Discovering that your Bluetooth car battery monitor is siphoning up your location data
Discovering that your Bluetooth car battery monitor is siphoning up your location data
doubleagent.net Part 1 - Discovering that your Bluetooth car battery monitor is siphoning up your location data
Reverse engineering an Android app for a Bluetooth connected car battery monitor with some startling discoveries
TLDR
- A Bluetooth enabled battery monitor that records car battery voltages. The hardware requires a smartphone for pairing
- The product collects GPS co-ordinates, cell phone tower data and nearby Wifi beacons
- Location data is sent over the Internet to servers in Hong Kong and mainland China
- App store misleads consumers by stating that no personal data is collected or shared. Since the Android app requires location permissions to use the hardware device, users are effectively forced to continuously broadcast their physical location to 3rd parties in order to use the product.
There are no legitimate reason for a car battery monitor application to track it’s user’s location. With over 100,000 downloads on Android alone, this raises significant privacy concerns
Discussion on HN.
2
comments
I hAvE nOthInG tO hIdE
Pretty much any android app with network and location permissions