Here’s how the attack works: It begins by the hacker contacting a target and persuading them to visit a specially-prepared website. He can then use Google’s location database to find the target’s whereabouts.
This is made possible because Google’s Street View cars create a database of wifi router locations as they travel around. This is meant to be a good thing as it means Google Maps and other legitimate apps can find out where you are by triangulating nearby wifi hotspots. However, Kamakar’s trick uses the data to locate you without your permission. He reportedly located one router to within nine meters of its actual position.
Kamakar described the tactic as “Geo-location gone terrible”. That said, targets would have to be using a recent, geolocation-enabled browser and have the feature enabled. They’d also need to have a stalker with hacking skills after them. While it’s frightening to think this might happen, chances are you can relax safe in the knowledge that nobody is likely to be that interested in tracking you down – and even if they are they probably don’t have access to this hack.