MiFi Attack Exploits GPS To Reveal User's Location

MiFi Attack Exploits GPS To Reveal User's Location 62

Posted by timothy on Saturday January 16, 2010 @04:20PM from the wish-it-was-easy-for-non-attackers dept.

An anonymous reader writes "Security researcher Adam Baldwin has identified that the Sprint and Verizon MiFi devices are vulnerable to a multitude of attacks. Combining these attacks together, an attacker can gain the GPS location of the MiFi device without the user becoming immediately aware. The attack can be successfully executed without authentication and even if the GPS has been disabled by the administrator." There's a video, but a handy text summary, too. Upshot: "Any MiFi user that visits a specially crafted page will give up their GPS location to the attacker."

MiFi Attack Exploits GPS To Reveal User's Location

This discussion has been archived. No new comments can be posted.

Search 62 Comments Log In/Create an Account

Comments Filter:

Why does it have a GPS? (Score:4, Insightful)

by Darkness404 ( 1287218 ) writes: on Saturday January 16, 2010 @04:24PM (#30792814)

I think the main question is why would a glorified router have a GPS built-in? I can see no real reason for a GPS being in a router. Phones? Perhaps. Router? No.

Bad title (Score:3, Insightful)

by spire3661 ( 1038968 ) writes: on Saturday January 16, 2010 @04:39PM (#30792922) Journal

Cell tower triangulation is not GPS in any way shape or form.

Publicity Stunt? (Score:3, Insightful)

by LostCluster ( 625375 ) * writes: on Saturday January 16, 2010 @04:42PM (#30792934)

Here's one from the conspiracy theory file:
Since the MiFi is such a novel concept, people might not think it includes anything not related to data connections. By making this mistake and it landing on Slashdot and such, it's advertising the GPS... plus giving notice so nobody can sue them and claim they didn't know they were carrying a device that would reveal their location.

Re:Why does it have a GPS? (Score:3, Insightful)

by John Hasler ( 414242 ) writes: on Saturday January 16, 2010 @04:51PM (#30792992) Homepage

> Because you're on a cellular network and the company providing service wants
> to know where its users are using them so they can plan the network.
They know what cells you are using and the signal strength. That's all they need.

Re:Why does it have a GPS? (Score:2, Insightful)

by hanabal ( 717731 ) writes: on Saturday January 16, 2010 @05:07PM (#30793114)

if the phone is only picking up the signal from one tower you can eliminate any side of the tower where another tower is close by, as you would expect to have more than one signal. so unless the tower is completely isolated you can have a pretty good idea where they are, at least what direction.

Re:Why does it have a GPS? (Score:4, Insightful)

by dgatwood ( 11270 ) writes: on Saturday January 16, 2010 @05:53PM (#30793436) Homepage Journal

That it works even with GPS mode turned OFF on the phone is DIRECT evidence of poor security design.
No, the fact that third parties *found* the back door is direct evidence of poor security design. The fact that the backdoor was there is at least as likely to be an intentional measure for law enforcement purposes as it is to be a mistake. Odds are, when they "fix" this bug, the backdoor will still be there, just hidden a little better.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

MiFi Attack Exploits GPS To Reveal User's Location 62

MiFi Attack Exploits GPS To Reveal User's Location More Login

MiFi Attack Exploits GPS To Reveal User's Location

Why does it have a GPS? (Score:4, Insightful)

Bad title (Score:3, Insightful)

Publicity Stunt? (Score:3, Insightful)

Re:Why does it have a GPS? (Score:3, Insightful)

Re:Why does it have a GPS? (Score:2, Insightful)

Re:Why does it have a GPS? (Score:4, Insightful)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot