How I LOLLED
Bad jokes aside, I've been telling people for years that this could be possible via a large WarChalking exercise.
Vindication at last. EXCELSIOR!
PS I also predicted Melissa in 1995 :)
A security researcher has devised an attack suitable for stalking and similarly creepy endeavors that uses JavaScript and geo location data from Google to pinpoint a victim's precise location. In a talk titled “How I Met Your Girlfriend,” at the Black Hat conference last week, hacker Samy Kamkar demoed the technique, which he …
NTHell are coming with my noo 50M services later this month :-)
Evidently this means a new box with built in wireless, replacing the current box RJ45'd into my linux firewall. But unless *they* can disable the wireless during the install, the service will be getting cancelled within the week.
Wireless on the net gateway has always just felt wrong to me.
my dedicated WAP has its own zone and IP range - and has limited access to both the net and local systems.
Jacqui
Each Wirless device has its own mac which is communicated in the clear. Google and others have compiled a geographic database of wireless macs. All it takes is an exploit that leaks that internal mac address, of your home network, and they have a good idea of your address.
Hacking the router seems excessive, lots of people use laptops via wireless at home, you just need some way to look at the arp table and the job is done. The mac adress also gives you the brand of the device, and if you had a bit enough sample size, I would think it gives you the model too.
Solution is to regularly randomize the wireless mac address. I think techno stalkers will have fun for a while.
The two requirements for this are major 'if's. For starters, it would require someone to be on a network that is completely open (either with default credentials, which is the more likely scenario, or on a router that doesn't require authentication to get to the admin page (of which I've seen none)). Given how I'm seeing fewer and fewer open wifi networks out there there's very little chance for this to take root. It also requires Google Maps to have cached the area. That means only someone with a wifi signal strong enough to be broadcasted to a Googlecar or more likely, living in proximity to a street where a Googlecar would be bothered going through, is at risk.
Sorry, buddy. Not very likely.
I think you underestimate and/or misunderstand Google's geolocation... while you can get a good position using Wifi, Google can also use your IP address with some success; if you are using this to track someone's location, it would be fairly accurate, especially if averaged over some amount of time. This isn't a "difficult" hack; it uses a very simple web page, a tiny amount of Javascript, and Google Location Services. You might not get accuracy to millimeters, but you get close enough to tell if someone is home or away.
As I said - this isn't a difficult hack. This barely qualifies as script kiddy. Now, maybe if you use something more sophisticated to set up some sort of automatic position ping, that might be more interesting/useful, but as it is... this information is easy to find.
Then again, how is this considered stalking? It's less stalking than FaceBook...
"Google can also use your IP address with some success;"
Whenever anybody mentions the use of IP addresses for geolocation I have to try not to laugh. OK so with some ISPs it's possible to get somewhere near but most ISPs don't tie an IP to even a vague geographic area. I've looked at some of this geolocation nonsense in the past and the nearest any of these services has got is at least a county away (note for Merkin readers: a county in the UK will generally contain several large towns or cities). Some of them even put me in London.
As for Google's sinister WiFi database, sorry but again it's a big fat FAIL. From the day it was collected it's been out of date and it's getting worse and worse. Google are not updating the data in any serious way, but the world is changing. People are buying new routers, people are moving house. Things are changing.
So this particular "scare" is yet another case of unfounded headline grabbing or maybe just looking for peer approval (it's a geek thing). OK so it might work, but only for a very, very small subset of people. People who fit into all these groups.
People who can be lured to the malicious website.
Who have a wireless router (not everybody has them you know).
People who's router has no password or default password.
People who don't have any wireless encryption on their home router.
People who have the same router they did when the Google car went past.
People who still live where they did when the Google car went past.
People who's router was switched on when the Google car went past.
People who's wireless can be picked up from the street (mine doesn't reach).
Some venn diagram isn't it? And the thing is that the number of people who fall into all those groups is falling all the time.
Oh and even then it relies on their visiting the website from home. What if they decide to visit it from their phone or maybe an internet cafe or somebody else's home?
Whilst many people will have changed the default router password, many people also allow their browser to store the router password, which achieves the same result.
The network does not need to be completely open, all that is required is for the victim to visit a web site which includes the malicious code.
The WiFi network also does not need to be open to be geoloccated - Google just needs to have captured some packets - all of which will include the MAC address of the router, regardless of any payload encryption.
Lastly, Google's geolocation is not the only game in town - there is also Skyhook. Whilst country folk may have their houses too far enough from public roads for their WiFi to be geolocated, this is less likely for city dwellers.
The hotel across the river from where I do some of my work has a completely open network -- router password is factory standard, and you can look it up on the 'net. I have tried it (though I have not done anything to their network except notifying their manager that their network is seriously asking for abuse due to a complete lack of both common sense and security. That was two months ago. Nothing has since happened.)
Unfortunately, in the real world, there is an abundance of completely unsecured and set-to-factory-standard routers out there. That is my bitter experience from several years of working as an IT consultant.
Try to hack mine, though. See if you can get at the message for those who think they are successful... and yes, I know that even the best practices can be circumvented. So, if you get as far as the message, it includes one of my email addresses. Drop me a line telling me how you did it, so I can fix it...
Same sort of thing here at a local function centre. We noticed that they had open wireless while we definitely weren't cheating during a trivia night, and then found the router was default password.
When we told the guy who does their tech stuff, he was quite OK with that because the open wireless was actually NATed into their LAN, not direct connected. Didn't seem to worry him that the real router's IP address was obtainable via the open wireless router's status page... Nor that said real router's password also wasn't changed from the default...
Oh, as for this exploit - easier to just ask people where they are. The stupid ones will tell you anyway.
Call me old-fashioned, but I believe you need to have some sort of "connection" to the person you're stalking. You know, you buy her stuff, send her parcels, and generally know a load of things about her routine and location from simple observation. Any idiot can clicky-clicky on a website. You might end up hassling Auntie Vera. Yuck. Where's the fun in that? Or have we been so conditioned by our pitiful excuse of television programming and the equally pitiful "celebrity culture" that it's now the done thing to fall in love with a so-called celebrity that wouldn't look at you twice, lure her to a website to snarf her location, to send Interflora across the world to somebody you'll probably never meet? WTF?
I think this is a geek with a solution that's desperately looking for a problem...
Girl / Guy (yes it happens) you are perving over is stupid enough to publish her email address, maybe on facebook, or forget to hide it on a mailto: for on their website. If they have done that, chances are they haven't secured their router to well.
Next send them an email. You have enough info from their website / facebook to target them. Send them to website to run code.
Back you have the local area they live in.
Drive (or catch bus).
Bingo, there is target.
See not that hard to stalk the person of your (twisted) dreams.
Yes, I can understand the mechanics behind it working - I just think "cute girl in the flower shop" would be a more worthy target than "random person on Facebook" or whatever. At least you get to see the flower shop girl, how she dresses, how she interacts, what sort of person she is. With an Internet location, well... Is the picture of the person a real picture of that person? Mine is an animé girl which is obviously not a real person, but some of the girls at work have pictures of OTHER girls as their photo, which is bizarre IMHO. If you were to obsess over that, you'd get a shock if you meet the real person. That isn't to say they're bad looking, just that they look nothing like the published photo.
Yeah. I see the potential application of this, but give me a real live person any day...
Judging by streetview, we've had the Google vans up and down most streets around us in the past few years (after deploying the present wifi router in use w/o any MAC change since then) and while they claim the location is within hiking distance it is hardly close enough to begin to guess which of many thousands of buildings or towers it might be coming from.
Some geolocations may be better, others may be worse, but the remaining problem is that if you live in a high density area it is not as likely as some imply that you can get a location fix to any reasonable degree of certainty.
If you can manage to get somebody to run some dodgy javascript, you can just use that to ask the browser for your location. FF and chrome can provide a site with your location.
So this all seems a bit complicated when there are far easier ways. And how the hell are you going to get the MAC of my wireless anyway? You'd need to login to my router, unless you assume the PC I am using is on wireless too (which is not always the case) - good luck hunting the MAC of my wired network in the Google database :P
Most APs MACs are sequential, and sequential in the same order. so if you can communicate with the users' browser, simply have some code run there that can extract the contents of the ARP cache....you might be overjoyed at what you find
Unless you hack mine, and you'll think you just connected to a network from 1990... All of my MACs are old Proteon and BBN addresses.....sometimes I just love being old.
Samy Worm nocked MySpace out of commission? I think not.
MySpace took their site down because they didn't know what was going on, and wanted to roll-back to a safe state.
Which is fair enough.
But that's not the same as saying that their site collapsed because Samy had a million friends. Saying so is a little unfari, both to Samy and to MySpace.
.. and then i lost it etc etc.
Yes, there is other means to find someone on a mobile network, so lets conveniently forget about that.... instead we find YOUR girlfriend's HOUSE where her router is, not the same as that person.
This kind of story is very alarmist but the STALKING bit is missing as you would need to do lots more to ensure only your intended victim gave up their router. Instead you can STALK a load of random people who came to your website..... lucky you!!
bias warning: I am developing and testing exooc.com
Actual Comment: new HTML5 geolocation can get your location pretty close even without GPS I saw 36m precision quite common.... of course browser asks you if you want to allow it but... there are cases/places with proxy where somebody else clicked to share this information with specific web server-> therefore coz u r using same public IP your address could be already known to same web server without you knowing.
anyhow if you wish to check how precise your location might be known to others go to exooc.com
good .. so your ip and other details are not in database... however there are more database which differ...l
Article discusses different method where attacker uses xss to get mac address of your router via administration page of your router... and you must have default loging name and password...
connection with geolocation comes to picture when he used geolocation's database to check where is MAC address of your router located.
Then it appears that your Google-reported "position" happens to be the last place that you used Google Maps to actually get a position for your smartphone. Irrespective of your actual home router location.
All I can think of is checking my location on my iPhone from Wrigley ballpark now...just in case the neo-Nazis come after me!
This post has been deleted by its author
As far as I understand the principal of Google's geolation by router MACs it's a pretty shite service.
From what I've read it looks at all the wireless networks your PC can see (so if you're on a wired network this hack is right out). It then compares the MAC addresses of the unencrypted ones with it's database. As a service this has so many flaws it's untrue.
Flaw #1 it only works if your PC has wireless enabled.
Flaw #2 it only works if your PC can see at least one unencrypted network.
Flaw #3 It only works if that network is in Google's database.
If you have firefox it's pretty easy to try. Give it a go and see if you get a location at all (from a quick straw poll at work it's very unlikely that you will) and if you do how accurate it is (of the two people who got a location one was in the wrong town, the other was in the wrong country). Now consider how likely this evil stalking hack is to work.
We already know traditional Geolocation by IP is a non-starter. Geolocation by wireless MAC is also pretty useless ATM. So this nasty evil stalking tool is so unlikely to work that even the most desperate virgin dweeb is likely to get bored long before he finds a cute girl for whom it actually works.