Goggle’s child, Waze, world’s largest community-based traffic and navigation app has security concerns. According to a Fusion report documenting an exploit found by UC Santa Barbara researchers, Waze allows hackers to spy on you in real-time.
But how is it possible?
In the report, Fusion’s Kashmir Hill detailed how researchers reversed engineered Waze’s servers to create “ghost drivers” (fake versions of the little car icons you see on the app) that can monitor the drivers around them.
She also added that the researchers proved it by tracking her movements around San Francisco and Las Vegas over a period of three days.
Waze allows hackers to spy on you, is it true?
In its response, Waze insisted that a stranger cannot find or follow you while you’re using the app and clarifies that faux car icons are a way to make users feel like they’re not alone in places where Waze is new.
It also countered that Hill “wanted” to be found. She gave her location and username to the research team, which greatly simplified the process of deducing sections of her route.
But Hill said that was her point. Just knowing where she lives or works would be sufficient for a hacker to follow her movements using Waze.
What Google has to say about it?
The researchers have previously made Google aware of these problems, therefore, the company mitigated some but not all of them.
And all thanks to Waze’s mitigation of the problems, the technique only works when Waze is running in the foreground, not in the background.
What can you do to keep yourself safe?
All you need to do is, set your app to invisible mode. But keep in mind; Waze turns off invisible mode every time you restart the app.
Last but not the least; don’t share your personal details with anyone like Hill.