Home page logo

pauldotcom logo PaulDotCom mailing list archives

Expanding upon the obvious
From: Joe Ashbrook <joe.ashbrook () gmail com>
Date: Tue, 11 Dec 2012 09:51:11 -0500

Hi all,

I just wanted to throw this out there as I rarely hear anything about
802.11 tracking. Aside from a few companies, such as Path Intelligence or
Skyhook (SpotRank technology), I never hear of any commercial systems that
attempt to track mobile devices (users). Of course, the companies listed
above are rather opaque in describing how their technology works.

As everyone on this mailing list is aware, basic 802.11 "hacking"
techniques can provide a lot of useful information on mobile devices and
their users. I am surprised there has not been more commercial interest in
data mining of mobile devices. Especially given that staying withing the
data link layer has proven to be legal - or so it seems the golden rule is
to not include payload...

Anyways, in this era of "Big Data" I expected to see more retailers (or any
commercial entity) interested in collecting information about devices
within physical proximity of them. I expect the most powerful use in
analyzing mobile device data would be in a deanonymized form, and perhaps
due to privacy concerns is why companies are shy to experiment with this,
or already are and just keep in on the DL.

I envision retailers using this type of technology to create 'shopper'
profiles. For instance, reconstructing a devices preferred network list (by
capturing directed probe requests) may give them information about where
else a shopper visits (directed probe request for SSID 'Panera'). Or, cross
referencing with other shoppers PNL, may be able to identify relationships
among shoppers (directed probe request from Joe's device SSID
"ByteMe", directed probe request from Tim's device for SSID "ByteMe").

For a final project in completing my undergrad degree I wrote a paper on
this, which I attached if anyone cares to skim it. It has some code at the
end for a Kismet protocol dissector to insert 802.11 probes in a mysql db.
This was a proof of concept for the class intended only as an
academic exercise.

I recall some researcher (~ a year ago) explaining how iOS devices will
broadcast their last 3 wireless networks connected, which I never heard
anything else about. So I know this is not a new topic. Being such a
fascinating subject I am curious if anyone else has some input in regards
to this.


Attachment: ProximityAwareness_with_802.11.pdf

Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
Main Web Site: http://pauldotcom.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]