Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Advertising Cellphones Privacy

For Under $1,000, Mobile Ads Can Track Your Location (mashable.com) 52

"Researchers were able to use GPS data from an ad network to track a user to their actual location, and trace movements through town," writes phantomfive. Mashable reports: The idea is straightforward: Associate a series of ads with a specific individual as well as predetermined GPS coordinates. When those ads are served to a smartphone app, you know where that individual has been... It's a surprisingly simple technique, and the researchers say you can pull it off for "$1,000 or less." The relatively low cost means that digitally tracking a target in this manner isn't just for corporations, governments, or criminal enterprises. Rather, the stalker next door can have a go at it as well... Refusing to click on the popups isn't enough, as the person being surveilled doesn't need to do so for this to work -- simply being served the advertisements is all it takes.
It's "an industry-wide issue," according to the researchers, while Mashable labels it "digital surveillance, made available to any and all with money on hand, brought to the masses by your friendly neighborhood Silicon Valley disrupters."
This discussion has been archived. No new comments can be posted.

For Under $1,000, Mobile Ads Can Track Your Location

Comments Filter:
  • by Anonymous Coward

    Seriously everybody said this would happen if it was made available and sure enough it has been.

    • by Z00L00K ( 682162 )

      And did someone pay attention to what happens to the URL of the linked article when you open it?

    • And 'privacy and civil liberties experts are concerned!' ooohhh, I feel so much better.
  • by Whatsmynickname ( 557867 ) on Sunday October 22, 2017 @12:16AM (#55412051)
    ...why adblocking is so popular?
    • Geo location is not the main reason people use ad blockers (not sure most people would even care about that).
      • by Z00L00K ( 682162 )

        But it's an added bonus.

        $1000 for locating a certain individual seems expensive if you follow what's in the article.

        I suspect that the cost of a single tracking is less than $1. It's the use of a tracking ad that costs $1000, but then you can target more than one individual, more likely 1000 individuals several times.

      • by evanh ( 627108 ) on Sunday October 22, 2017 @01:26AM (#55412201)

        Tracking in general is certainly the reason for me. Binning the actual ads is incidental except for the whole personalised aspect of ads. This is the tracking part in action of course.

        What's wrong with simply making the ads subject related rather than that who is looking? What the user is looked for/at at that moment should be more than enough to make a targeted ad without it being personalised.

        • What the user is looked for/at at that moment should be more than enough to make a targeted ad without it being personalised.

          Targeted, but not effective. I recently searched for new bike pedals. For the last three weeks I keep seeing ads for pedals, and shoes, and gloves, and ... Hey wait, I do need some new gloves. That price looks pretty good.

          They do it because it works.

    • Believe it or not, they can track you _even_ if you have ad-blocker installed

      The ad does not have to appear fully on screen , (or be successfully downloaded in full)

      All it needs is to have the GEO function invoked (with the help of your smartphone's embedded GPS feature) to send back your _current_ location before the ad-blocker wakes up, and block it

    • Why would an advertiser spend $1000 to learn that i never leave my bedroom?

  • by mentil ( 1748130 ) on Sunday October 22, 2017 @12:28AM (#55412077)

    Apps given access to your GPS can pass that data on to advertisers. Evil Stuff (tm) can then be done with that data. I would say "nothing to see here" but I'm surprised that ads can be customized to only be shown to devices with a specific ID at a specific GPS location. The chances someone will sniff your MAID, and know the ad networks of the apps you leave running that have location access, seems really low though. I imagine the more reputable (i.e. common) ad networks will/already prohibit such specific targeting.

    • From the whitepaper:
      "Cookies/MAID. Every DSP allows targeting users based on cookies
      or mobile advertising ID (MAID). Either of these could be obtained
      by an ADINT attacker if the user ever clicks on their ad.
      They can also be obtained from sniffing network traffic. Finally,
      active ad content (see below) can be used to potentially acquire
      either identifier."
      Also Facebook allows targeting by email with minimum of 20 addresses.
      "(...) these minimums can be
      circumvented; we conducted a preliminary experiment and foun

    • by phantomfive ( 622387 ) on Sunday October 22, 2017 @02:34AM (#55412291) Journal

      I imagine the more reputable (i.e. common) ad networks will/already prohibit such specific targeting.

      No. I've worked in ad-tech, and I can tell you the answer is no. There is absolutely no motivation for ad companies to even think about this problem beyond a token effort.

      Ad companies have every motivation, indeed they have people paying them to give them as much information about a person as possible. This isn't even a new thing: decades ago you could buy mailing lists with names, addresses, gender, and income.

  • French startup Teemo (formerly Databerries) already provides accurate tracking to ad companies, by teaming up with a few app distributors (mostly newspaper / news sites apps, so to sum it up, useless apps that provide the same content as their website, with the added benefit of being tracked). Apps send location data every 3 minutes, and thoses are related to IFDA for Apple phone (don't know about android) They pretend it take them only a few minutes for their team to locate you with only your phone number,
  • And just how is this supposed stalker supposed to target the individual phone ID? In the advertising world the individual's ID is the goose that lays the golden eggs for the advertiser service provider. You would need to carefully profile the target and then hope no one else fitting the profile is in the location that you're targeting since Google et al, would never hand over or let you target the ID itself.

    At which point, why not just stalk the traditional way. Cost is not the issue here, it just seems lik

    • Stalking is certainly more easily and thoroughly done the traditional way regardless. This might be useful for a professional burglar, though -- build a profile of what hours a certain device is actively browsing the web from a certain house, and plan a break-in accordingly.

    • The cell phone services, mapping services, and various vendor profiling tools already have identifiable information of your phone number, your cell phone SIM ID and your MAC address. See https://ssd.eff.org/en/module/... [eff.org] for some sense off the variety of tracking information already shared by portable devices.

  • Everyone can watch everyone.

    These days we are closer to this than we are to ultimate privacy.

    • Everyone can watch everyone.
      These days we are closer to this than we are to ultimate privacy.

      We are no more meaningfully closer to one than the other. You cannot watch what the wealthy do, because they can hide behind a big wall of money. But they get to watch what you do, because they can literally afford to pay someone to bug your house.

  • "Tracking" isn't very useful, if you have to predefine the GPS coordinates. I suppose a divorce lawyer could use this to see when a cheating spouse was visiting a particular house, but in general, $1000 per location would get kind of pricy for general surveillance.

No spitting on the Bus! Thank you, The Mgt.

Working...