Hack Exploits Google Street View to Find Victims

A security researcher has developed an attack which can be used for stalking, using JavaScript and geolocation information from Google to determine a victim’s location.

During a presentation at the BlackHat conference last week, titled “How I Met Your Girlfriend,” Samy Kamkar discussed the new method in detail. It works as follows:

1) the hacker lures the victim to a website which uses JavaScript to steal the router’s Media Access Control address and report the unique identifier to Kamkar

2) the hacker then puts the stolen MAC address into Google Location Services, which gives him an address accurate to a few hundred feet.

“Their web browser is compelling this exploit for you,” Kamkar said. “Pretty cool.”

The slides from the presentation are here

Filed in: Cloud Tags: , , ,

You might like:

Report: NASA to Use Google’s 3D Navigation Tech on Int’l Space Station Report: NASA to Use Google’s 3D Navigation Tech on Int’l Space Station
Google, SynapDx Form Autism Detection Research Partnership Google, SynapDx Form Autism Detection Research Partnership
MarkLogic Updates Database Tech to Support Javascript, Node.js Apps; Joe Pasqua Comments MarkLogic Updates Database Tech to Support Javascript, Node.js Apps; Joe Pasqua Comments
Google, Citrix to Deploy Windows Apps Through Chromebook; Sudhakar Ramakrishna Comments Google, Citrix to Deploy Windows Apps Through Chromebook; Sudhakar Ramakrishna Comments

One Response to "Hack Exploits Google Street View to Find Victims"

Leave a Reply

Submit Comment

© 2014 ExecutiveBiz. All rights reserved.

A Digest of ExecutiveBiz's Daily Coverage of GovCon

  • Executive Analysis
  • Technology & Innovation
  • Business

Sign up for the ExecutiveBiz Digest