Microsoft mapping services expose user location

Posted by Alex Zaah filed under Others

When Apple and Google cell phone location tracking issued got our full attention, no one was aware that Microsoft was doing the same using their managed driving program.

As is known to all, Google first used their street view cars to log WiFi Access Point and cell sites information, and then they stopped the move because of the huge pressure from world governments and relied on Android Smartphone to collect such location data. Well Microsoft was using vehicle to collect all kinds of location data to build their location based services too, namely web search, weather, maps and navigation information. Do not forget, Microsoft has its own mobile operating system Windows Phone 7, and the world’s second largest search engine Bing.

At the beginning of this month, a program manager called Reid Kuhn from Microsoft Windows Phone engineering team revealed more information about their location collection in a blog post.

We can see from the post that like Google, Microsoft were interested in cell tower, WiFi hotspots and GPS data, major technology to pinpoint a mobile device on map. I list here separately what data they collect.

GPS: latitude, longitude, direction, speed.

Cell tower: mobile country code (MCC), mobile network code (MNC), location area code (LAC), cell identifier (CellID).

WiFi Access Point: BSSID (i.e, the Media Access Control aka MAC address), signal strength, and radio type.

Although Reid indicated that they would not collect user private data sent over the wireless network, and the source code was available for check. However they have no proper measurements in place to protect these data. Millions of location data of mobile device (both Android and iOS when they are acting as Access Points, which is know as tethering), laptop and other WiFi devices were available via live.com as accurate as street address and even corners of a building. What’s worse, there is no limit in getting those data, and users could not remove their WiFi data from live.com database which updates itself often.

According to CNet tests, in addition to US location data, live.com also contains locations from Spain, UK, Germany and Japan etc. Some of the WiFi location change from time to time, which means live.com might be tracking the movements of those devices.

Since Android location tracking, Google has taken steps to block location queries via their API. And that’s why my WiFi tracker does not work properly, but Microsoft has done nothing yet. Maybe that’s why it’s not easy to protect our privacy?

Posted by Alex Zaah | Category: Others | Tags: , ,

Copyright © 2009 Profone Tracking by Alex Zaah. All Rights Reserved.