Re: Google admits it tracked user location data even when the setting was turned off

He who is harry newton said on Tue, 21 Nov 2017 22:32:53 +-0000 (UTC):

Google admits it tracked user location data even when the setting was > turned off. It did so via cell tower data. >

Does anyone know more about disabling "Firebase Cloud Messaging" services? For example, what if you're on Android 4.3 (like I am) with all location services disabled?

Here's another article...

Google collects Android users+IBk- locations even when location services are disabled

Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers+IBQ-even when location services are disabled+IBQ-and sending that data back to Google.

Google was apparently collecting cell tower data from all modern Android devices before being contacted by Quartz. A source familiar with the matter said the cell tower addresses were being sent to Google after a change in early 2017 to the Firebase Cloud Messaging service, which is owned by Google and runs on Android phones by default.

Devices with a cellular data or WiFi connection appear to send the data to Google each time they come within range of a new cell tower. When Android devices are connected to a WiFi network, they will send the tower addresses to Google even if they don+IBk-t have SIM cards installed.

Android devices never offered consumers a way to opt out of the collection of cell tower data.

Reply to
harry newton
Loading thread data ...

He who is nospam said on Tue, 21 Nov 2017 17:55:51 -0500:

You would love that to be the case, but, you're jumping to conclusions out of confirmation bias (i.e., you *wish* it were true).

I looked and I don't think it's the case for me since I don't see (yet) anything called "Firebase Cloud Messaging" on my Android 4.3 phone.

Time will tell which phones were affected, but this is a good one for Google to get sued on, as it certainly will take some 'splaining why they captured unique cell tower IDs when Location Services were disabled.

All we know, so far, is that it started in January of this year, and that it used "Firebase Cloud Messaging" services - whatever that is. I googled it, and I don't think it's even on my phone - but it's too early to tell just yet what's going on.

Google apparently immediately said they'd terminate the practice of capturing cell tower unique IDs - so, it doesn't appear to be something they sanctioned (because they wouldn't likely have agreed to terminate the practice so quickly if they had their legal ducks already lined up).

Time will tell which devices are affected - but I don't even see the app on my phone - which is rooted - so I can delete it - if I can find it - but it doesn't seem to exist.

To other android users: Q: Do you see a process for "Firebase Cloud Messaging" services?

Reply to
harry newton

It's not an app. It's service: You download the API and link it into your application. It runs on a variety of platforms including Apple IOS.

More:

Reply to
Jeff Liebermann

He who is Jeff Liebermann said on Tue, 21 Nov 2017 19:26:10 -0800:

It's still early on since the news came out today, but it behooves us to figure out then which apps incorporated the Firebase service.

BTW, I think this recent "mashable" article is dead wrong in that they minimize the outrage by saying the unique cell tower ID was encrypted and discarded.

"Nope, your Android phone's not secretly tracking your location when you tell it not to"

The mere fact the cell tower ID was *transmitted* to Google servers is the breach of trust, IMHO.

Reply to
harry newton

harry newton wrote on 11/21/2017 6:48 PM:

You would love for that to be the case, but you're jumping to conclusions out of confirmation bias (i.e., you *wish* it were true).

There are the legal issues involved, but just as important if not more important is the public image perception.

Reply to
rickman

He who is rickman said on Tue, 21 Nov 2017 23:53:06 -0500:

I'm the one *reporting* the issue here, not you, for heaven's sake. I'm the one intimating Google can get *sued* for this, perhaps. I'm the one asking for more information, for heaven's sake. I'm the one who said Mashable errantly minimized the danger.

Not you. Not nospam. Me.

All I'm saying are facts. All you've said, is nothing of value.

I'm asking others to look on their phones for these reputed "Firebase Cloud Messaging" services.

My phone is jailbroken where I can delete anything I want, where I *looked* for anything on the phone remotely resembling a "Firebase Cloud Messaging" service. I have plenty of root-only apps which seek out such things, but I haven't seen it yet.

Admittedly, my phone is ancient, where the articles specifically mentioned only the newer Android phones were updated in January of this year to send the unique cell tower ID to Google servers.

So I'm the one asking *you* (and everyone here) what *they* have on their phone that resembles "Firebase Cloud Messaging" services running.

Where's the value YOU added?

Reply to
harry newton

harry newton wrote on 11/22/2017 12:05 AM:

And speculation... "it doesn't appear to be something they sanctioned (because they wouldn't likely have agreed to terminate the practice so quickly if they had their legal ducks already lined up)."

I think there is value in distinguishing between the facts and your speculation.

Which has nothing to do with reporting facts.

Pointing out your speculation which is *not* fact.

Reply to
rickman

He who is Jeff Liebermann said on Tue, 21 Nov 2017 19:26:10 -0800:

Do you know how to tell, definitively, if any given phone is running this compromised service?

I don't see it running when I look using these instructions:

However, it could be running *inside* an app that linked to the API.

When I check it with adb, I get the following error: $ adb shell service list error: device not found

I can check with "ps" though: $ ps | grep -i service Returns about a dozen services such as: org.simalliance.openmobileapi.service:remote samsung.clipboardsaveservice com.sec.android.inputmethod:ACService etc. But: $ ps | grep -i firebase Returns nothing

At this point, I see no evidence (yet anyway) of firebase services on my Android 4.3 phone. Do you?

Reply to
harry newton

He who is rickman said on Wed, 22 Nov 2017 00:32:39 -0500:

Fair enough.

Do you know how to tell, definitively, if any given phone is running this compromised service?

I don't see it running when I look using these instructions:

However, it could be running *inside* an app that linked to the API.

When I check it with adb, I get the following error: $ adb shell service list error: device not found

I can check with "ps" though: $ ps | grep -i service Returns about a dozen services such as: org.simalliance.openmobileapi.service:remote samsung.clipboardsaveservice com.sec.android.inputmethod:ACService etc. But: $ ps | grep -i firebase Returns nothing

At this point, I see no evidence (yet anyway) of firebase services on my Android 4.3 phone. Do you see evidence of it running on yours?

Reply to
harry newton

I dunno and don't have the time to check. Since it's probably buried the application code, I doubt if I'll find anything.

However, all this begs another question. Assuming that Wi-Fi is also turned off in Airplane mode, what the hell is Google doing TRANSMITTING anything? Unless its buffered, to use the phone for location tracking would require transmitting the tower ID's when they are heard. I would think that the airline companies would take a dim view of this as Google's transmitting anything in an commercial airliner in flight could interfere with aircraft navigation, which is the purpose of having the Airplane mode. If some airliner falls out of the sky due to a navigation error, Google's tracking trickery could easily be deemed responsible.

Incidentally, there's quite a bit more information available that could be used for location tracking than just the tower ID. The big one is the propagation delay (ping time) between the handset and the cell tower, which defines a location radius. Two or three such delays would obtain your location quite accurately. However, Google could just as easily transmit the GPS location or the individual satellite delays in order to obtain a location. It's odd that they would transmit only the tower ID's, as there so much more available.

I should probably fire up the spectrum analyzer, turn off the wi-fi, and see if my Samsung S6 is belching anything in Airplane mode. However, tomorrow is the Day of the Turkeys and I have other plans.

Happy Day of the Turkeys.

Reply to
Jeff Liebermann

He who is Jeff Liebermann said on Wed, 22 Nov 2017 09:32:54 -0800:

That's understandable. It was reported only yesterday, so, the pundits need to dig deeper for us.

The code, as I understand it, only activates when you're connected to the Internet (via either cellular data or WiFi). Nothing else is required.

  • no sim card
  • factory defaults (i.e., no apps)
  • location services turned off

"Devices with a cellular data or WiFi connection appear to send the data to Google each time they come within range of a new cell tower."

Slate.com also said the information is sent the moment two things happen:

  1. You're on the Internet (using WiFi or cellular data)
  2. And you're "in range" of a cellular tower

I think the transmission only occurs if two things are simultaneous:

  1. You're in range of a cell tower, and,
  2. You're already on the Internet

If the SIM card is out of the phone, then the only way you'll be on the Internet is with WiFi (or maybe also reverse tethering, I suppose).

This is very interesting, as you always know the details that are juicy.

Where we both live, towers aren't necessarily close, but if, say, for example, I'm staking out those pot farmers in Boulder Creek who were arrested for shooting at suspected pot thieves during that fire a couple of weeks ago, then I don't want ANY information about my proximity to ANY cell tower to be transmitted.

Here's what Google was quoted as having said in the QZ.com article: "In January of this year, we began ... using Cell ID codes as an additional signal to further improve the speed and performance of message delivery"

This is good information to know. Well, actually, it's bad information to know. But you know what I mean.

They *are* getting *more* than the unique cell tower id.

  1. MCC
  2. MNC
  3. CID

Google provided this quote to Gizmodo: "To ensure messages and notifications are received quickly, modern Android phones use a network sync system that requires the use of Mobile Country Codes (MCC) and Mobile Network Codes (MNC). In January of this year, we began ... using Cell ID codes as an additional signal to further improve the speed and performance of message delivery. ... MCC and MNC provide necessary network information for message and notification delivery and are distinctly separate from Location Services..."

I think airplane mode might still be working - except on some iOS devices with the older OS's (which some of mine are on).

Reply to
harry newton

That seems likely, along with timestamps on everything to facilitate correlation.

Ever since most airlines have started allowing personal wireless devices to remain on throughout commercial flights*, it's probably no longer a big deal.

*Supposedly, not during take-off and landing, while the aircraft is below 10,000 feet, but I travel very frequently for work and I can't remember the last time I noticed anyone complying with that request.

As far as I know, there's no evidence to suggest that personal wireless devices actually interfere with aircraft navigation or operation. The whole thing, from the start, was done out of an abundance of caution, not as a result of any specific test results.

Reply to
Char Jackson

I've been working too hard and have screwed up. I somehow assumed that it was Airplane Mode that was turned off, not Location Services. They're quite different.

Just ignore me. Maybe a turkey overdose will help.

Reply to
Jeff Liebermann

Here's a video showing all the travel the phone owner did, his voice messages, many things. He shows how to stop it and if you want to stop all of it.

Interesting video, Mikek

Reply to
amdx

harry newton wrote in news:ov2a0g$lec$ snipped-for-privacy@gioia.aioe.org:

Google: "Do more evil" (and incompetently at that)

Reply to
goukurself

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.