

Sniffing tool for capturing WiFi location data disclosed by iOS devices - casca
https://github.com/hubert3/iSniff-GPS

======
jamesbrennan
It isn't only iOS devices that do this. All operating systems probe for SSIDs
that they have been previously associated with, thats what makes devies like
the WiFi Pineapple possible [0].

[0] <http://hakshop.myshopify.com/products/wifi-pineapple>

~~~
newman314
However, Apple devices do do "optimization" to get on the network quickly. If
you previously associated with a SSID, it'll get reconnected much faster.

See <http://cafbit.com/entry/rapid_dhcp_or_how_do>

------
jetsnoc
I had to install aircrack-ng. Upon doing so and watching for about 30 minutes,
I saw my MacBook Pro and iPhone 5 both leak an uncomfortable amount of probes
for SSID's my devices have attached to. The thing is, quite a few SSID names
are unique enough it nailed the specific devices I had attached to and through
Apple's geo-coordinate database, their coordinates.

If the author is reading I just sent a pull request for a defect in the 'SSID
Search' page. Thanks.

------
aneth4
I didn't realize looking for SSIDs was an active process. Why wouldn't it just
listen for broadcast SSIDs? Is this only for hidden ones?

Regardless, headline should not single out iOS unless this is iOS specific -
maybe it is? Readme says: "iPhones, iPads and other wireless devices"

------
shadesandcolour
I'm curious to know if this is an iOS only issue. It seems to me that any
device that remembers past SSIDs would look for them actively. That way the
user gets on their preferred network whenever it's available. Then anyone with
access to a database with GPS coordinates for base stations would be able to
achieve the same effect, no?

------
D9u
Mobile phones are rife with security concerns, and this article is merely
another in a long list.

This is why I choose to purchase pre-paid (burner) type devices, which have
the added bonus of not locking me into any restrictive "contracts."

~~~
leephillips
Whether or not your phone is disposable seems not to be relevant to this
attack, such as it is. Your device will still leak information suggesting
where you have recently been.

------
tagabek
I see why this is interesting, but how or when would it be practical or
useful?

~~~
deepinsand
You could install this in a retail store to get competitive intel on where
your customers have previously browsed or been

~~~
tagabek
Something like this seems... illegal. Isn't this type of data farming only
allowed after explicit permission of the user?

~~~
evan_
What would be illegal about it? The phone is advertising the MACs, just the
same as if you wore a shirt that had your home address on it.

~~~
rmc
Storing personally identifiable data about people is covered and controlled by
EU Data Protection law. Broadly, you have to have a legitimate, legal,
proportional reason for storing personal data on people. You probably need
their consent.

------
blocking_io
Headline is hyperbole. According to the linked page, iOS devices leak some
network information and it _may_ be possible to analyse this to establish
where the device's owner lives.

~~~
DenisM
How is this a hyperbole? The device broadcasts MAC address of previously
connected, which is easily converted into geographical coordinates.

~~~
binderbizingdos
as far as I remember this is a feature, the wifi connection stack on osx is
trying to connect to recent wifis first with the mac address because that is
much faster than trying to get a new lease and so on

~~~
vardump
It also causes occasional IP-address conflicts. Had this happening before and
traced it to an iPhone using an IP-address it did not have a DHCP lease for.

------
toyg
_" Presented at Blackhat USA July 2012, code published on Github 2012-08-31."_

Old news.

