A-GPS vulnerability could let hackers track your location, take over your phone
As the global adoption of smartphones has reached impressive levels during the past couple of years or so (with absolutely no sign of stopping anytime soon), it is surely not surprising to see that hackers have turned their evil eye towards exploiting the various weaknesses of your favorite mobile device. But although in the past we’ve talked how hackers exploit various soft spots in the OS, it turns out that attackers can actually use underlying technologies to get access to private information.
According to Ralf-Philipp Weimann, a researcher at the University of Luxembourg, Assisted GPS (A-GPS) is one of the technologies that hides such vulnerabilities. Just so that we’re clear, the “GPS” part of the technology isn’t what’s causing the problem, but rather the “assisted” part in the name. See, when your smartphone tries to pinpoint your location (either for displaying it on a map or for checking in various places via Forsquare), it asks the cellular network to provide an approximate location so that the GPS calculations are streamlined. Much to a potential hacker’s delight, these messages are not sent over a secured connection, but rather over “a non-secure Internet link”. And this is where the problems start rearing their ugly head!