Forgot your password?
typodupeerror
Privacy Security Wireless Networking Your Rights Online

MiFi Attack Exploits GPS To Reveal User's Location 62

Posted by timothy
from the wish-it-was-easy-for-non-attackers dept.
An anonymous reader writes "Security researcher Adam Baldwin has identified that the Sprint and Verizon MiFi devices are vulnerable to a multitude of attacks. Combining these attacks together, an attacker can gain the GPS location of the MiFi device without the user becoming immediately aware. The attack can be successfully executed without authentication and even if the GPS has been disabled by the administrator." There's a video, but a handy text summary, too. Upshot: "Any MiFi user that visits a specially crafted page will give up their GPS location to the attacker."
This discussion has been archived. No new comments can be posted.

MiFi Attack Exploits GPS To Reveal User's Location

Comments Filter:
  • by Anonymous Coward on Saturday January 16, 2010 @04:36PM (#30792902)

    Or more "paranoidally" put, they like to know where a hotspot is at any given time. For whatever reason.

    That it works even with GPS mode turned OFF on the phone is DIRECT evidence of poor security design.

    Who knows how much intel you're pinging away on that IP-phone? More than any of us are cleared to know.

    I trust cell phone companies with my voice, only... and they often screw even that up.

    And my confirmation captcha is "phones"... as if I needed more proof they were listening!

  • by fuzzyfuzzyfungus (1223518) on Saturday January 16, 2010 @05:20PM (#30793198) Journal
    The MiFi device essentially is a phone. It connects to a cellular data network and then makes that connection available over wifi to nearby computers.

    If they actually included a real GPS chipset, that would be puzzling, just from a cost/weight/battery life/board space perspective; but basically anything that interacts with a cell network gets location data within the limits of tower triangulation accuracy essentially for free(and then, if Verizon is the carrier, the firmware locks you out of that until you pay an extra monthly fee; but the capability is there).

    The utter fail here is that the MiFi interface is as vulnerable as it is.
  • by Mr_Silver (213637) on Sunday January 17, 2010 @12:58PM (#30799210)

    I think the main question is why would a glorified router have a GPS built-in? I can see no real reason for a GPS being in a router. Phones? Perhaps. Router? No.

    In short, FCC E911 rules.

    Most USB modem vendors use Qualcomm chipsets which come with GPSOne as standard. As such, they just need to include an antenna.

    USB modems sold in Europe still have GPSOne in there, but the antenna is removed to reduce costs. As such you cannot get a fix.

1 + 1 = 3, for large values of 1.

Working...