Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wi-Fi Fingerprints -- the End of MAC Spoofing?

Posted by ryuzaki0 on from the place-finger-here dept.

judgecorp writes, "Wireless devices can be identified by variations in their radio signaling, known as their 'transceiverprint,' according to research reported in Techworld. The Canadian researcher, Jeyanthi Hall, related the prints to MAC addresses and got a positive ID for devices connecting to a Wi-Fi network, claiming 95% success with no false positives. Once they work out how to do this without a dedicated signal analyzer and neural network processing, it's the end of MAC spoofing on wireless networks."

4 of 176 comments (clear)

  1. Old Idea by Detritus · · Score: 5, Interesting

    They were doing this during World War II, using the unique characteristics and variations of transmitters to "fingerprint" them. Similar things were done with the way radio operators send morse code to help detect spies that had been compromised.

    --
    Mea navis aericumbens anguillis abundat
  2. Re:the end of wireless mac spoofing?! no way by ergo98 · · Score: 5, Informative
    Anyone seriously into wireless security / hacking probably has 20+ wireless cards. It is common knowledge that a wireless card can be identified by its traffic, so why not just buy one of each vendor's cards and use the relevent one during each hack?

    If you RTFA, you would have seen that manufacturing variations yield differences even among the exact make and model -- e.g. that minor circuitry, amplifiers and antenna variations differences yield a unique signature.
  3. Re:Cool hack, but who cares... by Bender0x7D1 · · Score: 5, Interesting

    You are forgetting the insider threat. I might have the WPA key because I am an employee with my own laptop. However, if I spoof your MAC, then it looks like you are the one surfing /. (or porn sites) all day and not me.

    Encryption is good, but it doesn't solve every security problem.

    --
    Reading code is like reading the dictionary - you have to read half of it before you can go back and understand it.
  4. Seen it before by tsotha · · Score: 5, Interesting
    The Canadian researcher, Jeyanthi Hall, related the prints to MAC addresses and got a positive ID for devices connecting to a Wi-Fi network, claiming 95% success with no false positives.
    I'm sure it works great in her lab, but here in the real world...

    I work for Big Cellphone Company. We tried the same scheme in the mid '90s when analog phone cloning was all the rage (remember when it used to cost $1.50/minute? Ahhhhh, the good old days). It works, kind of.

    The problem is you're not trying to decide whether or not to retry a packet, or what the transmit power should be. You're trying to decide whether or not to provide service, so you really can't afford to be wrong. We were never really able to get an acceptable reliablility in the wild.

    Believe me, we had a huge incentive to roll this out to our network. The marginal bandwidth costs from fraud didn't hurt much, but when someone made a call to, say, Saudi Arabia on a cloned phone we got stuck with all the fees on the other end. A single cloning ring could cost millions, so Big Cellphone Company was willing to break the bank to get this to work.

    Eventually we rolled out digital service, so the project got shut down. Cloning fraud was one of the reasons we were willing to give you a free phone if you switched over to digital. Well, that and the long-term contract.