Ok, I am not a pro with a computer, so humor me.

Recently a friend had a burglary that they caught on cameras in the home.  The shitbirds (3) all had cell phones, and 2 of them stopped to text at least twice while ransacking the home.

In this day & age, everybody has a mobile device, and is always looking for WiFi.  

So, is it possible to run an unsecured router not connected to my network to collect the data from any mobile device on my property?  How much identifying data does the average device send?  Enough to incriminate someone later?

In short, a "honey pot".


Edited to add - I know that stores are scanning phones within the store & sending targeted ads.  Perhaps a fake ad that stayed on the phone is possible.

My security is pretty tight.  But I still have a front yard.  About a year ago I got video of some clown checking out a friend's car parked in my driveway while we ate dinner in my home. No entry, but the greasy face prints on his windows tipped us off to check the camera logs.  Just some random shitbird on a skateboard.

The burglary footage my friend sent made me think of this again,

Huh . . . Interesting question.  I'm hardly an 802.11 expert but I THINK unless bad guys actually access your hotspot there would be no information to collect, in other words if wireless is turned on on the phones, they are just passively receiving the SSID.  

Your best bet to answer this questions is actually to read the RFC spec and figure out what information is provided by the phone if it connects to the hotspot.  I doubt that it is anything useful to personally identify the user - perhaps just user agent and model of the phone or something.  So . . useful as corroborating evidence but not something that by itself could be used to isolate a subject.    Now, there are probably tools or things one could use to get the connecting phone to do or send something that would be more useful, that's more than just leaving an open router.  

Now, if they access the router AND send something in PT as part of a text or something that is being logged, then yeah could be useful.  That's a bastard burglar by the way - robbing you AND stealing your WIFI to save a couple kB of data plan.   You're maybe better off putting the energy into better physical security.

Here's a good article from Lifehacker.  

So, reading between the lines your router would obtain the device's MAC address.  You'd still have a lot of work to do on the back end.  I didn't read the article in depth but I would imagine pushing ads to the phone would involve the retail chain associating your MAC address with a known email address.   Anyway you might find the article of use.

Outstanding. Thanks.  That link underscores my point. Businesses use every scrap of information they can glean with the latest technology to bombard us with constant, targeted advertising.  Has to be some of that we can use.

The MAC address appears to be an ESN of sorts.  Not something an shitbird will change at will.  

So if a router can capture & log the MAC - this is a start.  A digital fingerprint that puts someone at a location at a known time.

Hypothetically, let's say a burglar comes to your door 2 or 3 times in a week to check on occupancy.  Sure your camera system captures an image, but nothing ties that image to anything else.  So he comes back with his ski mask & gloves on, boots in your side door & grabs some shit while the alarm goes off.   If the same MAC was present at your house all 4 times, you have more info.  Let's say they catch mr dirtbag at the pawn shop with your serialized equipment - and a phone in his pocket.  

Wonder what software I would need to make an isolated MAC grabber.

Yup.  MAC identifies the device, devices are correlated to people.   On the underlined part, that's right.  It is possible to spoof your MAC address, it is sent in the transport layer I believe.   But Joe Shitbag is not going to do this to burglarize you.   In my opinion it could be worthwhile evidence in court.  Depending on your appetite and interest you might want to just Google tools to do this or maybe just download Wireshark and start looking at connections your phone makes to your router.

Apparently a raspi or router.

https://hackerfall.com/story/passive-wifi-tracking