Category Archives: ANDROID & SMART PHONES

Linux TCP flaw lets ‘anyone’ hijack Internet traffic

What began as an attempt to secure TCP/IP in Linux resulted in an enabling an attack vector that can be used to break, or even hijack, Internet connections between Linux and Android systems.

cyber-security-locks image www.intelagencies.com

Some days you can’t win for losing. In 2012, Linux implemented a new TCP/IP networking standard, RFC 5961, Improving TCP’s Robustness to Blind In-Window Attacks, to improve security. In the process, they opened up a heretofore unknown security hole. Ironically, other operating systems that lagged in implementing this new “security” mechanism — such as FreeBSD, macOS, and Windows — are immune to this new attack vector.

The latest network attack can be used against any Linux to Linux Internet connection.

This is potentially a big deal because it can be used to break, or even hijack, Internet connections between Linux and Android systems. So, for example, if an Android smartphone connected to USA Today, the connection could be interrupted. The same attack, however, would fail if it were made on a link between a Windows PC and USA Today.

The problem exists in any operating system running Linux kernel 3.6 or newer. Linux 3.6 was introduced in 2012. The vulnerability allows an attacker from anywhere on the Internet to search for connections between a client and a server. Once such a network connection is found, the attacker can invade it, cause connection termination, and perform data injection attacks.

How bad is it? The discoverers say that the attack is fast and reliable, takes less than a minute, and works about 90 percent of the time.

According to University of California at Riverside (UCR) researchers, the Linux TCP/IP security hole can be used by attackers in a variety of ways: Hackers can hijack users’ internet communications remotely, launch targeted attacks that track users’ online activity, forcibly terminate a communication, hijack a conversation between hosts, or degrade the privacy guarantee of anonymity networks such as Tor.

“The unique aspect of the attack we demonstrated is the very low requirement to be able to carry it out,” said Zhiyun Qian, an UCR assistant professor of computer science. “Essentially, it can be done easily by anyone in the world where an attack machine is in a network that allows IP spoofing. The only piece of information that is needed is the pair of IP addresses for victim client and server, which is fairly easy to obtain.”

Adding insult to injury, Qian added, “unlike conventional cyber attacks, users could become victims without doing anything wrong, such as downloading malware or clicking on a link in a phishing email.”

Worse still, the attack vector can be used even against secure connections. While this doesn’t give an attacker the ability to read the encrypted data, it can be used to break a connection or to track who is talking to whom. Against Tor and other anonymizers, an attacker could reset a network connection to force a connection to route through an already hacked relay.

Date_Hottest_Girls_300_250

Henry Sapiecha

How to crack Android encryption on millions of smartphones

Qualcomm is working on a fix, but it might not be possible

hacker-in-golden-tech images www.intelagencies.com

Android’s full disk encryption can be broken with brute force and some patience — and there might not be a full fix available for today’s handsets.

This week, Security researcher Gal Beniamini revealed in a detailed step-by-step guide how it is possible to strip away the encryption protections on smartphones powered by Qualcomm Snapdragon processors, which means millions of mobile devices could be vulnerable to attack.

Android’s Full Disk Encryption (FDE), first implemented in Android 5.0, randomly generates a 128-bit master key and 128-bit salt to protect user data. The master key, also known as the Device Encryption Key (DEK), is protected by encryption based on the user’s credentials, whether this is a PIN, password, or touchscreen pattern.

The now-encrypted DEK is then stored on the device.

In order to prevent successful brute-force attacks against this process, Android introduced delays between decryption attempts and data wipes after a number of failed attempts (in the same way as Apple). To prevent off-device, brute-force attacks, the key is bound to the device’s hardware — and this is where a security flaw in Qualcomm systems has caused a problem.

The binding is performed through Android’s Hardware-Backed Keystore, called KeyMaster. The module runs in a Trusted Execution Environment (TEE), which is considered the “secure world”, while the Android OS is considered the “non-secure world”.

The reasoning behind that is KeyMaster can be used to generate encryption keys and perform cryptographic functions without revealing this information in the main operating system

android-keymaster-sketch image www.intelagencies.com

Once keys are generated, they are encrypted and returned to the main OS, and when operations require these keys, an encrypted block of data — the “key blob” — must be provided to KeyMaster. The key blob contains a 2,048-bit RSA key that runs inside a secure portion of the device’s processor and is required for cryptographic processes.

“Since this is all done without ever revealing the cryptographic keys used to protect the key blobs to the non-secure world, this means that all cryptographic operations performed using key blobs must be handled by the KeyMaster module, directly on the device itself,” the researcher says.

However, KeyMaster’s implementation is down to the hardware vendor. Qualcomm’s version runs in the Snapdragon TrustZone, which is meant to protect sensitive functions, such as biometric scanning and encryption, but Beniamini found it is possible to exploit an Android security hole to extract the keys from TrustZone.

Qualcomm provides a Trusted Execution Environment, called QSEE (Qualcomm Secure ExecutionEnvironment), which allows small apps, known as “Trustlets”, to run inside of this secure environment and away from the main Android OS. And one of these QSEE apps running is KeyMaster.

But you can exploit an Android vulnerability to load your own QSEE app inside TrustZone, which can lead to privilege escalation and hijacking of the full space, as well as the theft of the unencrypted blob containing the keys generated for full-disk encryption.

The only thing Android has to fear is Android itself

Once this step is complete, a brute-force attack is all you need to grab the user password, PIN, or lock, and you have both parts of the puzzle needed to strip away Android’s FDE.

A deeper look into the decryption process can be found here. The full source of the exploit is located on Github.

As noted by The Register, the researcher has been in touch with the developer of hashcat, used to crack hashes, to implement the function being brute-forced, which would speed up the cracking process.

“As we’ve seen, the current encryption scheme is far from bullet-proof, and can be hacked by an adversary or even broken by the OEMs themselves (if they are coerced to comply with law enforcement),” the researcher noted. “[… ] However, I believe a concentrated effort on both sides can help the next generation of Android devices be truly “uncrackable”.

Beniamini has also contacted Qualcomm concerning this issue but says that “fixing the issue is not simple” and might even require hardware changes. So, until handsets are upgraded or switched to newer models, the problem will remain.

www.freephonelink.net

www.scamsfakes.com

www.crimefiles.net

www.ispysite.com

BBB

Henry Sapiecha

iPhone encryption won’t stop police getting your data, experts say

Apple may not be able to access your data, but that doesn't mean it's secure, experts say.image www.intelagencies.com

Apple may not be able to access your data, but that doesn’t mean it’s secure, experts say. Photo: Mashable / Getty Images

This post was originally published on Mashable.

Last week, Apple announced that starting with iOS 8, the company would no longer help police get some of the most sensitive data on your phone, including messages, emails, contacts and call history.

And it’s not that it doesn’t want to anymore, it’s that now Apple says it can no longer do it — even if it wanted to.

“Apple cannot bypass your passcode and therefore cannot access this data,” the company said in its new privacy policy.

Many, including privacy advocates, rejoiced at the news — but some police officers are not that happy. And although there are still other ways cops can get their hands on your iPhone data, authorities are still complaining.

“It’s definitely going to impact investigations, there’s no doubt about that,” Dennis Dragos, a former New York Police Department detective who worked for 11 years in the computer crimes squad, told Mashable.

“Detectives are trained to follow down every single lead, follow every possible trail until you get to the resolution of your investigation,” he continued.

“This is now a dead end. You’re closing a door that was available before.”

Dragos is not the only one who thinks that way.

On Thursday, FBI Director James Comey himself said that he was “very concerned” about Apple’s decision.

John Escalante, the chief of detectives for Chicago’s police department, said that because of this change, “Apple will become the phone of choice for the paedophile.”

For some law enforcement officials, this could even become a matter of life and death. In a Washington Post op-ed, Ronald T. Hosko, the former assistant director at the FBI Criminal Investigative Division, complained that Apple’s new privacy stance, later followed by Android, will “protect many thousands of criminals who seek to do us great harm, physically or financially.”

“[Criminals’] phones contain contacts, texts, and geo-tagged data that can help police track down accomplices,” Hosko wrote. “These new rules will make it impossible for us to access that information. They will create needless delays that could cost victims their lives.”

But privacy advocates and security researchers are sceptical.

“I think there’s a lot of kicking and screaming over this but cops have been able to do their job just fine for the past 200 years in this country, without having access to people’s personal iPhone,” Jonathan Zdiarski, a forensic and security researcher who has worked as a consultant to police agencies, told Mashable. “Criminals are just as stupid today as they always have been and they’re going to leave traces and evidence in a number of places.”

Moreover, despite all the controversy, there are actually still a few ways for the police to get at least some data from an iPhone with iOS 8 and protected by a passcode. Below, we’ve broken down some of the ways cops can still put their hands on your digital belongings.

Getting your iCloud backup

If police officers can’t get the data that’s locally stored on an iPhone, they might still be able to get it from the cloud.

Apple prompts users to back up their iDevices to iCloud, and the data there can be obtained by law enforcement agents with a search warrant. Yes, iCloud backups are encrypted, but they’re encrypted with a key in Apple’s possession, so Apple can be legally required to turn the backups over if served with a valid legal request, as Micah LeeFirst Look‘s technologist and security expert, explained.

With iCloud, police can potentially get any data from your phone, unless you turn off the automatic backup, or you only backup certain data.

Using forensic tools

Forensic tools are still a great way to get some data out of your iPhone. If the police arrests you and gets both your phone and a computer that you used to connect with your phone using iTunes — a “paired device” — they can dump some data out of it bypassing your passcode using existing forensic tools, as Zdiarski noted in a recent blog post.

In this case, the passcode doesn’t protect you, because Apple has designed this system to allow you to access some data on your phone using iTunes or Xcode without unlocking your device.

The caveat here is that only some data is available in this scenario. In particular, any data from third party applications such as Facebook, Twitter and Evernote; photos, videos and recordings; and iTunes media such as books and podcasts. But data from native iOS applications like iMessages, emails or calls is out of reach.

To prevent this from happening, as Zdiarski notes, then you can “pair lock” your iPhone so that it doesn’t pair with any new computer, preventing police computers from “pairing” with your iPhone.

Without the ability to impersonate a trusted computer, and with a locked phone protected with the passcode, “law enforcement at this point doesn’t seem to really have any options,” Zdiarski said.

Getting your iTunes backup

Another target for police officers is the iTunes backup on your computer. If you back up your iPhone to your computer with iTunes, a police officer that gets his hands on your computer can get all the data that you have last backed up.

“Data is still available, as long as iTunes and iCloud reign,” Lee Reiber, the vice president for mobile solutions at forensic firm AccessData, told Mashable.

In this scenario, only a backup password can stop the police, and in that case, it better be a good password or it might be vulnerable to brute forcing — the automated process of guessing all possible passwords until you get the right one. Or, they might just force you to give it up.

Forcing you to give up your passcode

Having a passcode protect your phone is great — unless someone else knows that passcode. And here’s a legal caveat many might not be aware of: the police might be able to compel you to give up your passcode, which renders any sophisticated technological protections you might have on your phone completely moot.

The case law on this issue is still contradictory, and it has only dealt with computers (though it’s hard to see the difference between an encrypted computer and an encrypted phone).

But in some cases someone who refuses to give up her password can be held in contempt of court, which can even lead to jail, as reported by Wired.

In the US, a defendant can plead the fifth and refuse to testify against himself and self-incriminate. Some think that handing out a password to authorities amounts to self-incrimination and should not be accepted, but others disagree.

Breaking TouchID

Where there seems to be more consensus that “pleading the Fifth” won’t get you anywhere is if the cops ask for your fingerprint.

Fingerprints, and other physical objects like actual keys, have traditionally not been considered protected by the Fifth Amendment. So if you lock your iPhone with TouchID, the cops can legally compel you to unlock it, as internet and privacy lawyer Marcia Hoffman explained last year.

And if you refuse, police officers might be able to lift your fingerprint from a surface — say your computer screen — and unlock it themselves.

As various online videos have shown, it’s possible to break into an iPhone 6 with a dummy fingerprint just as it was with the 5S.

Other options

Outside of these scenarios, options for law enforcement, at this point, are limited. A good old brute force attack, where you guess every possible passcode combination is technically possible, but there are no forensic tools that can make this automated, both Zdiarski and Reiber said.

Technically, Apple could brute force a four digit passcode if the police asked the company to do it, but it seems unlikely that Apple would do something like that after trumpeting that they wouldn’t help police unlock phones anymore.

Doing it manually is obviously a daunting task, as there are 10,000 combinations of 4 digit passcodes, and iPhones disable after six wrong attempts.

And if police are simply looking for call records, they can always request them from phone carriers, or perhaps plant malware on your phone.

As for the iPhone, it might be harder now, but forensic firms and law enforcement hackers will now look for new places and holes to get data.

“As secure as the device can be, there’s always going to be some vulnerability that can be located and exploited,” Reiber said. “That’s what it really is, cat and mouse.”

1…’Poor law enforcement. They’re going to have to make do with their ability to covertly track you, wiretap you and hack into your computer.’

2…’With iOS 8, Apple won’t be able to unlock iPhones and iPads for law enforcement http://www.washingtonpost.com/business/technology/apple-will-no-longer-unlock-most-iphones-ipads-for-police-even-with-search-warrants/2014/09/17/2612af58-3ed2-11e4-b03f-de718edeb92f_story.html?hpid=z1 

3…’If smartphone encryption prevents the police from solving crimes, how did they solve them before smartphones were invented? Anyone remember?’

A Closer Look: Ways to hide, secure data on police proof phones

group communications worlwide image www.intelagencies.com

NEW YORK (AP) — Apple got a lot of attention last week when it released a new privacy policy along with a declaration that police can’t get to your password-protected data.

Essentially, your photos, messages and other documents are automatically encrypted when you set up a passcode, with or without a fingerprint ID to unlock the phone. Apple says it cannot bypass that passcode, even if law enforcement asks.

Google says it will also encrypt data by default in an upcoming Android update. The option has been there, but many people don’t know about it or bother to turn it on.

Apple, Google and other tech companies have been trying to depict themselves as trustworthy stewards of personal information following revelations that the National Security Agency has been snooping on emails and other communications as part of an effort to identify terrorists. Apple is also trying to reassure customers about its commitment to security and privacy after hackers broke into online accounts of celebrities who had personal photos stored on Apple’s iCloud service.

Beyond setting up passcodes, some phones have additional tools for hiding or securing sensitive photos and documents stored on the phone, particularly if you need to lend or show your phone to someone.

Here’s a closer look at some of those options:

APPLE’S IPHONES AND IPADS:

i phone image black on white www.intelagencies.com

In the latest software update for mobile devices, iOS 8, Apple offers an easier way to hide photos from your collection in the Photos app. Simply press down on the photo or the thumbnail of it and tap “Hide.”

However, the photo will still appear in individual albums, including a new one called “Hidden.” You can go there to unhide hidden photos.

So why bother? This feature is mainly useful when you want to let people glance through your entire collection of photos. That could be when you’re sitting with a friend in the same room or making a presentation before a large audience. You can hide embarrassing or incriminating photos – such as naked selfies – as long as you remain in control of the device. If you hand it to a friend and walk out, your friend can browse through the albums section.

SAMSUNG’S GALAXY DEVICES:

samsung-galaxy-alpha image white www.intelagencies.com

The Galaxy S5 phone introduced a private mode. You turn it on in the settings, under “Private Mode” in the Personalization section.

You then go through your phone to mark certain content as private. With photos, for instance, just go to the Gallery app and select the photos or albums you want to keep private. Then hit the menu icon for the option to “Move to Private.” This also works with selected video, music, audio recordings.

After you’ve marked your files as private, you need to go back to the settings to turn Private Mode off. Think of that setting as the door to a vault. Turning it on opens the door and lets you move stuff in and out. Turning it off closes and locks the door. It’s the opposite of what you might think: Private Mode needs to be off for your content to be secure.

Once locked, it is as though the content never existed. No one will know what’s inside the vault, or whether there’s even anything inside. To unlock the vault, you need your passcode or fingerprint ID.

The private-mode feature is also part of Samsung’s Galaxy Tab S tablets and the upcoming Galaxy Note phones.

 LG G 3

LGOptimusGPro_image www.intelagencies.com

LG’s flagship phone has a guest mode. You can lend a phone to a friend without giving your friend access to everything. You can even set a separate unlock code for the guest, so that you don’t have to give out yours.

Look for “Guest mode” in the settings under the General tab. You then specify which apps your guest can access. For instance, you might want to give access to the phone, alarm clock and music, but you might want to block email and texts.

In some cases, guests have limited access to your content. With the Gallery app, your collection of photos won’t generally appear unless they are in the “Guest album.” Guests can take photos, too, and have them appear there. On the other hand, if you enable access to the Photos app, your guest gets everything. Likewise, there are no restrictions with email or texts if you allow access to those apps.

I recommend logging in as a guest – with the alternative code – to verify what’s available after you pick the apps to allow.

Beyond the guest mode, the G3 lets you lock certain images in the Gallery app during normal use, similar to what the Galaxy devices offer.

– THE BIGGER PICTURE:

Digital Life A Closer Look Phone Privacy

These tips touch only the surface of what you can do to protect your privacy.

For instance, these apply only to data stored on the device. For files stored on Internet-based storage services such as iCloud and Dropbox, you’ll want to make sure you have a strong password and turn on a second layer of protection, often known as two-step verification. I covered that in a previous column, which can be found here: http://bit.ly/1paHdMw .

You’ll also want to pay attention to what data you’re sharing through apps.

With iOS, you can choose which apps can know your location and when, such as all the time or only when the app is actively running. Go to the “Location Services” settings under “Privacy.” Unfortunately, it tends to be all or nothing with Android. You can turn off location services, but that affects all apps, including maps and others that might need your location.

With both iOS and Android, you can choose to limit ad targeting based on your interests and surfing history.

For an explainer, read our column here: http://bit.ly/1qnBRNa .

Henry Sapiecha

flashing-bright-blue-line-300x5

Surveillance system being supplied which can track all & any mobile phones anywhere in the world

tracking your phone footprints at any time image www.freephonelink.net

Illustration: Michael Mucci

Makers of surveillance systems are offering governments across the world the ability to track the movements of almost anybody who carries a mobile phone, whether they are blocks away or on another continent.

The technology works by exploiting an essential fact of all mobile phone networks: They must keep detailed, up-to-the-minute records on the locations of their customers to deliver calls and other services to them. Surveillance systems are secretly collecting these records to map people’s travels over days, weeks or longer, according to company marketing documents and experts in surveillance technology.

The world’s most powerful intelligence services, such as the National Security Agency in the US and Britain’s GCHQ, have long used mobile phone data to track targets around the globe. But experts say these new systems allow less technically advanced governments to track people in any nation with relative ease and precision.

Users of such technology type a phone number into a computer portal, which then collects information from the location databases maintained by mobile phone carriers, company documents show. In this way, the surveillance system learns which tower a target is currently using, revealing his or her location to within a few blocks in an urban area or a few kilometres in a rural one.

It is unclear which governments have acquired these tracking systems, but one industry official, speaking on the condition of anonymity to share sensitive trade information, said that dozens of countries have bought or leased such technology in recent years. This rapid spread underscores how the burgeoning, multibillion-dollar surveillance industry makes advanced spying technology available worldwide.

“Any tin-pot dictator with enough money to buy the system could spy on people anywhere in the world,” said Eric King, deputy director for Privacy International, a London-based activist group that warns about abuse of surveillance technology. “This is a huge problem.”

Security experts say hackers, sophisticated criminal gangs and nations under sanctions also could use this tracking technology, which operates in a legal grey area. It is illegal in many countries to track people without their consent or a court order, but there is no clear international legal standard for secretly tracking people in other countries, nor is there a global entity with the authority to police potential abuses.

In response to questions from The Washington Post this month, the US Federal Communications Commission said it would investigate possible misuse of tracking technology that collects location data from carrier databases. The United States restricts the export of some surveillance technology, but with multiple suppliers based overseas, there are few practical limits on the sale or use of these systems internationally.

“If this is technically possible, why couldn’t anybody do this anywhere?” said Jon Peha, a former White House scientific adviser and chief technologist for the FCC who is now an engineering professor at Carnegie Mellon University. He was one of several telecommunications experts who reviewed the marketing documents at The Washington Post’s request.

“I’m worried about foreign governments, and I’m even more worried about non-governments,” Peha said. “Which is not to say I’d be happy about the NSA using this method to collect location data. But better them than the Iranians.”

Location tracking is an increasingly common part of modern life. Apps that help you navigate through a city or find the nearest coffee shop need to know your location. Many people keep tabs on their teenage children – or their spouses – through tracking apps on smartphones. But these forms of tracking require consent; mobile devices typically allow these location features to be blocked if users desire.

Tracking systems built for intelligence services or police, however, are inherently stealthy and difficult – if not impossible – to block. Private surveillance vendors offer government agencies several such technologies, including systems that collect cellular signals from nearby phones and others that use malicious software to trick phones into revealing their locations.

Governments also have long had the ability to compel carriers to provide tracking data on their own customers, especially within their own countries. The National Security Agency, meanwhile, taps into telecommunication-system cables to collect mobile phone location data on a mass, global scale.

But tracking systems that access carrier location databases are unusual in their ability to allow virtually any government to track people across borders, with any type of cellular phone, across a wide range of carriers – without the carriers even knowing. These systems also can be used in tandem with other technologies that, when the general location of a person is already known, can intercept calls and internet traffic, activate microphones, and access contact lists, photos and other documents.

Companies that make and sell surveillance technology seek to limit public information about their systems’ capabilities and client lists, typically marketing their technology directly to law enforcement and intelligence services through international conferences that are closed to journalists and other members of the public.

Yet marketing documents obtained by The Washington Post show that companies are offering powerful systems that are designed to evade detection while plotting movements of surveillance targets on computerised maps. The documents claim system success rates of more than 70 per cent.

A 24-page marketing brochure for SkyLock, a cellular tracking system sold by Verint, a maker of analytics systems based in New York, carries the subtitle “Locate. Track. Manipulate”. The document, dated January 2013 and labelled “Commercially Confidential,” said the system offers government agencies “a cost-effective, new approach to obtaining global location information concerning known targets.”

The brochure includes screen shots of maps depicting location tracking in what appears to be Mexico, Nigeria, South Africa, Brazil, Congo, the United Arab Emirates, Zimbabwe and several other countries. Verint says on its website that it is “a global leader in Actionable Intelligence solutions for customer engagement optimisation, security intelligence, and fraud, risk and compliance” with clients in “more than 10,000 organisations in over 180 countries”.

(Privacy International has collected several marketing brochures on cellular surveillance systems, including one that refers briefly to SkyLock, and posted them on its website. The 24-page SkyLock brochure and other material was independently provided to The Washington Post by people concerned that such systems are being abused.)

Verint, which also has substantial operations in Israel, declined to comment for this story. It said in the marketing brochure that it does not use SkyLock against US or Israeli phones, which could violate national laws. But several similar systems, marketed in recent years by companies based in Switzerland, Ukraine and elsewhere, likely are free of such limitations.

At The Washington Post‘s request, telecommunications security researcher Tobias Engel used the techniques described by the marketing documents to determine the location of a Post employee who used an AT&T phone and consented to the tracking. Based only on her phone number, Engel found the Post employee’s location, in downtown Washington DC, to within a city block – a typical level of precision when such systems are used in urban areas.

“You’re obviously trackable from all over the planet if you have a cellphone with you, as long as it’s turned on,” said Engel, who is based in Berlin. “It’s possible for almost anyone to track you as long as they are willing to spend some money on it.”

AT&T declined to comment for this story.

The tracking technology takes advantage of the lax security of SS7, a global network that carriers use to communicate with one another when directing calls, texts and internet data.

The system was built decades ago when only a few large carriers controlled the bulk of global phone traffic. Now thousands of companies use SS7 to provide services to billions of phones and other mobile devices, security experts say. All of these companies have access to the network and can send queries to other companies on the SS7 system, making the entire network more vulnerable to exploitation. Any one of these companies could share their access with others, including makers of surveillance systems.

The tracking systems use queries sent over the SS7 network to ask carriers what tower a customer has used most recently. Carriers configure their systems to transmit such information only to trusted companies that need it to direct calls or other telecommunications services to customers. But the protections against unintended access are weak and easily defeated, said Engel and other researchers.

By repeatedly collecting this location data, the tracking systems can show whether a person is walking down a city street or driving down a highway, or whether the person has recently taken a flight to a new city or country.

“We don’t have a monopoly on the use of this and probably can be sure that other governments are doing this to us in reverse,” said lawyer Albert Gidari Jr., a partner at Perkins Coie who specialises in privacy and technology.

Carriers can attempt to block these SS7 queries but rarely do so successfully, experts say, amid the massive data exchanges coursing through global telecommunications networks. P1 Security, a research firm in Paris, has been testing one query commonly used for surveillance, called an “Any Time Interrogation” query, that prompts a carrier to report the location of an individual customer. Of the carriers tested so far, 75 per cent responded to “Any Time Interrogation” queries by providing location data on their customers.

“People don’t understand how easy it is to spy on them,” said Philippe Langlois, chief executive of P1 Security.

The Washington Post

Henry Sapiecha

GOOGLE KNOWS WHERE YOU’VE BEEN. SEE THIS VIDEO & VIEW MAPS HERE

Published on Aug 13, 2014

Sign up for location services on an Android phone and you’re leaving a accessible trace of your movements.

If you have an Android or Apple smartphone or tablet, there’s a good chance Google has a fairly comprehensive idea of what you do and where you go every day.

Assuming you have the location history and location reporting settings activated — which you likely will if you regularly use apps like Google Maps, Facebook or Foursquare — and are logged on to a Google account, the various points of reference being recorded can be taken together to reveal a map of your movements.

Using a little-known Google site, you can actually view the data the firm has accumulated about your activities and see it expressed as a shockingly detailed map. Here’s how:

google tracking a cell phone over a month map image www.intejagencies.com

A month’s worth of Google location data collected from my phone shows a somewhat depressingly consistent loop between the inner west, where I live, and Pyrmont, where I work.

First, make sure you’re signed in to the same account you use on your phone, then go to this Google website. The default view shows your movements from today.

The calendar on the left allows you to look at a specific day and view your movements. Selecting a greater range of dates (up to a month) lets you spot patterns in your movements. You can zoom in or out as you like and even shift into Google Maps’ “satellite” mode for a better view of the surroundings. There’s also an option to delete the data.

Apple collects this type of data from its users too, sparking controversy in 2011 when it was found its phone was collecting data from location services even when they were switched off. A similar claim was made against Android shortly after.

days tracking by google of a mobile phone map image www.intelagencies.com

My data from today, showing Google’s 11 points of reference between home and work.

Both companies say they compile such information to offer “smart” suggestions and helpful tips tailored to you through Google Now and Apple’s “Frequent Locations” introduced in iOS7.

As you can see from the images, my personal map not only clues Google in to the fact I often take the train to work and the light rail home again, but also displays the minutia of my exploration through the city on the weekend, or the different routes I might take to the park near my house when walking the dog.

What does your Google location history say about you?

Henry Sapiecha

flashing-bright-blue-line-300x5