WiFi Geolocation

[Brenneke]

I just recently learned that Google has a database showing the geolocation of most or many home WiFi networks. (I am behind apparently)

This has nothing to do with one's IP address or whether a VPN is used. (check at https://ipleak.net/ after activating Geolocation detection)

I am very careful with the security and privacy of my home WiFi network, was very surprised that my location is known. My home network SSID is even listed on wigle.net along with a MAC address! (did not bother to check if is router MAC or one of my devices)

I have never been hacked (as far as I know) but is this anything to worry about?

Is there any simple way to hide or spoof one's network location?

Does the idea of appending SSID with _nomap still work or apply? (online info on this is old, from 2011)

 

[CaptainSTX]

I just recently learned that Google has a database showing the geolocation of most or many home WiFi networks. (I am behind apparently)

(online info on this is old, from 2011)

Old news. When Google was doing their street view project they recorded every SSID and related information when they drove by. There was a big flap because apparently they also recorded some snipets of the WiFi tansmissions.

Another method of determining your location using WiFi is to determine what WiFi SSIDs your router or other WiFi device is in range of. That is how devices without GPS chips can determine a very good approximate location at least in urban locations. When Aero was selling their service in NYC they could very accurately determine your location down to the block and in some cases even the side of the street we were on.

The only way to prevent your location from being determined is not use WiFi or live in a structure/cave/ hole in the ground where no WiFi signals can get in or out

 

[Brenneke]

Old news yes, (as I had stated) and current news too. People were concerned then, not sure there is good reason to ignore it now.

I did confirm that the MAC address shown located on a map at wigle.net is that of my wireless router. I don't have enough knowledge about networking to know if I should be concerned, but it does seem creepy enough.

1) For those with networking knowledge and with privacy / security awareness - would you be concerned if your SSID and router MAC address were shown located on an online map for the world to see? (they likely are)

2) Do sites I visit see my MAC address?

3) Is it possible to spoof or randomize router MAC address?

Thank you.

 

[RMerlin]

For those with networking knowledge and with privacy / security awareness - would you be concerned if your SSID and router MAC address were shown located on an online map for the world to see? (they likely are)

No, because this is already public information, available to anyone who walks by my place with his smartphone in hand.

 

[CaptainSTX]

If you want privacy then no internet, no cell phone, no car with GPS, no car with a built in event recorder or toll shooter, etc. If you walk through many metropolitan areas facial recognition software will record your presence and if you are in a car your plate will be recorded. Your TV provider knows what you watch.

There really isn't any privacy anymore.

 

[Brenneke]

Thank you RMerlin, point taken.

CaptainSTX - this is a security forum right?

Anyone willing to take on questions 2 and 3?

 

[RMerlin]

MACs are only shared within a network segment (i.e. only within your LAN). Your ISP sees your router's WAN MAC (as that WAN port is on the same network segment as their own router at the other end), but that never travels any further.

To oversimply things: MAC is how Ethernet ports talk to one another (level 2), while IP addresses are how devices talk to one another (level 3).

 

[umarmung]

1) If you cared about opsec, you would not use or would thoroughly limit your use of WiFi anyway. Outside of this, the nature of WiFi is public by default and security via obscurity does not work, though it can be useful to minimize your fingerprint in certain circumstances. Keep in mind that for your WiFi to be ultimately hacked they do have to be in physical range.

2) No, sites cannot see your MAC since it is L2 and effectively stripped away with every hop across networks.

3) Yes, you can spoof or randomize your router's MAC address. However, since we're talking about WiFi here, this is actually not a MAC but a BSSID. Access points very rarely allow changing BSSID. It also wouldn't help you much if it is geolocated by just re-mapping the same fixed location.

Since you can be tracked by both SSID and BSSID, your best bet is to ensure you do not use globally unique SSIDs (despite the temptation due to SSID name making a small contribution to the security of your AP) and to avoid using WiFi tethering on devices you constantly travel with, e.g. smartphones. Use USB tethering or Ethernet instead.

Also, do not be tempted to use hidden networks, which are relatively trivial to detect, and turn all their clients into broadcasters of the hidden networks they are aware of. As stated before, WiFi by its nature is public by default.

Finally, ensure that you follow basic WiFi security precautions, e.g. disabling WPS, having a strong password (preferably generated by a password manager), using WPA2 or better, etc. Here is a good basic security checklist: https://routersecurity.org/checklist.php

 

[Brenneke]

Thank you all for your replies, good information and learning!