Skip to main content
  1. Home
  2. Smart Home
  3. Smart Home News

Fix upcoming for Google Home, Chromecast bug that can tattle on your location

By
GoogleFindMyHomeDemo

Your trusty Google Home speaker may not be all that trustworthy after all — at least, not for now. Security researcher Craig Young from the firm Tripwire has discovered a bug that allows both the Google Home and the Google Chromecast TV stick to share user location, which needless to say is less than ideal. Apparently, the bug works by exploiting a loophole, and results in cross-checking the wireless networks in the vicinity with Google’s exacting geolocation services.

Recommended Videos

But don’t worry — this vulnerability won’t be present for long. On Monday, June 18, security expert Brian Krebs reported that Google will fix the location privacy leak “in the coming weeks.” And not a moment too soon — exploiting the bug is apparently quite straightforward, and requires attackers to simply run a script in the background in order to collect location data on anyone with a Google Home or Chromecast installed on their local network. The attacker wouldn’t even need to be connected to your network; they would only need to send you a malicious link, and for you to keep that link open for about a minute while they triangulated your position.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, HBO Max, and more

“I’ve only tested this in three environments so far, but in each case the location corresponds to the right street address,” Young told Krebs. “The Wi-Fi based geolocation works by triangulating a position based on signal strengths to Wi-Fi access points with known locations based on reporting from people’s phones.” Although IP-based geolocation is only accurate to about three miles around the compromised device, the method that Young has discovered actually delivers location data to an accuracy of about 30 feet. Young has even produced a demo of the bug in action, which you can check out in the above video.

Krebs notes that Google only agreed to address the issue after he contacted them and informed the team that he would be publishing a piece about the problem. In fact, Young had previously made contact with Google, but the tech giant refused to issue a patch, noting that the geolocation feature was “intended behavior.” Clearly, Google has changed its tune, and now, the fix should go live in mid-July.

Lulu Chang
Lulu Chang
Former Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Topics

Editors’ Recommendations

Echo Show 10 vs. Nest Hub (2nd Gen): which smart display is better for your home?
The Echo Show 10 on a kitchen counter.

When it comes to smart displays, few are as popular as the Echo Show 10 and Nest Hub (2nd Gen). Both are incredibly powerful devices, allowing you to quickly check your calendar, get updates on the weather, or dive into a variety of entertainment apps. However, there are a few key differences between these devices -- including screen size, available apps, and supported smart home platforms.

Ready to add one of these smart displays to your home? Here's what you need to know before making a purchase to ensure you're picking the best smart display for your needs.
Pricing and design

Read more
Google Nest Doorbell vs. Ring Video Doorbell (2nd Gen): which is better for your front door?
Ring Video Doorbell 2nd gen on doorway

Take a stroll through any neighborhood, and you're bound to encounter more than a few video doorbells. These nifty devices have grown in popularity over the years, with companies like Ring, Google, Arlo, and Wyze offering their own take on the hardware. But of all the products available today, few are as well-regarded as the Google Nest Doorbell and Ring Video Doorbell (2nd Gen).

These two devices are easy to install, capture high-quality footage, and bring an added layer of security to your front door. But which of the two is the better purchase -- the Nest Doorbell or the Ring Video Doorbell? Here's a look at both video doorbells to help you decide.
Design

Read more
The most common Google Home problems and how to fix them
best google home compatible devices hands on 4652

Apple HomeKit, Amazon Alexa, and Google Home make up the three biggest smart home platforms on the planet. Google Home is popular thanks to its lineup of Nest products, which includes the Nest Hub Max, Nest Doorbell, and Nest Cam, along with many other devices. Best of all, Google Home supports a wide array of third-party products, giving users an easy way to link all their gadgets together and control them from one streamlined app.

But, as you'd expect, getting all these devices working seamlessly isn't always as easy as it sounds. The Google Home platform is also susceptible to the same issues as other smart home platforms, which include various connectivity hiccups and problems with voice commands. Solving these problems is usually pretty easy -- that is, once you know where to look.

Read more