Slashdot Mirror

← Back to Stories (view on slashdot.org)

Locate Any WiFi Router By Its MAC Address

Posted by kdawson on from the reverse-lookup dept.

coderrr writes "SkyHook Wireless has been wardriving the US for years creating a huge database mapping wireless routers' MAC addresses to their physical locations. They provide an minimally documented API (docs here) which allows anyone to query the database directly for any MAC address. This could potentially allow some malicious individual to find out exactly where you live. Of course for them to get the MAC of your router in most cases will require either being infected with malware or some sort of social engineering attack... Imagine if you got a phishing email that included your home address."

15 of 204 comments (clear)

  1. Someone just bought an iPod Touch, eh? by Robotech_Master · · Score: 2, Interesting

    That's the only reason I can think of for this story suddenly coming up right now--this is what the iTouch uses for its location-detection (and I suppose the iPhone uses it, too, in conjunction with its cell-tower/GPS thing). I never knew about it until I had reason to look it up and find out how my iTouch knew where I was.

    I thought it was a little creepy the first time I realized my iTouch knew more-or-less my exact location--but on the other hand, it's also kinda neat. Too bad it only works in urban areas.

    --
    Editor Emeritus and Senior Writer, TeleRead.org
    1. Re:Someone just bought an iPod Touch, eh? by sammy+baby · · Score: 2, Interesting

      It also has some odd bugs. A few weeks ago I was in a Starbucks in suburban Philadelphia, and my iPhone (using the Starbucks wireless network) put my location as being somewhere in Washington state. Whoops.

  2. Re:Legality of this by Anonymous Coward · · Score: 3, Interesting

    Comparing an SSN to a MAC? *Chuckles*

  3. Re:Legality of this by creepynut · · Score: 3, Interesting

    I should have been more specific, by "securing" I meant encryption. As far as I know, even using WPA won't encrypt any MAC addresses.

    Pulling open Network Stumbler is evidence of this, it will show all networks, with the router MAC. It will show hidden networks, just without the SSID (which can be found by other means anyway). I

  4. Theft Recovery? by PainMeds · · Score: 2, Interesting

    A lot of different theft-recovery packages report the WiFi router and MAC address back, so this could theoretically be used to recover a stolen laptop that went back online.

  5. Re:Quick, Change your MAC! by papasui · · Score: 3, Interesting

    While I can't speak specifically for Comcast, most cable companies do not use the CPE mac address. The cable modem's HFC mac address is what it used to authorize service. What can and likely is done is that a limit is set on the number of CPE ip addresses that can be handed out (typically your public ip address). Some cable companies set this to 1. The CMTS maintains a table called the cable host which has these entries and they are typically cleared by rebooting the cable modem. If that doesn't work it may need to be manually cleared from the cmts.

  6. Re:Maybe. by bhtooefr · · Score: 4, Interesting

    At driving speeds it's harder to find out, but at walking speed (if you actually are on foot, it's warstumbling,) you can easily see the signal strength go up as you walk by the house that the router is in.

  7. Re:Wrong by Anonymous Coward · · Score: 1, Interesting

    And you can't easily get an exact street address from wardriving. All you know is somewhere along the antenna's main lobe there is a router. Could be 10 feet away, could be 500.

    You certainly could get an exact address, although not with basic wardriving equipment. Since you're scanning from a moving vehicle, you certainly have the opportunity to triangulate the position of the transmitter.

    And knowing the MAC address is of no earthly use. Well, in the old days you could map it to a ethernet chip manufacturer, but now most routers have changeable MAC addresses.

    Honestly, how many times do you change the MAC address on your router? I'm betting even most geeks stick with the default MAC. As long as people change their MAC addresses slowly enough, this database is certainly still quite useful.

    You can't map MAC address to email addresses either, as the summary claims. Sheesh.

    Yeah, I didn't read the summary here. Maybe they're sniffing unsecured WAPs to try and pin them to e-mail addresses. Or maybe the database involves some self-registration?

  8. Re:Perfect for scaring people by Lennie · · Score: 2, Interesting

    Also it already does this, the headers usually include a lot of information already internal (behind the firewall) IP-addresses and/or computer names, etc.

    There is also spam that just resends your own emails to different people you didn't send it to before.

    Those are the really scary ones.

    --
    New things are always on the horizon
  9. Google? by xandey · · Score: 2, Interesting

    Isn't this exactly what Google's location api does? Only without the cell tower and GPS functionality?

    http://code.google.com/p/gears/wiki/GeolocationAPI?redir=1

    I would imagine it would be hard to compete by wardriving when Google has an army of mobile phones querying where they are reinforcing the database.

  10. iPhone by Have+Blue · · Score: 3, Interesting

    The iPhone already uses this service for AGPS and A-cell-tower-triangulation. It was added in a 1.x update well before the 3G was released.

  11. Re:Wrong by damicatz · · Score: 1, Interesting

    MAC Addresses operate at the data-link layer (OSI Layer 2). The data-link layer deals solely with intranetwork communication (communication between computers in a single network). The IP Address deals with the computer on a logical/software level. The MAC Address deals with the computer on a more physical level. Anytime you send a data unit from one computer to another on the same network, the MAC Address is what it used to determine where that data unit should go and/or which computer that data unit is intended for. If Computer A wants to send a packet to Computer B on a different network, it has to go through a router. This is where IP Addresses really come into play. A MAC Address doesn't contain any information that identifies a particular network, it's just an address so you can't take a MAC Address and use it to determine what network that computer is on. In order to forward the packet from Computer A on Network A to Computer B on Network B, the destination MAC address on the frame of data intended for Computer B is changed to the MAC Address of the Router's Interface on Network A. The Router then recreates and sends this dataunit on Network B with a source MAC address of the router's Network B interface and a destination Mac address of Computer B. Because of this, it's impossible to get someone's MAC Address over the internet simply by using a packet sniffer. The MAC Addresses are changed everytime the dataunit passes through another router so the MAC Address you'd see on a frame you received over the internet would be the MAC Address of the last hop and not the originating computer.

  12. Re:Legality of this by ElectricTurtle · · Score: 5, Interesting

    That, and MACs aren't a serial number per se (granted blocks of them are assigned to specific manufacturers, but there's a reason that network hardware devices always have S/Ns in addition to MACs), they are ADDRESSES. They are SUPPOSED TO BE KNOWN. It makes no sense that people would freak out about somebody knowing the MAC address of their wireless but not the street address on their mailbox. Oh noes! Somebody might use their 31337 h4x0ring skillz to send me spam and phishing attacks to my interweb mail! Like they don't already? Somebody could send a pipe bomb to your physical mailbox too. Better hide that address, oh wait, you can't.

    Stop scaring the sheeple. I know it's kind of fun, but it's bad in the long term. That's how we get stupid legislation like banning wardriving or public access points/mandatory encryption.

    --
    I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
  13. IPv6 MAC addresses don't leak much here by billstewart · · Score: 3, Interesting

    IPv6 does have a mode where it autoconfigures devices using a munged version of the MAC address as the lower 64 bits of the address. (It's an ugly munge, not simply a 16-bit subnet plus 48-bit MAC, but in some sense it still gives you Netware-like autoconfig.) It's not clear how many people are going to use that mode, as opposed to a DHCP-replacement mode.

    But that's not going to leak information about the wireless, because typically nobody outside your building is going to talk to the IP address of the wireless side of your router. Either they're going to talk to the IPv6 address of one of your computers, so they might see the MAC address of your laptop, or they might see the MAC address of the Ethernet side of your firewall, but that's different from the MAC address of the wireless side.

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  14. Re:Perfect for scaring people by blair1q · · Score: 4, Interesting

    You mean as though you looked up their name in the phone book?

    Duh.

    One of the points of IPv6 is to get rid of the kind of Internet invisibility that allows spamming and phishing to flourish. Being on the Internet will be like being in public. Privacy will be opt-in. Any community you join will have to agree to allow you to hide yourself. You will be able to hide your identity from other users on a content provider (like here on /.) but you won't be able to hide from the content provider as you DOS his account-creation system or scan his ports.

    Will this create tracking-privacy issues? Sure. But we can deal with those by exercising our right to control the agencies that would use that data. It will prevent much more pervasive problems involving people we don't have legal control of until we catch them.

    You will have the same freedoms you now have - maybe more as you won't have to alter your personality to duck from the trolls or hide your email address from spammers; your security will be increased; and your in-box will have your email in it instead of a flaming bag of crap every morning.