According to a recent report from Chinese media, Zhongguancun Online, apps on Android app sends out user details without permission. According to the report, a team of researchers found that when location permission of an APP in an Android phone is disabled, the application will quietly send the unique identification code and positioning data of the mobile phone to its own server, thereby realizing the positioning of the user. However, this report did not state the research body that found this vulnerability neither did it state the Android app that behaves this way. Thus it is best that we take this report with a grain of salt.
According to the report, some other important information also leaks. These include user’s NIC MAC address, router access point, and SSID. This seriously invades the user’s privacy.
It said that Google has been notified of these vulnerabilities. These issues will disappear with the arrival of Android Q. However, many devices are unable to update to Android Q thus may continue to face this issue. Most likely, Google will release an update to fix this issue and users should not ignore the update. Officially, Google has not given a clear response. Nevertheless, it confirms that Android Q will hide user location information by default.