It's amazing to me how many comments here excuse Google's behavior by offering the impractical "solution" of just not using a smartphone (a false dilemma) when the obvious answer is to get an iPhone. That's the advice of pretty much everyone in the infosec field and I'm sure some of them will attest to that in this thread.
When I'm at work, I use my work computer, which has a long lived static IP, to log into my personal Google account. I have configured all of my browsers to clear cookies and storage upon closing. I never use signed-in Google Maps, but I sometimes use it from that computer, from fresh browser while logged out.<p>A week ago, I moved from my previous home that was close to my work, to a different city about 20 miles away. Since I wasn't sure where all the points of interest are, I've been turning on location on my Android phone and using signed-out Google Maps on my phone.<p>Yesterday, my work computer's signed-out Google Maps has centered its default view on my new city, on the exact highway interchange next to which I now live.
Years ago, I remember CyanogenMod advertising that their "Privacy Guard" feature had something like a data spoof feature, where if an app surreptitiously requested your location or info, the guard would feed it a dummy number, garbage location, etc.<p>I've dug around and it seems like this no longer exists, if it ever did. Privacy Guard now seems to just allow granular controls on what the apps are allowed to request.<p>If it doesn't exist already, someone should definitely work towards implementing something like it.<p>EDIT: I see that the related XPrivacy app has a menu option for "Fake Data", so maybe this is what I'm thinking of.<p><a href="https://github.com/M66B/XPrivacy#features" rel="nofollow">https://github.com/M66B/XPrivacy#features</a>
I am running Android 7.1.2. I remember in the older versions of android, when you turned off the GPS, it would have to manually sync the receiver and it would take minutes to get GPS lock. In the current version, when I turned off location services, there is no "dot" indicating your location on Google Maps, but it appears almost instantly when you turn it off. I have long suspected that Android has the "coarse location" and "GPS location" always tracking, but merely just does not give Apps the data until location services is turned on.
If you're concerned about this level of location tracking, don't carry a cell phone at all.<p>Keeping track of which cell tower your phone is closest to is fundamental to cellular technology. You can't make or receive calls unless Verizon, T-Mobile, or whichever carrier you have knows which cell to communicate with you through. Regardless of whether Google is tracking this, your carrier certainly is, and with a warrant (or a national security letter), law enforcement can definitely access this data. If you're worried about hackers, I can guarantee you Google protects this data more securely than your carrier does.
> <i>"Although the data sent to Google is encrypted, it could potentially be sent to a third party if the phone had been compromised with spyware or other methods of hacking. Each phone has a unique ID number, with which the location data can be associated."</i><p>If the phone is compromised, it doesn't matter what google has access to, the tracking kit can just enable it's own tracking and spoof the system status (depending on the level of the compromise)<p>If you have a concern about your phone tracking you, don't bring your phone with you.
It’s funny how when asked about it, google instantly stated that it was being removed and all location data was purged. It’s almost as if they saw how bad it looks and how it hurts android’s reputation, but hoped no one would notice/care.
<i>...and the company is now taking steps to end the practice after being contacted by Quartz.</i><p>Classic example of Google's "ask for forgiveness, not permission" mode of operation.
I’ve always assumed location services = GPS<p>Meaning you can still be triangulated by towers<p>Which I had run legally for LEO at Sprint back in 2003-2005.<p>Towers gotta know where you are to provide service.<p>Don’t want to be tracked? Leave your phone at home.<p>Not saying it’s ideal but it’s how technology works.
After watching Google closely for years, I'm pretty sure this was not intentional or malicious.<p>Isn't this almost identical to what Apple was doing in 2011: <a href="https://arstechnica.com/gadgets/2011/04/how-apple-tracks-your-location-without-your-consent-and-why-it-matters/" rel="nofollow">https://arstechnica.com/gadgets/2011/04/how-apple-tracks-you...</a>
Another reason to order a Librem 5.<p><a href="https://puri.sm/shop/librem-5/" rel="nofollow">https://puri.sm/shop/librem-5/</a>
As I noted on reddit, I am not surprised by this at all. Google's entire incentive to maintain Android is the troves of data they collect about users. Why would they let you turn it off? It doesn't make any sense. If you're surprised as a user, you've been really naïve.<p>Imagine this: would apple ever let you <i>not</i> pay for a new iPhone? Its entire incentive in making iphones is to sell them for money. So it will never allow you to get phones for free.
Google is definitely pushing location services hard.<p>I was happy to learn it's possible to disable Google Now yesterday: <a href="https://news.ycombinator.com/item?id=15743055" rel="nofollow">https://news.ycombinator.com/item?id=15743055</a><p>Another option besides an iPhone is to replace Google Play Services: <a href="https://news.ycombinator.com/item?id=15617615" rel="nofollow">https://news.ycombinator.com/item?id=15617615</a> (supported devices: <a href="https://wiki.lineageos.org/devices/" rel="nofollow">https://wiki.lineageos.org/devices/</a>)
Follow the money.<p>Location information, ads viewed, and offline credit card purchase information. Google now has all three. Google uses this to determine which ads led you to spend and sells more of those ads.<p><a href="https://consumerist.com/2017/05/23/google-following-your-offline-credit-card-spending-to-tell-advertisers-if-their-ads-work/" rel="nofollow">https://consumerist.com/2017/05/23/google-following-your-off...</a><p>They're not going to stop collecting location information, even if you tell them to.
"The revelation comes as Google and other internet companies are under fire from lawmakers and regulators, including for the extent to which they vacuum up data about users."<p>Since the FCC is taking the Alan Greenspan approach to a self-regulating market / ISP, which nearly every Republican legislative office support. Which lawmakers and regulators are up in arms?
This is the kind of creepy stalking behavior that Google and its apologists have normalized and seek to further extend. It's ok to need a job but no responsible individual can defend this massive, intensive and extensive invasion of people's privacy.
I am surprised that this is legal in all countries where Google products are used. And by the way, I think Google won't be able to collect data from China.
>It is not clear how cell-tower addresses, transmitted as a data string that identifies a specific cell tower<p>Couldn't it be used to avoid faulty towers ?<p>I am not an expert at all, but I was told several times that it was a problematic issue.<p>Not that it would be an excuse for collecting it when location sharing is off but I am curious to know why I can be helpful to FCM<p>I am really curious to know how Qz determined that Google was collecting this data.
Maybe this problem should also be viewed from a different perspective. This companies are using the internet connections we pay for, for communications we didn't really allowed. They should be forced to pay us for the unauthorized use of our internet connections, and obviously for our data. if the costs where high enough this kind of "hacking" would just stop.
<i>The section of Google’s privacy policy that covers location sharing says the company will collect location information from devices that use its services, but does not indicate whether it will collect data from Android devices when location services are disabled</i><p>So why isn't Google is slapped with a fine then?
So, about that Linux smartphone...<p>It doesn't have to be perfect: calls and texts should work, a camera and browser would be nice, and the complete freedom to use it and control it in the way the user wants.<p>The first run to sell maybe 1,000 or 10,000 units? My cash is waiting...
I am using Android without Google Play Services. Some apps don't give me notifications, but most of them work without an issue. Also, I'm using Firefox with uBlock on this phone. Couldn't be happier with that setup and my phone's battery life.
Just get one of those cases that block GPS signal, or even the one that blocks all signals (but you won't be able to receive calls). They are only a few bucks.
Not so surprising! It gave away the entire OS free just because it can use the OS and applications living on top of it to mine people's personal data!
Cell phone companies will probably hand over such info to any government entity to comply with local laws. I suppose with Google they have it a bit easy, because google links your identity to your phone, email, web search, purchases, maps activity, etc. They don't have to issue 20 different legal requests to each provider, and then combine that data. Other than that I don't see how Google collecting this data is bad (if we're to assume that there is a legitimate reason to do so).
That might be a digression, but overall you have to "trust" a company or software provider to some extend.
Even if you have all source-code etc. there are always possibilities to include a backdoor or similar if there's one binary involved (in this case the compiler):
<a href="http://wiki.c2.com/?TheKenThompsonHack" rel="nofollow">http://wiki.c2.com/?TheKenThompsonHack</a>
I'm moving up my research on migrating to Nextcloud, or some combination of it and maybe FastMail. I'm sick of this kind of bullshit.<p>And the thing is, Google, Apple, Microsoft, are less still evil than Time Warner, Verizon, Road Runner, Xfinity, etc. But I'm concerned they are not sufficiently opposed to that fiefdom to maintain a neutral balance on the internet.
Once again, when do I start hearing apologies from the supporters of closed source and mit/bsd (which allow tivoization like google did with android)?<p>When do we finally realize RMS was right all along?
Figured they would do this and then hide it in Android OS/System so users don't know it was Google's own services draining their battery life the whole time.<p>If only they'd use this data to at least do something useful, like create a machine learning-enabled firewall to block "rogue" cell towers like cell site simulators. But no, of course not, it has to be done only for ads...
Why is this a problem? What is the harm of them collecting cell tower information? Is it possible to provide the same quality of service(s) without the cell tower information?