Your Wi-Fi router could tell everyone where you live — here's what you can do about it
Your Wi-Fi router could tell everyone where you live — here's what you can practise about information technology
LAS VEGAS — Your home wireless router may be telling everyone on the internet exactly where you lot live.
That'south because millions of home gateway routers, peculiarly those leased to customers past their net service providers (ISPs), leak their unique hardware ID numbers through their Internet Protocol (IP) addresses — and those hardware ID numbers can be connected to publicly available maps that show the street locations of Wi-Fi networks.
- Your router's security stinks: Here's how to fix it
- How to access your router's settings
- Just in: Millions of Wi-Fi routers under assault by botnet malware
"A big number of routers in the wild use legacy IPv6 addressing that permits the recipient to very precisely locate that router physically," explained researchers Rob Beverly and Erik Rye, who presented their findings at the Blackness Hat data-security conference here last calendar week.
And then now, that aroused guy who you argued with in that heated online word the other day could detect out exactly where yous live, even if he doesn't know your name. That's not supposed to be possible.
This situation is due to a technological quick fix that was applied, and then rapidly superseded, two decades ago. Unfortunately, the legacy of that decision remains today.
Beverly and Rye, both of the Center for Measurement and Analysis of Network Data (CMAND) at the Naval Postgraduate School in Monterey, California, have developed a tool called IPvSeeYou that scans the net for IP addresses that may reveal gateway routers' unique ID numbers, likewise called MAC addresses.
The tool then tries to lucifer those ID numbers to the 450 million geolocated Wi-Fi networks in public databases.
"We constitute more than 60 1000000 routers that are revealing their hardware MAC addresses," said Rye and Beverly. "We were able to precisely geolocate most 12 million residential routers."
Furthermore, by analyzing the network traffic to and from those routers, Beverly and Rye constitute they could also roughly locate other domicile routers that simply used the same ISPs as routers whose hardware IDs were exposed online.
"Simply living near [these exposed] routers is a privacy threat," the researchers said.
What y'all can do about this
It's hard to overestimate how scary this situation is, even if it involves terms and protocols that well-nigh people have never heard of. Fortunately, it's rather piece of cake to avoid. Hither'due south what you can exercise.
Check your router and modem setup. Is the router, which sends out the Wi-Fi signal, a separate device from the modem, which is what the cable or phone line connects to? If you're seeing two different devices, then yous don't need to worry near this.
Are the router and modem one single device, sometimes chosen a domicile gateway? In other words, does the cable or phone line plug into the aforementioned device that'due south sending out the Wi-Fi signal? If then, accept the following steps.
Did yous buy the abode gateway yourself? So refer to its instruction manual and figure out how to disable IPv6.
Did your Internet access provider give y'all the domicile gateway to use? And then contact your Internet access provider and enquire them whether and how IPv6 — pronounced "center-pee-vee-six" — tin can exist disabled. If the customer-service representative has no thought what you're talking virtually, ask to exist continued to a technician.
If none of the above solutions work, y'all may want to consider buying your own router. The gateway provided past your ISP can probably be converted to work in modem-merely fashion, only you'll take to ask your Internet service provider about that.
You could likewise buy your own modem also, but you'll want to check with your Internet service provider well-nigh which models are uniform with its service.
- Modems vs. routers: How they're different and what they practise
What's actually going on here
In order to properly explain how all this works, we'll have to bring in some technical terms.
IP addresses: These are the routing numbers that computers and everything else on the net use to connect to each other. Most IP addresses are temporary, are assigned somewhat randomly, and tin be changed.
There are two common types of IP address. The older, more familiar format is based on Internet Protocol version four (IPv4) from 1981. IPv4 addresses utilize four clusters of numbers ranging from 0 to 255 and look something similar this: 151.101.26.114.
The newer format is based on Net Protocol version 6 (IPv6) from 1998. Its IP addresses use eight clusters of numbers and letters (actually numbers as well) to end up looking like this: 2001:0000:8e52:d45a:77fb:9069:3bd2:0c65.
IPv6 addresses were supposed to have completely replaced IPv4 addresses years ago, but that hasn't happened. Instead, most internet-ready devices made since 2005 or thereabouts support both protocols, and many accept both IPv4 and IPv6 switched on by default. Your dwelling house wireless gateway may be one of these.
MAC addresses: These are permanent, unique ID numbers for every network interface on every networked device worldwide. Your laptop has one MAC accost for Wi-Fi, another for Bluetooth, and maybe a 3rd for Ethernet.
The well-nigh familiar type of MAC accost has 48 $.25 and looks like this: 00:6b:c7:55:4e:21. The first 3 pairs of messages and numbers indicate the hardware maker, while the last 3 are unique to a specific device.
There'southward also a newer format for MAC addresses, called EUI-64, that adds 2 more pairs of characters. To convert a 48-bit MAC accost to an EUI-64 address, you add "ff:fe" to the center of the 48-bit MAC address and "flip the bit" of the seventh binary character from the left so that zero (0000) becomes two (0010). So our 48-chip MAC address from above ends up beingness the EUI-64 accost 02:6b:c7:ff:iron:55:4e:21.
What's of import to know is that if you see the characters "ff:fe" in the middle of an EUI-64 address, then you volition know it was derived from a MAC accost, which itself can exist hands figured out.
SSID: This is the name of a Wi-Fi network. It'due south what shows up when your smartphone or laptop scans for available networks. Your habitation router broadcasts its SSID to any uniform device within range. SSIDs tin hands be changed.
BSSID: This is a number identifying a specific Wi-Fi access point. In habitation Wi-Fi networks, the admission point and the router are the aforementioned, but larger Wi-Fi networks often use more than than one admission betoken. Like the SSID, the BSSID is broadcast to all local devices whether they're continued to the Wi-Fi network or not.
Nevertheless, at that place are two important things to know virtually BSSIDs. In most cases, the BSSID of an admission signal or router is the same as the MAC address of its Wi-Fi interface. And dissimilar the SSID, the BSSID generally does not change.
SSID/BSSID mapping: Hundreds of millions of Wi-Fi networks worldwide have been located and logged, and their SSIDs, BSSIDs and physical locations tin exist looked upward online or by getting developer access to Apple or Google'south databases of Wi-Fi networks. If the point from your home Wi-Fi network tin exist picked up by a laptop in a passing car, so your network name, BSSID and location is probably in at least one of those databases.
Dwelling house cyberspace gateway, residential gateway or gateway device: A unmarried device that combines a cablevision or DSL broadband modem and a Wi-Fi router. Information technology's oftentimes leased to the customer by the ISP.
A huge security hole for more 20 years
This complicated system is pretty individual and secure, and in that location's normally no style to link the net-facing IPv4 or IPv6 accost of a home net gateway to the router's BSSID. Your IP address shouldn't be able to narrow down your location to anything more specific than a state or city.
Also, your neighbors can see your Wi-Fi network name and the BSSID of your home Wi-Fi router, but they can't apply that data to figure out your net-facing IP address.
But in that location'south a loophole in this organization that's big plenty to drive a truck through.
Back in the belatedly 1990s when the IPv6 protocol was beingness developed, Beverly and Rye explained, someone decided to insert device MAC addresses into IPv6 addresses using the EUI-64 algorithm mentioned above.
That's easy and convenient, especially when a device has limited processing power and just wants to have an IPv6 accost it tin can use alongside its IPv4 i. And because MAC addresses are unique, it means that at that place's piffling or no risk of a duplicate IPv6 address.
Simply remember, EUI-64 is based on the 48-flake MAC accost, the unique hardware identifier that no one on the internet is supposed to run across.
As Beverly and Rye explained, experts quickly realized that devices were embedding their MAC addresses right into their IPv6 addresses, which creates a huge privacy risk. A newer, more randomized method of creating IPv6 addresses was fabricated available in 2001.
"This was recognized equally a problem 20 years ago, and a brusk-lived randomization process was introduced as a privacy extension" for IPv6 addresses, Beverly explained. "But a lot of devices withal use the older format."
An internet problem with physical consequences
The problem, as Beverly said, is that many makers of networking devices didn't become the memo. At least 60 million internet-facing devices, their research found, including every bit least 12 meg home residential gateways in 147 different countries around the world, however utilize EUI-64 MAC addresses equally part of their IPv6 addresses.
If you apply a home residential gateway, this is like including a photo of your commuter's license with every email you send.
Plus, considering the MAC address is permanent, the second half of your IPv6 address may never modify, meaning you can be tracked online.
Even worse, if you're using a gateway rather a separate modem and router, then the MAC address for your router's internet connexion is probable very similar to the Wi-Fi MAC address that'south part of your network's BSSID.
That'southward because different MAC addresses in the same device are often very close to each other. (On my own smartphone, the Bluetooth and Wi-Fi MAC addresses differ by a value of 1.)
So the MAC address of the internet interface of your habitation gateway router, the one that may be being broadcast to the entire net as part of its IPv6 address, is probably very similar to the Wi-Fi MAC accost used in your domicile wireless network's BSSID. That'southward the aforementioned BSSID whose precise geographic location may be a matter of public record.
All someone has to practice is connect the dots by noticing that the two MAC addresses addresses are very similar. For example, the internet MAC address may be 00:6b:c7:55:4e:21, while the Wi-Fi MAC address and BSSID may be 00:6b:c7:55:4e:xx.
So now, an attacker tin can get your IPv6 address using common software tools, derive your home gateway router's net 48-bit MAC address, scan the online Wi-Fi maps for BSSIDs that are very close to the internet MAC address, and then come over and say howdy in a very aggressive mode.
Say how-do-you-do to the neighbors
Not only that, but if your neighbors are using the same Internet access provider (as is common in the U.S., where cable companies often accept local monopolies), so they'll likely be connected to the same nearby router on the ISP end every bit y'all are.
"If we can geolocate the service provider'southward router," the researchers said, "so we tin geolocate non-EUI-64 addresses fastened to that router."
That Internet service provider router volition bear witness upwardly as the "concluding hop" on network traceroutes to both your ain and your neighbors' routers. And if someone figures out your street address from your IPv6 address, they'll know that anybody who shares that concluding-hop Internet service provider link lives inside a few miles of your.
To prove the validity of their methods, Beverly and Rye got five volunteers who had home-gateway routers that used EUI-64-derived IPv6 addresses.
Their IPvSeeYou tool accurately located 4 of those routers to about fifty meters, or 150 feet, of precision. The fifth device couldn't be plant, and it turned out that its internet and Wi-Fi MACs were not very similar.
The same thing worked on a much larger scale. Of those 12 1000000 or and so dwelling house gateway routers geolocated by IPvSeeYou, more than than 1 meg of them were Comcast Xfinity gateway routers located in the U.S.
Rye and Beverly mapped out the inferred geographic locations of those routers on a map of the continental U.Due south. and constitute that it corresponded almost exactly with the FCC'due south ain map of Comcast broadband service.
Limitations and mitigations
The IPvSeeYou geolocation process doesn't always work. Beverly and Rye explained that some home-gateway routers issued by ISPs use ameliorate, more secure means of generating IPv6 addresses that don't involve the MAC address.
Other gateway routers may be too far from a public street to show up on geolocated Wi-Fi-network lists. And sometimes the MAC addresses on a unmarried device don't resemble each other, as in the case higher up.
The existent solution to this problem, the researchers said, is for device manufacturers to stop using EUI-64 to generate IPv6 addresses. Nonetheless, that won't assist the millions of devices out at that place that won't be or can't exist upgraded with a firmware update.
Beverly and Rye said they reached out to multiple device vendors nearly this issue, with mixed results.
Asked by Tom's Guide which vendors had the most vulnerable devices, the researchers replied that they'd rather praise the German router maker Fritz!Box, which has a large share of the German home-gateway marketplace and was "extremely responsive" to their inquiries.
Beverly and Rye's IPvSeeYou tool is available for complimentary online, and you tin download information technology at github.com/6int/IPvSeeYou.
- More: How to see who's using your Wi-Fi network
- How to delete a Wi-Fi network on Android and iOS
Source: https://www.tomsguide.com/news/home-gateway-geolocation-bh21
Posted by: chatmanwhicagoers.blogspot.com
0 Response to "Your Wi-Fi router could tell everyone where you live — here's what you can do about it"
Post a Comment