Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

iphone security issue

7 views
Skip to first unread message

miso

unread,
Mar 31, 2012, 7:59:37 PM3/31/12
to
I always advise anyone with an iphone just to throw the shit in the
trash and use anything else. But it you use the iphone, here is yet
another security breech:

> http://arstechnica.com/apple/news/2012/03/anatomy-of-an-iphone-leak.ars?old=mobile

It is too long to cut and paste, but basically the iphone spews out the
last three MAC addresses it used in the ARP. Why, I don't know. However,
using the google mac to location database, you can be tracked. Is this
really a problem. Well it depends on if you are important enough to track.

I did a post a while ago on my own phone (a Blackberry, i.e. a secure
device) that was spewing out requests over the wifi, basically finking
me out as a coffee drinker and person that doesn't frequent five star
hotels. [I ran kismet and saw the probes.] If the hotel is a one of a
kind place, then the wifi could reveal where you have been, but there is
no time associated with this. In a blackberry, you can turn off this
quick connect scheme on a per AP basis, so I only leave the house and
coffee shops enabled permanently. Of course if your SSID is unique, that
can be tracked back potentially with the google mac database.

I've been tempted to change my MAC addresses just to piss off skyhook
and google, but I don't know if anything bad happens if you change them.
I wouldn't want to shoot myself in the foot just to mess with google.

Message has been deleted

miso

unread,
Apr 1, 2012, 12:37:15 AM4/1/12
to
On 3/31/2012 8:31 PM, Sqwertz wrote:
> On Sat, 31 Mar 2012 16:59:37 -0700, miso wrote:
>
>> I always advise anyone with an iphone just to throw the shit in the
>> trash and use anything else. But it you use the iphone, here is yet
>> another security breech:
>>
>>> http://arstechnica.com/apple/news/2012/03/anatomy-of-an-iphone-leak.ars?old=mobile
>
> I'm pretty sure that i-Devices could be broadcasting your bank account
> information and credit ratings and 98% of their users wouldn't really
> give a shit.
>
> They could even publish this in their terms of use, and 98% would
> agree to it, being fully aware of it.
>
> -sw

Security. RIM has it. Android is close. At least google gets the concept
and the need. But Apple just doesn't take this stuff seriously.

In the Bay Area, BART (metro train) has ad hoc wifi. RIM will not allow
connections to ad hoc wifi since I suppose by definition it is
untrusted. (Anyway can pretend to be the service.) It is annoying, but I
see their point.

There are 3rd party companies that claim to be able to hard Apple
products for use in secure environments. I noticed the RAAF is now using
ipad in this manner. Android apparently does claim a FIPS rating, though
I don't know to what degree.

Back to RIM, if you are on BIS, you won't get the man in the middle
attacks. However, you do have the ability on RIM devices to use 3rd
party browsers that don't run on BIS. They are subject to the fake APs
in the video on the ars technica page.

Next router I get, I'm going stealth. That would make it harder for the
google spy mobile to sniff it.



Char Jackson

unread,
Apr 1, 2012, 1:16:39 AM4/1/12
to
On Sat, 31 Mar 2012 21:37:15 -0700, miso <mi...@sushi.com> wrote:

>Next router I get, I'm going stealth. That would make it harder for the
>google spy mobile to sniff it.

Stealth?

miso

unread,
Apr 2, 2012, 3:23:40 AM4/2/12
to
Stealth as in you don't broadcast your SSID. If you run kismet, it can
detect stealth systems when they are active. Doing a duckduckgo search,
it seems stealth is now slang for stealing wifi, so I see the confusion.

The problem with going stealth is you don't get to mark your territory
with RF. So you may be idle and someone comes along and sets up wifi on
"your" channel.

> http://www.howtogeek.com/howto/28653/debunking-myths-is-hiding-your-wireless-ssid-really-more-secure/

This article is more or less correct. I haven't run netstumbler in a
while, so I don't know if it finds APs that don't broadcast.

When you do a site survey, you need to run the sniffer a while to find
some stealth systems. Maybe weekday and weekend depending on use pattern.

There is a claim (not proven) that google uses Android phones and GPS
data to create/supplement their wifi database. If that is the case, I
would have to set up an Android free zone!

Char Jackson

unread,
Apr 2, 2012, 11:34:38 AM4/2/12
to
On Mon, 02 Apr 2012 00:23:40 -0700, miso <mi...@sushi.com> wrote:

>On 3/31/2012 10:16 PM, Char Jackson wrote:
>> On Sat, 31 Mar 2012 21:37:15 -0700, miso<mi...@sushi.com> wrote:
>>
>>> Next router I get, I'm going stealth. That would make it harder for the
>>> google spy mobile to sniff it.
>>
>> Stealth?
>>
>Stealth as in you don't broadcast your SSID. If you run kismet, it can
>detect stealth systems when they are active. Doing a duckduckgo search,
>it seems stealth is now slang for stealing wifi, so I see the confusion.

Thanks, I know about not broadcasting the SSID, but I thought that
practice had been widely debunked (as a security measure) and
discouraged (partly for the reasons you provided), so I figured you
might be referring to something else.

miso

unread,
Apr 2, 2012, 5:15:58 PM4/2/12
to
The link does the debunking, but going stealth is better than nothing.
Do you have any netstumbler capable wifi handy to see if it finds
stealth APs?

Char Jackson

unread,
Apr 2, 2012, 11:59:03 PM4/2/12
to
I don't call disabling SSID broadcast "nothing", so it's hard for me
to go along with the 'better than nothing' scenario. Personally, I
think it's better to broadcast it.

>Do you have any netstumbler capable wifi handy to see if it finds
>stealth APs?

Not at the moment.

Jeff Liebermann

unread,
Apr 2, 2012, 11:59:43 PM4/2/12
to
On Mon, 02 Apr 2012 14:15:58 -0700, miso <mi...@sushi.com> wrote:

>Do you have any netstumbler capable wifi handy to see if it finds
>stealth APs?

<http://www.meraki.com/products/wireless/wifi-stumbler>
"Detect rogue APs, including hidden SSIDs"
Works fine as a web app or Android App.

However, I prefer WiFi Analyzer on my Droid-X:
<https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer&hl=en>
I think it will also do hidden AP's, but I'm not in a position to
check right now. One nice feature is that if a network has one SSID,
and a number of AP's, it will show all the MAC addresses and signal
stengths seperately. You can also use it to connect to a specific AP
by MAC address.

--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831-336-2558
# http://802.11junk.com je...@cruzio.com
# http://www.LearnByDestroying.com AE6KS

Jeff Liebermann

unread,
Apr 3, 2012, 12:46:54 AM4/3/12
to
On Mon, 02 Apr 2012 20:59:43 -0700, Jeff Liebermann <je...@cruzio.com>
wrote:

>On Mon, 02 Apr 2012 14:15:58 -0700, miso <mi...@sushi.com> wrote:
>
>>Do you have any netstumbler capable wifi handy to see if it finds
>>stealth APs?
>
><http://www.meraki.com/products/wireless/wifi-stumbler>
> "Detect rogue APs, including hidden SSIDs"
>Works fine as a web app or Android App.
>
>However, I prefer WiFi Analyzer on my Droid-X:
><https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer&hl=en>
>I think it will also do hidden AP's, but I'm not in a position to
>check right now. One nice feature is that if a network has one SSID,
>and a number of AP's, it will show all the MAC addresses and signal
>stengths seperately. You can also use it to connect to a specific AP
>by MAC address.

OK, I couldn't resist the temptation. Both sniffers will find hidden
SSID's, but only during the time when a different computah tries to
connect to the SSID.

Both programs did NOT show my Belkin wireless router when the SSID was
set to hidden. Only when I used my laptop to try and connect to my
SSID, did it show up on the various sniffers. As soon as the 4 way
handshake was done, the SSID disappeared from the sniffers. So, if
you're going to try sniffing for hidden AP's, you'll either need to
either know the SSID in advance, or wait until one of its users tries
to connect.

DevilsPGD

unread,
Apr 3, 2012, 1:09:56 AM4/3/12
to
In the last episode of <nbukn7drtne7kea3m...@4ax.com>,
Jeff Liebermann <je...@cruzio.com> said:

>OK, I couldn't resist the temptation. Both sniffers will find hidden
>SSID's, but only during the time when a different computah tries to
>connect to the SSID.

Or when an attacker blasts so much static on to the frequencies that it
forces the computers re-associate with the AP, re-broadcasting the SSID.

Oh and lets not forget that when you're not connected, your client
spends it's life shouting "Is SSID 'xyzzy' around me? How about now?"
(unless you disable automatic connection completely or are otherwise
connected)

--
This signature was randomly selected

Justin Goldberg

unread,
Apr 18, 2012, 10:14:48 PM4/18/12
to
On Apr 1, 12:37 am, miso <m...@sushi.com> wrote:
> On 3/31/2012 8:31 PM, Sqwertz wrote:
>
>
>
>
>
>
>
>
>
> > On Sat, 31 Mar 2012 16:59:37 -0700, miso wrote:
>
> >> I always advise anyone with an iphone just to throw the shit in the
> >> trash and use anything else. But it you use the iphone, here is yet
> >> another security breech:
>
> >>>http://arstechnica.com/apple/news/2012/03/anatomy-of-an-iphone-leak.a...
>
> > I'm pretty sure that i-Devices could be broadcasting your bank account
> > information and credit ratings and 98% of their users wouldn't really
> > give a shit.
>
> > They could even publish this in their terms of use, and 98% would
> > agree to it, being fully aware of it.
>
> > -sw
>
> Security. RIM has it. Android is close. At least google gets the concept
> and the need. But Apple just doesn't take this stuff seriously.
>
> In the Bay Area, BART (metro train) has ad hoc wifi. RIM will not allow
> connections to ad hoc wifi since I suppose by definition it is
> untrusted. (Anyway can pretend to be the service.) It is annoying, but I
> see their point.
>
> There are 3rd party companies that claim to be able to hard Apple
> products for use in secure environments. I noticed the RAAF is now using
> ipad in this manner. Android apparently does claim a FIPS rating, though
> I don't know to what degree.
>
> Back to RIM, if you are on BIS, you won't get the man in the middle
> attacks. However, you do have the ability on RIM devices to use 3rd
> party browsers that don't run on BIS. They are subject to the fake APs
> in the video on the ars technica page.
>
> Next router I get, I'm going stealth. That would make it harder for the
> google spy mobile to sniff it.

Something disturbing to me is how easy it is to pretend to be ATT/
Wayport/Mcdonalds/Starbucks etc and immediately be sniffing packets.
You would become the main access point if the signal is strongest. Not
that I've ever done that, but in theory it would seem to be so. But
since windows auto connects to the same bssid name (but with a
different mac address, which is also that's how a poor man's WDS/
handoff works imho). At least in newer versions it detects a new
network with the same bssid and asks you if you're at a public, home,
or work network.

How can the google mac db be accessed other than clicking the google
maps location icon?



This post brought to you by: afaik, imho, ymmv, idk, and the letters n
e w b i e.

miso

unread,
Apr 20, 2012, 5:18:07 PM4/20/12
to

> How can the google mac db be accessed other than clicking the google
> maps location icon?

This is news to me that the wifi macs show up on Google Maps at all.
From the way the tech press reports it, you have to feed the google API
two macs and it then will give you the locations. Googles safeguard is
the two mac requirement. That is, you can't just use the database in a
reverse fashion. The intent is you are sniffing wifi, then google will
report your locations.



DevilsPGD

unread,
Apr 22, 2012, 6:03:54 PM4/22/12
to
In the last episode of <jmsjr4$jrt$1...@speranza.aioe.org>, miso
<mi...@sushi.com> said:

>This is news to me that the wifi macs show up on Google Maps at all.

They don't.

> From the way the tech press reports it, you have to feed the google API
>two macs and it then will give you the locations. Googles safeguard is
>the two mac requirement. That is, you can't just use the database in a
>reverse fashion. The intent is you are sniffing wifi, then google will
>report your locations.

This seems to be correct.
0 new messages