Delete Google Maps But They'll Still Track You

Google, it seems, is very, very interested in knowing where you are at all times.

Users have reported battery life issues with the latest Android build, with many pointing the finger at Google Play, Google's app store, and its persistent, almost obsessive need to check where you are.

Amid complaints that Google Play is always switching on GPS, it appears Google has made it impossible to prevent the app store from tracking your whereabouts unless you completely kill off location tracking for all applications.

You can try to deny Google Play access to your handheld's location by opening the Settings app and digging through Google Play Store Permissions, and flipping the switch for "location." But you'll be told you can't just shut out Google Play services: you have to switch off location services for all apps if you want to block the store from knowing your whereabouts. It's all or nothing, which isn't particularly nice.

This is because Google Play services pass on your location to installed apps via an API. The store also sends your whereabouts to Google to process. Google doesn't want you to turn this off.

It also encourages applications to become dependent on Google's closed-source Play services, rather than use the interfaces in the open-source Android, thus ensuring that people continue to run Google Play on their devices.

It's a similar story over at Google Maps. Although it makes far more sense for Maps to have access to your location, the latest build doesn't give you a decent option of turning it off. If you do cut off Maps' access to your location, "basic features of your device may no longer function as intended," the operating system warns.

Needless to say, this is not making some users very happy. Security researcher Mustafa Al-Bassam reported on Twitter that he "almost had a heart attack" when he walked into a McDonald's and was prompted on his phone to download the fast food restaurant's app.

Al-Bassam dug into his phone's apps to figure out how that had happened, and was amazed to find that his suspected culprit, Google Maps, was not responsible. It was Google Play that had monitored his location thousands of times.

Again, this is deliberate: Google is using your location to tout apps to you. If you wander into a pharmacy, you'll be offered software to print your photos, for example.

If you're not keen on this, the options are not great: you can either delete Google Maps and/or Google Play, or you have to repeatedly turn your phone's location services on and off as required throughout the day, which is extremely irritating.

"Kind of defeats the purpose of fine-grained privacy controls," Al-Bassam noted, adding: "Google is encouraging developers to use the Play location API instead of the native Android API, making an open OS dependent on proprietary software."

The Register: 

 

« GCHQ To Create A UK National Firewall
Will NSA & CyberCom Split? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Information Security Systems (ISSCOM)

Information Security Systems (ISSCOM)

ISSCOM provide services to help companies implement Information Security Management Systems (ISMS) by providing consultancy and hands-on assistance.

Aeriandi

Aeriandi

Aeriandi is a leading provider of hosted PCI security compliance solutions for call centres, trusted by high street banks and major Telcos.

Dubex

Dubex

Dubex is Denmark's leading business-oriented IT security specialist.

Telesoft Technologies

Telesoft Technologies

Telesoft Technologies is a global provider of cyber security, telecom and government infrastructure products and services.

UM Labs

UM Labs

UM Labs is a developer of security products for Voice over IP (VoIP), protecting SIP trunk connections, safeguarding mobile phone communications and enabling BYOD.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

InstaSafe Technologies

InstaSafe Technologies

InstaSafe®, a Software Defined Perimeter based (SDP) one-stop Secure Access Solution for On-Premise and Cloud Applications.

Belkasoft

Belkasoft

Belkasoft is a software vendor providing public agencies, corporate security teams, and private investigators with digital forensic solutions.

eResilience

eResilience

eResilience is a division of Referentia Systems, a pioneer in an ultra-secure information safeguarding technique known as “Enclaving”, in which data can be segmented and protected within a network.

FireCompass

FireCompass

FireCompass SAAS platform helps CISOs & Security Teams in continuous risk assessment by mapping your attack surface and knowing the “unknown unknowns”.

Security Weaver

Security Weaver

Security Weaver is a leading provider of governance, risk and compliance management (GRCM) software.

World Informatix Cyber Security (WICS)

World Informatix Cyber Security (WICS)

World Informatix Cyber Security provides a range of cyber security services to protect valuable information assets to global business and governments.

Axis Security

Axis Security

Axis Security technologies transform open networks and vulnerable applications into fully protected resources that the business can trust.

01 Communique Laboratory

01 Communique Laboratory

01 Communique Laboratory is an innovation leader in the new realm of Post-Quantum Cyber Security.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

Coralogix

Coralogix

Coralogix are rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.

Unciphered

Unciphered

Unciphered was created as the first company providing services for opening locked hardware cryptocurrency wallets.