Google to Fix Chromecast and Google Home Loophole That Reveals User Location
The Google Home and Chromecast are two of best products from Mountain View in recent times. But every bit with most IoT products, there are a lot of security issues here too. New reports are pointing to a major privacy breach in both devices.
As reported by security reporter Brian Krebs, there happens to be a problems in Google Home and Chromecast that lets websites collect precise user location information.The bug, disclosed by researcher Craig Young at security house Tripwire, works past exploiting a loophole in Google's systems to cross-check a listing of nearby wireless networks with Google's precise geolocation lookup services.
Basically, by using the location gleaned past nearby Wi-Fi networks through a Google Home or Chromecast, a malicious website can triangulate a user'southward location. Add to that the fact that these devices hardly require any authentication, any tertiary party could accept access to ane's personal accost in no time.
According to Krebs, this is how Google'southward geolocation information gives information technology the ability to "determine a user's location to within a few feet" and differs greatly from your standard IP-based geolocation:
It is common for websites to continue a record of the numeric Internet Protocol (IP) address of all visitors, and those addresses tin can be used in combination with online geolocation tools to glean data nigh each visitor'due south hometown or region. But this type of location information is oftentimes quite imprecise. In many cases, IP geolocation offers but a general idea of where the IP address may be based geographically.
This is typically non the example with Google's geolocation information, which includes comprehensive maps of wireless network names around the earth, linking each individual Wi-Fi network to a corresponding physical location. Armed with this data, Google tin very ofttimes determine a user'southward location to within a few anxiety (especially in densely populated areas), by triangulating the user between several nearby mapped Wi-Fi access points.
Compared to IP-based geolocation, which is simply accurate to about two to three miles around the device, the method using Google's information is precise to about thirty feet. Young even demonstrated the bug in action, as tin can exist seen in the video below:
In one case Krebs had made it articulate to the company that he was planning to write almost the exploit, Google had just then agreed to roll out a fix for it. Additionally, Immature had previously contacted Google, merely the visitor considered the geolocation outcome an "intended behavior."
The fix for the aforementioned issues in Google Home and Chromecast is expected to go far sometime in the middle of July.
Source: https://beebom.com/google-chromecast-google-home-bug-location/
Posted by: melansonhunned68.blogspot.com
0 Response to "Google to Fix Chromecast and Google Home Loophole That Reveals User Location"
Post a Comment