One might have thought that with your turned off GPS, no one can track you. Turns out that is not that case always. Some researchers from the Northeastern University, Boston have found that some of the apps in phones are sending screenshots as well as screen recordings to third parties.
Is Turned off GPS Tracking You?
The researchers observed about 17,260 Android apps. The research particularly focused on the media files that were sent using them. According to BusinessInsider, the researchers did not find any app that secretly switched on the phone’s microphone, unlike some mobile spy apps that are capable of doing so. But, the researcher found out that some of the apps were sending screen recordings and screenshots to some third parties.
A postdoctoral researcher at Northeastern, Sashank Narain said, “Not a lot of people are aware of this problem. Mainly because when we think about location, we associate it with the GPS on the phone.” Shashank and his team tracked people through Boston, Waltham, Massachusetts, and London. Regular location trackers such as GPS were turned off. Instead, other sensors were brought to use to help with the researchers.
Also Read: 6 Best iPhone GPS Apps
The aim behind this research was to create awareness in people that such weaknesses do exist and people need to pay more attention to it. There is a whole area that is called side-channel attacks in which side information is used in order to deduce something that might have an effect on the security.
The researchers tracked the Android phones with Google’s OS without using mobile spy apps or GPS tracking. Rather, they used the sensors in the smartphones which were not designed for location tracking. The researchers used tools like accelerometer, magnetometer, and gyroscope. An accelerometer tracks how fast a phone is moving.
To track the test subjects, they downloaded what seemed to be a flashlight app. But the app was actually for collecting sensor data. Only the app needs to be installed on the phone and then, the automatic processes follow. Presently, the methods and techniques the researchers came up with work best only in some cities.
According to Narain,
“In a place like Boston, which has
alotof unique turns and very curvy roads, you can get an accuracy of up to 50percent of guessing the user’s location in the top five search results. In caseofa place like Manhattan, which is mostly grid-like, it’s much moredifficult,”
As more information is collected, the tracking process becomes easier. Narain revealed that if the same path was traveled every day, the researchers could easily find out your residence, workplace, and the routes you took. There is an extremely high probability of more than 90% on the repeated paths. The researchers themselves were caught by surprise due to the results achieved from this study and with the passage of time, expect more accuracy.
Narain said that as the sensors on the smartphones improve and get more sophisticated with time, they are expected to get better with time. But this might lead to a convenient means of privacy invasion of the users.
Northeastern used Android phones in their research but they also used iPhones as happen to have a similar type of permissions for the sensors. A Google spokesperson that its latest operating system, Android P comes with some limitations and does not let access to sensors such as gyroscopes and accelerometers. The sensors in smartphones do not give the user location data directly and a research like the one conducted by Northeastern shows how complicated using these sensors for location tracking is going to be.
This study has revealed multiple privacy risks in Android apps. And these apps include those apps that share video and image data with other parties without the consent or knowledge of the user along with those that over-provision their media permission. There is also the privacy risk from the third-party libraries which both upload and record screenshots and videos of screens without user knowledge and this has gone unreported previously. This can also happen without taking any permission from the user.
To stay protected, the users should only download apps from the Apple and Google official stores. See that your operating system is up-to-date as well.