Locate Any WiFi Router By Its MAC Address

coderrr writes "SkyHook Wireless has been wardriving the US for years creating a huge database mapping wireless routers' MAC addresses to their physical locations. They provide an minimally documented API (docs here) which allows anyone to query the database directly for any MAC address. This could potentially allow some malicious individual to find out exactly where you live. Of course for them to get the MAC of your router in most cases will require either being infected with malware or some sort of social engineering attack... Imagine if you got a phishing email that included your home address."

Legality of this

[ilovesymbian]

Er, isn't it illegal to wardrive in some states [Florida] in the first place?

And then putting out the MAC address publicly, like finding someone's SSN and posting it publicly. Oh, I guess its the owner's fault for not securing it.

Re:Legality of this

[creepynut]

Unless I am mistaken, securing a wireless router does not stop anyone from seeing its MAC address.

Re:Legality of this

[Collective+0-0009]

What's funny is that SSNs and MACs are very similar. They are both unique identifiers. The only reason you see it as different is that SSN has been treated more like a password than a serial number.

Re:Perfect for scaring people

[QuickFox]

"Welcome to my website! By the way, would you like me and my biker friends to pay you a visit at your home on Small Street? Or else, if you prefer, how about you help fill my tip jar? $50 will be fine."

Re:Maybe.

[Lumpy]

Exactly. I dont know what hey use for wardriving, but my stuff can not tell me that router B is in that white house across the street while router C is in the brick house with a pentagram painted on the front door next to router A that is in the doghouse in the back yard of that red teepee.

The story is 90% hooey with 10% sensationalism thrown in for fun.

Wrong

[Ancient_Hacker]

You don't need malware or anything else to get a router's MAC address, it's in every packet the router sends out.

And you can't easily get an exact street address from wardriving. All you know is somewhere along the antenna's main lobe there is a router. Could be 10 feet away, could be 500.

And knowing the MAC address is of no earthly use. Well, in the old days you could map it to a ethernet chip manufacturer, but now most routers have changeable MAC addresses.

You can't map MAC address to email addresses either, as the summary claims. Sheesh.

Re:Wrong

[stretch0611]

But certain Microsoft products use your MAC address.

In addition to WGA, I thought that MS-Word used to store your MAC address in the meta-data of the document.

That way you can trace an anonymous doc to a location.

Re:Perfect for scaring people

[mcmonkey]

Imagine if you got a phishing email that included your home address.

You mean like the spam that shows up in the actual mail box most days?

That stuff has my address on it, yet I still recognize it as spam. How is this any different?

Must be a web 2.0 thing.

Re:Security

[cant_get_a_good_nick]

My niece asked me this, should she jump on someone elses WiFi, but this happened right after the big kerfuffle about the DNS hack.

You realize that you're giving all your data and control over to a machine that you don't control. You hope that it's open because the person is either an idiot or a good guy, but you have no evidence of either at that point. Even something as simple as checking your mail might give people access to your inbox, and all the 'password reset' notices you get.