Casa > cibernético Notícias > Vulnerability in LocationSmart Could Be Exploited to Track Any User
CYBER NEWS

Vulnerabilidade no LocationSmart pode ser explorada para rastrear qualquer usuário

O LocationSmart alegou que poderia localizar qualquer telefone nos Estados Unidos, e agora está sendo investigado depois que um pesquisador de segurança expôs uma vulnerabilidade de segurança em seu site. Como um resultado, Comissão Federal de Comunicações (FCC) has started an investigation against the California-based company.

Story relacionado: myPersonality App expõe dados pessoais de milhões de usuários do Facebook

More about LocationSmart

LocationSmart’s service is able to obtain accurate geolocation data on nearly any mobile phone in the US. Ser capaz de fazer isso, the website buys data from major US wireless carriers such as T-Mobile, Verizon, AT&T and Sprint. Though wireless carriers aren’t allowed to provide location data to the government, they can sell that data to businesses, CNET recently explicado.

The vulnerability within the phone-tracking website LocationSmart could have been easily exploited to track any user of a mobile device registered via a major U.S. cellular carrier, in real time, with a quite precise accuracy.

LocationSmart featured a free demonstration on its website, where anyone could track any phone, as long as there was consent from the phone’s owner. a falha, which is already addressed, would have allowed anyone to use the tracking feature, without the need of prior consent.

Researcher Robert Xiao claims that he needed Menor que 15 minutes to uncover the vulnerability, after having a look at LocationSmart’s offivial website. Considering how easy it was for him to find the bug, the classified it as an elementary exploit. The vulnerability then incited an FCC investigation, with the Enforcement Bureau leading the process.

Em cima disso, the Ney York Times recently revealed that Securus, an inmate call tracking service, offered the same tracking service. These two events pushed Sen. Ron Wyden, a Democrat from Oregon, demanded the FCC and major wireless carriers to investigate these companies.

The negligent attitude toward Americanssecurity and privacy by wireless carriers and intermediaries puts every American at risk,” Wyden said. “I urge the FCC expand the scope of this investigation, and to more broadly probe the practice of third parties buying real-time location data on Americans.”

além do que, além do mais, LocationSmart said in a statement that it was investigating the flaw to make sure that no customer information was stolen or compromised.

Story relacionado: Trackmageddon: Serviço de rastreamento de localização GPS tornando você hackeável

LocationSmart is continuing its efforts to verify that not a single subscriber’s location was accessed without their consent and that no other vulnerabilities exist,explained Brenda Schafer, LocationSmart’s vice president of product and marketing.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...