In the category of being careful with location based services when using apps, researchers at the University of California-Santa Barbara have discovered a vulnerability in the popular Waze app that permitted them to create “ghost drivers” that could monitor drivers in the vicinity and track them in real time.

Basically, the researchers were able to intercept communications between Waze and users’ phones by getting the phones to accept their computers as the connection between Waze and the users and could then reverse-engineer the Waze protocol. The researchers were then able to write a program that allowed them to create thousands of “ghost cars” and “ghost drivers” that could monitor the drivers around them.

The head of the research team exclaimed that “It’s such a massive privacy problem.” Other recent complaints since Waze updated its app in January is that when a user downloads it, it requests access to all of your contacts. Not sure why it needs your entire contact list to help you navigate from point A to point B. Just a reminder to read those pop ups when you download an app.