Tuesday, June 19, 2018

Google will fix Chromecast and Google Home bug that reveals a user’s location

Google plans to release a patch sometime in the next few weeks to fix a bug in its Home smart speaker and Chromecast TV streaming stick that lets a website collect precise user location data, according to a report from security reporter Brian Krebs. The bug, disclosed by researcher Craig Young at security firm Tripwire, works by exploiting a loophole in Google’s systems to cross-check a list of nearby wireless networks with Google’s precise geolocation look-up services.

Essentially, by using the location gleaned by nearby Wi-Fi networks through a Google Home or Chromecast, a malicious website can triangulate a user’s location. And because those devices rarely require authentication from third parties to receive data on local networks,...

Continue reading…

Disqus Comments