I’d been at home since Wednesday of last week with a 2yo while my wife and 4yo went off to visit family and friends so I had some time to think about things, although not time to write much.
There’s a rather huge crime spree in my neighborhood lately. I’m no stranger to being burgled. Neighborhood changed from safe and cozy, to the IT destination (tall and skinnies, $500,000 shacks, etc.) I have had a lot of tech looted from my car, house, and office. Mostly little rinky dink WiFi or Bluetooth things.
Recently someone on our district page lost a smart TV, an iPad 2, and a couple of Bluetooth thingies of little value. The burglars had kicked into the house, yanked the security panel off the wall, pulled the battery and motherboard, and then took their time because the thing hadn’t yelped for help.
There was a comment that this stuff was all untraceable (the iPad 2 was WiFi only,) and that started me wondering – are smart things really untraceable? Shouldn’t they actually easier to trace?
Let’s step out a minute and take a look at a tracker company called TILE. You can take a look at any of the smart tag companies. They sell a tag, it’s a Bluetooth beacon. When the tag is out of range the app reports position to the server. It also reports any other TILEs it comes into contact with. Registered owners of the tags are the only people who can see the location of the tags so you don’t have to worry about person A sniffing your tag and then finding out where you spend your nights.
Every Bluetooth and WIFi device out there has a MAC address. This is a unique identifier that theoretically no other device on the planet should have. Read should. There are plenty of exceptions. We’ll skip the exceptions for this piece.
Now, your phone is passively scanning regularly in the background to see if a network you’ve joined or Bluetooth device is in range. Bluetooth sniff range is about 30 meters or 100 feet. WiFi sniff range is generally longer than that. Basically you can hear a WiFi or a Bluetooth way way before you’re in range to connect to it.
MAC addresses are regularly used to track your movement in chain stores (it’s to see where you linger, what interests you, tie your phone to a profile they can use to market.)
So why can’t we have an app that when you’re home you press “all this stuff you can sniff is mine” and it runs in the background using the passively collected WiFi/BT data, and if your stuff gets taken you then push “my stuff is gone” and a server then starts flagging approximate locations the devices are seen?
Much like TILE, you’re going to need an app on a lot of people’s phones, but perhaps this is something the big finding companies could incorporate into their existing apps as they’re already gathering and transmitting the other data.
Much like War Driving for WiFi hotspots, police or citizens who don’t particularly like being a hotbed of criminal activity could more actively participate while plugged in and driving. People who purchase stolen equipment could find out that it’s stolen and report the seller just by powering it up and attempting to claim it.
Suddenly gadget crime is useless.
Or maybe I’m being overly optimistic.
The things I do not know about this
- Can WiFi MACs be sniffed when they’re joined to a network you’re not joined to.
- Percentage of bad/duplicate MAC addresses on Bluetooth/WiFi devices.
Anyway, that’s the idea – need a programmer to take a look at it to see if it’s doable but I think it probably is.