The FCC has opened an investigation into LocationSmart, a company that is buying your real-time location data from four of the largest U.S. cell phone carriers in the United States. The investigation comes a day after a security researcher from Carnegie Mellon University exposed a vulnerability on LocationSmart’s website.
It is bad enough that a company is selling your private information, namely real-time information showing where your cell phone is located. Even worse, a very elementary bug in the company’s website allowed anyone to see the information without even paying for it! Your personal information was exposed to hackers, Chinese spies, political organizations, collection agencies, and your ex-spouse. Then again, if you are cheating on your spouse, he or she might soon become your “ex” after learning where you are spending some time!
According to Robert Xiao, a PhD. student at the Human-Computer Interaction Institute at Carnegie Mellon University, “The implication of this is that LocationSmart never required consent in the first place,” he said. “There seems to be no security oversight here.”
Details may be found in an article by Zack Whittaker in the ZDNet web site at: https://www.zdnet.com/article/cell-phone-tracking-firm-exposed-millions-of-americans-real-time-locations/.
The publicly-accessible web site data reportedly has been taken offline until the bug can be fixed. What is perhaps more disturbing, however, is that a company is tracking you and is selling your location information to anyone who wants it. The company needs a name change, from LocationSmart, Inc. to “Big Brother, Inc.”
I think I will leave my cell phone at home.
I described another, probably better, alternative in a recent article at: https://privacyblog.com/2018/04/30/perhaps-the-most-secure-burner-phone-of-all/.