Your Wi-Fi Router Could Be Leaking Your House’s Bodily Handle to Strangers



You expect some anonymity when you go online, especially when you are on social media and interact with others through usernames. According to a recent report from Tom’s Guide, you may not be as safe as you think. It is possible that people may be able to find your physical address thanks to your wireless home routes.

Researchers Rob Beverly and Erik Rye discovered that routers leak information that makes it easy for others to find your physical address. Beverly and Rye presented their findings at the most recent information security conference on Black Hat.

Many routers, especially those leased by consumers through their ISPs, leak their MAC address, a unique hardware ID number.

These hardware ID numbers can then be found on publicly available cards. These Wi-Fi maps show the location of Wi-Fi networks at street level.

With the right tool, an angry commenter can reveal your router’s MAC address and then find your router’s location on a map.

This vulnerability arose 20 years ago when technology companies applied a solution to most routers, Tom’s Guide claims. This solution caused routers to leak their MAC address, but this vulnerability was never closed. Businesses continued to add new features and patch other more serious vulnerabilities, but moved on from this leaky MAC address issue.

A large number of routers in nature use older IPv6 addressing, which allows the receiver to locate the router physically very precisely. ”

Rob Beverly and Erik Rye

The researchers became aware of this bug and created a tool called IPvSeeYou that looks for IP addresses that can detect a router’s MAC address. Once the tool is found, it then attempts to match the router’s MAC address to a public database. The pair found more than 60 million routers that revealed their unique hardware IDs. Of that group, 12 million routers could be geolocated using public Wi-Fi information.

Not only do these routers leak their unique hardware IDs, but they also make it easy for people to find routers nearby that use the same ISP. “Just stay close [these exposed] routers are a threat to privacy, ”the researchers said in their BlackHat presentation.

What you can do

According to Tom’s Guide, there is an easy solution to this problem. This vulnerability only occurs in combination devices, often called a home gateway, that includes both a router and a modem. Most of these home portals are provided to the consumers by their ISP.

If you have a separate modem and a router, you do not have to worry about this problem. If you have a combination modem and a router, you can simply disable IPv6 within the router’s settings. You may need to find a user guide or contact your ISP to find out how to change this setting. If your ISP is unable to help, you may need to purchase your own router and only use the ISP’s home gateway as a modem.