A new online attack can identify exactly where a web user is surfing the net from.
At the Black Hat conference, which took place in Las Vegas recently, hacker Samy Kamkar demonstrated the attack that uses a website with malicious Javscipt to fool a router attached to an internet connection into revealing its MAC address.
Normally, only computers are directly connected to the router can gain access to the MAC address. However, the hack makes it appear as if the request is coming from the PC connected toi the router and not the website.
The geo-location feature within Mozilla's Firefox web browser, which has access to the Google Location Services database that contains information gathered by Google Street View Cars, can then be used to link MAC addresses with GPS co-ordinates to identify the location of the router being used to access the web.
Web users whose MAC addresses has been logged by the cars and have not changed the default password for the router are at risk.
The information with the Google Location Services database isn't data that the search engine recently admitted was collected 'accidentially'.
"This is geo-location gone terrible," Kamkar said. "Privacy is dead, people. I'm sorry."
Kamkar was behind a worm released in 2005 that meant more than a million unsuspecting MySpace users became his friend on the social networking site.