Google Android phones may spill the beans on users' Wi-Fi history

The Electronic Frontier Foundation (EFF) is warning that certain devices running on the Google (NASDAQ: GOOG) Android operating system may reveal their owner's location history to anyone within Wi-Fi range. That is because when they are not connected to a network, the devices leak the names of wireless networks to which they have previously connected.

The situation arises when Wi-Fi devices that are not actively connected to a network nonetheless actively seek out networks they have been on before so as to speed up the connection process. In testing, EFF discovered that many newer Android smartphones leaked the names of the networks stored in their settings, up to a limit of 15. 

EFF's warning applies to Android devices less than three years old, because the problem appears due to Preferred Network Offload (PNO), a feature introduced in Honeycomb (Android 3.1). 

"Aside from Android, some other platforms also suffer from this problem and will need to be fixed, although for various reasons, Android devices appear to pose the greatest privacy risk at the moment," EFF said.

Those other platforms include all Apple (NASDAQ: AAPL) OS X laptops and many Microsoft (NASDAQ: MSFT) Windows 7 laptops. However, laptops are not usually kept awake and scanning for networks as their owners carry them around, so there is likely less location history attached to them than there is to a smartphone. Desktop operating systems are also affected, but those devices are generally not carried around.

There remains a question regarding whether some Apple iOS devices might be impacted, EFF said. "In our testing no iOS 6 or 7 devices were affected, though we observed the same problem on one of several tested iOS 5 devices (an iPad), and earlier versions of iOS might or might not be affected," the organization noted.

Knowing someone has connected to a specific SSID--such as "Heathrow Wi-Fi" or Wi-Fi networks affiliated with houses of worship, political offices or bars--provides a lot of potentially sensitive information regarding where that person has been. Even network names that do not provide a readily identifiable information, such as "Jane's Wi-Fi," may be listed, with their location, in databases such as Wigle.Net.

EFF brought its test results to Google's attention, prompting the Internet giant to respond that it is investigating what changes are appropriate for a future release to circumvent the problem. It does not appear the company will make any changes to current OSes, as it said that "changes to this behavior would potentially affect user connectivity to hidden access points."

Hidden access points do not broadcast their SSIDs. They must be sought out specifically by a device, prompting the hidden network to respond that it is available.

EFF reported that a Google employee submitted a patch to wpa_supplicant that can be used to fix the problem, though it is unclear how many end users will benefit from that patch since many may never even receive it.

Meanwhile, some devices will let users protect their privacy by going into the device's "Advanced Wi-Fi" settings and switching the "Keep Wi-Fi on during sleep" option to "Never." The caveat is that this change will cause the device to consume more data and more power.

Further, that fix did not work on a Motorola Droid 4 running Android 4.1.2. "The only practical way to prevent the phone from leaking location is to manually forget the networks you don't want broadcast, or disable Wi-Fi entirely whenever you aren't actively connecting to a known Wi-Fi network," EFF said.

For more:
- see this EFF blog post
- see this Verge article

Related articles:
SensePost's Snoopy drone highlights pitfalls of constant connectivity
Nominum says it protected Wi-Fi network in Sochi, rolls out DNS marketing offer
Apple iOS apps may be fooled, redirected via public Wi-Fi
T-Mobile Wi-Fi Calling flaw exposed calls, text messages