Apple’s huge database, which usually records the locations of Wi-Fi base stations to the nearest metre, has apparently been exploited without hindrance: With little effort, attackers are able to create a ‘global snapshot’ of all the location data of the WLANs recorded there. This allows them - over a longer period of time - to track changes in the location of the routers usually belonging to a household or sometimes even of individuals, as two researchers from the University of Maryland have now demonstrated.

The researchers consider it particularly problematic that Apple’s Wi-Fi database can be read out practically unhindered and immediately provides the location data for ‘several hundred’ additional BSSIDs (the physical MAC addresses of the routers) to the requesting client without being asked via an apparently unlimited API. In this respect, Apple’s Wi-Fi database also differs fundamentally from other Wi-Fi databases, such as the one operated by Google.

  • Boddhisatva
    link
    fedilink
    157 months ago

    I’m sure they are also pretty effective for people with more nefarious uses for them.

    • @[email protected]
      link
      fedilink
      English
      3
      edit-2
      7 months ago

      Certainly. I’m not saying they’re a good thing; just lending credence to their existence.

      Though I’ll note; to use them you need access to the wifi radio carried by the individual you’re tracking. Ie; you’ve already hacked their device.