After privacy scandals regarding carriers selling phone numbers to advertisers, another huge one seems to be in the making. An Australian researcher has just revealed he designed a tool that can be used to uncover the exact location of iPhone and iPad users.
How could such a security breach occur, you might wonder? Well, it turns out that Apple collects certain information when you connect to a Wi-Fi network. The tech giant stores the information in a private database, that’s not supposed to be shared, as it’s used for location services purposes. Independent penetration tester Hubert Seiwert explains how this sensitive information might be uncovered, by using the tool he entitled iSniff GPS:
"You can send Apple a single MAC address of a wifi router and they will send back a result set including the GPS coordinates of that MAC address and about 400 others. You can plug that MAC address into Apple's location service through iSniff GPS and you will get very precise information back from that.”
The fact that iPhones and iPads might slip sensitive information when connecting to a new Wi-Fi network was discovered last year by Mark Wuergler of Inc. In sync with Google location features, these facts could be then used to pin-point where the user was located at.
The above mentioned tool uses Python tool in order to locate networks and collect data. Last year, Seiwert experimented with his little tool and ended up collecting info from a total of 1337 devices.
Source: SC Magazine