APRIL 25, 2023 — Is anything ever safe and secure in today’s digital age? A group of graduate students in the Carlos Alvarez College of Business at UTSA were surprised to discover security vulnerabilities in a location-sharing mobile application designed to promote family safety.
As part of a semester-long research study, Posie Aagaard, an information technology graduate student, alumnus Omar Abduljabbar ’22 and alumnus Bijan Dinyarian ’22 conducted a forensic analysis of Life360, a popular application among families that provides location tracking, notifications and emergency services.
What began as a project in a digital forensics class ultimately resulted in a published paper and a valuable learning experience. Their paper, “Family Locating Sharing App Forensics: Life360 as a Case Study,” was published in the Forensic Science International: Digital Investigation journal this year.
“I take an experiential learning approach to facilitate students’ learning experiences in my classes,” said Raymond Choo, Cloud Technology Endowed Professor in the UTSA Department of Information Systems and Cyber Security. “In my graduate digital forensics course, the students complete a semester-long, open-ended research assignment, which is designed to foster and promote student creativity and engagement.”
The first task for the research team was finding something they could be hands-on with, said Aagaard, who also serves as assistant vice provost for collections and curriculum support at the UTSA Libraries.
“Professor Choo suggested that mobile forensics is a growing field to explore,” Aagaard said. “We looked at several different apps, but we chose this one because one of our group members had a family member who used it and it has a huge adoption rate. We thought it could make an interesting case study. We didn’t go into the project expecting specific forensic findings, so when we got our results they really stood out.”
As part of their study, the students looked at two main areas: the artifacts that were left behind on devices from the app and the networking or transmission of data from the app. Utilizing a variety of industry tools they looked for data that users might not want publicly disclosed.
“We really wanted the data to tell us what we were going to find,” said Aagaard. “We learned the way that data could be compromised. And there was a little bit of irony or concern because this is an app that was designed to make people feel safe.”
One of their key findings was that having access to one person’s device makes everybody in their circle vulnerable because of the way the data is shared across these overlapping social circles. They also discovered multiple forensic artifacts that comprised significant amounts of personal data.
For paid users, additional data such as driving safety is collected. The students found that driving data is pushed to third-party providers, which the company discloses. Even if you aren’t a user of this app, a passenger in your car could collect driving data from you through their participation.
“Our goal wasn’t for people to stop using the app, but just to bring awareness,” said Aagaard. “The premise of the app is to be able to share your location with people. You don’t need to drag somebody down into the technical details, but there are certain things people can do that will give you a better outlook of the vulnerabilities that do exist.”
While this wasn’t Aagaard’s first publication, it was her first technical paper. Hoping to graduate with her master’s degree by the end of the year, she is a huge fan of the college’s cyber security program.
“The program is great. I love that it integrates academia, government and industry,” she said. “I really feel like we’ve got great experts teaching the classes and students who really like the field.”
A lesson Aagaard hopes consumers can take away from this project is that when people think data is gone, it really isn’t.
“Devices and applications are collecting a lot of data that users don’t know exists, she said. “And even if they know it exists and they think it is secured, someone with the technical knowledge and time has the ability to find it.”
UTSA Today is produced by University Communications and Marketing, the official news source of The University of Texas at San Antonio. Send your feedback to news@utsa.edu. Keep up-to-date on UTSA news by visiting UTSA Today. Connect with UTSA online at Facebook, Twitter, Youtube and Instagram.
Are you interested in learning more about incorporating digital methods into your research? This workshop will introduce you to approaches and tools that can help support your research. Through hands-on activities, you will learn about text analysis and digital mapping and how these methods can enrich your projects.
Group Spot B, 2.01.22, John Peace LibraryLearn to use the simple but powerful features of EndNote®, a citation management tool. In this hands-on workshop, participants will learn to setup an EndNote library, save references and PDFs, and automatically create and edit a bibliography.
Virtual EventAproduction of the Gudalupe Cultural Arts Center, Rio Bravo showcases the vibrant music and dance traditions of the Texas-Mexico border region. Featuring the Guadalupe Dance Company and Mariachi Azteca de América, the performances will be filmed live both nights, courtesy of UTSA's College of Liberal and Fine Arts.
UTSA Downtown CampusCheer on our Roadrunners as they face Houston Christian University. Featuring a special halftime show with Ballet Folklórico Sol de San Antonio and Mariachi Los Paisanos performing with the Spirit of San Antonio Marching Band.
AlamodomePubMed is an essential database for anyone conducting biomedical or health-related research. This workshop will teach attendees how to navigate this free resource effectively and locate peer-reviewed articles using basic & advanced search features, MeSH subject headings, and Boolean operators.
Virtual EventIn this workshop, we will review the basic concept of metadata and how it can influence digital projects, particularly those that include images like exhibits and mapping. Through the lens of preserving cultural heritage, you will learn about some of the more popular types of metadata schema and participate in a hands-on Dublin Core cataloging exercise.
CEDISH Co-Lab 3.02.38, 3rd Floor, John Peace LibraryMariachi Los Paisanos & Mariachi Juviniles will perform. Free and open to the public.
UTSA Recital HallThe University of Texas at San Antonio is dedicated to the advancement of knowledge through research and discovery, teaching and learning, community engagement and public service. As an institution of access and excellence, UTSA embraces multicultural traditions and serves as a center for intellectual and creative resources as well as a catalyst for socioeconomic development and the commercialization of intellectual property - for Texas, the nation and the world.
To be a premier public research university, providing access to educational excellence and preparing citizen leaders for the global environment.
We encourage an environment of dialogue and discovery, where integrity, excellence, inclusiveness, respect, collaboration and innovation are fostered.
UTSA is a proud Hispanic Serving Institution (HSI) as designated by the U.S. Department of Education .
The University of Texas at San Antonio, a Hispanic Serving Institution situated in a global city that has been a crossroads of peoples and cultures for centuries, values diversity and inclusion in all aspects of university life. As an institution expressly founded to advance the education of Mexican Americans and other underserved communities, our university is committed to promoting access for all. UTSA, a premier public research university, fosters academic excellence through a community of dialogue, discovery and innovation that embraces the uniqueness of each voice.