September 30, 2020

NSA recommends disabling location services on various electronic products to prevent leakage

2 min read

Previously, the US Department of Defense prohibited its employees from using any devices with location-tracking functions, whether it is a smartphone, smartwatch, or other electronic devices.

Leaking location information is a very dangerous behavior for confidential agencies, so in addition to the US Department of Defense, the US National Security Agency has also made similar requirements.

The National Security Agency also issued a risk warning to its employees a few days ago: Employees should not enable location services on any electronic devices with location-tracking capabilities.

Android "API breaking" vulnerability

The National Security Agency issued internal documents to its employees stating that the use of mobile devices such as smartphones, just turning on the power has the risk of exposes location data.

Mobile devices are inherently dependent on cellular networks and communication service providers, so each time they connect to the network, they will report the location of the device in real-time.

This means that service providers can track users on a large scale, or attackers can use vulnerabilities in the service provider’s system to monitor user locations.

Therefore, for users whose location information is very sensitive, this situation will incur unnecessary risks, unless the user switches to airplane mode when not in use.

The National Security Agency has warned to scrutinize any device that can provide location data, such as smartwatches, which can send and receive wireless signals anywhere.

The wireless network signal can also track the user’s location and the situation of the cellular network operator, so such devices also need to be kept off from time to time.