idw – Informationsdienst Wissenschaft

Nachrichten, Termine, Experten

Grafik: idw-Logo
Medienpartner:
WJ2014


Teilen: 
15.04.2008 09:31

Positioning system used by iPhone and iPod breached

Roman Klingler Corporate Communications
Eidgenössische Technische Hochschule Zürich (ETH Zürich)

    Apple iPhone and iPod (touch) support a new self-localization feature that uses known locations of wireless access points as well as the device's own ability to detect access points. Now ETH Zurich researchers have demonstrated that positions displayed by the devices using this system can easily be falsified. This makes it unsuitable in a number of security- and safety-critical applications.

    In January, Skyhook Wireless Inc. announced that Apple would use Skyhook's WiFi Positioning System (WPS) for its popular Map applications. The WPS database contains information on access points throughout the world. Skyhook itself provides most of the data in the database, with users contributing via direct entries to the database, and requests for localization. ETH Zurich Professor Srdjan Capkun of the Department of Computer Science and his team of researchers analysed the security of Skyhook's positioning system. The team's results demonstrate the vulnerability of Skyhook's and similar public WLAN positioning systems to location spoofing attacks.

    Impersonation and elimination

    When an Apple iPod or iPhone wants to find its position, it detects its neighbouring access points, and sends this information to Skyhook servers. The servers then return the access point locations to the device. Based on this data, the device computes its location. To attack this localization process, Professor Capkun's team decided to use a dual approach. First, access points from a known remote location were impersonated. Second, signals sent by access points in the vicinity were eliminated by jamming. These actions created the illusion in localized devices that their locations were different from their actual physical locations.

    Simple falsification

    Skyhook's WPS works by requiring a device to report the Media Access Control (MAC) addresses that it detects. However, since MAC addresses can be forged by rogue access points, they can be easily impersonated. Furthermore, access point signals can be jammed and signals from access points in the vicinity of the device can thus be eliminated. These two actions make location spoofing attacks possible. In a test case, one of the devices was misleadingly induced to show its position as being in New York City, whereas the correct position was Zurich (Switzerland).

    Compromised usage

    Professor Capkun explained that by demonstrating these attacks, the team hoped to point out the limitations, despite guarantees, of public WLAN-based localization services as well as of applications for such services. He said "Given the relative simplicity of the performed attacks, it is clear that the use of WLAN-based public localization systems, such as Skyhook's WPS, should be restricted in security and safety-critical applications".

    Further Information

    ETH Zurich
    Professor Srdjan Capkun
    Department of Computer Science
    Telephone: +41 (0)44 632 71 90
    Email: srdjan.capkun@inf.ethz.ch


    Weitere Informationen:

    http://www.syssec.ch/press/location-spoofing-attacks-on-the-iphone-and-ipod - See results:


    Merkmale dieser Pressemitteilung:
    Elektrotechnik, Energie, Informationstechnik, Medien- und Kommunikationswissenschaften
    überregional
    Forschungs- / Wissenstransfer, Forschungsergebnisse
    Englisch


    Hilfe

    Die Suche / Erweiterte Suche im idw-Archiv
    Verknüpfungen

    Sie können Suchbegriffe mit und, oder und / oder nicht verknüpfen, z. B. Philo nicht logie.

    Klammern

    Verknüpfungen können Sie mit Klammern voneinander trennen, z. B. (Philo nicht logie) oder (Psycho und logie).

    Wortgruppen

    Zusammenhängende Worte werden als Wortgruppe gesucht, wenn Sie sie in Anführungsstriche setzen, z. B. „Bundesrepublik Deutschland“.

    Auswahlkriterien

    Die Erweiterte Suche können Sie auch nutzen, ohne Suchbegriffe einzugeben. Sie orientiert sich dann an den Kriterien, die Sie ausgewählt haben (z. B. nach dem Land oder dem Sachgebiet).

    Haben Sie in einer Kategorie kein Kriterium ausgewählt, wird die gesamte Kategorie durchsucht (z.B. alle Sachgebiete oder alle Länder).