lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <COL401-EAS131DA24E67DA651F116029789F70@phx.gbl>
Date: Wed, 16 Jul 2014 07:33:38 -0400
From: Dale Visser <dale.visser@...e.com>
To: Keira Cran <keiracran@....cc>, "fulldisclosure@...lists.org"
	<fulldisclosure@...lists.org>
Subject: Re: [FD] Jamming WiFi tracking beacons

This story set me wondering. Would it be possible to re-imagine WLAN and WWAN technologies such that, lets say smartphone-like devices don't have to broadcast unique, trackable IDs in the clear. I understand there's zero financial incentive for the telco industries  to do this. I'm looking for more of a thought experiment, i.e., could it be done? Feel free to scrap 802.whatever and Internet Protocol when considering how it might be done.



-- Sent from my phone. Please forgive brevity.
________________________________
From: Keira Cran<mailto:keiracran@....cc>
Sent: ‎7/‎16/‎2014 5:52 AM
To: fulldisclosure@...lists.org<mailto:fulldisclosure@...lists.org>
Subject: [FD] Jamming WiFi tracking beacons

Hey,

It's great that companies like Apple recognising the threat of tracking
people via their devices wifi cards' MAC addresses, by randomising them.

Naturally, I wondered i it was possible to jam the measurement beacon by
spoofing tons of wifi clients.  At one point in London, there was an
advertising firm with tracking bins [1] and I have a nice clip of a
technician looking puzzled at one beacon trying to figure out what's
wrong. (Unfortunately, it's bit too close to home (literally) to share.)
In the US I believe some ad "analytics" firms like SenseNetworks do
something similar. [2]

Consider this a call to arms then, to put those unused raspberry pies
you have lying around to good use.

best,
keira

[1]
http://www.theguardian.com/world/2013/aug/12/city-london-corporation-spy-bins
[2] http://sensenetworks.com/


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists