Delete Google Maps But They'll Still Track You

Uploaded on 2016-09-16 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Google, it seems, is very, very interested in knowing where you are at all times.

Users have reported battery life issues with the latest Android build, with many pointing the finger at Google Play, Google's app store, and its persistent, almost obsessive need to check where you are.

Amid complaints that Google Play is always switching on GPS, it appears Google has made it impossible to prevent the app store from tracking your whereabouts unless you completely kill off location tracking for all applications.

You can try to deny Google Play access to your handheld's location by opening the Settings app and digging through Google Play Store Permissions, and flipping the switch for "location." But you'll be told you can't just shut out Google Play services: you have to switch off location services for all apps if you want to block the store from knowing your whereabouts. It's all or nothing, which isn't particularly nice.

This is because Google Play services pass on your location to installed apps via an API. The store also sends your whereabouts to Google to process. Google doesn't want you to turn this off.

It also encourages applications to become dependent on Google's closed-source Play services, rather than use the interfaces in the open-source Android, thus ensuring that people continue to run Google Play on their devices.

It's a similar story over at Google Maps. Although it makes far more sense for Maps to have access to your location, the latest build doesn't give you a decent option of turning it off. If you do cut off Maps' access to your location, "basic features of your device may no longer function as intended," the operating system warns.

Needless to say, this is not making some users very happy. Security researcher Mustafa Al-Bassam reported on Twitter that he "almost had a heart attack" when he walked into a McDonald's and was prompted on his phone to download the fast food restaurant's app.

Al-Bassam dug into his phone's apps to figure out how that had happened, and was amazed to find that his suspected culprit, Google Maps, was not responsible. It was Google Play that had monitored his location thousands of times.

Again, this is deliberate: Google is using your location to tout apps to you. If you wander into a pharmacy, you'll be offered software to print your photos, for example.

If you're not keen on this, the options are not great: you can either delete Google Maps and/or Google Play, or you have to repeatedly turn your phone's location services on and off as required throughout the day, which is extremely irritating.

"Kind of defeats the purpose of fine-grained privacy controls," Al-Bassam noted, adding: "Google is encouraging developers to use the Play location API instead of the native Android API, making an open OS dependent on proprietary software."

The Register: 

 

« GCHQ To Create A UK National Firewall
Will NSA & CyberCom Split? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

itWatch

itWatch

itWatch is focused on data loss prevention (DLP), endpoint security, mobile security, encryption, and cost reducing solutions for IT operations.

Ahope

Ahope

Ahope is a mobile security solution provider in Korea with a long history of security solution development.

IGX Global

IGX Global

IGX Global is a provider of information network and security integration services and products.

ITC Secure Networking

ITC Secure Networking

ITC are a leading cloud-based MSSP delivering service innovation in cyber security analytics & cloud technology.

DANAK

DANAK

DANAK is the national accreditation body for Denmark. The directory of members provides details of organisations offering certification services for ISO 27001.

Belle de Mai Incubator

Belle de Mai Incubator

Belle de Mai Incubator supports and funds innovative startup ideas in digital industries.

Intraprise Health

Intraprise Health

Intraprise Health is a Certified HITRUST Assessor and award-winning provider of health information security products and services.

DKBInnovative

DKBInnovative

DKBinnovative is a best-practice driven IT management firm that provides secure, reliable IT solutions to productivity-focused clients around the globe.

CISO Global

CISO Global

CISO Global (formerly Cerberus Sentinel) are on a mission to demystify and accelerate our clients’ journey to cyber resilience, empowering organizations to securely grow, operate, and innovate.

Netstar

Netstar

Netstar is an IT Support company based in Central London providing fully managed IT Support, Cyber Security and Technology Consulting services.

VMware

VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.

Cycurion

Cycurion

Cycurion is a global leading provider of Network Communications and Information Technology Security Solutions.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

SphereX Technologies

SphereX Technologies

SphereX is the first on-chain security solution for Web3 applications.

WillJam Ventures

WillJam Ventures

WillJam Ventures are a private equity firm focused on investing in world-class cybersecurity companies that will become the next generation of leaders in protecting the world’s digital assets.

SureStack

SureStack

SureStack is an AI-native cybersecurity platform that provides organizations with continuous validation, optimization, and real-time security of their cybersecurity stacks.