Google Android Wifi Mac Address Location Based Services

[Banana]

So today I was messing around with the pineapple and realized that Googles's location based WIFI services logs all Mac Addresses and Associated BSID to better get a fix on anybody's location. Combined with GPS it allows Google (Also Apple) to pinpoint your position based off of WIFI BSSIDS and Mac Address around you.

Now to opt out google has resorted to a pathetic patch and tells it's victims to just add "_nomap" onto the end of their SSID...

Well that got me thinking, If wardriving around my city with the pineapple and spoofing the SSIDS as well as MAC's will throw googles little spying technology for a loop.

Specificially spoofing the SSIDS and adding "_nomap" along with the name.

http://support.googl...&answer=1725632

I'll be looking more into how to go about doing this correctly and see if it will actually act as intended. The only thing I would need is android phones to query locations from google. They will see the BSSID as well as the MAC and log it into Google as the opt-out service. This would most likely work best during peak day time hours as there would be more people with android phones looking for there location.

Just a little food for thought. ;)

Maybe the pineapple is the key to unlocking our freedom and privacy.

(Condensed Edit of 2 posts)

One way would be to war drive and grab all the SSIDS and MAC Adresses around the city. Generate a list from the csv file and go about adding "_nomap" to the BSSID.

Set the pineapple next to a busy area, such as a freeway or road that gets alot of traffic. Alot of people driving with their phones especially using mapping technology which is location based services.

Run through the list of the routers with MAC and BSSID with added "_nomap" displaying to each android phone driving by that the router should be logged as opt-out.

You put your wlan up,

You put your wlan down,

You put your spoofed mac address in

And you deauth it all about.

You do the Hokey Rick-Roll

And you troll your victim around,

That's what it's all about.

Edited December 19, 2012 by Banana

[Prox]

The AP's are immediately removed using the _nomap option when a devices discovers it. Is this a permanent change, or do they immediately re-add the AP once it is discovered again without the _nomap extension? I believe the latter is most likely the case because they need the integrity. I think companies that make routers should have an option that defaults "on" which adds the _nomap extension to whatever you enter as the SSID, leaving a check box for you to turn the option off if you so desire.

How do they handle people who have moved their residence? They take the AP with them and the change is registered as soon as a device discovers them in their new location. I have read that sometimes, a MAC address will get reused in the manufacturing process. How does this location service handle instances of identical MAC and SSID in multiple locations? They would have to fall back on the gps, ip, or cell tower information for location verification. It seems this system is very redundant and quite resilient.

[barry99705]

The AP's are immediately removed using the _nomap option when a devices discovers it. Is this a permanent change, or do they immediately re-add the AP once it is discovered again without the _nomap extension? I believe the latter is most likely the case because they need the integrity. I think companies that make routers should have an option that defaults "on" which adds the _nomap extension to whatever you enter as the SSID, leaving a check box for you to turn the option off if you so desire.

How do they handle people who have moved their residence? They take the AP with them and the change is registered as soon as a device discovers them in their new location. I have read that sometimes, a MAC address will get reused in the manufacturing process. How does this location service handle instances of identical MAC and SSID in multiple locations? They would have to fall back on the gps, ip, or cell tower information for location verification. It seems this system is very redundant and quite resilient.

They locate with multiple ssid's. If they see more than three ssid's and one is way off location from the other two, they ignore the third. They'll update the new location the next time they discover it in it's new location. I'm pretty sure they buy that data as well as collect it on their own. There's no way they can do it all by themselves. I know on sites like wigle, I've got ssid's I've first discovered in states and countries I've never lived in, or been to. Living next to two military bases have them going all over the world. The next time a wardriver uploads his/her data to wigle the access point gets moved, but I still get the credit for it since I discovered that mac address first.