Slashdot Mirror
Locate Any WiFi Router By Its MAC Address
coderrr writes "SkyHook Wireless has been wardriving the US for years creating a huge database mapping wireless routers' MAC addresses to their physical locations. They provide an minimally documented API (docs here) which allows anyone to query the database directly for any MAC address. This could potentially allow some malicious individual to find out exactly where you live. Of course for them to get the MAC of your router in most cases will require either being infected with malware or some sort of social engineering attack... Imagine if you got a phishing email that included your home address."
This is perfect for when IPv6 takes off, with its built-in MAC address. Then my website can scare people shitless by greeting them with a note saying exactly where they live.
Terrorists can't threaten a country's freedom and democracy. Only lawmakers and voters can do that.
So all I have to do to be "safe" is to change the Mac address the router spits out? Ok. Not that there was any real risk to begin with. As the summary says there would have to be some malware present that had access to my internal network to send the mac to then look it up. Plus, I don't have the same router I did a year ago. Plus, they'd have to figure out which house I live in. Plus, I think spam with my address wouldn't phase me.
Well.. maybe. Or Maybe not. But Definitely not sort of.
If someone has some sort of malware running on my computer, they don't need my router's MAC address to find out where I live. And in that case, them knowing where I live is the least of my problems.
Only when the person is too much of a poser to not find the hidden SSID. Not everyone knows how, though it is incredibly simple. That is the reason why we have security through obscurity, to begin with. Also, to comment on the topic, it does not take social engineering to find the MAC address for a router. Almost every stumbler does that, by default, out of the box. Many will show that there is a hidden SSID, but they may still show the MAC address. Even if they don't, the SSID can be found and the router cracked.
I believe Skyhook uses the Wireless Antenna's MAC Address, not the WAN Port MAC Address. So, you'd have to be within proximity of the WAP in order to get that information anyway, which means you know about where the WAP is in the first place.
Buttons aren't toys.
Change your MAC?
If you are one of the unfortunate people to be stuck with Comcast (or probably a bunch of other cable companies,) Comcast will charge you to update their records.
With a cable modem under Comcast, your Mac address is your login key.
Looking for a job?
Want your resume written professionally?
DON'T USE TUNAREZ!!!
Wigle has been doing this for years and years. They're also almost completely open and cross platform. Besides, if anybody wants to know where somebody is, there are a lot easier ways than trying to link a an address from the media access control layer to some coordinate on a map.
I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
Yep, there's even a company called Navizon that's building a competing service to Skyhook, yet they pay individuals to collect the MAC addresses (as well as Cell tower IDs) with their GPS-equipped devices, so that those without GPS can still obtain their location. It integrates with the new Fire Eagle software/service from Yahoo too.
Here's a link (with my referral code inserted): Navizon
Skyhook has zero data in the city I live in, though I did eventually figure out how you could submit a MAC and coordinates to their system, and fed mine in, so at least my iPhone-owning friends will know where they are when they're at my house...
When in danger or in doubt, run in circles, scream and shout. --Robert A. Heinlein
The typical wireless home router has three MAC addresses, one for the external wired interface ("uplink"), one for the internal wired network and one for the wireless network. You can change them separately.
First: I use Comcast. Over the past 3 years, I've replaced wireless routers 2 times (in 2 different homes). The only thing I needed to do to set up a new router was to power-cycle the cable modem; I did not need to change the router's MAC address.
Second: in any case, even if you use some ghetto ISP that tracks router MAC addresses, the external MAC (what the cable modem sees) and the internal wireless MAC (what the wardrivers see) are different and completely independent. You can easily change one without changing the other.
Only when the person is too much of a poser to not find the hidden SSID.
Plenty of devices with an 802.11b radio, especially handheld devices, cannot connect to networks with hidden SSIDs. (A lot of them can't do WPA either.) If you use one of those devices, you have to reconfigure networks that you administer not to hide the SSID.
And you can't easily get an exact street address from wardriving. All you know is somewhere along the antenna's main lobe there is a router. Could be 10 feet away, could be 500.
Perhaps if you're a crude wardriver. If you're sophisticated, and use a directional antenna on a rotatable mast, or multiple antenans, you could quite easily locate the AP to within a few meters, driving down the street.
The technology isn't hard (it was used in bygone days to do TV viewership ratings, by looking for LO leakage from the tuner, it was used in the UK to find folks who hadn't paid their TV tax, it's used today to find leaks in cable tv systems)
Ok, a few other people have said basically the same thing I'm going to say, but I thought their answers don't do a very good job of describing the problem for a very non-technical user. Hopefully I'll do better (and if I'm incorrect in any of my statements, I'm sure somebody will correct me... I'm not really an expert).
In other words, there are a lot of MAC addresses on your local network. The key point is this: A wardriver will get the MAC of your wireless router (well, if he connects to the network he might be able to get MAC addresses of your other equipment, but that would only be possible on an unencrypted network). You can change that safely, because it's not the MAC that Comcast sees. (On a related note, changing the MAC on your computer's network card, whether it's wired or wireless, isn't going to be effective, because that's not what a wardriver is going to see. If you're "visiting" someone else's wireless network, then changing the MAC of your wireless card will anonymize you a little, but that's useful because you don't trust the network – in other words it's a different scenario. You generally "trust" your own network.)
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
I *can't* stop broadcasting my BS(sid), you insensitive clod!
It's more like saying that your mailing address isn't a unique ID because somebody else also lives at 123 Main St... in a different postal code. The MAC only has to be unique on your local network, i.e. someone in a different "community" can have the same "address". Your IP address is what is unique, but the problem with IP addresses is that they must only be unique at a single point in time. It's a bit like trying to trace someone by their address when everyone in the community moves every few days. The MAC is more like their legal name: we assume it's the same even if their address changes, but it's possible to have one's legal name changed too.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
You realize that you're giving all your data and control over to a machine that you don't control.
Isn't that what you already do with your own ISP? How do you know that some bored guy there isn't already eavesdropping on your data? Or even someone at your ISP's upstream provider?
O frabjous day! Callooh! Callay!