homepage Welcome to WebmasterWorld Guest from 54.225.57.156
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

This 32 message thread spans 2 pages: < < 32 ( 1 [2]     
Hacker Proves Router Security Weakness
engine




msg:4181250
 4:16 pm on Aug 3, 2010 (gmt 0)

Hacker Proves Router Security Weakness [bbc.co.uk]
One visit to a booby-trapped website could direct attackers to a person's home, a security expert has shown.

The attack, thought up by hacker Samy Kamkar, exploits shortcomings in many routers to find out a key identification number.

It uses this number and widely available net tools to find out where a router is located.

Demonstrating the attack, Mr Kamkar located one router to within nine metres of its real world position.

 

fauxsoup




msg:4185110
 11:17 pm on Aug 10, 2010 (gmt 0)

a mac address and a reasonably accurate geolocation would undoubtedly constitute personal information because it would mean that a person could be identified by the geolocation and therefore by the mac address


You cannot allow fringe cases to be the basis of laws; I've already made mention of this point (albeit in a more specific form), but you appear to be willfully ignorant of this fact.

I will reiterate: if you base law on the small percentage of people who fall outside what would otherwise be the accepted norm, you will have no freedom left.

A nationwide list of router mac addresses may possibly have legitimate uses but, in any case, it was created without the necessary permissions.


The MAC Address of any network device is public information if it is publicly accessible; this is because the MAC address is a vital part of the network communication process. It is functionally equivalent to an IP address, although it is not regularly subject to change (but note that it can be changed), and is also sent to network devices as a part of the communication process.

It has also, unless I am horribly mistaken [telegraph.co.uk], been determined that Google's logging of the location and MAC addresses of public wireless networks did not violate the Data Protection Act. In fact, Google was not the first company to do so [skyhookwireless.com].

So, it's not illegal to publish a list of MAC addresses, because they're public information anyway (sent to network devices as part of communications, easily visible if you're in the same location as the publicly accessible wireless network), and it's not illegal to map the geolocation of publicly accessible wireless networks, because they, too, are in the public domain.

It's a tool. It has some good uses. A number of people who would be doing bad things anyway might wind up using it to help. If you take it away, those bad people will still do those bad things.

I would suggest you get used to it.

EDIT:

For clarification, the MAC address is only visible for one layer. However, if it is on a publicly accessible wireless network, it still falls into the public domain, as it's easily visible by connecting to said accessible router.

[edited by: lawman at 11:32 pm (utc) on Aug 10, 2010]

lawman




msg:4185114
 11:33 pm on Aug 10, 2010 (gmt 0)

I think this thread has run its course.

This 32 message thread spans 2 pages: < < 32 ( 1 [2]
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved