Your iDevice Tells the World Where You Were (and neat physics)

Apple iDevices transmit the last 3 MAC addresses they connected to each time they join a new wireless network. In other words, whenever an iPhone, iPad, etc user connects to a wireless network, anyone running a sniffer now knows where that device has been.

Choice quote: “While MAC address leakage appears to be unique to Apple products (according to Wuergler), smartphones of all stripes expose so much valuable information that Wuergler has created an application he calls “Stalker” to streamline its collection.”

Solution: “Expose” that smartphone to the “valuable information” contained in the 3500C flame of an oxyacetylene welding torch, then buy a $20 burner.

Neat physics: Scientists have developed “vortex magnetic field” antennas capable of transmitting in the Ghz range… and the antennas are just 500nm across. No word on the radiation efficiency (the paper is behind an APS paywall), but the design is too cool.

It literally creates a magnetic field vortex up the center of two glued-together disc magnets, and uses that to emit radio waves… sadly they don’t exactly make it clear how they go from a solid pair of magnets to an electromagnetic field oscillating at 1Ghz and above. I suppose given 500nm magnets you could just spin them at a billion RPM, but that seems less than amenable to modulation. (“to send a dot, blow on the spinning magnet. to send a dash, blow longer.”)

http://www.theregister.co.uk/2013/05/09/mag_antennas/

Also worth watching is the British chap demonstrating a permanent magnet tractor beam(!) toy in action at the end.

https://github.com/hubert3/iSniff-GPS
http://arstechnica.com/apple/2012/03/anatomy-of-an-iphone-leak/
http://arstechnica.com/apple/2012/03/loose-lipped-iphones-top-the-list-of-smartphones-exploited-by-hacker/

“That’s because the iPhone is the only smartphone he knows of that transmits to anyone within range the unique identifiers of the past three wireless access points the user has logged into. He can then use off-the-shelf hardware to passively retrieve the routers’ MAC (media access control) addresses and look them up in databases such as Google Location Services and the Wireless Geographic Logging Engine. By allowing him to pinpoint the precise location of the wireless network, iPhones give him a quick leg-up when performing reconnaissance on prospective marks.

“This is interesting on a security level because I’ll know where you work, I’ll know where you live, and know where you frequent,” Wuergler, who is a Senior Security Researcher for Miami-based Immunity Inc., told Ars. “If the last access point you connected to was your home, for example, I’ll know right where to go to get to you later or get to your data. If I’m an attacker that wants to break into your company, this becomes a disclosure that an attacker isn’t going to pass up.”

While MAC address leakage appears to be unique to Apple products (according to Wuergler), smartphones of all stripes expose so much valuable information that Wuergler has created an application he calls “Stalker” to streamline its collection. Running on a laptop, Stalker vacuums up passwords, images, email and any other data that is sent unencrypted and organizes it in an easy-to-read interface. A screen capture from Stalker, an application developed by Mark Wuergler.

Previously accessed network names and unencrypted Facebook chats, emails, and attached documents are all there, along with the name of each smartphone user who exposed them. Stalker presents the collected data in aggregate or allows the user to view the contents retrieved from a specific smartphone owner. Stalker also calls on programming interfaces offered by Google and other location services to automatically plot the recently connected Wi-Fi networks on a map.”

Advertisements
%d bloggers like this: