Can your iPhone's digital footprints reveal your physical location?
Users of iPhones may be uniquely vulnerable to a new kind of cyberstalking that can reveal their real-life whereabouts, if they leave GPS and Wi-Fi activated.
(Page 2 of 2)
One door closes, another opens
After Ars Technica ran its story, Google adjusted its location services so that they could no longer be used for that purpose.Skip to next paragraph
Subscribe Today to the Monitor
But Seiwert leveraged the third Apple feature to get around that. He discovered that Apple's own Location Services for iOS gave up the physical locations of MAC addresses, collected as part of the crowd-sourcing mapping feature, if it thought the request came from an iOS device rather than from a human being.
"You can send Apple a single MAC address of a Wi-Fi router and they will send back a result set including the GPS coordinates of that MAC address and about 400 others" in the near vicinity, Seiwert told SC Magazine.
Seiwert's iSniff GPS tool automates the collection of data from all three processes. When Seiwert's laptop is connected to an open Wi-Fi access point he himself has set up, iSniff GPS locates all iOS devices within range; collects the MAC addresses of the previous three Wi-Fi access points to which each iOS device had connected; queries Apple Location Services for the physical location of each of logged MAC address; and finally, overlays the location results on Google Maps.
In a few minutes, iSniff GPS will have found and mapped the physical locations of the home wireless routers of the owners of most of the iOS devices within Wi-Fi range of the user's laptop.
While attending the BlackHat security conference in Las Vegas in July 2012, Seiwert used iSniff GPS to harvest 3,543 MAC addresses from 1,337 iOS devices. He gave a brief presentation on his findings at the Chaos Communication Congress security conference in Hamburg, Germany, in December 2012.
Seiwert has now posted iSniff GPS to the online open-source code repository GitHub.
- 7 Security Spring Cleaning Tips
- How to Pull Off a $45 Million Global ATM Heist
- 10 Best Mobile Security Software Products
Copyright 2013 TechNewsDaily, a TechMediaNetwork company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.