Probing for Passwords -- Privacy Implications of SSIDs in Probe Requests

TL;DR

This paper investigates the privacy risks of Wi-Fi probe requests, revealing that they often contain sensitive user data like passwords and emails, and proposes privacy-preserving solutions to mitigate these risks.

Contribution

It uncovers the presence of sensitive information in probe requests and introduces a hash-based method and user controls to enhance privacy protection.

Findings

Probe requests often contain passwords, emails, and personal data.

Users inadvertently input sensitive information into SSID fields.

Proposed hash-based construction improves privacy in probe requests.

Abstract

Probe requests help mobile devices discover active Wi-Fi networks. They often contain a multitude of data that can be used to identify and track devices and thereby their users. The past years have been a cat-and-mouse game of improving fingerprinting and introducing countermeasures against fingerprinting. This paper analyses the content of probe requests sent by mobile devices and operating systems in a field experiment. In it, we discover that users (probably by accident) input a wealth of data into the SSID field and find passwords, e-mail addresses, names and holiday locations. With these findings we underline that probe requests should be considered sensitive data and be well protected. To preserve user privacy, we suggest and evaluate a privacy-friendly hash-based construction of probe requests and improved user controls.