When you next Tweet, think about the information you’re giving away.

A new tool has been developed that will gather geolocation related information from your Tweet and image hosting services, pin pointing where you were and presenting the information via Google maps.

The tool called Creepy, gathers Twitter’s tweet location via the coordinates from a mobile device, the place name derived from the users IP address which gets translated into coordinates using, geolocation information accessible from the image hosting service API and EXIF tags from the photos posted.

Creepy is a PoC (Proof of Concept) tool developed by Ilektrojohn(1). He wrote it to show how easy it is to gather this type of information which the user consents to when ticking the “I Agree” box for these web services.

How could this information be used? For malicious purposes it’s easy to imagine a stalker, jealous spouse or bully tracking down a victims location or regular route (as long as they are tweeting on the way). Other uses could be tracking a potential client or girlfriend so that you can “bump into them”. From a privacy perspective, advertisers will be queuing up for this information. They could potentially gather -

  • Where you live
  • Who else lives there
  • Your commuting patterns
  • Where you go for lunch each day
  • Who you go to lunch with
  • Why you and your attractive co-worker really like to visit a certain nice restaurant on a regular basis ;-)

The potential uses are as limited as your imagination. So before you opt-in consider how your private information is being used.


This entry was posted in Web Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>