users to be worth more than a mention, because laptops are generally powered down when moving around, unlike smartphones that keep scanning.
  • It is possible on an unlocked device to spoof this data by
    collecting data from other phones in passing or from a
    mesh of friends that pull data from their device and share
    it with others.

    i.e. should my WiFi device hear such a broadcast.
    It could save parts of it, format those and insert the data
    randomly into the list of devices my device appears to know about.

    After anyone publishes enough to prove the possibility
    then the information can no longer be used with impunity against
    an individual because data stamps c

  • The data described as being leaked is not location data. It is the names of SSIDs to which the device has connected before.

    Just sayin

  • Whether it be location data, or just important information, IONU's app ensures that you no longer have to worry about your data being leaked to anyone but the recipient. IONU's encrypted messaging service provides the privacy and security that is becoming vital in this day and age. Download the app here: https://ionu.com/download [ionu.com]

If I have seen farther than others, it is because I was standing on the shoulders of giants. -- Isaac Newton

Working...