Stalking iPhones at Starbucks Follow-Up

Screenshot of Stalker ApplicationAs a follow up to our post last week I came across some great discussion of the topic on the DailyDave list late last week. Basically, Christos Kalkanis started the thread defending Mark’s work against the comments from the Ars article. Specifically, he covered the SSID broadcast and MAC address disclosure vulnerabilities. The author of the original Ars article, Robert Graham, queues in to add his input as well with a lot of the focus on the confusion around how Apple’s iPhone wifi cards work.

Finally, Mark follows up with a detailed explanation debunking several myths people have about how the iPhone wifi capability works. Specifically he addresses the following “myths.”

  • Apple products don’t probe for known SSIDs.
  • Apple products are immune to KARMA-like attacks.
  • Apple keeps an internal list of MAC addresses of APs which I’ve connected to therefore I’m safe from all this stuff you are talking about.
  • The ARP disclosure you revealed at INFILTRATE doesn’t effect me or my enterprise.
  • (something about SSID probing) and (something about ARP disclosures)

Each is explained in detail and he closes with steps for debunking these myths yourself.

I’d recommend checking out the full thread here for all the details if last week’s post caught your attention.

#####

Planning on running your own tests? If you do and can confirm the results, please let us know in the comments below. Today’s post pic is from Prezi.com. See ya!

6 comments for “Stalking iPhones at Starbucks Follow-Up

  1. March 26, 2012 at 7:54 pm

    Here’s a follow-up with more info re iPhone broadcasting last 3 SSIDs/MACs of routers it used. http://t.co/0sgBbrR1

  2. March 26, 2012 at 9:58 pm

    Little bloggie follow up for Stalking iPhones at Starbucks http://t.co/0sgBbrR1

  3. March 26, 2012 at 10:07 pm

    Stalking #iPhones at Starbucks Follow-Up: [nova#infosecportal.com] As a follow up to our post last week I came… http://t.co/G3bLm7cC

  4. March 26, 2012 at 11:43 pm

    Here’s a quick follow-up w/ more info re iPhone broadcasting last 3 SSIDs/MACs of used routers. http://t.co/0sgBbrR1

  5. March 27, 2012 at 12:21 am

    Cheak it

  6. March 27, 2012 at 6:30 am

    In Case You Missed It: Stalking iPhones at Starbucks Follow-Up http://t.co/Eysha1IK

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.