Tag: mobile privacy

U.K. mobile technology makes it possible to sell user movement data

Hackers can glean a significant amount of location data from smartphones, only to sell it to others.

According to recent data released by privacy campaigners in the United Kingdom, it is possible for hackers to access British mobile technology devices such as smartphones, including data that would reveal the user’s physical location as well as his or her movements throughout the day.

That information can then be sold to someone who intends to use it for criminal purposes.

Mobile technology wireless hotspot and phone operators are continually gathering detailed data with regards to the movements of device owners as they go about their everyday lives. This, according to the results of two individual investigations into the retention of mobile data. Now, people are being cautioned that if this information is ever hacked by a criminal, it could reveal a significant amount about a person’s daily activities and movements, which can include very personal details and could put these individuals at risk.

Reports on the matter have pointed out that many people have unwittingly signed up their mobile technology devices.

Mobile Technology - Mobile UsersThe privacy campaigners have said that many people don’t even realize that they have subscribed to having their location tracked all day and night, every day. They also don’t realize how sensitive this information can actually be as it can provide a great deal of insight into their regular routines. This can – and is – sold for profit. From legitimate sources, this data is sold in order to be analyzed for the purpose of mobile marketing and other similar reasons.

However, in the wrong hands, this detailed information can make it possible for criminals to target kids when they leave their homes or school, or they can blackmail adults who would rather not have their regular habits publicly known. This is especially troubling when considering that it also includes information that can reveal an individual’s gender, religion, sexual orientation, and a great deal more.

Krowdthink founder, Geoff Revill, explained that “Effectively consumers are opting in to being location tracked by default.” Krowdthink is a privacy campaign group which conducted one of the two widespread investigations into this data collection.

Mobile security may not be as high in fitness trackers as owners believe

A new report has indicated that certain wearables and the apps needed to use them are posing a privacy risk.

Citizen Lab, in partnership with Open Effect have now released a report that has suggested that the mobile security being provided by several popular fitness trackers are actually vulnerable to potential tampering, surveillance and tracking over the long term.

These devices are quite commonplace and are used to allow a person to monitor his or her physical activity.

The report was the result of an examination of eight different fitness trackers and the mobile apps that are needed to use them. It was conducted by Citizen Lab from the University of Toronto, and the Open Effect not-for-profit research group. They looked into these applications and wearables to determine the level of mobile security and privacy they were able to provide. The trackers the researchers examined included: the Fitbit Charge HR, Jawbone Up 2, Garmin Vivosmart, Basis Peak, Mio Fuse, Xiaomi Mi Band, Withings Pulse O2 and even the Apple Watch.

The researchers looked at a range of different mobile security measures for every device they considered.

Wearable Technology - Mobile SecurityThe factors included those pertaining to the collection and storage of data, as well as their transmission practices. What they determined was that every device, aside from the Apple Watch, persistently emitted uniqueIDs by way of their embedded Bluetooth radios. Those identifications could potentially expose the users of the wearables to location tracking over the long-term, even at times in which the device was not paired to a smartphone or tablet.

The report said the Apple Watch was the only one among the wearables that actually randomized its Bluetooth ID, causing it to be impossible to track that smartwatch over the long-term.

The authors of the report also pointed out that the Jawbone and Withings app was vulnerable to being exploited in order to crate fraudulent fitness records. The reason this poses a mobile security risk due to the chance that the data collected by personal fitness wearables could be used in court cases, health insurance programs and for other official reasons. Therefore, if that data has been falsified, it could create a highly undesirable risk for the users.