home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   alt.internet.wireless      Fun with wireless Internet access      55,960 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 55,845 of 55,960   
   Marian to Carlos E.R.   
   Re: How to test if your access point BSS   
   14 Dec 25 16:44:51   
   
   XPost: misc.phone.mobile.iphone, alt.comp.os.windows-10, comp.mobile.android   
   From: marianjones@helpfulpeople.com   
      
   Carlos E.R. wrote:   
   >> And when querying wifi networks almost none are changed from the ISP   
   >> default.   
   >   
   > Around my house I see three customized of mine, one random (computer   
   > generated long random string), 3 "TP-Link..." one "ARRIS". So everybody   
   > else except the random one is using factory defaults. Or provider defaults.   
   >   
   > Using WiFi Analizer (Android) upstairs I see a few more, also generated   
   > by the ISP.   
      
      
   Hi Carlos,   
      
   If you want, you can give me a BSSID of one of the homes near you, and   
   thanks to Chris who asked me to do it, I can output the nearest 400   
   BSSID:GPS pairs in that area.   
      
   If desired, I can "snowball" it even further, to get the nearest 400 to the   
   outside ring, which will instantly extend to thousands within seconds.   
      
   If you're OK with that, I'll post those thousands so that Chris (and others   
   who may not have understood what the researchers reported) will see that.   
      
   All I need to do is run the now-modified Apple BSSID locator code:   
       
   where the main change I made to the apple_bssid_locator.py was   
    FROM: apple_wloc.return_single_result = 1 (which means return only one)   
    TO:   apple_wloc.return_single_result = 0 (which means unlimited returns)   
      
   In practice, "unlimited" really means Apple throttles returns at 400.   
   All this I learned from reading the research that was posted about this.   
      
   With the changes I documented, anyone in the world can reproduce what the   
   security researchers said could be done, which I thank Chris for making me   
   do it (because it took about a half hour for me to figure out that change).   
      
   Now when I run this command using the modified apple_bssid_locator.py code   
    python apple_bssid_locator.py 11:22:33:AA:BB:CC --all   
   I get up to 400 BSSID:GPS pairs per query.   
      
   If ANYONE wants to give me a BSSID of their neighbor, just post it.   
   I will run the query for them and report the results here for all to see.   
      
   As the researchers stated, it's trivial to "snowball" that query with   
   automation to the point in two weeks the researchers had billions of   
   GPS:BSSID pairs, which then they could use to track "households".   
      
   It's so easy to do, it's scary.   
   Just have someone give me a BSSID and I'll prove it to all right now.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca