iphone security issue

I always advise anyone with an iphone just to throw the shit in the trash and use anything else. But it you use the iphone, here is yet another security breech:

formatting link
It is too long to cut and paste, but basically the iphone spews out the last three MAC addresses it used in the ARP. Why, I don't know. However, using the google mac to location database, you can be tracked. Is this really a problem. Well it depends on if you are important enough to track.

I did a post a while ago on my own phone (a Blackberry, i.e. a secure device) that was spewing out requests over the wifi, basically finking me out as a coffee drinker and person that doesn't frequent five star hotels. [I ran kismet and saw the probes.] If the hotel is a one of a kind place, then the wifi could reveal where you have been, but there is no time associated with this. In a blackberry, you can turn off this quick connect scheme on a per AP basis, so I only leave the house and coffee shops enabled permanently. Of course if your SSID is unique, that can be tracked back potentially with the google mac database.

I've been tempted to change my MAC addresses just to piss off skyhook and google, but I don't know if anything bad happens if you change them. I wouldn't want to shoot myself in the foot just to mess with google.

Reply to
miso
Loading thread data ...

formatting link
I'm pretty sure that i-Devices could be broadcasting your bank account information and credit ratings and 98% of their users wouldn't really give a shit.

They could even publish this in their terms of use, and 98% would agree to it, being fully aware of it.

-sw

Reply to
Sqwertz

formatting link

Security. RIM has it. Android is close. At least google gets the concept and the need. But Apple just doesn't take this stuff seriously.

In the Bay Area, BART (metro train) has ad hoc wifi. RIM will not allow connections to ad hoc wifi since I suppose by definition it is untrusted. (Anyway can pretend to be the service.) It is annoying, but I see their point.

There are 3rd party companies that claim to be able to hard Apple products for use in secure environments. I noticed the RAAF is now using ipad in this manner. Android apparently does claim a FIPS rating, though I don't know to what degree.

Back to RIM, if you are on BIS, you won't get the man in the middle attacks. However, you do have the ability on RIM devices to use 3rd party browsers that don't run on BIS. They are subject to the fake APs in the video on the ars technica page.

Next router I get, I'm going stealth. That would make it harder for the google spy mobile to sniff it.

Reply to
miso

Stealth?

Reply to
Char Jackson

Stealth as in you don't broadcast your SSID. If you run kismet, it can detect stealth systems when they are active. Doing a duckduckgo search, it seems stealth is now slang for stealing wifi, so I see the confusion.

The problem with going stealth is you don't get to mark your territory with RF. So you may be idle and someone comes along and sets up wifi on "your" channel.

formatting link
This article is more or less correct. I haven't run netstumbler in a while, so I don't know if it finds APs that don't broadcast.

When you do a site survey, you need to run the sniffer a while to find some stealth systems. Maybe weekday and weekend depending on use pattern.

There is a claim (not proven) that google uses Android phones and GPS data to create/supplement their wifi database. If that is the case, I would have to set up an Android free zone!

Reply to
miso

Thanks, I know about not broadcasting the SSID, but I thought that practice had been widely debunked (as a security measure) and discouraged (partly for the reasons you provided), so I figured you might be referring to something else.

formatting link

Reply to
Char Jackson

formatting link
>

The link does the debunking, but going stealth is better than nothing. Do you have any netstumbler capable wifi handy to see if it finds stealth APs?

Reply to
miso

formatting link
>>

I don't call disabling SSID broadcast "nothing", so it's hard for me to go along with the 'better than nothing' scenario. Personally, I think it's better to broadcast it.

Not at the moment.

Reply to
Char Jackson

"Detect rogue APs, including hidden SSIDs" Works fine as a web app or Android App.

However, I prefer WiFi Analyzer on my Droid-X:

I think it will also do hidden AP's, but I'm not in a position to check right now. One nice feature is that if a network has one SSID, and a number of AP's, it will show all the MAC addresses and signal stengths seperately. You can also use it to connect to a specific AP by MAC address.

Reply to
Jeff Liebermann

OK, I couldn't resist the temptation. Both sniffers will find hidden SSID's, but only during the time when a different computah tries to connect to the SSID.

Both programs did NOT show my Belkin wireless router when the SSID was set to hidden. Only when I used my laptop to try and connect to my SSID, did it show up on the various sniffers. As soon as the 4 way handshake was done, the SSID disappeared from the sniffers. So, if you're going to try sniffing for hidden AP's, you'll either need to either know the SSID in advance, or wait until one of its users tries to connect.

Reply to
Jeff Liebermann

Or when an attacker blasts so much static on to the frequencies that it forces the computers re-associate with the AP, re-broadcasting the SSID.

Oh and lets not forget that when you're not connected, your client spends it's life shouting "Is SSID 'xyzzy' around me? How about now?" (unless you disable automatic connection completely or are otherwise connected)

Reply to
DevilsPGD

Something disturbing to me is how easy it is to pretend to be ATT/ Wayport/Mcdonalds/Starbucks etc and immediately be sniffing packets. You would become the main access point if the signal is strongest. Not that I've ever done that, but in theory it would seem to be so. But since windows auto connects to the same bssid name (but with a different mac address, which is also that's how a poor man's WDS/ handoff works imho). At least in newer versions it detects a new network with the same bssid and asks you if you're at a public, home, or work network.

How can the google mac db be accessed other than clicking the google maps location icon?

This post brought to you by: afaik, imho, ymmv, idk, and the letters n e w b i e.

Reply to
Justin Goldberg

This is news to me that the wifi macs show up on Google Maps at all. From the way the tech press reports it, you have to feed the google API two macs and it then will give you the locations. Googles safeguard is the two mac requirement. That is, you can't just use the database in a reverse fashion. The intent is you are sniffing wifi, then google will report your locations.

Reply to
miso

They don't.

This seems to be correct.

Reply to
DevilsPGD

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.