Implications for Eddystone-URL in Chrome 44

When I wrote in my last post about Eddystone, I was not aware of Chrome already included an update to scan nearby Eddystone beacons.  Chrome version 44.0.2403.65 available in Apple AppStore (not in Play Store as of writing) now let Chrome user to open an URL broadcasted by Eddystone-URL.

This change is profound ! The following are the implications

  1. Developer no longer needs to write IOS codes to assess functionality offered by beacons . This is a liberation from the Apple iBeacon which must use native iOS APIs.
  2. A web developer can now add physical object interaction to their website. Website content can be targeted to a micro location.
  3. Security wise, the URL is unfiltered. A curious user clicking on a broadcasted URL may be directed to malware infected website.
  4. Privacy wise, by enabling Eddystone and use Chrome to launch the URL. Google knows where you are even when GPS is turn off or blocked. The Eddystone beacon location is your location. Therefore Google has a better “insights” of locations and time of your activities with a 20m accuracy.

Likely Firefox and other browser will follow and enable Eddystone. Will test out this feature with my Raspberry PI BLE project and write in next blog post.

This entry was posted in ISO 27001 and tagged , , , on by .

About antonyma

Engineering trained, Antony has the qualifications of CISA, CCSP, Oracle DBA and BS7799 ISMS assessor. He also received a LLM in Intellectual Property & Information Technology Law from The University of Hong Kong. Founder of Cybersecurity Risk Assessment firm Antony was th Chairman of Professional Information Security Association (PISA) from 2009 to 2010. He also joined ISC2 workshop on developing a new cloud security certification. Current positions include: 1. Chairman of Cloud Security Alliance (Hong Kong & Macau Chapter) 2. Convenor of HK OGCIO Working Group on Cloud Security and Privacy 3. Hong Kong delegate to ISO SC 27 committee, which drafts security standards like ISO27001. email : Specialties Retail Banking System & Process, IT Security, Copyright Law, Audit & Control, Technology Risk Management, Cloud Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s