The problem of information security is very important in the world where mobile devices are popular.
In order to determine the location of a person, an attacker needs only data that is transmitted by the phone. Electronic Frontier Foundation Corporation has published a report about the presence of vulnerabilities in Android devices.
This vulnerability enables an attacker to determine the movement route of the user on the basis of information about Wi-Fi networks connected by the user. The problem is in PNO function (Preferred Network Offload), which was first introduced in Android 3.1 Honeycomb. Designed to save the power, it can help to connect to Wi-Fi-networks in sleep mode, even when the device is turned off.
Scientists report that access to Wi-Fi networks, connected by the user, can be used only if the screen is active. It turns out that the attacker is able to steal about 16 access points, and with the help of these data the movement route of the phone or tablet owner can be built.
Google is aware of this vulnerability and recently its employee published a patch for wpa_supplicant, which is can help to resolve the issue. According to research by scholars such vulnerabilities can be found in other platforms.
Axarhöfði 14,
110 Reykjavik, Iceland