Home Created by potrace 1.16, written by Peter Selinger 2001-2019Tech and auto  Created by potrace 1.16, written by Peter Selinger 2001-2019Tech news  Created by potrace 1.16, written by Peter Selinger 2001-2019Google Will Soon Fix Location Leaks in Home and Chromecast Devices

Google Will Soon Fix Location Leaks in Home and Chromecast Devices

Google’s Chromecast TV devices and Home speakers could expose your location to hackers without letting you know.

Sourav Bhakat
Tech News
Published:
Google Home uses Chromecast to talk to your TV.
i
Google Home uses Chromecast to talk to your TV.
(Photo: The Quint)

advertisement

It recently came to light that Google Home smart speakers and Chromecast TV devices could expose your location to hackers without even letting you know.

Craig Young, a researcher from Tripwire, a security firm, was the first to notice this potential privacy leak, reported Krebson Security.

He said this could probably happen due to flaws in the basic design of these devices, which are quite common among devices that are part of the Internet of Things (IoT).

According to Young, the Home app which is used to control Google Home and Chromecast performs most of the actions using Google's cloud. But tasks performed via local HTTP servers can be easily hijacked by hackers remotely, making it easy for them get information about a users' location.

An attacker can be completely remote as long as they can get the victim to open a link while connected to the same Wi-Fi or wired network as a Google Chromecast or Home device. The only real limitation is that the link needs to remain open for about a minute before the attacker has a location. The attack content could be contained within malicious advertisements or even a tweet.
Craig Young, speaking to KrebsOnSecurity
ADVERTISEMENT
ADVERTISEMENT

Google is aware of the issue and said that it is rolling out a fix soon.

Security is an ongoing focus for our teams. We’re aware of the report and will be rolling out a fix in the coming weeks.
Google in a statement to USA Today

To check how the privacy breach happens and how vulnerable it makes users, Young also conducted a test.

He said that on his home network, he was not only able to hijack the TV screen plugged in with a Chromecast, but was also able to tell the gadget’s physical location, with the data extracted from the Google Home devices, with “astonishing accuracy”.

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: undefined

ADVERTISEMENT
SCROLL FOR NEXT