CyberManipal.

Tech news from MIST

WIFI probing exposes user's personal data

Breaches
@KumudRathore

Kumud Rathore

June 15, 2022

University of Hamburg, Germany: Researchers conducted a field experiment capturing thousands of passersby's WiFi connection probe requests to determine the type of data transmitted without the device owners realizing it. Many firms track their customers' position and movement. This tracking only uses anonymized MAC addresses, often regarded as GDPR compliant. Experiment was conducted on the busisest streets of Germany with 6 antennae for 3 hrs which captured 252,242 probe requests. The sniffed passwords correspond to SSIDs which additionally can be verified by setting up fake access points on the fly using the potential credentials. The main implication here is persistent tracking. Even though more recent iOS and Android version are more protective, the andorid 8 and lower version are found with every 4th account. The easiest way to protect is to update the OS version. Remove the SSIDs that you no longer need, and disable auto join network function.

Abridged fromBleeping Computer

Click here to see the original post

Share this article