πŸ’» πŸ“± WiPri: -w WiFi Radio Off Option (A ...

πŸ’» πŸ“± WiPri: -w WiFi Radio Off Option (Automatic): Prevents ID / Saved SSID Leaks

Sep 21, 2022

To understand value in flag (-w), and how to automate upgrading when a new feature comes out. First time covering -w flag (public post), and for a while now I've felt something like this flag necessary -- at least as another option (ie: combine with other flags).


EXAMPLE USAGE:

Want to mimic an Apple / Samsung device (common smartphone - most common devices to blend in crowd) and have it maintain that mac address (even if firmware or software crashes)?

And have -w flag turn off wifi transmissions when you get a few minutes from home / work (in case you forget)?

TRY:

wipri -d wlan0 -w -P

The above example will set continuously changing random Apple / Samsung MAC Addresses, at continually changing, randomized addresses / times, and when it is detected that you have left the general area of WiFi for several minutes, the WiFi radio turns off (radio silence).

This offers many disinformation options and complete radio silence when away from WiFi range (maximize anonymity disinfo, then disappear when wifi no longer usable).


Want to mimic all device possibilities, and appear to be a different device at randomly chosen times and values? AND have it turn off wifi identifier transmissions completely when you leave your network area (ie: home, work)?

TRY (-a flag can be a good option for travel):

wipri -d wlan0 -w -a

(the above ex makes simultaneous changes (at randomly chosen, changing times) of hostname + mac address + transmit power strength (to appear changing distance to confuse wifi RSSI tracking)

There are many other possibilities.


FULL OPTION LIST:


Running wipri -H shows multiple examples:


πŸ“ DOWNLOADING WIPRI

DOWNLOAD (πŸ”’πŸ§… Gitea Onion: Use Tor)

DOWNLOAD (Any Browser)


πŸ“± INSTALLING IS EASY 🐧

Improved the install.sh script to allow automated upgrades (and changes to boot by rerunning it).

From now on, anytime you want to upgrade wipri (for a new feature), all you need to do is download the latest wipri, extract the compressed file, move into directory, and run this (inside terminal):

sudo bash install.sh

Then simply answer the question yes / no if you would like it to automatically install to boot. If you answer 'no' (to boot ques), it will install as a command only.

If you chose 'yes' for install at boot, next enter the wipri command (and flags) you would like (seen below), and install.sh does the rest for you, including replacing old files and reloading the wipri.service using your newly chosen command.

CHANGING CURRENT BOOT FLAGS

Anytime you want to change your boot flags, run install.sh again, and enter the wipri command you wish to replace the old (above image shows -w flag combined with status Apple / Samsung)

Done.


WIPRI IMPROVEMENTS (TODAY'S QUICK VIDEO)

https://www.youtube.com/watch?v=dl7Vu0TIyrY


πŸ•΅οΈπŸ“‘ REMEMBER MACTRACK? (It's Relevant)

Early 2021 I shared a python sniffer, for a wifi "privacy risk" demo. I also covered ideas for mitigation in some of those videos.

mactrack places the wifi card in monitor mode, sniffing / filtering nearby wifi device identifiers (mac addresses + their brand name + signal strength) + their associated wifi probe requests (live), sharing all devices and their stored saved WiFi networks.


What Does This Mean For Me? (Important Part Below)

You may have heard this before here, but I'm going over it again to make sure I don't lose anyone...

Anytime you have a wifi device enabled, the moment you are disconnected (out of range) from your home, work, or public wifi network, your device begins repeatedly spitting out (over the air -- radio) ALL of your saved networks history list, for anyone in range, sniffing wifi (in monitor mode).

Incredibly easy to do.

Consider The Possibilities...

With access to these saved networks and the associated device mac address, you can then find the home address of each of those saved networks (GPS / Street Address).

Mactrack automated the process, and on ctrl+c dropped you to a Wigle GPS / Street address lookup prompt (with logging). Allowing you to look up interesting device's saved network locations.

This is another way our devices are able to be tracked.


πŸ“Ί FLASHBACK VIDEO: DEMO ON THIS PRIVACY CONCERN

https://youtu.be/xYuklDvoaiA


πŸ—’οΈ THE PROBLEM:

If someone can see your home WiFi network's street address / GPS, your work address, and all of your friend's addresses (ever use their wifi?), well then, they can map out your movements and social connections.

Before the w flag, even if you spoofed mac address (using any program) your wifi device would be sharing its saved SSID Network Names.

These are incredibly unique identifers (when linked / combined) and as mactrack was meant to demo, can trace you through all of your saved wifi network locations.

All places you ever used WiFi.

I've mentioned all of this before, but want to ensure everyone reading understands the implications, and the solution flag.


πŸ’‘ SOLUTION: -w FLAG

The (-w) flag is a mitigation for this issue.

If you set the -w flag (either running wipri as command or at boot), it will automatically turn wifi device's radio off when you have left your network area for x minutes, cutting off the sharing of those networks (ie: your entire wifi network history).

You can turn wifi back on by right clicking your network and hitting 'enable wifi' again.

Combine (-w) with other flags, to make the most of it.

Works on majority of Linux phones, tablets, computers (with systemd for the automated boot setup, and nmcli [networkmanager] for the -w flag).


πŸ’¬ Questions / Comments:

Enjoy this post?

Buy πŸ₯· (RTP) Privacy Tech Tips πŸ“‘ a coffee

More from πŸ₯· (RTP) Privacy Tech Tips πŸ“‘