According to researchers at the University of Hamburg, mobile devices leak data about their owners through Wi-Fi polling requests. WiFi access.
Over the years, many security breaches have endangered users of Wi-Fi compatible mobile devices. We remember, for example, KRACK in 2017, the huge Wi-Fi security breach that affected the WPA2 security. At the time, many manufacturers had urgently patched their devices to protect their customers, like Xiaomi.
In December 2021, another major security breach threatened billions of Wi-Fi and Bluetooth connected smartphones and PCs. However, on Monday June 13, 2022, several researchers from the University of Hamburg warn users against a new risk.
A new danger for mobile device owners
Indeed, they found that mobile devices leak information about their owners via survey queries (Probe Request) Wi-Fi. Simply put, each device makes this request to receive accurate data about nearby Wi-Fi access points and establish preliminary connections with them when they receive a response.
In this case, four important pieces of information are transmitted via these requests:
- Frame Control
- the Destination Address: the MAC address of the Wi-Fi terminal to which the packet is sent
- the Source Address: the MAC address of your mobile device (smartphone, PC, tablet, etc.), essential for access points to respond to the request
- the Frame Body: about twenty fields used to determine the capabilities of the Wi-Fi client
According to academics, attackers capable of peering into network traffic can use these probing requests to track and identify devices and even locate them. As they explain, about a quarter of the Request Probes contain the Service Set Identifier (SSID) of the networks to which the devices were previously connected.
Hackers can find your address using this technique
In other words, this data can be used to reveal in particular the locations of regularly used Wi-Fi access points, such as your home, your work or your favorite café, without forgetting certain information such as your name or your email address. They also add that poll requests can be used to “determine the location of a device with an accuracy of up to 1.5 meters”.
“In fact, this method is already used in 23% of stores. Companies and cities that perform Wi-Fi tracking take the legal position that only the MAC address contained in survey queries is considered personal data, pursuant to Article 4 (1) of the GDPR”. specify the researchers in their report.
As part of their experiment, the researchers analyzed all survey requests made in a pedestrian area of a German city. They were able to obtain 106 distinct first and last names, three complete email addresses, the SSIDs of 92 main houses or secondary and the name of a local hospital.