Slashdot Mirror

← Back to Stories (view on slashdot.org)

Locate Any WiFi Router By Its MAC Address

Posted by kdawson on from the reverse-lookup dept.

coderrr writes "SkyHook Wireless has been wardriving the US for years creating a huge database mapping wireless routers' MAC addresses to their physical locations. They provide an minimally documented API (docs here) which allows anyone to query the database directly for any MAC address. This could potentially allow some malicious individual to find out exactly where you live. Of course for them to get the MAC of your router in most cases will require either being infected with malware or some sort of social engineering attack... Imagine if you got a phishing email that included your home address."

3 of 204 comments (clear)

  1. Re:Maybe. by bhtooefr · · Score: 4, Interesting

    At driving speeds it's harder to find out, but at walking speed (if you actually are on foot, it's warstumbling,) you can easily see the signal strength go up as you walk by the house that the router is in.

  2. Re:Legality of this by ElectricTurtle · · Score: 5, Interesting

    That, and MACs aren't a serial number per se (granted blocks of them are assigned to specific manufacturers, but there's a reason that network hardware devices always have S/Ns in addition to MACs), they are ADDRESSES. They are SUPPOSED TO BE KNOWN. It makes no sense that people would freak out about somebody knowing the MAC address of their wireless but not the street address on their mailbox. Oh noes! Somebody might use their 31337 h4x0ring skillz to send me spam and phishing attacks to my interweb mail! Like they don't already? Somebody could send a pipe bomb to your physical mailbox too. Better hide that address, oh wait, you can't.

    Stop scaring the sheeple. I know it's kind of fun, but it's bad in the long term. That's how we get stupid legislation like banning wardriving or public access points/mandatory encryption.

    --
    I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
  3. Re:Perfect for scaring people by blair1q · · Score: 4, Interesting

    You mean as though you looked up their name in the phone book?

    Duh.

    One of the points of IPv6 is to get rid of the kind of Internet invisibility that allows spamming and phishing to flourish. Being on the Internet will be like being in public. Privacy will be opt-in. Any community you join will have to agree to allow you to hide yourself. You will be able to hide your identity from other users on a content provider (like here on /.) but you won't be able to hide from the content provider as you DOS his account-creation system or scan his ports.

    Will this create tracking-privacy issues? Sure. But we can deal with those by exercising our right to control the agencies that would use that data. It will prevent much more pervasive problems involving people we don't have legal control of until we catch them.

    You will have the same freedoms you now have - maybe more as you won't have to alter your personality to duck from the trolls or hide your email address from spammers; your security will be increased; and your in-box will have your email in it instead of a flaming bag of crap every morning.