Skip to main content

New best story on Hacker News: Discovering that a Bluetooth car battery monitor is siphoning location data

Discovering that a Bluetooth car battery monitor is siphoning location data
638 by x1sec | 262 comments on Hacker News.
Hi HN, this is my efforts in reverse engineering a BLE car battery monitor where it's app has over 100,000 downloads on the Google Play store alone. It turns out it's sending GPS, cell phone tower cell IDs and Wifi beacon data to servers in Hong Kong and mainland China on a continued basis. Google and Apple app store pages say no personal data is collected or sent to 3rd parties. Hopefully readers pick up a few tips on reversing apps for their connected devices.

Labels:

Comments

Post a Comment

Popular posts from this blog

New best story on Hacker News: Ask HN: I’m an FCC Commissioner proposing regulation of IoT security updates

Ask HN: I’m an FCC Commissioner proposing regulation of IoT security updates 449 by SimingtonFCC | 144 comments on Hacker News. Hi everyone, I’m FCC Commissioner Nathan Simington, and I’m here to discuss security updates for IoT devices and how you can make a difference by filing comments with the FCC. As you know, serious vulnerabilities are common in IoT, and it often takes too long for these to be patched on end-user devices—if the manufacturer even bothers to release an update, and if the device was even designed to receive them. Companies may cease supporting a device well before consumers have stopped using it. The support period is often not communicated at the time of sale. And sometimes the end of support is not even announced, leaving even informed users unsure whether their devices are still safe. I’ve advocated for the FCC to require device manufacturers to support their devices with security updates for a reasonable amount of time [1]. I can't bring such a proposal
Post a Comment
Read more