[Noisebridge-discuss] [dorkbotsf-blabber] google war driving

joel jaeggli joelja at bogus.com
Fri Apr 30 17:04:23 UTC 2010 

On 4/30/2010 2:10 AM, karen marcelo wrote:
> whats disconcerting is that a search engine/ad co. is logging this.
> the post mentions possible correlation of traffic with one's home
> address and ISP billing info in some future app is what's getting the
> germans all uptight about it.

It doesn't matter who creates the dataset (as I observed there are 
several), only who uses it  and for what. The fact that google created 
their own in no way increases it's value relative to another except on 
the basis of freshness and maybe cost)... it's simply going to be a list 
of mac addresses (ssids are pretty useless as indentifiers, you can 
stuff them in the dataset but using them a key is pretty useless unless 
you want to know how many people have the ssid "accesspoint" or 
"linksys") and lat longs... gsm cellid datasets are relatively similar 
except the number of BST owners is obviously much smaller (which will 
change as people deploy pico BSTs to get better coverage at home or work).

the query that your device makes against that data set, for example when 
you key up google maps on your ipod and have it show your current 
location (ipod has no gps or cellular radio so that location is purely 
wifi mac address derived) reveals far more information (where you the 
user of the ipod are right this second and every other time this app has 
run) then the the collection of the access point mac addresses does.

I can probably make some interesting inferences about your socio-econimc 
status or your personal mobility by the brand of accesspoint you have 
but if you're going to mine the dataset for anything useful you're going 
to need some other dataset with a location component (us census for 
example) google has plenty of those in any event, becuase mac address 
are simply a source of uniqueness.

> ppl made a big stink about cel phone location tracking and privacy
> years ago so only 911 can track your location and far as i know its
> still illegal for others to track it.

we voluntarily give out that social networking apps all the time. Then 
there's geoip location which is hella inaccurate but tracked by 
basically every commercial website you interact with.

I daresay voluntary exposure of data about your location is  diffent 
than involuntary, but the later is ubiquitous.

> i guess through time people
> arent caring as much about privacy and people will gladly relinquish
> the info for the right app.

It's not about giving up privacy, it's about you the installer of the 
access point in bss mode are regularly (like 50 times a second) 
beaconing your mac address to every device within range where range is 
defined by your output power, antenna gain, obstructions, noise floor, 
and the antenna gain and recive sensitivity of the reciever. your next 
door neighbor's macbook has a rather smaller database than google's but 
it still has your ap's mac address in it.

> if it was illegal for phones why not
> hubs too.  sounds like the germans are still/more skittish over
> things like this.  how many grandmothers with flashing 12:00s on
> their devices will know about encryption or randomizing MAC
> addresses

I'm going to take a somewhat libertarian slant here and suggest that if 
you pollute the commons that is the 2.4ghz or 5.8ghz ISM bands with your 
emissions you shouldn't be surprised if someone else monitors them, it 
is after a shared resource and the devices that use it have and need the 
monitoring mechanism in order to discover each other.


regarding the flashing 12:00

you can if you like configure an accesspoint not to respond to broadcast 
beacon requests. you'll find that makes it more secure, alibiet much 
harder to use, and has a quite negative impact on your battery life. 
this stuff is successful because it is cheap and simple and easy to use, 
people who can't program their vcr can in fact deploy a wireless rotuer 
most of the time.

> On Apr 30, 2010, at 1:26 AM, Joel Jaeggli wrote:
>
>> how do you think wifi based location databases are populated?
>>
>> they're not the only ones with a dataset like that, it's how you
>> ipod touch can localize itself to a few hundred meters.
>>
>> there's some entertainment value to be had in moving an
>> access-point several thousand miles and having your location be
>> off, but more to the point mac addresses can be changed, it would
>> be simple to randomize them if one was so inclined.
>>
>> see skyhook for example...
>>
>> http://en.wikipedia.org/wiki/Skyhook_Wireless
>>
>> for another of these.
>>
>> I a little perplexed about the notion that wireless spectrum
>> emissions that leave your premises might be a deep privacy
>> concern... as far as the content is concerned that's what
>> encryption is for, it's this sort of thing that results in silly
>> laws like it being unlawful to monitor the 850mhz band.
>>
>> On 04/29/2010 11:29 PM, karen marcelo wrote:
>>> thought i'd point this out to the troops:
>>>
>>> streetview google van logs MAC addresses.
>>>
>>> http://bit.ly/bqRIRs
>>>
>>> WTF right?  well at dorkbot thanks to trademark g and jonathan
>>> foote, we regularly exchange safeway cards to thwart such
>>> invasions of privacy. and @rubylabs mentioned he was setting up
>>> an exchange hubs event too
>>>
>>> so i think every meeting if so inclined, those who want to
>>> exchange hubs are encouraged to bring them in at the next meeting
>>> and exchange away :)
>>> _______________________________________________
>>> Noisebridge-discuss mailing list
>>> Noisebridge-discuss at lists.noisebridge.net
>>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>>
>> ........................................................................
>>
>>
.........dorkbot: people doing strange things with electricity..........
>> ..........................http://dorkbot.org............................
>>
>>
........................................................................
>>
>

More information about the Noisebridge-discuss mailing list