A security expert warns that your movements may be monitored by the Google Maps app installed on another phone. Pieter Arntz is a researcher for Malwarebytes security company. He has described how he accidentally tracked his wife’s movements without using any spyware or cracking her passwords.
The Google Play Store is a great way to track someone’s exact location, with the most up-to-date data available within Google Maps.
Malwarebytes security expert Arntz wrote a detailed blog post about his discovery. Arntz was looking to add an Android paid app to his wife’s smartphone. Arntz had already purchased the app once before and did not see the need to purchase it again. He signed in to the Google Play Store app and navigated to the list of apps he previously bought to download the software.
He explains that “All went smoothly, but I failed to log out from Google Play after testing the app.”
Arntz noticed rogue places popping up in Google Maps’ location history when he was back on his phone. Google Maps tracks your location whenever you use the app. This data is used to provide better recommendations, such as showing you restaurants close by your location instead of a different city or country.
I noticed strange phenomena, but could not pinpoint the cause. He said that it showed him places he had visited but not yet lived near. The Google Maps app that Arntz had on his phone listed locations his wife had visited. It was her smartphone with her Google account on the Play Store App.
His wife wouldn’t have known anything was wrong if he had not shown him the profile photo in the corner. After figuring out the problem and signing off of Arntz’s Google Play Store account, Arntz found that he could still keep track of her movements in his Google Maps app.
The issue has not been resolved even after I had logged off of Google Play for my wife’s device. My Google account had been added to the Play Store accounts of my wife when I signed in, and was still there when I exited after I noticed the tracking problem.”
Malwarebytes is a well-known cybersecurity firm based in California. They are one of the founders of the Coalition Against Stalkerware. This group is intended to protect people from being spied upon. Spyware, as well as so-called stalkerware apps are becoming a major problem.
Although the Google Play Store quirk isn’t considered spyware, it can be used to produce similar results by other people.
Eva Galperin of Electronic Frontier Foundation said that the flaw highlights how important it is to consider domestic abuse situations when developing features. According to her, “The most hazardous time in a domestic violence situation is when the survivors are trying to separate their digital lives from their abusers.” This is when survivors’ data can be vulnerable to misconfiguration problems and it could lead to very severe consequences.
Malwarebytes submitted a Google issue report in order to raise awareness of the problem. It might be worthwhile to check which accounts you are signed into on your smartphone if your password has been used on the devices of friends and family in order not to pay for any apps, ebooks, or movies more than once.
For more information, visitSettings > Backups > Manage accountsThis will display a list of all accounts with permissions on your device. The list will show you all accounts that have permissions to your phone. Any accounts that you don’t recognize can be removed. They will also have access to your phone’s GPS data.
Publited Sat, 4 Sep 2021 at 14:35:09 +0000