Privacy News If you’re using an Android phone, Google may be tracking every move you make

HarborFront

Level 72
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,142
Biking? Google probably knows you are. Up a mountain? It probably knows that, too.

The Alphabet subsidiary’s location-hungry tentacles are quietly lurking behind some of the most innovative features of its Android mobile operating system. Once those tentacles latch on, phones using Android begin silently transmitting data back to the servers of Google, including everything from GPS coordinates to nearby wifi networks, barometric pressure, and even a guess at the phone-holder’s current activity. Although the product behind those transmissions is opt-in, for Android users it can be hard to avoid and even harder to understand. Opting in is also required to use several of Android’s marquee features.

As a result, Google holds more extensive data on Android users than some ever realize. That data can be used by the company to sell targeted advertising. It can also be used to track into stores those consumers who saw ads on their phone or computer urging them to visit.1 This also means governments and courts can request the detailed data on an individual’s whereabouts.

While you’ve probably never heard of it, “Location History” is a longtime Google product with origins in the now-defunct Google Latitude. (Launched in 2009, that app allowed users to constantly broadcast their location to friends.) Today, Location History is used to power features like traffic predictions and restaurant recommendations. While it is not enabled on an Android phone by default—or even suggested to be turned on when setting up a new phone—activating Location History is subtly baked into setup for apps like Google Maps, Photos, the Google Assistant, and the primary Google app. In testing multiple phones, Quartz found that none of those apps use the same language to describe what happens when Location History is enabled, and none explicitly indicate that activation will allow every Google app, not just the one seeking permission, to access Location History data.

Quartz was able to capture transmissions of Location History information on three phones from different manufacturers, running various recent versions of Android. To accomplish this, we created a portable internet-connected wifi network that could eavesdrop and forward all of the transmissions that the devices connected to it broadcast and received.2 None of the devices had SIM cards inserted. We walked around urban areas; shopping centers; and into stores, restaurants, and bars. The rig recorded every relevant network request3made by the Google Pixel 2, Samsung Galaxy S8, and Moto Z Droid that we were carrying.

According to our analysis of the phones’ transmissions, this is just some of the information that gets periodically sent to Google’s servers when Location History is enabled:

  • A list of types of movements that your phone thinks you could be doing, by likelihood. (e.g. walking: 51%, onBicycle: 4%, inRailVehicle: 3%)
  • The barometric pressure
  • Whether or not you’re connected to wifi
  • The MAC address—which is a unique identifier—of the wifi access point you’re connected to
  • The MAC address, signal strength, and frequency of every nearby wifi access point
  • The MAC address, identifier, type, and two measures of signal strength of every nearby Bluetooth beacon
  • The charge level of your phone battery and whether or not your phone is charging
  • The voltage of your battery
  • The GPS coordinates of your phone and the accuracy of those coordinates
  • The GPS elevation and the accuracy of that
“That goes beyond what you’d expect for Location History,” Bill Budington a security engineer for the Electronic Frontier Foundation, told Quartz when these transmissions were described to him, “especially in terms of predicted activity.” The EFF is a nonprofit organization that advocates for digital civil liberties, freedom, and privacy, which both I and Google have made charitable contributions to in the past.4

Google, accurately, describes Location History as entirely opt-in. “With your permission, Google uses your Location History to deliver better results and recommendations on Google products,” a spokesman wrote to Quartz in an email. “For example, you can receive traffic predictions for your daily commute, view photos grouped by locations, see recommendations based on places you’ve visited, and even locate a missing phone. Location History is entirely opt-in, and you can always edit, delete, or turn it off at any time.”

When asked to opt in, however, the full implications of enabling Location History are rarely made clear. Here are some of the ways Google apps ask users to enable Location History.

Google Photos
photos_screenshot_20180116-115703.png

When the “Places” album is selected, the app requests to turn on Location History. The prompt says that Location History will allow you to “see photos grouped by where you’ve been.” It doesn’t say anything about Google using that information for other purposes. It doesn’t mention that in exchange for organizing your photos, you let Google record what stores you’re shopping in and what restaurants you’re eating at by collecting information about nearby Bluetooth beacons and wifi networks. There is no option to limit Location History to only be used for sorting photos.


Google Maps
maps_screenshot_20180116-075155.png

In Google Maps, users are encouraged to “Get the most from Google Maps” by turning on Location History. “Google needs to periodically store your location to improve route recommendations, search suggestions and more,” the full-screen prompt explains. Those suggestions come in exchange for Google knowing how often you go for a run and how often you charge your battery.


Google App
now_screenshot_20180116-121002.png

In the primary Google App, the prompt to turn on Location History occurred almost immediately on one of the Phones we tested. On another, it only appeared when trying to activate information about local road traffic. Tapping “Learn More” reveals that Google plans to use this information not just for aiding a commute, but also to give you “more useful ads on and off Google.”


Google Assistant
screenshot_20180118-202742.png

On first use, the Google Assistant’s activation screen immediately makes Location History look like a requirement. “The Assistant depends on these settings in order to work,” the screen says, describing Location History as creating a “private map of where you go with your signed-in devices.”5 It makes no mention of sharing your wifi connection, only that it will “regularly obtain location data from this device, including when you aren’t using a specific Google product.” Allowing these permissions is required to activate Google Assistant, although if Location History is disabled after Google Assistant is set up, the assistant will still function and does not seem to prompt for it to be re-enabled.

Google Assistant is of strategic importance to the company’s efforts to keep users in its ecosystem of devices, apps, and services rather than those of Apple, Amazon, or Microsoft. Most recently, all of these companies have been focused on in-home appliances that respond to voice and can assist with various routine tasks like playing music, calling a taxi, or ordering laundry detergent.

Your Location History
Android users can check some of the information Google has collected about them by looking at “Your timeline” in Google Maps. (Google’s information page on how to access it can be found here.) These instructions show how to turn off Location History entirely.

Scientific research shows gender is not just a social construct
 

HarborFront

Level 72
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,142
When it comes to tracking the precise location of an Android user’s phone, Google appears to use every means available—including Bluetooth-based location information transmitted to the company when the user might think they have Bluetooth turned off entirely.

A Quartz investigation found that a user can turn Bluetooth off on their smartphone running Google’s Android software, and the phone will continue to use Bluetooth to collect location-related data and transmit that data to Google. It does this by sending Google, among other things, the unique identifier codes of Bluetooth broadcasting devices it encounters. Such devices, known as beacons, are often used in stores, museums, and other public places to help phones ascertain their locations within buildings. Alphabet-owned Google does the tracking in part so advertisers can target “more useful” digital ads to users, but Quartz discovered that the company taps into an array of signals that can yield an individual’s whereabouts even when the user thinks they’ve disabled such tracking.

How it works
Google’s Bluetooth tracking is a confluence of three features: Location History, which activates Google’s location-tracking; Bluetooth; and Bluetooth scanning, an option buried deep in the Android settings menu. When Location History is activated, Android phones try to send a plethora of nuanced information back to Google (we reported on that here), including nearby Bluetooth devices.

bluetooth_scanning_grid_andriod_004.png

When either Bluetooth or Bluetooth scanning is enabled, a report containing a list of nearby Bluetooth beacons is sent to Google any time an app refreshes Android location services. The only way to prevent Google’s Location History from sending this data back to Google, Quartz found, is to turn off both Bluetooth and Bluetooth scanning—eliminating access to Bluetooth devices—or to turn off Location History, crippling certain features of Android and Google apps. In a world of wireless headphones and hyper-customization, that’s an increasingly difficult proposition—especially when the tools to manage personal privacy are this blunt.

A spokesperson for Google confirmed that turning off Location History would stop a phone’s reporting of nearby Bluetooth beacons.

A third option on Android called “Device only” location allows a user to utilize only GPS to determine location, rather than “High accuracy,” which uses GPS, wifi, Bluetooth, and cellular signals. But even when a phone is in Device-only mode, beacon information is sent to Google when Bluetooth is off (though not when scanning is also disabled). If Location is turned off entirely, and then re-enabled, the phone resets to the High accuracy mode, making the setting hard to rely on.

Quartz was able to capture Bluetooth data transmissions on three phones from different manufacturers, running various recent versions of Android. To accomplish this, we created a portable internet-connected wifi network that could eavesdrop and forward all of the transmissions the devices connected to it broadcast and received.1None of the devices had SIM cards inserted. We walked around urban areas; shopping centers; and into stores, restaurants, and bars. The rig recorded every relevant network request2 made by the Google Pixel 2, Samsung Galaxy S8 and Moto Z Droid, we were carrying.

Understanding Bluetooth beacons
In a world of wireless headphones and hyper-customization, that’s an increasingly difficult proposition.
While the sharing of locations derived from GPS and similar signals may be acceptable to some users of Google Location—its accuracy limited by buildings, trees, and other obstructions—Bluetooth low-energy beacons are used to pinpoint a device to a more specific locale. Museums use them to give guided audio tours, restaurants use them to deliver food to the proper table, airports use them to guide passengers around terminals, and retailers use them to track and advertise to customers in their stores. A beacon does not collect information on nearby devices—like a television station, its signal is a one-way broadcast—but when an Android phone sends Google a unique Bluetooth identifier, the company can not only track you around town, but also into a mall, through a store, and up to a specific rack of clothes.

In its investigation, Quartz browsed a Macy’s in Palo Alto, California, that appeared to contain dozens of Bluetooth beacons, seemingly contained in transparent white domes mounted on the ceilings above racks, escalators, and display cases. In a Bloomingdales in the same shopping center (both stores are owned by Macy’s Inc), only one beacon was detected, above the store’s entry.

macys_ceiling_dome_circled.jpg

Inside of Macy’s, signals from Bluetooth beacons were strongest near domes like this one mounted to the ceiling. (David Yanofsky / Quartz)
No signals were detected in a Nike Store in the same shopping center, but many signals were received while perusing nearby traditional menswear retailer, Jos. A. Bank. The 15,000-square-foot Apple Store (1,400 square-m) one block away was also full of signals from about a dozen different beacons.

Bluetooth-beacon information can be collected in such a way that it’s hard to avoid being geographically tracked. Even if a beacon’s location has not been proactively registered into a public database by whomever installed it, all it takes for Google—or any other company—to determine a beacon’s geographic location is a single nearby phone with loose privacy settings. The location of a device with tighter privacy settings can then be determined using the information collected by the first.

Understanding Bluetooth scanning
While turning off Bluetooth is easy enough, “Bluetooth scanning” is buried in a secondary settings menu. Descriptions of its function are unclear, and the option to turn it off doesn’t work as any reasonable person would expect.

Of the three phones tested by Quartz, only one somewhat accurately describes the scanning functionality on the screen where it can be manipulated. The Samsung Galaxy S8 running Android 7.0 notes that Bluetooth scanning will cause the phone to connect to nearby devices “even while Bluetooth is turned off.”

The Pixel 2 running Android 8.1—the latest version of the operating system—and Moto Z Droid running Android 7.1.1, by contrast, only specify that Bluetooth scanning will allow the system to “detect Bluetooth devices at any time,” leaving it unclear if that means any time Bluetooth is enabled, any time the phone is on, or any and all times the phone exists in the world. The messages displayed on all three devices are also the equivalent of digital fine print, utilizing smaller font sizes and lighter colors that make them easy to ignore or dismiss as ancillary......

Read more here

Google can still use Bluetooth to track your Android phone when Bluetooth is turned off
 
F

ForgottenSeer 58943

It's funny. I've been keeping my phones in an RFID pouch a LOT more these days and taking them out when I need them.

I also install Camera and Microphone blocking apps and enable them only when needed.

I think in the future, most people might do such things.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top