One thing I’m concerned about is recording equipment leaving identifiable information without us knowing about it.

  • 7bicycles [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    4
    ·
    4 days ago

    Not really. It doesn’t really rely on MAC adresses, it relies on your phone to constantly blast out “IS ANYONE HERE $HOME_NETWORK_NAME?” (or bluetoothely named “DYPROSIUMS AIRPODS!???”) and it just catches that and then uses classic triangulating to see where you are. They all do that to quickly connect to WiFi without you having to actually type in the SSID because that shits for nerds.

    Would or is also a really good way to sniff WiFi passwords. If anybody says “Well yes, I am indeed $HOME_NETWORK_NAME” your phone just hands them the password. It’s probably wrong for THAT network but it does mean you can just collect a whole ass batch of home wifi passwords.

    Especially given how many people don’t change shit about their ISP-provided network if you just cyle $common_standard_wifi_names you’re off to a good start to be able to easily infilitrate half your cities WiFi.

    • Pup Biru@aussie.zone
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 days ago

      Would or is also a really good way to sniff WiFi passwords. If anybody says “Well yes, I am indeed $HOME_NETWORK_NAME” your phone just hands them the password.

      okay that’s very untrue… wifi passwords aren’t really passwords; more accurately they’re pre-shared keys… they are used to generate the encryption parameters used to talk to the AP. the password is never sent over the air, and there’s a 4-way handshake

        • Pup Biru@aussie.zone
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 days ago

          i’m fairly sure it’s untrue yes but didn’t want to comment that because i don’t know for sure, and honestly it’s a little null and void because they definitely do broadcast all kinds of bluetooth stuff which is equally trackable (though i guess with all the wifi location data you can correlate someone in the store to where they live pretty much perfectly accurately where bluetooth info is less useful in that regard)

          i’m 99% sure your phone scans for available wifi networks, sees one it knows and then connects, but i could see a situation where it’s 2s faster to just keep trying so for a “good user experience” some shit company decided to start doing it… but i’m pretty sure for apple pr google that’d result in a CVE