PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Expanding upon the obvious

From: Robin Wood <robin () digininja org>
Date: Wed, 12 Dec 2012 14:51:40 +0000
On 11 December 2012 14:51, Joe Ashbrook <joe.ashbrook () gmail com> wrote:

Hi all,

I just wanted to throw this out there as I rarely hear anything about 802.11
tracking. Aside from a few companies, such as Path Intelligence or Skyhook
(SpotRank technology), I never hear of any commercial systems that attempt
to track mobile devices (users). Of course, the companies listed above are
rather opaque in describing how their technology works.

As everyone on this mailing list is aware, basic 802.11 "hacking" techniques
can provide a lot of useful information on mobile devices and their users. I
am surprised there has not been more commercial interest in data mining of
mobile devices. Especially given that staying withing the data link layer
has proven to be legal - or so it seems the golden rule is to not include
payload...

Anyways, in this era of "Big Data" I expected to see more retailers (or any
commercial entity) interested in collecting information about devices within
physical proximity of them. I expect the most powerful use in analyzing
mobile device data would be in a deanonymized form, and perhaps due to
privacy concerns is why companies are shy to experiment with this, or
already are and just keep in on the DL.

I envision retailers using this type of technology to create 'shopper'
profiles. For instance, reconstructing a devices preferred network list (by
capturing directed probe requests) may give them information about where
else a shopper visits (directed probe request for SSID 'Panera'). Or, cross
referencing with other shoppers PNL, may be able to identify relationships
among shoppers (directed probe request from Joe's device SSID "ByteMe",
directed probe request from Tim's device for SSID "ByteMe").

For a final project in completing my undergrad degree I wrote a paper on
this, which I attached if anyone cares to skim it. It has some code at the
end for a Kismet protocol dissector to insert 802.11 probes in a mysql db.
This was a proof of concept for the class intended only as an academic
exercise.

I recall some researcher (~ a year ago) explaining how iOS devices will
broadcast their last 3 wireless networks connected, which I never heard
anything else about. So I know this is not a new topic. Being such a
fascinating subject I am curious if anyone else has some input in regards to
this.


Check out Snoopy from Dan at SensePost, he does all this and more. He
presented on it at 44Con this year so I guess the video will be on
line somewhere.

And from my experience iOS probe for all the SSIDs in their list, not
just the last 3.

Robin
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: