Submitted via IRC for TheMightyBuzzard
As it turns out, turning off location services (e.g., GPS) on your smartphone doesn't mean an attacker can't use the device to pinpoint your location.
A group of Princeton University researchers has devised of a novel user-location mechanism that exploits non-sensory and sensory data stored on the smartphone (the environment's air pressure, the device's heading, timezone, network status, IP address, etc.) and publicly-available information to estimate the user's location.
The non-sensory and sensory data needed is stored on users' smartphones and can be easily accessed by any app without the user's approval, which means that the data can be captured through a malicious app or harvested from databases of many legitimate fitness monitoring apps.
Source: https://www.helpnetsecurity.com/2018/02/07/location-tracking-no-gps/
(Score: 2) by JoeMerchant on Friday February 09 2018, @08:43PM (6 children)
I agree with AC above, all that's needed is the ID of a few nearby WiFi access points - that already translates into a practical location map.
🌻🌻 [google.com]
(Score: 0) by Anonymous Coward on Friday February 09 2018, @09:01PM
Don't forget cellphone towers and femtocells too. Some people still carry around their phones to use as phones ;).
(Score: 2) by frojack on Friday February 09 2018, @09:24PM (4 children)
But, that stuff is usually NOT sent, unless you sneak a rogue app onto the device.
So we are right back where the first AC post on this thread started. Without app support this is pretty much impossible in real time.
Do I have apps on my phone that might send location info to someplace in the cloud? Probably. So what? I know where the power switch is.
No, you are mistaken. I've always had this sig.
(Score: 3, Insightful) by JoeMerchant on Friday February 09 2018, @09:51PM (2 children)
I think the point is: just disabling location info access to an app doesn't really disable location info.
So, your kid downloads Kandy Krush unKorked and now you're being tracked by the Romanian mafia every time the app is running...
🌻🌻 [google.com]
(Score: 2) by PiMuNu on Saturday February 10 2018, @04:16AM
So, your kid downloads Skype and now you're being tracked by the NSA every time the app is running...
FTFY
(Score: 0) by Anonymous Coward on Saturday February 10 2018, @01:23PM
Or - hacker hacks public Wi-Fi/payment system/whatever and users that to get into your phone that's running an outdated Android and install an app that has the appropriate permissions. Now, whenever you go to a CVS, Starbucks, etc., your phone is used to attack their systems, collect info, and whatever other nefarious things. They can also map the botnet spread and decide on additional targets.
(Score: 2) by bob_super on Friday February 09 2018, @09:51PM
I'm pretty sure Google used to say it might collect localization data even when localization services are off.
Of course, turning off both WiFi and GPS makes the location a lot less precise, but after a while learning your habits, it's not a stretch to imagine that Google gets pretty good at guessing.