Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Android Bug Privacy Security Technology

Android Bug Allows Geolocation Tracking of Users (duo.com) 46

Trailrunner7 writes: Researchers have discovered a weakness in all version of Android except 9, the most recent release, that can allow an attacker to gather sensitive information such as the MAC address and BSSID name and pinpoint the location of an affected device. The vulnerability is a result of the way that Android broadcasts device information to apps installed on a device. The operating system uses a mechanism known as an intent to send out information between processes or applications, and some of the information about the device's WiFi network interface sent via a pair of intents can be used by an attacker to track a device closely.

A malicious app -- or just one that is listening for the right broadcasts from Android -- would be able to identify any individual Android device and geolocate it. An attacker could use this weaknesses to track a given device, presumably without the user's knowledge. Although Android has had MAC address randomization implemented since version 6, released in 2015, Yakov Shafranovich of Nightwatch Cybersecurity said his research showed that an attacker can get around this restriction.

This discussion has been archived. No new comments can be posted.

Android Bug Allows Geolocation Tracking of Users

Comments Filter:
  • by 110010001000 ( 697113 ) on Thursday August 30, 2018 @01:49PM (#57226490) Homepage Journal
    That is really pathetic implementation by Google. The idea is that your application should have to register for special permissions to access this information, but apparently the system broadcasts it to all listening applications on the device. The fact that this actually exists makes me wonder about the entire codebase. There should be single point in the code where intents are sent out and matched against access/permissions. It sounds like spaghetti.
    • Although now that I look at it more, it looks like you DO have to have wifi state access permissions. So it is debatable if this really is a bug or not.
    • Yeah, this is sad. I'm not sure what idiot at Google thought it was okay to broadcast wifi state info to apps that don't have permission to access the wifi state. I can see how it might be ambiguous whether the BSSID or the base station MAC are included in "wifi state" information, but obviously if I have denied an app permission to access wifi state I didn't just mean it can't request wifi state information, really I meant that it shouldn't be given it by the OS.

      Another question: What information to th

      • Also, the article say that the issue is being "fixed", but it is still unclear if an app with "network state" permission has access to the BSSID or base station mac, which in many cases effectively gives coarse location. I have often wondered whether requesting "network state" permission was a sneaky way to do geolocation, but never looked into it carefully. And, once again, my next question would be whether the information available to apps with network state permission is different for LineageOS.
        • I'm not sure they are really going to fix it. It says it is a "breaking API change". It is strange that they are broadcasting wifi state information to all apps, completely bypassing any access control. I guess it has been going on for 10 years or so. They also broadcast route information + DNS server IPs.
          • When they try out removing the info and every ad network on the planet crashes every app because that data is unexpectedly null, what can Google realistically do???

            At some point the horses are not just out of the barn, the barn has caught fire and there is no barn to put them back into.

            I have serious reservations this should be counted as a bug though. I am nearly 100% sure this was by design. Even if you wanted to give Google the benefit of the doubt in regards to intent you could imagine some technical

  • Yeah, when I was young, I used to fantasize about the government knowing what library books I had checked out. Now I know that I am nobody, just like 98% of everybody. My private information, aside from that necessary for financial transactions, is worthless. If you're not in the public eye, nobody gives a fsck.

    • That isn't true. The various data collecting corporations (credit, tech, etc) DO care about your individual data as it can be used to determine your risk for a loan, what ads you receive, insurance rates, etc. They care very deeply. That is why Windows 10 is essentially free now.
    • Comment removed based on user account deletion
    • by antdude ( 79039 )

      NBA, Comcast, Toyota, CBS, Obama, health, etc. care!

  • Maybe it is just an undocumented feature installed for those in the know.
  • We call it a feature.

  • Sample app with 'zero' permissions and still can access wifi mac (even when wifi is switched off) https://github.com/haninaguib/... [github.com]
  • I just assumed this behavior was in the original Android spec.

In order to dial out, it is necessary to broaden one's dimension.

Working...