How To Pull Location Data From Encrypted Google Maps Sessions

Trailrunner7 writes "In the last couple of years, Google and some other Web giants have moved to make many of their services accessible over SSL, and in many cases, made HTTPS connections the default. That's designed to make eavesdropping on those connections more difficult, but as researchers have shown, it certainly doesn't make traffic analysis of those connections impossible. Vincent Berg of IOActive has written a tool that can monitor SSL connections and make some highly educated guesses about the contents of the requests going to Google Maps, specifically looking at what size the PNG files returned by Google Maps are. The tool then attempts to group those images in a specific location, based on the grid and tile system that Google uses to construct its maps."

Re:Not a failing in SSL

[gnasher719]

It doesn't even have to be fixed size; if these maps were let's say between 1000 and 10,000 bytes, then round up to a multiple of 500 bytes, and only twenty different sizes get transmitted - very little information left.

Re:Not a failing in SSL

[bennomatic]

Even with only 20 different sizes, if there is enough variation between neighboring tiles, the groupings could still provide enough information to narrow things down significantly.

Re:Not a failing in SSL

[Hatta]

Why is it possible to determine the sizes of the images over HTTPS? Are they seriously opening a new connection for each and every image on the satellite map? What's wrong with opening one tunnel and shoveling everything through there?