Wi-Fi-based Positioning Systems (WPSes) are used by modern mobile devices to learn their position using nearby Wi-Fi access points as landmarks. In this work, we show that Apple's WPS can be abused to create a privacy threat on a global scale. We present an attack that allows an unprivileged attacker to amass a worldwide snapshot of Wi-Fi BSSID geolocations in only a matter of days. Our attack makes few assumptions, merely exploiting the fact that there are relatively few dense regions of allocated MAC address space. Applying this technique over the course of a year, we learned the precise locations of over 2 billion BSSIDs around the world.
ArticleIn this article [1], the authors induce even more paranoia for those of us that understand how computers work. Apparently, with a laughably small amount of information, an attacker can track your movements anywhere in the world for as long as they want and there is nothing you can do about it (unless you are paranoid, in which case you already knew about this and own a Faraday bag ;) ).
They break down the methodology on how they actually did it and I honestly tried very hard to not get nerd-snipped by this. It's just such a novel way to use a piece of tech that we all take for granted because of how beneficial it is when we lose our phones (or worse, our luggage).
It does serve as a reminder to me (and hopefully to you dear reader) that for every tool we have, there is the stated use and then the 99 other more interesting use cases.
Thanks for reading and as always, all comments, critiques and questions are highly appreciated. Here's a link to the
previous article response.
[1] - It's actually not an article but rather an academic paper but it's written in a very accessible manner if you're even remotely technical.