Jump to content
House Price Crash Forum

Archived

This topic is now archived and is closed to further replies.

R K

They Know Where You Live

Recommended Posts

http://www.bbc.co.uk/news/technology-10850875

:ph34r:

One visit to a booby-trapped website could direct attackers to a person's home, a security expert has shown.

The attack, thought up by hacker Samy Kamkar, exploits shortcomings in many routers to find out a key identification number.

It uses this number and widely available net tools to find out where a router is located.

Demonstrating the attack, Mr Kamkar located one router to within nine metres of its real world position.

'Creepy' attackMany people go online via a router and typically only the computer directly connected to the device can interrogate it for ID information.

However, Mr Kamkar found a way to booby-trap a webpage via a browser so the request for the ID information looks like it is coming from the PC on which that page is being viewed.

He then coupled the ID information, known as a Mac address, with a geo-location feature of the Firefox web browser. This interrogates a Google database created when its cars were carrying out surveys for its Street View service.

The attack uses data gathered by Google's Street View carsThis database links Mac addresses of routers with GPS co-ordinates to help locate them. During the demonstration, Mr Kamkar showed how straightforward it was to use the attack to identify someone's location to within a few metres.

"This is geo-location gone terrible," said Mr Kamkar during his presentation. "Privacy is dead people. I'm sorry."

Share this post


Link to post
Share on other sites
Guest X-QUORK

Could someone explain how this works please? How is my router linked to a location exactly?

Share this post


Link to post
Share on other sites
Guest Skinty

So how did google's streetcars find the locations of the Mac addresses? Did they record the location of every wireless router they picked up.

And more importantly, why did they do this???

I'm really beginning to hate google.

Share this post


Link to post
Share on other sites

So how did google's streetcars find the locations of the Mac addresses? Did they record the location of every wireless router they picked up.

And more importantly, why did they do this???

I'm really beginning to hate google.

Don't you remember, it was on the news a wee while back. Google did it 'accidently'

http://www.wired.com/threatlevel/2010/06/google-wifi-sniffing/

http://www.bbc.co.uk/news/technology-10805090

Never have trusted wireless - and with good reason

Share this post


Link to post
Share on other sites

google did it to aid GPS positioning, if you have googlemaps on your phone it will also do upload your routers MAC address and GPS position. Its one of the reason why google on your computer knows exactly where you are...

As for getting the router MAC it sounds like a xss hack, I cant imagine it would be that easy to achieve..

Share this post


Link to post
Share on other sites

What? Google collected all this stuff and have allowed it to be accessed by anyone? WTF???

Sorry X-Quork - I'm not an expert - I was responding to Skinty's question about Google - but I think if you read the original article posted by Frank Sidebottom, I think the expert hacker is saying Google's playing a bit fast and loose with the info it's gathered

Quote from original story ""The fact that databases like Google Streetview's Mac-to-Location database or the Skyhook database can be used in these attacks just underlines how much responsibility companies that collect such data have to safeguard it correctly," said Mr Hypponen."

Just turn your wi-fi off and use a wire ;)

Share this post


Link to post
Share on other sites
Guest X-QUORK

Just turn your wi-fi off and use a wire ;)

Oh great, I'll have to have wires trailing through the house whenever I want to go online. :angry:

What about our governments demanding Google destroy this data which was illegally collected in the first place?

Share this post


Link to post
Share on other sites

What? Google collected all this stuff and have allowed it to be accessed by anyone? WTF???

Its not a major problem, its just a MAC address and a location, its the same as saying there is a router at this location. MAC addresses is the hardware address and it isn't broadcast/known unless your physically at that location. Other people have been wardriving/logging this information for the last 10 years as your wireless router broadcasts the mac address for all to see....

If your worried about your MAC address, you should be using a wire, Most wireless data can be decypted and read by your neighbours if they try really hard...

Share this post


Link to post
Share on other sites
Guest X-QUORK

Its not a major problem, its just a MAC address and a location, its the same as saying there is a router at this location.  MAC addresses is the hardware address and it isn't broadcast/known unless your physically at that location.  Other people have been wardriving/logging this information for the last 10 years as your wireless router broadcasts the mac address for all to see....

The two bolded sentences appear to be at odds with one another. Is it that the MAC addresses can't be used to identify individuals, just routers?

Share this post


Link to post
Share on other sites

Oh great, I'll have to have wires trailing through the house whenever I want to go online. :angry:

What about our governments demanding Google destroy this data which was illegally collected in the first place?

Trouble with electronic data is that you can say it's been deleted, but you can't watch it go up in smoke.

Share this post


Link to post
Share on other sites

The two bolded sentences appear to be at odds with one another. Is it that the MAC addresses can't be used to identify individuals, just routers?

The MAC address identifies a router, its globally unique, it is part of the hardware part of the network layer. It isn't sent over the internet that is IP address. If you visit a website the website gets your IP address not your MAC address.

The scare story here is somone has found a way of tricking your computer into giving the attacker your routers MAC address. IMHO it is just a scare story, it isn't very likely. It would be a Cross site scripting attack, the attacker would need to already know your routers internal IP, your router type, your routers Username and password, and your router software would have to use buggy javascript?

BOOTNOTE: all networked devices have a hardware MAC address, your pc has a MAC address which is different to your routers MAC address. You can change (spoof) your MAC address on your router and pc if your concerned

Share this post


Link to post
Share on other sites

Oh great, I'll have to have wires trailing through the house whenever I want to go online. :angry:

What about our governments demanding Google destroy this data which was illegally collected in the first place?

They're more likely to buy it from them. To ensure secure deletion, of course.

Share this post


Link to post
Share on other sites
Guest X-QUORK

The MAC address identifies a router, its globally unique, it is part of the hardware part of the network layer.  It isn't sent over the internet that is IP address.  If you visit a website the website gets your IP address not your MAC address.

The scare story here is somone has found a way of tricking your computer into giving the attacker your routers MAC address.  IMHO it is just a scare story, it isn't very likely.  It would be a Cross site scripting attack, the attacker would need to already know your routers internal IP, your router type, your routers Username and password, and your router software would have to use buggy javascript?

BOOTNOTE: all networked devices have a hardware MAC address, your pc has a MAC address which is different to your routers MAC address.

So unless you're a complete boob with an insecure wireless network, not too much to worry about?

Share this post


Link to post
Share on other sites

The scare story here is somone has found a way of tricking your computer into giving the attacker your routers MAC address. IMHO it is just a scare story, it isn't very likely. It would be a Cross site scripting attack, the attacker would need to already know your routers internal IP, your router type, your routers Username and password, and your router software would have to use buggy javascript?

According to this, the attack only works on routers where the admin login/password hasn't been changed from default.

Also wouldn't be a problem with setups where the router and wireless access are separate (i.e. with separate MAC addresses).

edit to add: frankly if an attacker gains control of your router, you've got more important things to worry about than this, eg.

The user is lured to or accidentally visits the attacker's Web site. When a default password is detected and determined, Javascript coding tricks the user's browser into altering details on the router administration page. Changes made might enable the attacker to administer the device remotely and, as a result, control the owner's Internet communications. Among other possibilities, the attacker could access sensitive data on the network or use the connection to send spam.

Share this post


Link to post
Share on other sites
Guest Skinty

I never use a wireless dongle anyway. Too much hassle. I used to always use my own netgear router and changed the password. But recently we've moved to O2, and then to BT when O2 got rid of us. Both times they've just sent a wireless router without any instructions on how to log into it and change the default password. Probably because they would want us to send it back to them in the same state that they sent it to us rather than having to reset any passwords. Although there is a recessed switch that can be pressed to do this.

Share this post


Link to post
Share on other sites

If the router does not broadcast its MAC address to any wireless receiver that asks for it, I can't see how this would work. In fact, I can't see how the MAC address would be relevant. Presumably the Google cars only picked up routers' SSIDs: unless the router had no wireless access password set up, they could not log on to it. So Google recorded the SSID and an approximate geographic location of each router. So theoretically, I guess, an attacker could attempt to go to the router's login page through an Internet connection if its firewall was set to allow remote administration (and given that I have changed the login page's address from the default of 192.168.1.1 to something else and disabled remote administration, that would stop them straight away) and try the default username and password. Assuming the router's owner hadn't changed it, the attacker could then find its wireless SSID and match that up to the Google data to find its location. I don't see how the MAC address could be relevant, unless a router broadcasts its MAC address on wi-fi for the Google car to pick up. But presumably you could theoretically match up the SSIDs, if Google has recorded them in relation to their geographic locations.

Share this post


Link to post
Share on other sites

If the router does not broadcast its MAC address to any wireless receiver that asks for it, I can't see how this would work. In fact, I can't see how the MAC address would be relevant. Presumably the Google cars only picked up routers' SSIDs: unless the router had no wireless access password set up, they could not log on to it. So Google recorded the SSID and an approximate geographic location of each router. So theoretically, I guess, an attacker could attempt to go to the router's login page through an Internet connection if its firewall was set to allow remote administration (and given that I have changed the login page's address from the default of 192.168.1.1 to something else and disabled remote administration, that would stop them straight away) and try the default username and password. Assuming the router's owner hadn't changed it, the attacker could then find its wireless SSID and match that up to the Google data to find its location. I don't see how the MAC address could be relevant, unless a router broadcasts its MAC address on wi-fi for the Google car to pick up. But presumably you could theoretically match up the SSIDs, if Google has recorded them in relation to their geographic locations.

googlecars picked up the router mac address, and associated it with a GPS position, googlemaps for phones does the same thing.

Share this post


Link to post
Share on other sites

I never use a wireless dongle anyway. Too much hassle. I used to always use my own netgear router and changed the password. But recently we've moved to O2, and then to BT when O2 got rid of us. Both times they've just sent a wireless router without any instructions on how to log into it and change the default password. Probably because they would want us to send it back to them in the same state that they sent it to us rather than having to reset any passwords. Although there is a recessed switch that can be pressed to do this.

http://bt.custhelp.com/app/answers/detail/a_id/10360/c/346,502

Share this post


Link to post
Share on other sites

googlecars picked up the router mac address, and associated it with a GPS position, googlemaps for phones does the same thing.

So is there any way to stop a router from broadcasting its MAC address to a wifi receiver? I can't remember any such option in the setup screens of mine, but I'll have another look when I get home.

Share this post


Link to post
Share on other sites

So is there any way to stop a router from broadcasting its MAC address to a wifi receiver? I can't remember any such option in the setup screens of mine, but I'll have another look when I get home.

Its how your wireless network (and any network) works, you cant turn it off, its in the hardware layer beneath all the IP stuff! You can setup MAC address filtering in your router to block unknown MAC addresses, BUT i believe that wont help as when a device attempts to connect to your wireless the MACS addresses will be swapped first. Here is one clever sod attempting to hunt his stolen laptop by MAC address sniffing, and signal strength triangulation

http://superuser.com...ptop-got-stolen

Share this post


Link to post
Share on other sites

Sorry X-Quork - I'm not an expert - I was responding to Skinty's question about Google - but I think if you read the original article posted by Frank Sidebottom, I think the expert hacker is saying Google's playing a bit fast and loose with the info it's gathered

Quote from original story ""The fact that databases like Google Streetview's Mac-to-Location database or the Skyhook database can be used in these attacks just underlines how much responsibility companies that collect such data have to safeguard it correctly," said Mr Hypponen."

Just turn your wi-fi off and use a wire ;)

the obvious solution is to apply market forces.

if google cannot be entirely secure in it's privacy,then somebody out there will provide a similar product that will.

finding an alternative to things like microsoft/google etc also helps to strengthen the security of the country.....as it will make the job of prospective hackers that much harder having to write their invasive software in multiple protocols.

...and they will naturally go for the big targets anyway,so choosing a small-fry browser etc makes quite a bit of sense.

loss of revenue is what will hurt these people the most,as murdoch is about to learn the hard way.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • 238 Brexit, House prices and Summer 2020

    1. 1. Including the effects Brexit, where do you think average UK house prices will be relative to now in June 2020?


      • down 5% +
      • down 2.5%
      • Even
      • up 2.5%
      • up 5%



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.