• About Us
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Client Portal
  • Contact Us
  • today headline
  • Write for us
Today Headline
No Result
View All Result
  • breaking news today
    • Politics news
    • Sports
    • Science News & Society
  • Entertainment News
    • Movie
    • Gaming
  • Technology News
    • Automotive
  • Health News
    • Lifestyle
    • Insurance
  • Finance News
    • Money
  • Enterprise
  • Contact Us
  • breaking news today
    • Politics news
    • Sports
    • Science News & Society
  • Entertainment News
    • Movie
    • Gaming
  • Technology News
    • Automotive
  • Health News
    • Lifestyle
    • Insurance
  • Finance News
    • Money
  • Enterprise
  • Contact Us
No Result
View All Result
TodayHeadline
No Result
View All Result

Google’s contact-tracing system has left data accessible to hundreds of apps for months

April 28, 2021
in Lifestyle
Reading Time: 3 mins read


Google’s coronavirus contact tracing framework, which alerts users if they have been near someone with COVID-19, has been making its data available to third-party apps.

The software giant had been informed of the privacy issue since February, a report from The Markup alleges, but said that the issue was not a “severe enough” flaw.

The contact-tracing framework is built into Android devices, but can communicate with iPhones. It works by monitoring the phone’s owner via Bluetooth, but the data should only be available to official apps of public health authorities such as the “NHS COVID-19” app, which is being used by 16 million people.

However, hundreds of preinstalled apps including Samsung Browser and Motorola’s MotoCare on Android devices have access to this potentially sensitive information. The signals that the contact tracing data generates are saved into its device system logs, which companies have permission to read for crash report and analytics.

The information includes data about whether a phone registered a person as being in contact with someone who had the coronavirus, the device’s name, MAC address, and advertising ID, security researchers said.

Recommended

Google had pledged that “the list of people you’ve been in contact with doesn’t leave your phone unless you choose to share it”.

Researchers from the privacy analysis firm AppCensus raised the problem to Google in February 2020, as part of the US Department of Homeland Security’s testing. Google reportedly did not change it.

“This fix is a one-line thing where you remove a line that logs sensitive information to the system log. It doesn’t impact the program, it doesn’t change how it works, ” Joel Reardon, co-founder and forensics lead of AppCensus, told The Markup. “It’s such an obvious fix, and I was flabbergasted that it wasn’t seen as that.”

Reardon apparently reached out to Google’s bug bounty program concerned about the issue on 19 February. Google said that the finding did not merit a serious enough flaw to merit a reward, but a panel would look through the findings in a subsequent meeting.

The Google security team eventually sent an automated email that they would “decide whether they want to make a change or not”, but Reardon received no communication from Google since.

“Exposure Notifications uses privacy preserving technology to help public health authorities manage the spread of COVID-19 and save lives. With the Exposure Notification system neither Google, Apple, nor other users can see your identity and all of the Exposure Notification matching happens on your device. We were notified of an issue where the Bluetooth identifiers were temporarily accessible to some pre-installed applications for debugging purposes”, Google said in a statement to The Independent.

“Immediately upon being made aware of this research, we began the necessary process to review the issue, consider mitigations and ultimately update the code. These Bluetooth identifiers do not reveal a user’s location or provide any other identifying information and we have no indication that they were used in any way – nor that any app was even aware of this.”

However, Reardon had contacted Giles Hogben, Android’s director of privacy engineering, later in February. Hogben said that “[System logs] have not been readable by unprivileged apps (only with READ_LOGS privileged permission) since way before Android 11 (can check exactly when but I think back as far as 4),”

Google did not provide an answer as to why, if the company knew about these issues before Android 11, they were not fixed prior to the rollout of the contact tracing framework, nor why it did not provide Reardon with a response to his messages.

  • Trending
  • Comments
  • Latest
urine diverting toilet - TodayHeadline

Urine-diverting toilets expel fewer virus particles than traditional toilets, study suggests

2164c13906f658f06c19d60e5a98817b - TodayHeadline

Armed man arrested after being barricaded in home

Andrew Tate accused by ex-girlfriend of 'strangling her during violent sex until she passed out'

Andrew Tate accused by ex-girlfriend of 'strangling her during violent sex until she passed out'

HBASTZTEWJABFPBBGNCN4DQDGM - TodayHeadline

Vet highlights dangers of allowing dogs to lean out of car windows – The Irish Times

PopularStories

urine diverting toilet - TodayHeadline
Health News

Urine-diverting toilets expel fewer virus particles than traditional toilets, study suggests

2164c13906f658f06c19d60e5a98817b - TodayHeadline
Lifestyle

Armed man arrested after being barricaded in home

Andrew Tate accused by ex-girlfriend of 'strangling her during violent sex until she passed out'
Politics news

Andrew Tate accused by ex-girlfriend of 'strangling her during violent sex until she passed out'

HBASTZTEWJABFPBBGNCN4DQDGM - TodayHeadline
breaking news today

Vet highlights dangers of allowing dogs to lean out of car windows – The Irish Times

About Us

Todayheadline the independent news and topics discovery
A home-grown and independent news and topic aggregation . displays breaking news linking to news websites all around the world.

Follow Us

Latest News

urine diverting toilet - TodayHeadline

Urine-diverting toilets expel fewer virus particles than traditional toilets, study suggests

2164c13906f658f06c19d60e5a98817b - TodayHeadline

Armed man arrested after being barricaded in home

Andrew Tate accused by ex-girlfriend of 'strangling her during violent sex until she passed out'

Andrew Tate accused by ex-girlfriend of 'strangling her during violent sex until she passed out'

urine diverting toilet - TodayHeadline

Urine-diverting toilets expel fewer virus particles than traditional toilets, study suggests

2164c13906f658f06c19d60e5a98817b - TodayHeadline

Armed man arrested after being barricaded in home

Andrew Tate accused by ex-girlfriend of 'strangling her during violent sex until she passed out'

Andrew Tate accused by ex-girlfriend of 'strangling her during violent sex until she passed out'

  • Real Estate
  • Parenting
  • Cooking
  • NFL Games On TV Today
  • Travel and Tourism
  • Home & Garden
  • Pets
  • Privacy & Policy
  • Contact
  • About

© 2023 All rights are reserved Today headline

No Result
View All Result
  • Real Estate
  • Parenting
  • Cooking
  • NFL Games On TV Today
  • Travel and Tourism
  • Home & Garden
  • Pets
  • Privacy & Policy
  • Contact
  • About

© 2023 All rights are reserved Today headline

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.