Enormous Database of Wifi Routers – Including Yours! – Revealed by AOL and Skyhook Announcement

Quite a few people have by now read about AOL’s new Skyhook “Near Me” buddy plugin. That’s the plug-in for the service which lets you know if any of your buddies are geographically near to you, and puts them in a “Near Me” buddies group.

But what far fewer people realize is exactly how it works. How does it know when you are geographically near one of your buddies?

The answer may surprise – and concern – you.

The underlying technology is provided by Skyhook Wireless. According to news sources, Skyhook has spent the past several years “driving a fleet of 200 trucks up and down the streets of 2,500 cities and towns across the United States and Canada,” mapping every single wireless router. Not just commercial hotspot routers. They openly admit that their trucks “scan for the pulse given off at least once a second by every home wireless router or commercial hotspot, recording the unique identifying code for that piece of Wi-Fi equipment.”

Read Internet Patrol Articles Right in Your Inbox as Soon as They are Published! Only $1 a Month!
Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
Or get notified of new Internet Patrol articles for free!

Then, that code – of your home wireless router – “is correlated with the exact physical location where it was captured using GPS in the trucks, which cruise the streets at 15 to 50 miles (24 to 80 kilometers) per hour as they collect this information.”

Just in case the picture isn’t clear, let me paint it for you:


Skyhook’s trucks have been cruising your street, have identified your home wireless router by its unique code that only your home wifi has – and is correlating it with your location using GPS.

And then they put it in a databse

Yep, Skyhook has what has got to be the largest database of wifi access points – public and private – anywhere. According to reports, the database has 16 million wifi access points “covering an area where Skyhook says 70 percent of the U.S. population lives and six Canadian markets where the majority of that nation’s people live.” Including you.

Including your wireless router.

At your home address.

How do you feel about that?

Oh, and the purpose of this database? Why, to make it available for commercial applications, of course.

Suddenly the issue of whether your computer is seeping data seems a lot more relevant, doesn’t it?

Get notified of new Internet Patrol articles!

50 Replies to “Enormous Database of Wifi Routers – Including Yours! – Revealed by AOL and Skyhook Announcement”

  1. The point of capturing these WiFi locations is not to track their owners addresses, but to create a triangulation network to figure out where a wireless user is located when they search for the nearest bar or restaurant. Since GPS is spotty at best in urban settings, triagulating of cell towers is moderately accurate, but with a dense matrix of known WiFi coordinates – bingo!!!

  2. Whoop di doo. The serial number that your AP is beaming out 24/7 is picked up by a truck. Meanwhile your ISP has access to every bit you send and receive to and from the Internet. Grow up.

  3. Turns out that the Skyhook database is being used by Apple on their iPhones and iPod Touch for location tracking.

    Looks like #40 was right after all.

  4. OK, It’s 2008, almost a year since the last entry of a comment…I want to tell you people reading this I would be more worried about your passport, as the US gov’t has placed rf’s in the cover/binding to trace you on their own gps system…so consider that when you try to run…

  5. Oh noes! Your axxess pointz have been mapx0r3d!!!11!one! Teh hax0ring must surely be close behind!

    I hate to crash everybody’s party, but there is a completely open and public database of over 9 million access points already, ye olde wigle.net. Wigle has been around for years and grows constantly. It’ll pass 16 million someday.

    Also, to skadeet: don’t go around trying to correct people when you don’t know your subject. Do a google image search for netstumbler, then click on the second result: what are those? MAC addresses. Durhur. All access points have MAC addresses that are broadcast with the SSID, and as such can be linked to their manufacturer via the public list put out by the IEEE. This is how smart greyhats and blackhats can figure out what all the defaults (read default access) are for your wireless hardware and mess around with it. Also, as soon as you’re on any wireless network, Ethereal or some other sniffer will give you all the internal MAC addresses.

  6. @26 notes there might be a federal issue.

    But no one’s yet mentioned state law.

    My state’s laws are so draconian and went so overboard in response to “hacking” fears, that even if you don’t access the internet, what this company did could be construed as unauthorized access.

    Some eager young local DA could decide to go after the company (and subpoena all its records).

    So even disregarding federal issues – you could have multiple state misdemeanors (over dozens of states).

  7. Wow, pretty cool. Its like a low tech GPS? Seems like it reminds me of some distributed computer like SETI at Home. Well, except it’s mobile and all a person contributes to it is an SSID (or BSSID whatever that is).

    To be honest I would be proud to be a part of that. I mean, yeah, they know the MAC address i typed in my wireless router’s web page interface. I am not worried about that. That number means nothing, and will be changed next time I upgrade to the newest letter (B,G, PreN, N, etc, etc, etc).

    To me it is cool to be part of some lowbrow positioning network. There are allot of nodes, thats for sure.

    I have a GPS reciever I use thats portable. It was pretty cheap. I don’t really see how the Router/MAC address peer to peer network could be any better. The satalites are predictable in where they will be at ALL times. People move and take their routers with them.

    And you know what else? I know it’s just a MAC address, but for once I wish people would just ask before they took whatever leaks my existance produces, this is including WiFi signals.

  8. Very few commenters here have even the slightest understanding of what this actually means and what the implications actually are. What your wireless access point and/or your router does or does not do with your IP address is irrelevant to this discussion. What Skyhook is doing has no implications whatsoever for remote access by anyone to your access point, router, network, or computers, either via your wireless network or via your Internet connection. Whether or not you use encryption is irrelevant. Whether or not you change or hide your SSID is irrelevant.

    No one can use Skyhook to locate anyone that doesn’t want to be located. Anyone who does want to be located could use GPS to tell others where they are or could just manually type in their coordinates. Skyhook lets people who want to be located use the WiFi beacons to figure out where they are automatically and then make that information available to others.

    Skyhook has created a database that ties your wireless gear to a geographic location. They did this in much the same way that someone could create a database tying the make, model, and license number of your car to a geographic location – they drove past your house and looked in your driveway. If you’ve got a wireless network, you are as good as putting up a sign in your front lawn saying “I’ve got a wireless network”. This should be neither surprising nor disturbing to anyone, any more than putting a satellite dish on top of your roof tells everyone that cares to look that you have a satellite dish.

    But Skyhook doesn’t know anything about you specifically, nor anything about your network or computers… and they don’t care to. All they’re doing is the equivalent of noting that there’s a big pine tree in your yard (with exactly 15,672 needles), then telling people “Okay, if you’re standing near a big pine tree with exactly 15,672 needles, then you’re near 32 latitude, -90 longitude.”

    Note that this helps other people find out where they are by orienting themselves using landmarks. The fact that the landmark happens to be at your house has nothing to do with it. It doesn’t help anyone find you. It doesn’t tie your online activities to your physical location. It doesn’t help anyone find out who you are. It doesn’t help anyone find out anything about you other than that someone at your location has a wireless access point. Note, however, that all of the above potential privacy concerns are already breached by other methods, and what Skyhook is doing neither makes it possible nor makes it easier.

    The one interesting concern might be that someone with access to this database could tell, over time, that someone has moved from one place to another and taken their computer equipment with them. Just in case that might be too hard to figure out by looking at mailing addresses, vehicle registrations, property deeds, rental records, credit card use, or employment histories. Unlike with those other methods, though, whoever had access to the Skyhook database couldn’t tell anything else about who it was that moved except that they liked computers.


  9. Well gee, it sure is good that I have SSID broadcast turned off on my home router and all the traffic encrypted with WPA2. In other news, people with open windows tend to have people look into their houses! Film at 11!

  10. The VERY first Child molester that uses this system to locate a child, will get this company sued off the net.

  11. The VERY first Child molester that uses this syetm to locate a child, will get this company sued off the net.

  12. This is a pretty alarmist and ignorant article. What skyhook and others like navizon.com are doing is pretty brilliant, and has absolutely no privacy implications. There is no accessing of private APs. There is no way for anyone to know where you live. All that’s happening here is using a radio scanner that listens to everything being broadcast to it, whether that is wifi or cell towers, and noting the unique id of that signal, and the location it was found. So next time someone goes through that area without a gps, they’ll listen to those same signals with the same unique id’s, and they’ll know where *THEY* are. They don’t know (or care) where *YOU* are.

  13. Is anyone here in the phonebook?
    Name, address & phone number.
    Something about mountains and molehills comes to mind.

  14. i think some people need to get their terms correct. routers do not broadcast ‘MAC’ addresses. MAC addresses stop at routers. The only network equipment that has any use for MAC addresses between routers and switches are switches. Switches are LAN devices. routers are WAN devices. SSID’s and network ID’s have nothing to do with MAC adddresses. however, do to the security holes within wireless protocols there may be some sort of info leak, that’s possible. but in no way do ‘routers’ broadcast MAC’s. Also you can spoof your MAC address if you want. but that’s another topic.

  15. OMG! Companies are able to find out where you live! And sell that information to other companies that might want to…gee, I dunno, do something EEEEEVIL like send you a circular for your neighborhood grocery store. A coupon for a carwash. Or let your buddy using some goofball plugin know that you’re at home.

    Aieeeee! The Millenium done arrived! Help help! The jackbooted thought-police will be at our doors any moment!

    Sheesh. Talk about hysterical brainless pantswetting. God send that the worst threat to my privacy is AOL or HyperMarketingCorp X, instead of (say) divorce lawyers, the IRS, and identity thieves rooting through my trash for old credit-card receipts.

  16. Before my time but they used to pick up video output with such trucks! ACtually sat in the parking lot and could show what was being displayed on a monitor!
    Serviza: Computers Fully Loaded with Software When You Get Them!

  17. And it would be a crime to use the access point to access the internet, not to pick up the signal. Everyone with a wireless card would be guilty of that.

  18. Traceroute will identify the owner of the IP address, that is rarely where the computer is (at least for home users). Although you can generally get it down to a city.

  19. 1) I use a WAP, my WAP is not my ROUTER
    2) Traceroute isn’t going to help
    3) If I buy a new WAP every couple years, any info they do get is out of date.

  20. The “trucks roving” is an interesting exaggeration of the truth. I know this, as I was one of their many drivers. The real story behind this is that they contracted several residents of major cities for a decent hourly sum to map out their neighborhoods I drove up and down each and every parking lot, cul-de-sac and highway watching bars raise and lower on the little IPAQ/GPS they provided me with. Based on the overall experience I had with this organization, I wouldn’t be too worried or paranoid. They were exceptionally disorganized, rarely reponded to frequent emails, and took forever to finally make payment–after I had to ransom the return of their IPAQ. Now, what someone else may do with this data could be interesting to see, but the idea that was explained to me was that it would be a replacement of GPS and a way of instantly tracking the nearby stores and entertainment hotspots by surfing while driving. They even provided me with a working copy of the program to test it with. Comments?

  21. Whether or not this turns into a “privacy” issue, it’s another example of why people should:
    1. Stop using AOL and their crappy software;
    2. Stop using Windows and crappy Windows software.

    The idea that I have to have some kind of “plugin” to get any additional value our of a wireless router is truly frightening. Besides, I don’t think I would want to know where half the people using AOL live.

    And what commercial applications will this database provide, especially if *Nix geeks like me aren’t using AOL? If they try anything with my equipment, I’ll just blast them with my lasers.

  22. Directly from dozens of AP wire stories:

    “The company has spent the past few years driving a fleet of 200 trucks up and down the streets of 2,500 cities and towns across the United States and Canada. These trucks scan for the pulse given off at least once a second by every home wireless router or commercial hotspot, recording the unique identifying code for that piece of Wi-Fi equipment. That code is correlated with the exact physical location where it was captured using GPS in the trucks, which cruise the streets at 15 to 50 miles (24 to 80 kilometers) per hour as they collect this information.”

  23. Hum apparently they have not heard of traceroute,whois. Your computer is already able to be identified to where your location is in a general vecinity. Has been for years.

  24. And what exactly is wrong with what they’re doing? If you’re broadcasting an SSID and not using encryption, and they then map where you are based on this, how is this their problem and something to roast them for? Blogger needs to get with the program and learn some personal responsibility.

  25. Gee guys, why not set up the wireless router, encrypt it, then turn off the SSID broadcast? No broadcast = no signal to pick up = no router located here!!! While there are ways to locate the router, it’s a hell of a lot harder. I’m betting they don’t have the technology and/or aren’t that smart.

  26. @15, amusingly enough, I know of at least a handful of routers that allow you to specify a MAC address to utilize via their built-in configuration utility. Most of them are off-the-shelf models.

  27. Actually, your router’s mac address does get sent to the next hop router (your ISP). From your ISP, their router’s MAC address replaces yours, and gets sent to their next hop router, and so on… Layer 3 source/destination doesn’t change(usually — TOR routers are an exception), Layer two address change at each layer two(or above) device (switches, bridges).

  28. ^^^Shawn^^^ you’re off on both points.

    Every wifi router broadcasts a unique MAC address – BSSID. So anyone within range can see it, whether you have encryption or not. Also, the IP address ARE masked by any connection using encryption. But IPs are a non issue since connections made via wifi are based on the BSSID (and SSID), plus authentication.

  29. > First off, if the truck thing is true, what a waste of time and
    > effort!….If you want the person’s location for this to work,
    > why not just ask the person also for their address during the install

    Chris I agree somewhat in that it seems like an awful lot of money to spend doing scanning. However, that being said you are missing the point. More and more people are using laptops and cellphones and pdas to connect on the go. The whole point of the service is that you can move your computer. By your logic you could say the same thing about GPS systems -> “oh my gosh why spend all that money sending satellites into space when i can just specify my location during install” fine for a desktop, but not so useful if you want to do in car navigation and street finding.

  30. > by the time they databased them
    > all, 50% of people would have
    > moved, or changed routers, gotten
    > new computer, etc etc. This makes
    > 0 sense and is an impossible task

    I don’t think it’s an impossible task. Yes, people move frequently, but it seems like on average not more than once a year. Granted everyone moves at different times, but I am willing to be that almost always, it is on monthly boundaries. So if you could feasibly scan an entire city in less then a month, I think it’s quite possible to maintain an up to date, accurate database of MAC addresses to lat/lon pairs. I think if I hired a few people to drive new york city 40 hours a week, it wouldn’t take long at all to have enough data to get decent coverage.

    I guess that’s the great thing about being a computer science person. It really teaches you to take a problem that at first glance seems impossible, but by breaking the problem down into smaller pieces, “impossible” becomes “maybe possible” :)

  31. This will make it even easier for the pedaphiles to find your kids. They can hunt ’em down in no time. Ain’t technology wonderful!

  32. Facts:

    1. Routers broadcast the MAC addresses of themselves.
    2. Every router has a MAC address that cannot change.*
    3. If you haven’t purchased a new router within the last year or so, there is a good chance they can use the collected data, and triangulate a location very near your residence.

    *You could flash the router’s firmware, but if you don’t know what the means, then you can’t change the MAC address. ;)

  33. It doesn’t take three trucks to triangulate a router. With just netstumbler, a GPS, and one vehicle, I normally can tell you within a couple of feet where a router is. If there aren’t any cross streets, I do have a problem determining which side of the street (without a directional antenna). It’s not exact, but if you have ten “radio transmissions” at various points where you can determine signal strength, the law of averages are on your side.

  34. I was going to buy a sign that said something like “Free Wireless Access Point” and put it out front of our house — or at least out front of our garage, which is where my wife’s little art gallery is located. Guess I can save $10 now, eh? :)

  35. When I first read this I thought, what a crock of daisy’s. However….it’s actually possible to do this though I don’t know that the initial investment finances could be gathered to pull it off. If that kind of money is so freely available, I have some great business ideas!! �

    Ok, so lets see…I drove through my town and found 4,000 routers with an SSID of “linksys� and 8,000 routers with an SSID of “default�. The only distinguishing item in the survey between either groups would be the MAC of the AP. Fortunately, the MAC of a device does not leave the local network in a typical IP network. However, I suppose the software could interface with the client wireless interface to query the connected APs’ MAC address and compare that with the known database of MAC/AP’s out there. I guess the work around for this is to find an AP that you can daily change the MAC address on the wireless interface. One caveat, if the user was not wirelessly connected to their network, nothing usable would be available and the find-me functionality would have to rely on geo IP mapping. Something that is much easier to perform. It seems like an idea that is much ahead of it’s time.

  36. This is absolutely NOT a privacy issue. If I yelled something to my neighbor across the street, anyone walking by has a right to listen. If you don’t want people checking out your wireless router, DON’T have a wireless router!

  37. Great! I don’t mind if somebody wants to use my wireless router. I leave mine wide open. Hook up if you want. Who’s it hurting? No, I’m not worried about my privacy because I have so little to hide.

  38. Hello, and welcome to the future. In case you weren’t sure, you are broadcasting a signal. By broadcasting a signal, other people can identify it. If you are very concerned, CAT5 still works well.

  39. Directly from the very bottom (so not nearly so often read) of countless copies of the story:

    “The company has spent the past few years driving a fleet of 200 trucks up and down the streets of 2,500 cities and towns across the United States and Canada. These trucks scan for the pulse given off at least once a second by every home wireless router or commercial hotspot, recording the unique identifying code for that piece of Wi-Fi equipment. That code is correlated with the exact physical location where it was captured using GPS in the trucks, which cruise the streets at 15 to 50 miles (24 to 80 kilometers) per hour as they collect this information.”




  40. Relax. First off, if the truck thing is true, what a waste of time and effort! The reality is the only way that your wireless ID code is linked to your name is if you install the plugin – your name doesn’t magically get broadcast along with your wireless ID. You need to physically enter it during the installation process, at which time the install program queries your router for the ID to tie the two together. But really, what a waste of time and money! If you want the person’s location for this to work, why not just ask the person also for their address during the install – if they want to use this plugin, clearly they wouldn’t have a problem with it. As far as the government tracking when someone moves, the old fashioned approach has always applied – check the phone book, driver’s license, bank statements, etc….

  41. What “unique code that only your home wifi has”? There are two that they might get hold of: the MAC address and the IP address. The MAC address is constant, but doesn’t get sent over the net so no one can use it to remotely identify you. The IP address does get sent, but how constant is it? Many, many high-speed Internet subscribers are on dynamic IPs. This is overblown.

  42. This only validates the reason to make sure that you are using a secure router at home so others can not hack your router and cause issues with your network. Case in point, change your passwords and use the encryption security built into the router. What, no encryption on your router? I am sure the neighbors appreciate you letting them use your internet connection for free!

  43. Let’s see…. Truck picks up my router code in a crowded neighborhood, no big deal.
    Then I move and truck picks up the same code in a different location and that gets added to the database.
    My neighbors move and I stay. Truck still picks my signal at the same location but all the other codes have changed. Add to database.
    See where I am going!

    The concern is that the database is ongoing and historical. If it is compromised then the data can be correlated with public records on people and eventually the router code gets tied to an individual household.
    What else does the database hold? It will grow over time and its contents will be irresistible to not only commercial interests, but government (how do you spell HLS), and hackers & phishers.

    And how do you feel about THAT?

  44. yeah I think I would take this one with a grain of salt. Plus by the time they databased them all, 50% of people would have moved, or changed routers, gotten new computer, etc etc. This makes 0 sense and is an impossible task, i think stories have gotten a little twisted on their way out into the press :)

  45. Probably worth noting that they correlate it by GPS to the truck’s location when the signal is picked up. Unless they have three trucks running triangulation of each signal, the coordinates aren’t exact, just approximate. If you live in a densely packed area of condos or apartments, they may have 5 or even 20 signals attached to a 100 yard radius.

    That doesn’t make it better, but it makes it less likely for someone to connect the signal specifically to your home.

Leave a Reply

Your email address will not be published. Required fields are marked *