Spies do spying, part 97: The CIA has a tool to track targets via Wi-Fi The latest cache of classified intelligence documents dumped online by WikiLeaks includes files describing malware CIA apparently uses to track PCs via Wi‑Fi. The Julian Assange-led website claims the spyware, codenamed ELSA, infects a target's Windows computer and then harvests wireless network details to pinpoint the …
"Before you go into hysterics, take a moment to breathe into a paper bag and remember that ELSA is used against CIA targets, and if you're the subject of a CIA intelligence operation you have way, way more to worry about than the integrity of your wireless network."
Until the tools are leaked and incorporated in the malware du jour.
Until the tools are leaked and incorporated in the malware du jour.
Location is of little interest for malware du jour. It becomes of interest only if the meatware attached to the laptop becomes a target. That is definitely not part of the malware du jour repertoire.
This post has been deleted by its author
Who would have thought that Google Streetview's slurping of wireless SSIDs and MAC addresses as they drove around the world would be useful. A digital database mapping the electronic world.
It's a good thing they Google were made to delete it before it could be copied or used for nefarious purposes...
"user submitted map of wifi locations."
The actions of some people beggars belief. I wonder how many would be happy if all toilet doors were banned? Privacy, yeah, we used to have a bit in the old days. But then we were offered some shiny for "just a little bit of our privacy", and we let them have it. Then they came for a little more. And more. And yet more.
... simply do not use WiFi on any Windows PC. Setting it up is pain anyway and the speed is not so good, I very much prefer powerline (from reputable vendor and with all the required certifications, as to minimize the radio noise this generates, of course!). If only I could put Ethernet cables across the house, that would be even better.
Icon because it's Friday!
"simply do not use WiFi on any Windows PC."
Well if you are a terrorist or have something to hide maybe!
"Setting it up is pain anyway"
There is nothing to "setup" It just works out of the box.
"the speed is not so good,"
I likely get higher real transfer speeds via my 5GHz AC WiFi than you do over Powerline!
Setting it up is pain anyway and the speed is not so good
This has not been true for quite some time now.
I very much prefer powerline (from reputable vendor and with all the required certifications, as to minimize the radio noise this generates, of course!)
Ok, reasonable alternative although with lengthy list of caveats, but it does raise the question of how many cafes, trains, planes, hotels etc support this. If its a low number or none, WiFi is going to be used.
If only I could put Ethernet cables across the house, that would be even better.
Its fairly easy to do without damaging anything or leaving permanent marks.
"I very much prefer powerline"
So do your nosy neighbours who can't pick up a decent wi-fi signal through thick walls.
"with all the required certifications, as to minimize the radio noise this generates, of course!"
What makes you think certifications minimise noise? They minimise noise in the specific bands required by the tests, but outside those almost anything goes.
As a previous poster noted, this does have a use for personalizing spear phishing attacks.
The list is depressingly long.
Fortunately with Windows phones being quite rare beasts the location data is likely to have gaps in it.
Their social WiFi and WIPS solutions can give you hot zones maps as well as track device locations on a perimeter, is not that hard to do, you just need APs located at strategic locations and know the signal attenuation on each spot on the perimeter, that way the APs can triangulate the location of the device, no need for the device to be connected to the network, even if you have the "wifi disabled", which is not true, it is always on and used by the device's OS manufacturer for location purposes.
Someone could do a bit of database poisoning.
"Huh? What is that?"
A few years ago someone, I think using El Reg, suggested a way to beat facebooks threat to auto tag us when they recognized us from all the other pictures we are tagged in.
They suggested mis-tagging unknown people or even inanimate objects.I never heard whether that would even be legal.
Could this suggestion be translated to other databases? Would that be legal? Would it be less wrong than government funded crooks spying on people with proper legal oversight?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
