David Bisson reports:
A vulnerability could allow attackers to track in real-time the movements of all 50 million Waze users……
Researchers at the University of California-Santa Barbara have discovered a vulnerability that would effectively allow a hacker to track the movements of any of Waze’s 50 million users.
Specifically, they found they could set up an HTTPS proxy man-in-the-middle (MitM) to intercept all communication between a user’s phone and Waze’s servers, which talk with each Waze client via SSL.
Read more on GrahamCluley.com.