Surveilling the Masses with Wi-Fi Positioning Systems
Unknown
Black Hat USA 2024 · Day 1 · Briefing
In his Black Hat USA talk, "Surveilling the Masses with Wi-Fi Positioning Systems," Eric Rye, a third-year PhD student specializing in network security and privacy at the University of Maryland, unveiled a critical vulnerability in Apple's Wi-Fi Positioning System (WPS). The presentation detailed how a low-power attacker could exploit specific design quirks of Apple's publicly accessible API to efficiently enumerate and collect vast amounts of Wi-Fi **Basic Service Set Identifier (BSSID)** geolocation data. This capability, Rye demonstrated, opens the door to large-scale surveillance and longitudinal tracking of Wi-Fi access points globally.