|Main Archive Page > Month Archives > full-disclosure-uk archives|
-----BEGIN PGP SIGNED MESSAGE-----
Dan Kaminsky wrote:
> On Thu, Jan 7, 2010 at 11:12 PM, <Valdis.Kletnieks@vt.edu> wrote:
>> On Thu, 07 Jan 2010 23:07:01 +0100, Dan Kaminsky said: >>> No, he uses an XSS against the router to pull its wireless MAC, and then >>> puts that into Firefox's location services API. That bounces off various >>> wardriving sources and comes up with a latlong. >> OK, so it only works against wireless routers that have been wardriven >> already. Makes you wonder what's on those Google Street-View trucks >> besides a camera. ;) >>
> www.wigle.net and SkyHook have been doing this stuff for a while. Though I
> suppose there is that rule, "It's only creepy if Google does it"
Disabling ssid broadcast doesn't mitigate detection either, well not by more than a couple of minutes. If you don't need wireless access disable it.
I used to think Microsoft were creepy. I still think Microsoft are creepy, especially after discovering the phone home features in Win 7. Google on the other hand are plain scary, thankfully unlike Microsoft they are entirely altruistic.
-----END PGP SIGNATURE-----