The Hack: Seems like that is what 

Aran, a student of Harvard University who had started working as an intern with Facebook recently was himself glued on to the messaging app. However, his eyes popped out when he was checking his message history and found that by default, all messages are tagged with a user’s location.  Even if the user has turned off the location sharing feature on his smartphone.

But what bothered him more was the accuracy of the location finder that he developed was close to a meter. He could know exactly where his chat buddy is at the moment.

And to add to his misery, using this data a hacker can know where you have been hour by hour on a map.

To find this out, Aran created a Google Chrome extension that he posted on the code sharing platform GitHub. No sooner the news went out on social media, Facebook changed their privacy policy and fired Aran from his internship.

Instead of paying a bounty to Aran for highlighting this privacy vulnerability, he got the stick.

Now, this is not the first time Facebook has use the stick on someone who discovered bugs in their code. In 2013 Palestinian researcher  Khalil Shreateh also met the same fate when he showed how easy it is to hack any Facebook account.

So what is the deal  here? The real deal is that online services do not care about user’s privacy and security. If they can get somehow to lay their hands on user’s data and more specifically their location, without making it seem so overtly, they are richer by the billion.

For example look at the social vacation sharing site Airbnb which has been recently valuated at over $25 billion. Guess why? It does just that locate for you places to stay world wide. Which means the service has the locations of all those millions of users. The Whack: The only way to protect your location privacy is to opt for online services that encrypt your data on their server and something that cannot be revealed using an external browser extension or another app. Which means you are the owner of your data and privacy and get to decide whom to share it with.

Invisocial.com is one such online service that encrypts all of your data and not just your location without the backdoor to decrypting that data.

Source: Google Image Search

About The Author

"Founded in July, 2016, WhackHack.com is a cyber security blog that covers important security issues affecting common users, industry and governments. It aims to create awareness among its readers about malware, hacking, encryption, identity theft, privacy, etc and also offer solutions to protect themselves from such attacks"

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

20 − 18 =

Close