Trustworthy Wireless
1
Trustworthy Wireless • Yes: MAC address = unique identifier • Previously proposed solution: Pseudonyms (change MAC address each session) • Pseudonyms are not enough! • Implicit identifiers remain (exposed characteristics of network traffic) Can Your Wireless Traffic Reveal Where You’ve Been? What Your Wireless Traffic Says About You (typically < 100m) Cheap Radios, Monitoring Software Ubiquity of 802.11 Networks 802.11 Access Points in Chicago tcpdump Can Your Wireless Traffic Identify You? Implicit Identifier Examples Network destinations: web bookmarks, your email server, VPN server, etc. Wireless Network Names: networks you’ve visited before (e.g., your home) 802.11 Protocol Fields: wireless card implementation and configuration Packet Sizes: size of broadcast packets (NetBIOS, MS Office, mDNS, etc.) Implicit Identifier Accuracy Typical Hotspot Best Practices Example: 1 in 4 users identified >50% of the time with 0.1% false positives Visible even with WPA,WEP encryption! • Yes: Laptops probe for network names you’ve connected to before • Network names (SSIDs) are often identifying (e.g., “CMU,” “IR Guest,” “Bob Home”) • Fundamental Problem: device discovery and pairing is not private Example of Where You’ve Been “djw” = David J. Wetherall’s Home Network? (1) Collect some wireless data… “Anonymized” SIGCOMM 2004 802.11 Trace (2) Lookup suspect SSID in a war driving database… (3) Find suspect’s home using Google Maps! Jeffrey Pang, Srinivasan Seshan Ben Greenstein, Ramakrishna Gummadi, Tadayoshi Kohno, David Wetherall Ubiquity of 802.11 Devices Why You Should Worry About Wireless Privacy hotspot home corporation
-
Upload
kennan-jennings -
Category
Documents
-
view
26 -
download
0
description
Trustworthy Wireless. Jeffrey Pang, Srinivasan Seshan Ben Greenstein, Ramakrishna Gummadi, Tadayoshi Kohno, David Wetherall. Why You Should Worry About Wireless Privacy. Ubiquity of 802.11 Networks. (typically < 100m). Cheap Radios, Monitoring Software. Ubiquity of 802.11 Devices. - PowerPoint PPT Presentation
Transcript of Trustworthy Wireless
Trustworthy Wireless
• Yes: MAC address = unique identifier
• Previously proposed solution: Pseudonyms (change MAC address each session)
• Pseudonyms are not enough!
• Implicit identifiers remain (exposed characteristics of network traffic)
Can Your Wireless Traffic Reveal Where You’ve Been?
What Your Wireless Traffic Says About You
(typically < 100m)
Cheap Radios,MonitoringSoftware
Ubiquity of802.11
Networks
802.11 Access Points in Chicago
tcpdump
Can Your Wireless Traffic Identify You?
Implicit Identifier Examples
Network destinations: web bookmarks, your email server, VPN server, etc.
Wireless Network Names: networks you’ve visited before (e.g., your home)
802.11 Protocol Fields: wireless card implementation and configuration
Packet Sizes: size of broadcast packets (NetBIOS, MS Office, mDNS, etc.)
Implicit Identifier Accuracy
Typical Hotspot Best Practices
Example: 1 in 4 users identified >50% of the time with 0.1% false positives
Vis
ible
eve
n w
ith
WP
A,W
EP
enc
rypt
ion!
• Yes: Laptops probe for network names you’ve connected to before
• Network names (SSIDs) are often identifying (e.g., “CMU,” “IR Guest,” “Bob Home”)
• Fundamental Problem: device discovery and pairing is not private
Example of Where You’ve Been
“djw” = David J. Wetherall’s Home Network?
(1) Collect some wireless data… “Anonymized” SIGCOMM 2004 802.11 Trace
(2) Lookup suspect SSID in a war driving database…
(3) Find suspect’s home using Google Maps!
Jeffrey Pang, Srinivasan SeshanBen Greenstein, Ramakrishna Gummadi, Tadayoshi Kohno, David Wetherall
Ubiquity of802.11
Devices
Why You Should Worry About Wireless Privacy
hotspot home corporation
