Spoofing the Location Finder in Apple's iPhone

In January, Skyhook Wireless announced that Apple would use SkyhookĂ's WiFi Positioning System (WPS) for its popular Map applications. The WPS database contains information on access points throughout the world. Skyhook itself provides most of the data in the database, with users contributing via direct entries to the database, and requests for localization.

ETH Zurich Professor Srdjan Capkun of the Department of Computer Science and his team of researchers analysed the security of SkyhookĂ's positioning system. The teamĂ's results demonstrate the vulnerability of SkyhookĂ's and similar public WLAN positioning systems to location spoofing attacks.

When an Apple iPod or iPhone wants to find its position, it detects its neighbouring access points, and sends this information to Skyhook servers. The servers then return the access point locations to the device. Based on this data, the device computes its location. To attack this localization process, Professor CapkunĂ's team decided to use a dual approach. First, access points from a known remote location were impersonated. Second, signals sent by access points in the vicinity were eliminated by jamming. These actions created the illusion in localized devices that their locations were different from their actual physical locations.

SkyhookĂ's WPS works by requiring a device to report the Media Access Control (MAC) addresses that it detects. However, since MAC addresses can be forged by rogue access points, they can be easily impersonated. Furthermore, access point signals can be jammed and signals from access points in the vicinity of the device can thus be eliminated. These two actions make location spoofing attacks possible.

Professor Capkun explained that by demonstrating these attacks, the team hoped to point out the limitations, despite guarantees, of public WLAN-based localization services as well as of applications for such services. He said "Given the relative simplicity of the performed attacks, it is clear that the use of WLAN-based public localization systems, such as SkyhookĂ's WPS, should be restricted in security and safety-critical applications."

Posted to the site on 14th April 2008

Page Tools

Email this article to a collegue

Printer Friendly Version

Tags: ipod skyhook skyhook wireless wlan

...previous article Next article...

Daily News Headlines

Get a free email of the news articles

Click for sample copy - Our privacy policy

Most Popular Stories

17:51	Turk Telecom Wins $187 Million Award Against Turk Telecom
15:14	Digicel Jamaica Seeks Arbitration over Interconnection Fees
14:22	ZTE Integrates Interference Cancellation into HSPA+ Product Roadmap
10:35	AdMob Opens Office in Singapore
10:26	Canadian Mobile Phone Market Recovery Stalled in Q3

Latest
Top Stories
E-mails
Jobs

Nokia Siemens Networks Restructures - Looking at 5,000 Redundancies

Sony Ericsson Shows Off Android Based Smartphone

Huawei and Starent to Replace Telenor's Entire Norwegian Network

The Top-10 Selling Mobile Phones in October 2009

Nokia Dominates Top-10 Handset Sales Chart

Nokia Siemens Networks Restructures - Looking at 5,000 Redundancies

Smart phone market shows modest growth in Q3

Green Network Improvements to Yield 42% Drop in Carbon Emissions by 2013

Smartphone Market Continues To Grow Despite Economic Malaise

Orange & T-Mobile Confirm UK Merger Details

Bss/RAN Engineer (Qatar)

Ericsson Civil Works Supervisor (South America)

Ericsson RBS Field Engineer (UK)

Civil Engineer With Experience In Telecomunications! (Northern America)

TRANsmission Design - Team Leader (Southern Africa)