Location spoofing possible with WiFi devices
This is a Printer Friendly News Article on the Virtual Worldlets Network.
Return to the web-view version.
Date posted: 26/04/2008
Posted by: Site Administration
This story is from the category

In January, Skyhook Wireless Inc. announced that Apple would use Skyhook?s WiFi Positioning System (WPS) for its popular Map applications.

The WPS database contains information on access points throughout the world. Skyhook itself provides most of the data in the database, with users contributing via direct entries to the database, and requests for localisation.

ETH Zurich Professor Srdjan Capkun of the Department of Computer Science and his team of researchers analysed the security of such a system, common to Wi-Fi set-ups. The team?s results demonstrate the vulnerability of public WLAN positioning systems to location spoofing attacks.

When any device desires to find its position in a Wi-Fi grid, it detects its neighbouring access points, and sends this information to the servers. The servers then return the access point locations to the device. Based on this data, the device computes its location.

To attack this localisation process, Professor Capkun?s team decided to use a dual approach. First, access points from a known remote location were impersonated. Second, signals sent by access points in the vicinity were eliminated by jamming. These actions created the illusion in localised devices that their locations were different from their actual physical locations.

See the full Story via external site: www.eurekalert.org