http://evilpacket.net/2010/jan/14/mifi-geopwn/
The MiFi by Novatel Wireless (re-branded and sold by multiple vendors such as Sprint and Verizon) is a mobile wifi hotspot. The mifi also has a built in GPS to provide location based searching. Turns out that the web interface to this little device has a lot going on that can be exploited, from gaining the user's GPS data to terminating the user's connectivity.
[...]
So for those that weren't paying attention: Any MiFi user that visits a specially crafted page will give up their GPS location to the attacker.
No comments:
Post a Comment