Your Wi-Fi router could tell everyone where you live — here's what you can do about it
Your Wi-Fi router could tell everyone where you live — here'southward what you tin do about it
LAS VEGAS — Your home wireless router may exist telling anybody on the cyberspace exactly where you live.
That's because millions of dwelling gateway routers, especially those leased to customers by their internet service providers (ISPs), leak their unique hardware ID numbers through their Net Protocol (IP) addresses — and those hardware ID numbers can be continued to publicly available maps that show the street locations of Wi-Fi networks.
- Your router'south security stinks: Here's how to fix it
- How to access your router'south settings
- Just in: Millions of Wi-Fi routers under attack by botnet malware
"A large number of routers in the wild use legacy IPv6 addressing that permits the recipient to very precisely locate that router physically," explained researchers Rob Beverly and Erik Rye, who presented their findings at the Black Chapeau data-security conference here final calendar week.
And so at present, that angry guy who you argued with in that heated online discussion the other day could find out exactly where you lot live, even if he doesn't know your proper noun. That's not supposed to exist possible.
This situation is due to a technological quick fix that was applied, and then quickly superseded, ii decades ago. Unfortunately, the legacy of that determination remains today.
Beverly and Rye, both of the Center for Measurement and Analysis of Network Information (CMAND) at the Naval Postgraduate School in Monterey, California, take developed a tool called IPvSeeYou that scans the net for IP addresses that may reveal gateway routers' unique ID numbers, likewise chosen MAC addresses.
The tool then tries to friction match those ID numbers to the 450 one thousand thousand geolocated Wi-Fi networks in public databases.
"We found more than lx million routers that are revealing their hardware MAC addresses," said Rye and Beverly. "Nosotros were able to precisely geolocate about 12 million residential routers."
Furthermore, by analyzing the network traffic to and from those routers, Beverly and Rye found they could too roughly locate other domicile routers that just used the same ISPs as routers whose hardware IDs were exposed online.
"Simply living near [these exposed] routers is a privacy threat," the researchers said.
What you tin do near this
It's difficult to overestimate how scary this situation is, even if it involves terms and protocols that well-nigh people have never heard of. Fortunately, it's rather easy to avoid. Here's what y'all can do.
Check your router and modem setup. Is the router, which sends out the Wi-Fi indicate, a separate device from the modem, which is what the cable or phone line connects to? If you lot're seeing two different devices, then you don't demand to worry virtually this.
Are the router and modem i unmarried device, sometimes called a home gateway? In other words, does the cablevision or phone line plug into the same device that'south sending out the Wi-Fi signal? If so, take the following steps.
Did you buy the home gateway yourself? Then refer to its instruction manual and effigy out how to disable IPv6.
Did your Internet access provider give you the home gateway to use? Then contact your Isp and enquire them whether and how IPv6 — pronounced "eye-pee-vee-six" — tin can be disabled. If the customer-service representative has no idea what you're talking about, inquire to be continued to a technician.
If none of the above solutions work, you lot may desire to consider buying your own router. The gateway provided past your Internet access provider tin can probably be converted to work in modem-only mode, but you'll have to ask your ISP well-nigh that.
You lot could also purchase your own modem besides, merely yous'll want to check with your ISP virtually which models are compatible with its service.
- Modems vs. routers: How they're different and what they practise
What's really going on here
In society to properly explicate how all this works, we'll have to bring in some technical terms.
IP addresses: These are the routing numbers that computers and everything else on the cyberspace use to connect to each other. About IP addresses are temporary, are assigned somewhat randomly, and can exist changed.
There are 2 common types of IP address. The older, more familiar format is based on Internet Protocol version 4 (IPv4) from 1981. IPv4 addresses use iv clusters of numbers ranging from 0 to 255 and look something similar this: 151.101.26.114.
The newer format is based on Net Protocol version vi (IPv6) from 1998. Its IP addresses employ eight clusters of numbers and letters (actually numbers too) to stop up looking similar this: 2001:0000:8e52:d45a:77fb:9069:3bd2:0c65.
IPv6 addresses were supposed to have completely replaced IPv4 addresses years ago, but that hasn't happened. Instead, most internet-set up devices made since 2005 or thereabouts back up both protocols, and many have both IPv4 and IPv6 switched on by default. Your home wireless gateway may exist one of these.
MAC addresses: These are permanent, unique ID numbers for every network interface on every networked device worldwide. Your laptop has i MAC address for Wi-Fi, another for Bluetooth, and maybe a third for Ethernet.
The most familiar type of MAC address has 48 $.25 and looks similar this: 00:6b:c7:55:4e:21. The start three pairs of messages and numbers bespeak the hardware maker, while the last 3 are unique to a specific device.
There's too a newer format for MAC addresses, chosen EUI-64, that adds two more pairs of characters. To convert a 48-bit MAC address to an EUI-64 accost, you add "ff:iron" to the middle of the 48-bit MAC accost and "flip the chip" of the seventh binary character from the left so that zero (0000) becomes 2 (0010). So our 48-fleck MAC address from above ends up being the EUI-64 address 02:6b:c7:ff:fe:55:4e:21.
What'southward important to know is that if you see the characters "ff:fe" in the centre of an EUI-64 address, so you volition know it was derived from a MAC accost, which itself can exist easily figured out.
SSID: This is the proper name of a Wi-Fi network. It's what shows upward when your smartphone or laptop scans for available networks. Your home router broadcasts its SSID to whatever compatible device inside range. SSIDs can hands be changed.
BSSID: This is a number identifying a specific Wi-Fi admission betoken. In abode Wi-Fi networks, the admission point and the router are the same, but larger Wi-Fi networks often employ more than than 1 access point. Like the SSID, the BSSID is broadcast to all local devices whether they're continued to the Wi-Fi network or non.
However, in that location are two important things to know about BSSIDs. In most cases, the BSSID of an access point or router is the same as the MAC address of its Wi-Fi interface. And unlike the SSID, the BSSID mostly does not modify.
SSID/BSSID mapping: Hundreds of millions of Wi-Fi networks worldwide have been located and logged, and their SSIDs, BSSIDs and concrete locations can be looked up online or past getting developer access to Apple tree or Google's databases of Wi-Fi networks. If the betoken from your home Wi-Fi network can be picked up by a laptop in a passing car, then your network name, BSSID and location is probably in at to the lowest degree i of those databases.
Home cyberspace gateway, residential gateway or gateway device: A unmarried device that combines a cable or DSL broadband modem and a Wi-Fi router. Information technology'due south ofttimes leased to the customer past the ISP.
A huge security pigsty for more than 20 years
This complicated organization is pretty private and secure, and at that place'south usually no fashion to link the internet-facing IPv4 or IPv6 address of a domicile cyberspace gateway to the router'south BSSID. Your IP address shouldn't exist able to narrow downward your location to anything more specific than a state or city.
Likewise, your neighbors can see your Wi-Fi network name and the BSSID of your domicile Wi-Fi router, but they tin't use that information to figure out your net-facing IP accost.
Just there'due south a loophole in this system that'due south big enough to drive a truck through.
Back in the late 1990s when the IPv6 protocol was being developed, Beverly and Rye explained, someone decided to insert device MAC addresses into IPv6 addresses using the EUI-64 algorithm mentioned above.
That's easy and convenient, especially when a device has limited processing ability and merely wants to accept an IPv6 address information technology can use alongside its IPv4 one. And because MAC addresses are unique, it means that there'due south trivial or no risk of a indistinguishable IPv6 address.
But remember, EUI-64 is based on the 48-bit MAC address, the unique hardware identifier that no one on the net is supposed to encounter.
Every bit Beverly and Rye explained, experts chop-chop realized that devices were embedding their MAC addresses correct into their IPv6 addresses, which creates a huge privacy risk. A newer, more randomized method of creating IPv6 addresses was made available in 2001.
"This was recognized as a problem 20 years ago, and a brusk-lived randomization process was introduced as a privacy extension" for IPv6 addresses, Beverly explained. "But a lot of devices yet use the older format."
An internet problem with physical consequences
The problem, equally Beverly said, is that many makers of networking devices didn't get the memo. At least 60 million internet-facing devices, their enquiry constitute, including as least 12 million home residential gateways in 147 different countries around the world, yet use EUI-64 MAC addresses every bit part of their IPv6 addresses.
If you utilise a habitation residential gateway, this is like including a photo of your driver'due south license with every email you send.
Plus, because the MAC address is permanent, the second one-half of your IPv6 address may never modify, meaning you can be tracked online.
Even worse, if y'all're using a gateway rather a split up modem and router, and then the MAC address for your router's internet connection is likely very like to the Wi-Fi MAC accost that'due south part of your network's BSSID.
That'southward because different MAC addresses in the same device are ofttimes very close to each other. (On my own smartphone, the Bluetooth and Wi-Fi MAC addresses differ by a value of 1.)
And so the MAC address of the internet interface of your dwelling house gateway router, the one that may exist existence broadcast to the entire cyberspace as part of its IPv6 accost, is probably very similar to the Wi-Fi MAC address used in your home wireless network's BSSID. That's the same BSSID whose precise geographic location may be a matter of public tape.
All someone has to do is connect the dots by noticing that the two MAC addresses addresses are very similar. For example, the internet MAC address may be 00:6b:c7:55:4e:21, while the Wi-Fi MAC address and BSSID may be 00:6b:c7:55:4e:20.
So at present, an attacker tin get your IPv6 address using common software tools, derive your home gateway router's cyberspace 48-flake MAC address, scan the online Wi-Fi maps for BSSIDs that are very close to the internet MAC address, and so come over and say how-do-you-do in a very aggressive way.
Say hi to the neighbors
Not only that, simply if your neighbors are using the same Internet access provider (as is mutual in the U.Due south., where cable companies often have local monopolies), then they'll likely be connected to the same nearby router on the Internet access provider cease as you are.
"If nosotros can geolocate the service provider'south router," the researchers said, "then we can geolocate non-EUI-64 addresses attached to that router."
That Internet access provider router volition evidence up as the "last hop" on network traceroutes to both your ain and your neighbors' routers. And if someone figures out your street address from your IPv6 address, they'll know that everyone who shares that terminal-hop Internet access provider link lives within a few miles of your.
To prove the validity of their methods, Beverly and Rye got five volunteers who had home-gateway routers that used EUI-64-derived IPv6 addresses.
Their IPvSeeYou tool accurately located four of those routers to well-nigh 50 meters, or 150 anxiety, of precision. The 5th device couldn't be found, and it turned out that its internet and Wi-Fi MACs were not very similar.
The same thing worked on a much larger scale. Of those 12 1000000 or and so home gateway routers geolocated by IPvSeeYou, more than 1 million of them were Comcast Xfinity gateway routers located in the U.Southward.
Rye and Beverly mapped out the inferred geographic locations of those routers on a map of the continental U.S. and found that it corresponded almost exactly with the FCC's own map of Comcast broadband service.
Limitations and mitigations
The IPvSeeYou geolocation process doesn't ever piece of work. Beverly and Rye explained that some home-gateway routers issued past ISPs use better, more secure ways of generating IPv6 addresses that don't involve the MAC address.
Other gateway routers may be too far from a public street to show up on geolocated Wi-Fi-network lists. And sometimes the MAC addresses on a unmarried device don't resemble each other, as in the example above.
The existent solution to this problem, the researchers said, is for device manufacturers to end using EUI-64 to generate IPv6 addresses. Yet, that won't help the millions of devices out there that won't be or can't be upgraded with a firmware update.
Beverly and Rye said they reached out to multiple device vendors about this issue, with mixed results.
Asked by Tom's Guide which vendors had the most vulnerable devices, the researchers replied that they'd rather praise the German router maker Fritz!Box, which has a large share of the German habitation-gateway marketplace and was "extremely responsive" to their inquiries.
Beverly and Rye's IPvSeeYou tool is bachelor for gratuitous online, and yous tin can download it at github.com/6int/IPvSeeYou.
- More: How to see who'south using your Wi-Fi network
- How to delete a Wi-Fi network on Android and iOS
Source: https://www.tomsguide.com/news/home-gateway-geolocation-bh21
Posted by: rodriguezpight1985.blogspot.com
0 Response to "Your Wi-Fi router could tell everyone where you live — here's what you can do about it"
Post a Comment