Slashdot Mirror

← Back to Stories (view on slashdot.org)

MiFi Attack Exploits GPS To Reveal User's Location

Posted by timothy on from the wish-it-was-easy-for-non-attackers dept.

An anonymous reader writes "Security researcher Adam Baldwin has identified that the Sprint and Verizon MiFi devices are vulnerable to a multitude of attacks. Combining these attacks together, an attacker can gain the GPS location of the MiFi device without the user becoming immediately aware. The attack can be successfully executed without authentication and even if the GPS has been disabled by the administrator." There's a video, but a handy text summary, too. Upshot: "Any MiFi user that visits a specially crafted page will give up their GPS location to the attacker."

3 of 62 comments (clear)

  1. Why does it have a GPS? by Darkness404 · · Score: 3, Insightful

    I think the main question is why would a glorified router have a GPS built-in? I can see no real reason for a GPS being in a router. Phones? Perhaps. Router? No.

    --
    Taxation is legalized theft, no more, no less.
    1. Re:Why does it have a GPS? by dgatwood · · Score: 3, Insightful

      That it works even with GPS mode turned OFF on the phone is DIRECT evidence of poor security design.

      No, the fact that third parties *found* the back door is direct evidence of poor security design. The fact that the backdoor was there is at least as likely to be an intentional measure for law enforcement purposes as it is to be a mistake. Odds are, when they "fix" this bug, the backdoor will still be there, just hidden a little better.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

  2. WTF is a MiFi?? by Anonymous Coward · · Score: 3, Funny

    MILF Finder?? Where do I get one?? I need to locate a willing MILF real bad, I feel horny, horny!