One of the students at the University of Carnegie discovered a dangerous vulnerability in the LocationSmart geolocation service. Robert Hao managed to find a way to get information about the actual location of millions of Americans. All you need is to know the phone number.
Service LocationSmart allows you to find out exactly where the user of the cellular network is located. To receive information, you must enter a phone number. The smartphone will receive a one-time password for verification. Then you can see the real location on the map.
It turns out that anyone can find out exactly where the subscriber of one of the American operators is located: Verizon, AT & T, Sprint, T-Mobile, simply specifying his phone number.
The information about the detected vulnerability has already been transferred to the Federal Communications Commission.
Alas, only one developer error can cost that anyone can know exactly where you are. And it applies to almost any service. [ MR ]