Jul 08 2024

Apple Geolocation API Exposes Wi-Fi Access Points Worldwide

Category: Access Control,API security,Wi-Fi Securitydisc7 @ 1:09 pm

https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide

Beyond the devices that use them, Wi-Fi hubs themselves can leak interesting data, thanks to some quirks in Apple’s geolocation system.

SOURCE: FRANTIC VIA ALAMY STOCK PHOTO

Apple’s Wi-Fi Positioning System (WPS) can be used to map and track Wi-Fi access points (APs) around the globe. But in a presentation at Black Hat 2024, University of Maryland researcher Erik Rye will demonstrate how he mapped hundreds of millions of APs in a matter of days, without even needing an Apple device or any kind of permissions along the way.

How Apple Exposes Global APs

Have you ever wondered how your phone knows where it is in the world?

The Global Positioning System (GPS) is one tool it uses, of course, but it’s not a perfect one. It becomes less effective when the device loses a clear line to the sky, and it consumes a good deal of power, which isn’t ideal for such a persistent task. 

That’s where the Wi-Fi Positioning System comes in. WPS works a bit like GPS, if you substitute the satellites with Wi-Fi access points (APs).

For details:

https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide

API Security for White Hat Hackers: https://amzn.to/45UJmsg

Wireless Security Architecture: https://amzn.to/4cCpNYb

InfoSec services | InfoSec books | Follow our blog | DISC llc is listed on The vCISO Directory | ISO 27k Chat bot

Tags: Apple Geolocation