Safeguarding user location details is necessary to stay away from hackers and data thieves. However, devices working with Android OS are reportedly facing concerns calling for security upgrades because leakage of location details can invite hackers. This has been revealed by a study of the Electronic Frontier Foundation's (EFF) latest findings.
It has been identified that a feature in Android devices can broadcast location history and is fraught with risks. Users store lot of data on mobile devices and expect manufacturers and designers to ensure its safety. But loopholes can make someone find a way to take advantage of them.
In a research snippet, Electronic Frontier Foundation says that Android phones or tablets, if they are less than three year old, can pose the risk of constantly sharing location with anyone in the vicinity when not connected to a Wi-Fi network.
How it happens
When connecting to a Wi-Fi network, the network's name gets stored in the device's settings. The modern Android devices send out messages containing the names of these networks when not connected in order to ramp up the connection and get back into the range.
Hackers who intercept these messages will get a hold on the networks and can play havoc with it.
Plug the Leak
The way to protect from constantly leaking location data is to go into the device's Advanced Wi-Fi settings and set the Keep Wi-Fi on during sleep to "Never". This will plug the leak.
But the challenge will be that it will increase data usage and can kill the battery fast. Sometime it does not work on certain phones. Hopefully Google may offer a more permanent solution in the future.
Vulnerabilities in Android operating system can also come from malicious apps trying to access and control a device's data during a system update.
Malicious apps can exploit Pileup flaws during the update and steal Voice messages and take control of Google and other online accounts.
Such Pileup flaws can affect all Android Open Source Project versions and OS updates will be an opportunity for bad guys to attack Android users.
Google has issued a patch to vendors to seal these vulnerabilities and researchers have released the free Secure Update Scanner app to scan Android devices for malicious apps before updating at the OS level.