On Fri, Oct 09, 2009 at 04:36:51PM +0100, Robin Wood wrote:
> Hi
> A friend has just demoed WiFiFoFum on his iPhone and we were trying to
> work out how the radar feature worked. An AP we were watching appeared
> to always stay in the correct position on the radar when we rotated
> the phone.
>
> Anyone know how this works?
With an omni? It doesn't.
It's making up a position and keeping it consistent. There is no way
to derive directionality from an omni, such as that in an iphone.
You can do some really ghetto range guessing from signal level, if you
ignore the fact that you have no clue what the tx antenna is, power is,
if you're near a crappy linksys, a 200mW attacker, or in between two
points of a directional PTP link.
The *ONLY* way I can think that this would give any sort of REAL
positional data is if it's also tying into Skyhook or one of the other
wifi positional services, and has a mechanism by which it can request
the location of a known BSSID. I don't know if any of the wifi
positional services offers this API.
The second option is it does what kismet does - tracks where it's seen a
network, and as you're walking around, figures out where the strongest
signal was and averages it out. I imagine you could jerry-rig this even
further and assume that no network is near you, and combine ghetto-range
detection from signal level with some sort of directionality derived
from user movement (signal was strongest in quadrant X, draw a line from
user to strongest point and extend N feet based on signal level), but
would require a) user movement and b) gps lock.
My money is on "magic BS" or skyhook-like remote calls.
> Hi
> A friend has just demoed WiFiFoFum on his iPhone and we were trying to
> work out how the radar feature worked. An AP we were watching appeared
> to always stay in the correct position on the radar when we rotated
> the phone.
>
> Anyone know how this works?
With an omni? It doesn't.
It's making up a position and keeping it consistent. There is no way
to derive directionality from an omni, such as that in an iphone.
You can do some really ghetto range guessing from signal level, if you
ignore the fact that you have no clue what the tx antenna is, power is,
if you're near a crappy linksys, a 200mW attacker, or in between two
points of a directional PTP link.
The *ONLY* way I can think that this would give any sort of REAL
positional data is if it's also tying into Skyhook or one of the other
wifi positional services, and has a mechanism by which it can request
the location of a known BSSID. I don't know if any of the wifi
positional services offers this API.
The second option is it does what kismet does - tracks where it's seen a
network, and as you're walking around, figures out where the strongest
signal was and averages it out. I imagine you could jerry-rig this even
further and assume that no network is near you, and combine ghetto-range
detection from signal level with some sort of directionality derived
from user movement (signal was strongest in quadrant X, draw a line from
user to strongest point and extend N feet based on signal level), but
would require a) user movement and b) gps lock.
My money is on "magic BS" or skyhook-like remote calls.
-m
--
Mike Kershaw/Dragorn <dragorn (at) kismetwireless (dot) net [email concealed]>
GPG Fingerprint: 3546 89DF 3C9D ED80 3381 A661 D7B2 8822 738B BDB1
Be different: conform.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.12 (GNU/Linux)
iEYEARECAAYFAkrPmQYACgkQ17KIInOLvbFS4QCgn+OQbyTVhKN8z724CkAh6lS7
SAQAoIZZmn4wgCj/zud6FGci1cZIcyJx
=DMBi
-----END PGP SIGNATURE-----
[ reply ]