LocationSmart bug allowed for leak of location data for nearly any U.S. phone
A company that provides other companies with cell phone location-tracking services had an API on its website that inadvertently allowed anyone to freely look up the location of almost any cell phone in the United States. The bug was in a demo that the company, LocationSmart, posted on its website. The demo was to show people that it could approximate their phones’ locations using nearby cell towers. A report published Thursday by independent security journalist Brian Krebs shows that it would have been easy for someone to abuse the demo to secretly locate nearly any U.S. phone. LocationSmart is a location-as-a-service company that gives its customers the ability to “track assets, connect with employees and engage with customers through one secure interface,” according to its website. The demo sent a text message to a device to get permission from its owner before pinging the nearest cell phone tower in order to send […]
The post LocationSmart bug allowed for leak of location data for nearly any U.S. phone appeared first on Cyberscoop.
Continue reading LocationSmart bug allowed for leak of location data for nearly any U.S. phone