Waze implements safeguards to block “ghost riders” exploit

Waze implements safeguards to block “ghost riders” exploit

In a recently released blog post, Waze driving assistance service has revealed that it has implemented the requisite safeguards to ensure that an exploit reported by the researchers from the University of California, Santa Barbara, is effectively blocked.

The exploit was uncovered by the researchers by reverse-engineering the data which passed between Waze servers and users' clients. The researchers said that the exploit can be potentially used by hackers to track the users of the Waze app.

In reporting the exploit, the researchers said that the reverse-engineering process enable them to create a group of "ghost riders" that could be used for tracking the whereabouts of Waze users at almost all times.

Waze quickly responded to the security concerns raised by the researchers and said in the blog post that the newly-detected "ghost riders" vulnerability has been addressed by the company by implementing the necessary safeguards that "prevent ghost riders from affecting system behavior and performing similar tracking activities."

However, Waze has also downplayed the applicability of the "ghost riders" exploit for most of the 'normal' users of the driving assistance app. About the possibility of hackers tracking Waze users' location with the help of the exploit, the company said in the blog post: "None of these activities have occurred in real-time and in real-world environments, without knowing participants."