Researchers from the University of California in Santa Barbara revealed a number vulnerabilities concerning the renowned navigation map Waze; saying that hackers can use the application for tracking real-time movements of users.
“It’s such a massive privacy problem,” said computer science professor Ben Zhao, the leader of the research team.
Zhao’s team conducted an experiment to monitor the movements of a certain subject over a three-day period in her trips to and from San Francisco and Las Vegas; including her commutes aboard a taxi and a bus.
The team was successful in doing in working on the test; realizing that hackers can actually penetrate Waze’s servers using “ghost drivers.”
“Users could be tracked right now and never know it,” Zhao said.
In 2013, Google bought the app from an Israeli start-up company for $1.1 billion to address competition issues with Google’s homegrown navigation app, Google Maps.
Last January, Google acknowledged Waze’s vulnerabilities and issued an update dubbed as an “energy-saving feature,” which prevented the app from broadcasting users’ locations while running in the background.
“Waze constantly improves its mechanisms and tools to prevent abuse and misuse. To that end, Waze is regularly in contact with the security and privacy research community—we appreciate their help protecting our users. This group of researchers connected with us in 2014, and we have already addressed some of their claims, implementing safeguards in our system to protect the privacy of our users,” Waze officials said in a statement.