search

wiglenet / wigle-wifi-wardriving

Nethugging client for Android, from wigle.net
https://wigle.net
BSD 3-Clause "New" or "Revised" License
649 stars 199 forks source link

old gps units may get time/date wrong #608

Open ZeroChaos- opened 11 months ago

ZeroChaos- commented 11 months ago

Wigle, being awesome, supports ancient android devices. Devices which are no longer supported and may calculate the date wrong due to GPS Week Rollover. Wigle trust the gps above all else for time right now, which is fine. However, the user may be unaware, so I suggest an alert can be added. NTP could be used to verify the date provided by gps is correct, and if not, an alert could be provided to the user. In this way, the security model should be unchanged, but the user will know something is wrong on their old device and they are submitting bad data.

Problem statement

gps week rollover not accounted for, bad data is sent

Suggested fix

check ntp and compare to gps, alert user to the issue

Simplified Security model, trust gps

user spoofs ntp time: the check doesn't work as intended and the user sends data with the wrong time
user spoofs gps time: the check doesn't work as intended and the user sends data with the wrong time

Simplified Security model, trust ntp

user spoofs ntp time: the check doesn't work as intended and the user sends data with the wrong time
user spoofs gps time: the check doesn't work as intended and the user sends data with the wrong time
but ntp is easier to spoof, so using the ntp time drastically raises the chances of getting intentionally poisoned data
vsa77 commented 9 months ago

Asking here first before submitting a new issue: Is this related to why I have been getting credited for a fraction of the WiFi signals I have captured lately?

For some reason Bluetooth captures have been consistent (or risen), which I figured was due to the phones being newer/better than the Samsung S-5 (Android 7/LineageOS 15, rooted) I first used or the A12 that I replaced it with, but while the number of WiFi I have captured with better phones has risen, what I've been getting credited for has dropped substantially.

Tested this on a Samsung A12 (Android 11, unrooted), Moto G7 Play (Android 10, rooted), Moto G Stylus (Android 11, rooted), Cricket Dream (Android 11, rooted), and a Samsung Note 20 Ultra (Android 13, unrooted). Only the Note 20 has active service, though I have ran tests with the phones without service connected to my Note 20's hotspot.

I first noticed it around the time the OP posted the issue. Only difference is that I am not using ancient devices. Thought it might have been a version issue. My Dream was running whatever older version is currently on the Nethunter store, so I uninstalled it then reinstalled the current version from the Google Play store, but the problem persists.

I do not use any apps that spoof GPS. Pretty sure I don't even have any installed.

You can check my submissions on the back end: vsa77

bobzilladev commented 9 months ago

Is this related to why I have been getting credited for a fraction of the WiFi signals I have captured lately?

@vsa77 Shouldn't be related, this problem is really old devices sending the wrong timestamp, but as long as the records have a GPS location and are new to WiGLE they would be counted as new, except during a WWWD event which is time-boxed.