Tag: smartphones

U.S. Government Contractor Embedded Software in more than 500 Apps to Track Phones of hundreds of millions of users!!!

A damning new WSJ report says a small U.S. government contractor embedded software in over 500 apps, tracking millions of people worldwide.

According to the report:

A small U.S. company with ties to the U.S. defense and intelligence communities has embedded its software in numerous mobile apps, allowing it to track the movements of hundreds of millions of mobile phones world-wide, according to interviews and documents reviewed by The Wall Street Journal.

Anomaly Six LLC is the company in question, apparently boasting in marketing material that it was “able to draw location data from more than 500 mobile applications” from its own software development kit, embedded directly in some apps:

Anomaly Six says it embeds its own SDK in some apps, and in other cases gets location data from other partners.

The report says Anomaly Six is a federal contractor that provides global location data “to branches of the U.S. government and private-sector clients”. It told WSJ that it restricts the sale of U.S. mobile phone movement data only to the private sector, however.

Keep reading

Telegram feature exposes your precise address to hackers

If you’re using an Android device—or in some cases an iPhone—the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it.

The problem stems from a feature called People Nearby. By default, it’s turned off. When users enable it, their geographic distance is shown to other people who have it turned on and are in (or are spoofing) the same geographic region. When People Nearby is used as designed, it’s a useful feature with few if any privacy concerns. After all, a notification that someone is 1 kilometer or 600 meters away still leaves stalkers guessing where, precisely, you are.

Stalking made simple

Independent researcher Ahmed Hassan, however, has shown how the feature can be abused to divulge exactly where you are. Using readily available software and a rooted Android device, he’s able to spoof the location his device reports to Telegram servers. By using just three different locations and measuring the corresponding distance reported by People Nearby, he is able to pinpoint a user’s precise location.

Keep reading

Rights Advocates Alarmed by US Spy Agency’s Purchase of Warrantless Phone Location Data

Digital rights advocates reacted with alarm to a report published Friday detailing how Defense Intelligence Agency analysts in recent years bought databases of U.S. smartphone location data without first obtaining warrants.

The Defense Intelligence Agency (DIA) is part of the Department of Defense and is tasked with informing military and civilian policymakers about the activities and intentions of foreign governments and nonstate actors.

The new revelation, first reported by the New York Times, initially came in the form of DIA responses to questions from Sen. Ron Wyden (D-Ore.) regarding the agency’s warrantless purchase of commercial location data generated by phones both inside and outside of the United States.

Wyden asked the DIA to clarify its interpretation of Carpenter v. United States, a 2018 U.S. Supreme Court decision barring law enforcement agencies from requesting personal location information from a cellphone company without first obtaining a search warrant from a judge.

“DIA does not construe the Carpenter decision to require a judicial warrant endorsing purchase or use of commercially-available data for intelligence purposes,” the agency replied, implicitly acknowledging its exploitation of an apparent loophole in the case that DIA believes permits its warrantless acquisition of location data from third-party brokers.

Keep reading

How silent signals from your phone could be recording and tracking you

Aside from networking, companies use ultrasonic signals (or beacons) to gather information about users. That could include monitoring television viewing and web browsing habits, tracking users across multiple devices, or determining a shopper’s precise location within a store.

They use this information to send alerts that are relevant to your surroundings – such as a welcome message when you enter a museum or letting you know about a sale when you pass by a particular store.

But since this technology records sound – even if temporarily – it could constitute a breach of privacy. An analysis of various Australian regulations covering listening devices and surveillance reveals a legal grey area in relation to ultrasonic beacons.

Keep reading

Google Sued For Data Costs After Android Phones Found Transferring “Unapproved, Undisclosed” Data

A new lawsuit against Google filed on Thursday of last week raises interesting questions about whether or not the tech giant is “stealing Android users’ cellular data allowances though unapproved, undisclosed transmissions to the web giant’s servers”. 

The suit, filed in US federal district court in San Jose by 4 plaintiffs aims to be certified as a class action. It alleges that Google is using Android users’ limited cellular data allowances to transmit information about the users unrelated to the use of Google services. The case surrounds “data sent to Google’s servers that isn’t the result of deliberate interaction with a mobile device”, according to The Register

In other words, data transfers happening in the background, when the phone isn’t in use. The suit alleges that none of the four agreements accepted to participate in the Google ecosystem say anything about cell data transfers taking place in the background.

The suit states: “Google designed and implemented its Android operating system and apps to extract and transmit large volumes of information between Plaintiffs’ cellular devices and Google using Plaintiffs’ cellular data allowances.”

It continues: “Google’s misappropriation of Plaintiffs’ cellular data allowances through passive transfers occurs in the background, does not result from Plaintiffs’ direct engagement with Google’s apps and properties on their devices, and happens without Plaintiffs’ consent.”

Keep reading

How the U.S. Military Buys Location Data from Ordinary Apps

The U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned. The most popular app among a group Motherboard analyzed connected to this sort of data sale is a Muslim prayer and Quran app that has more than 98 million downloads worldwide. Others include a Muslim dating app, a popular Craigslist app, an app for following storms, and a “level” app that can be used to help, for example, install shelves in a bedroom.

Through public records, interviews with developers, and technical analysis, Motherboard uncovered two separate, parallel data streams that the U.S. military uses, or has used, to obtain location data. One relies on a company called Babel Street, which creates a product called Locate X. U.S. Special Operations Command (USSOCOM), a branch of the military tasked with counterterrorism, counterinsurgency, and special reconnaissance, bought access to Locate X to assist on overseas special forces operations. The other stream is through a company called X-Mode, which obtains location data directly from apps, then sells that data to contractors, and by extension, the military.

Keep reading

Your Phone Is Spying On You: Companies Are Generating Secret “Surveillance Scores” Based On That Data

Nothing that you do on your phone is private.  In this day and age, most of us have become extremely dependent on our phones, and most Americans never even realize that these extremely sophisticated little devices are gathering mountains of information on each one of us. 

Your phone knows what you look like, it knows the sound of your voice, it knows where you have been, it knows where you have shopped, it knows your Internet searches and it knows what you like to do in your free time.  In fact, your phone literally knows thousands of things about you, and all of that information is bought and sold every single day without you knowing. 

And as you will see below, there are lots of companies out there that use information collected from our phones to create secret “surveillance scores” that are used for a whole host of alarming purposes.

Keep reading