May 23, 2024 at 02:44AM
Academics have found that Apple’s Wi-Fi Positioning System (WPS) could lead to widespread privacy issues, enabling mass surveillance even of those not using Apple devices. The system’s design allows for tracking individuals via Wi-Fi access points, potentially identifying specific locations and individuals. Researchers advised certain defenses against this tracking.
Key Takeaways from the Meeting Notes:
– Apple’s Wi-Fi Positioning System (WPS) has been found to facilitate mass surveillance and pose privacy concerns, allowing for the tracking of individuals and sensitive populations.
– The design of Apple’s WPS, compared to Google’s, provides a way to conduct extensive location tracking studies due to its openness and lack of authentication or rate limits.
– The research identified potential privacy risks and highlighted the possibility of determining individual identities or group affiliations using location data obtained through WPS.
– Mitigations to prevent BSSID tracking include appending “_nomap” to the AP’s Wi-Fi network name and BSSID randomization, which SpaceX has implemented in their products.
– Technical experts hope to encourage the IEEE to take up the issue of BSSID randomization as a defense against WPS tracking, similar to the efforts on MAC address randomization in the past.
– Further measures, including additional remediations from Apple and potential IEEE standards, are being pursued to address the described tracking vulnerabilities.
Overall, the meeting notes highlight significant privacy and security implications associated with Apple’s Wi-Fi Positioning System and efforts being made to address these concerns.