Microsofthas closeda rather obvious privacy loophole in its geographic location positioning service.
The issue came to light afterCNET pointed out the flaw. The issue revolved around Microsoft collecting, and then storing, the location of millions of devices around the world. Anything with a WiFi connection was potentially implicated, including laptops, mobile phones, and so forth.
The problem was that the database that contained all the information was insecure, and was therefore open to viewing by anyone with enough savvy. The discoverer of the problemphrased it like this: “the WiFi data stored by Windows can be used to geolocate where your computer has been.”
Needless to say, that was a problem. Even though the company committed a serious gaffe by not better securing the information, Microsoft moved quickly and has plugged the leak. Inits blog poston the issue, Microsoft both further explained the extent of the previous leak, and what it has done to rectify it:
Microsoft released a change to its geographic locationpositioning service on July 30, 2011, which addresses an issue highlighted in Elie Bursztein’sblogon July 29, 2011. This change adds improved filtering to validate each request so that the service will no longer return an inferred position when a single Media Access Control address is submitted. While it was not possible to use the service to track a roaming mobile phone or laptop using its MAC address prior to this change, Microsoft is keenly aware of the sensitivity around all privacy issues, especially those surrounding geolocation.
Calling all Scaleup founders! Join the Soonicorn Summit on November 28 in Amsterdam.
Meet with the leaders of Picnic, Miro, Carbon Equity and more during this exclusive event dedicated to Scaleup Founders!
This does downplay the largest immediate fear that anyone could conjure concerning the previous problem: tracking. That, it seems, was never possible.
But that there was a security blunder of this sort does make one leery about the potential for more, from any number of companies; it makes one wonder how secure we are in the face of rapidly changing technology and a push for cloud data storage.
Story byAlex Wilhelm
Alex Wilhelm is a San Francisco-based writer. You can find Alex on Twitter, and on Facebook. You can reach Alex via email at alex@thenextweb(show all)Alex Wilhelm is a San Francisco-based writer. You can find Alex onTwitter,and onFacebook.You can reach Alex via email atalex@thenextweb.com
Get the TNW newsletter
Get the most important tech news in your inbox each week.
