EDIT: Added "name" after "WiFi" to try and clarify they're not using your actual WiFi network/bandwidth, just its name to link it with its location for GPS-free location tracking.
Isn't the whole point of this comment to alert people who were concerned enough to check the other thread? Seems to defeat the point of it to move it to this thread, even if the comments are more on topic here.
It's still so incredible to me that someone thought "oh, yeah, let's make people change their SSID explicitly to opt-out of being used by our services, such that it forces them to re-add all of their Wi-Fi devices", and that passed any sort of muster at Google.
Presumably the only reason they picked this strategy is that they know it is such an absolutely ridiculous step that nobody does it.
It's perfectly in line with all of the other Google policies which are thinly disguised versions of "we want your data and if you don't give it to us, we'll punish you."
Simple example, at least in Google Maps on Android. They have some sort of activity tracking.
If you enable that, you can save locations, so that, for example, you can "favorite" your home and your office for easy access.
If you disable activity tracking, you can't save anything.
Those two are totally unrelated, and you're still using Google Maps through your Google account, so there are 0 technical reasons they couldn't just persist your saved locations in the Google Cloud.
They just don't do it to force you to let them track your location.
> They just don't do it to force you to let them track your location.
The final straw for me was when I disabled location services for Google Play Services[1] and the Gmail app, of all things, started nagging me about Google Play Services not having location data. Every time I opened it. Why the fuck does a mail client need location data so badly it has to nag you on every startup?
Oh wait, it doesn't. It's just their most popular app and so the premier spot for a nag screen.
My life's been de-Googled (apart from the odd video on YouTube) since the start of 2018 and my skin feels so much less crawly.
[1] You know, after they pushed all app developers to stop using the GPS APIs and instead get location through Google Play Services, so that you had to 'consent' to Google Play Services getting your location data if you wanted ANYTHING to be able to use location data?
Even opting out in Play Services would not be enough. Because Google tracks SSIDs, your smartphone location can get scooped up if you enable the hotspot feature. You'd have to rename your smartphone in order to opt out.
To me the most infuriating practice is that if you don't enable your location when you open google maps they will passive aggressively position your view at the most inconvenient place possibly, some times in the middle of the atlantic, as if they can't tell which city you are in.
Except for IP, which IME is usually ludicrously inaccurate for mobile networks (AT&T’s Sacramento network used to show up, IIRC, as being somewhere in the South Bay in IP-based lookups), doesn't disabling location services disable exactly the facilities they would use to determine what city you are in?
Personally I consider that an odd form of "politeness". It is 'creepy' when you buy a large ticket item and ad networks try to seranade you with a demand you already fuffilled. They can geolocate by IP but instead choose to "look away". I guess they do that because those who aren't familiar with it would be freaked out at how close it got. Geo-IP is mostly just hilarious to me from how they get it off like when loging in to gmail in Pennsylvania saying there was a login attempt from Washington DC.
It shows some respect that you don't want focus on your actual geography but I also do stuff like look at real life places to see how well it matched with my initial imagination.
Ah, yeah. My US ISP had apparently bought a block of IPv4s from a Canadian ISP. aI kept getting redirected to Canadian checkout paths, French language pages, etc, for quite some time.
The large Canadian Telcos (until maybe in the near future) are actually regulated quite heavily to provide sub-services at competitive rates to competitors along their vertical integration. So you can spin up an ISP in Canada, buy capacity off Telus, and provide a decently priced competing product assuming you can undercut their overhead & admin costs.
Are you saying that you can search for those and that was a typo ("can't" instead of "can")?
I just opened up Google Maps on my Android 10 device with activity tracking off. They've changed the UI, now it's sneakier. I can set them and there's a faint gray text underneath that says, and I quote:
"Personal places will be used across Google products, for personalized recommendations, and for more useful ads."
Dark Pattern to the ten thousandth power.
They're literally turning my input of my home and work address as an implicit consent to enable activity tracking (!!!)
Again, there are absolutely 0 technical reasons why the two have to be related. Software of all kinds from the beginning of time has had "saved"/"favorite"/"starred" functionality, without ad tracking related to it.
>Presumably the only reason they picked this strategy is that they know it is such an absolutely ridiculous step that nobody does it.
Oh absolutely.
But to play devil's advocate, your wifi device is basically an always broadcasting radio antenna that rarely moves or changes. And SSIDs are broadcast by design.
It's a digital landmark.
I bet there are a lot of other companies other than google using it too. And even if you used google's opt out, they're not going to care. So opting out is pretty pointless anyway. So while it feels invasive because we lack a sensory organ for radio, your router is constantly broadcasting (advertising?) itself as a part of normal operations. SSIDs aren't private information. It's more akin to an amateur radio callsign, except you can change it at will.
And since they're no consistent convention for naming your wifi there are probably 10,000 "FBI surveillance van"s. The only useful data to an outsider is location.
This was going to be utilized by someone, and probably already is by the NSA. So google doing it is no big surprise.
Again, devil's advocate here, but SSIDs are broadcast on purpose. Sacrificing security for convenience as always when people are involved.
Depends what you mean by 'surveiling' really. People seem generally comfortable with the tradeoff of streetview cars taking pictures of their house (the tradeoff being that we then get streetview in g maps).
Perhaps people are comfortable with google using their publically available SSIDs so their android phones get better location info?
Houses can indeed be landmarks. Why are you equating landmarks to surveillance. That makes zero sense. No one is surveilling you through your WiFi SSID.
You're right - knowing where something is, is more or less just creating a form of map. But knowing who is where on that map, and when, is surveillance - it's classic PI stuff.
The wiki definition seems to me to fit.
> Surveillance is the monitoring of behavior, activities, or information for the purpose of information gathering, influencing, managing or directing.
I'm trying to think of how one could do this in a way that wasn't even more intrusive? This way Google doesn't have to tie any identifying information about you to your SSID/AP, it can just silently discard the location data about those SSIDs.
Otherwise people could abusively de-register SSIDs by doing the same sort of scanning Google is doing to improve location services, or have to force a user to authenticate and "claim" an SSID, which is much more intrusive.
(disclosure: googler, but not in any way associated with any of this)
Instead of thinking "We can't think of a less intrusive way, so deal with it", how about "We can't think of a less intrusive way, so let's not do it until we do".
I frequently get something like "why would you want to do that" running my unconventional browser settings. It's like people can't even comprehend people don't want to get tracked by FAANG
This is probably related to them getting in trouble for scanning networks while mapping. If I remember correctly they were doing a bit of port scanning and looking for share drives in an attempt to id which SSID was attached to which address. This is probably part of the wrist slap they got from FCC. "Oh well you can totally opt out now so it's ok"
If I have a unique SSID (let's say, my social security number because why not at this point) and I move to a different apartment and keep the same SSID... then Google's effectively tracking a person. If you have basic address/name info you can even pinpoint who owns the SSID.
When you frame it like that it isn't, but that's because you're ignoring the second part of the equation which is "then Google can tell where an Android device is when it sees that BSSID even if its location services are turned off."
Turning WiFi SSIDs in to location data doesn't track people directly, but it does enable the mass surveillance of people's devices, and that's something that's quite reasonable to opt out of.
I do not have the source code for my phone and this switch is a SW switch. There is no guarantee that it does what it claims. It's like the mute label in conferencing SW: you cough and the SW tells you that "you are *sic" muted"
>I'm not sure how "associating a publicly broadcast BSSID with coordinates" is tracking a person.
But it's not just that is it? If you log in to a google site from that publicly broadcast BSSID, you will get tracked by association, even if you have your location tracking turned off.
No you won't. What BSSID you're connected to isn't sent by any browser. Browsers (as in all of them, including Firefox, see https://location.services.mozilla.com/ ) will use the visible BSSIDs if the website asks for your location & you approve it, but it's not just silently done automatically. It's part of all the existing location permission & request flows (indeed it's how those work on laptops at all in the first place).
Am I being tinfoil hat grade cynical if my first thought there was "Sure, browsers might not send BSSIDs, but who knows what Android is doing underneath?"
I wouldn't bet against Google being capable of exfiltrating BSSIDs via their broad swathe of 'Google Services' most Android devices are running (and probably most iOS devices too).
Like I said, I may be overly cynical, but I do have a particular reason to believe the largest surveillance capitalism and advertising company in the world might be ignoring my privacy preferences...
(And Apple might be too, but they've got different motivations and incentives around iOS user privacy that Google for Android users...)
Wifi SSID triangulation is incredibly common & is one of the primary ways phones are able to so reliably & quickly get a fine location, especially indoors.
Apple is also collecting & phoning home all SSIDs with a GPS location that they come across, for example. So is Mozilla for that matter, and Mozilla also uses the same _nomap suffix as Google does ( https://location.services.mozilla.com/optout ). It's how browsers on laptops are able to get a location, which is also true on again both Apple & Microsoft devices as well.
So no, Google can't just opt to not do this at all. Not if they want to be competitive. The entire ecosystem could collectively decide to not build an SSID location database at all, but since SSIDs are not identifying this is going to be a struggle to justify.
No one does triangulation. They do trilateration, which is the version of finding things that uses circles (signal strength is proportional to distance).
The guide says to open Google maps after making the change so that it can propagate. That makes me think it isn't that they ignore _nomaps, it's that they submit their locations to a database and clear the previous data for there. At that point it could just be a webpage that asks you for your location and SSID.
Actually, having read the opt-out method article and knowing the personal data protection law of my country due to professional needs, I can say that what Google is doing is illegal in certain cases here. If Google ends up personal data as defined by law here, which does include present location coupled with name, then that ends up being illegal without a detailed data protection declaration and withdrawable explicit consent granted before ANY data can be collected at all.
Intrusivity is not important, convenience must not be allowed to trump legality though.
If Google wants to use other people's stuff for their purposes, they should pay them. Not force them to jump through hoops to avoid Google abusing them.
How would that work? Keep in mind that we are talking about parts of the radio spectrum that were deliberately set aside for unlicensed use, without any sort of registration, centralized control, or reporting on the part of users. So how would Google or any other company know who to pay? Do you want to force users to register their APs, or to include some kind of payment information in wifi beacons? Or are you proposing that new restrictions be added to the ISM rules e.g. forbidding people from monitoring the band without first asking for permission from each station operator (note: this would completely break wifi)?
I think a user registration system would make sense: People who wanted to register their APs are probably using Google Location Services, and the incentive is hence, self-serving. Businesses may want to register their APs to help customers' devices locate themselves at their buildings.
And yes, Google could incentivize people to register in some way. One thing you'll notice is that the most valuable companies in the world seem incredibly reliant on free labor: They take for free what other companies used to pay for or pay staff to create or gather themselves.
I think you misunderstood what "registration" meant in this context. Right now consumer wifi operates in the unlicensed ISM bands, which are parts of the radio spectrum that are set aside for use by the general public without requiring any coordination -- stations can freely interfere with each other's operation as long as they transmit below the legal power limit (which is antenna-dependent). In other words, you are allowed to buy a wifi router, plug it in, set up whatever SSID you want (or no SSID at all for a BSSID-only network) and use it with as many client devices as you want, without having to ask anyone's permission or register your new AP with anyone.
For comparison, take a look at 802.11y, which operates in the 3.6Ghz band, a "lightly" licensed part of the radio spectrum. Before you can set up 802.11y stations you must first register with the FCC (or whatever the equivalent in your country is called) and receive a license, and all your stations must be identifiable (you are not free to choose your SSID). That is already far too much for consumer devices (802.11y is meant for WISPs; it has better propagation characteristics than the unlicensed bands and you are allowed to transmit at higher power), and that is a "lightly" regulated radio band. Typical regulations e.g. the bands used by cell phones require far more coordination with governments -- more paperwork, more money, and many more rules about permissible operations.
Finally, for what it's worth, nobody has ever had to pay anyone for ISM band operations, including just recording transmissions on the band. In fact, if you are using wifi, you have been monitoring and analyzing nearby wifi transmissions this whole time without ever paying anyone -- that is part of the wifi standard. Just connecting to a wifi network means your device is monitoring transmissions from other people. So here is a final bit of snark for you: HOW DARE YOU USE WIFI WITHOUT PAYING YOUR NEIGHBORS?!?!?!?!?!
1. I clearly said I was being snarky and there was a lot more in what I wrote than a single snarky sentence.
2. I have APs that do collect and store data about nearby wifi stations and transmission patterns as part of a system that improved wireless throughput.
3. What difference does it make if it is being stored?
> 2. I have APs that do collect and store data about nearby wifi stations and transmission patterns as part of a system that improved wireless throughput.
If it's just nearby ones then that's much less of a problem.
> 3. What difference does it make if it is being stored?
Imagine saying that about someone else's telephone call...
Listening out for interference is not at all the same as siphoning up information.
Speaking of strawmen..."siphoning up?" We are talking about a database of wifi beacons (SSID/BSSID) and GPS coordinates for where the beacons were received. It is no different from a database of street addresses and corresponding GPS coordinates. There is no reasonable expectation of privacy for SSIDs or wifi beacons -- everyone knows they can see their neighbor's SSIDs.
You seem to be saying that if an AP stores information about other "nearby" APs there is no problem. What if I am operating thousands of APs across a broad geographic region using a centrally managed AP controller? That is a common practice for large organizations and that is exactly the setting where you see APs collecting and storing information about other wifi stations. Is that not a large enough scale to be a concern? I have to wonder at what point you are drawing the line here. What is an unacceptable scale?
"Street address" refers to the address of an individual home or building here in the US. How is being a matter of public record relevant here? Are you suggesting that there is nothing wrong with a company that queries public records across thousands of municipalities to build a unified database? In any case, that something is a matter of public record is irrelevant because there is no reasonable expectation of privacy to begin with. Even if there were no public records to query, anyone could go out and start creating a map of any town, recording specific details of the locations of any structures they believe to be relevant to their map. It is relatively common to do so because of the inaccuracies and missing information in most public records (e.g. people often make unauthorized modifications to properties, fail to file the proper paperwork after otherwise legal work is completed, report incorrect information, etc.) and it is done at national or even global scale.
I do not see how SSIDs are in different in any meaningful way. We are literally talking about building a map -- a map that includes the locations of SSIDs, to be used as a kind of landmark, no different from a map that includes other landmarks (e.g. "the house with the red siding") that could conceivably be used to help a person identify their position on the map. There is zero expectation of privacy for SSIDs, just like there is zero expectation of privacy for the exterior of your home.
Is there any specific objection beyond, "This is happening at a large scale?"
Those FCC registration records would then be public information.
Would you feel comfortable with your name, address and MAC + SSID of your wireless AP(s) being registered in a public database and the onus on you to keep that registration information up to date every time you changed the SSID or swapped in something with a different MAC address?
I'm not sure I would be.
The ethics around Google's behavior aside - this is a tricky problem to solve.
Edit: Why the downvotes? I'd really like for people that disagree to engage and tell me where I am either wrong or not arguing in good faith. If you believe this is a Google specific problem or somehow an easy problem to solve under the current FCC regulatory regime I'd be happy to hear about it.
I just don't see either approach (opt-in vs opt-out) being workable in practice though.
Taking it to a bit of a silly extreme - what happens when 100 different companies want to use public SSID data? 100 different opt-in codes? 1 code for all? What if I want to allow 5 companies out of that 100 to use that data and exclude the other 95?
Free stuff, like a free web browser? Or a free smartphone OS?
If you don't want to be tracked by Google, don't use their software.
Now, if you're having a hard time avoiding their software because it's become a de-facto standard that's a separate problem. The bottom line is that we shouldn't be in a position where we don't have a choice not to use software from Google (or Apple, or Microsoft, etc). As long as these companies are in a position to offer software that can't reasonably be avoided, you should expect them to optimize these offerings at the expense of their users.
I don't have to use their free browser, their free smartphone OS or even their search engine, but they will still freeload on my Wi-Fi for location tracking and will record my router location without consent, and the only way to opt-out is appending a stupid _nomap to the end of my ID.
That is kind of like saying, "How dare you listen to me when I am shouting my name in public?!" You are broadcasting your SSID on an unlicensed band, all wifi stations in your area have been listening to and analyzing those transmissions, and your wifi stations (APs and client devices) have done the same with all your neighbors' wifi networks. In fact the wifi standard requires more than just monitoring nearby beacons -- wifi stations monitor all wifi frames being transmitted from nearby stations, even those connected to a different AP, to avoid interference.
You don't want anyone to monitor your wifi network? Either don't use wifi, or switch to a band that will not propagate beyond your home (60 ghz).
How dare you write down my name, which I was shouting in public, in your diary?! How dare you write down where I was standing when I was shouting my name?! Respect my privacy!
No, it’s more like “how dare you go around and record the license plate of every vehicle observable on the street and put it in a location/time database”.
You’re right that it’s technically public, just like the license plate on a vehicle. However, there is still a privacy expectation that all of that localized data won’t be pulled into a massive database for correlation.
It’s beyond the SSID, using your logic, it would also be fine if Google observed all of the client frames to track the locations of users that don’t use Google services. Randomized MACs aren’t usually used for home WiFi so this is completely feasible and well within your “privacy” framework.
It's also not a fair comparison to equate a database containing the whole world's SSIDs and location data with a personal diary...
Repeating what I said in other comment: What Google is doing is a cool hack and might be fully legit, but it's foolish to claim there's no potential privacy issues in it.
I do not see how there are any privacy concerns here. We are talking about radio broadcasts in a band set aside to be a free-for-all (no licensing, no permissions, no coordination required -- the only limit is on transmitter power). Moreover, people have many options available to them; among other things, you can not use an SSID (BSSID-only wifi networks are common), you can reduce your transmission power and use directional antennas to prevent the signal from propagating beyond your home, you can use the 60Ghz band which will not propagate through walls, and if all else fails, you can just use wired connections. People who want privacy can have it without having to do anything extraordinary.
Wifi is convenient because it is unlicensed and loosely regulated. The price of that convenience is that you have no particular claim to privacy with your wifi transmissions, and everyone knows it -- that is why we encrypt the contents of those transmissions. Building a database of AP locations is not a privacy issue at all -- it is no different from building a database of landmarks (or publishing a travel guide with a list of landmarks in various towns), or for that matter, creating a map by gathering information about roads/buildings/etc.
If there weren't privacy concerns, then the SSID API wouldn't be behind a Location permission toggle for iOS and Android.
It's not just Google doing it - see https://wigle.net/ with over 10B observations. So your privacy would be at risk even if Google didn't collect SSID/location information.
Fundamentally, asking people not to do something has never been a security measure that's worked. You need to implement some tangible, real protections. We already have those in the case of SSIDs, namely, the SSID and AP information aren't accessible to an app without location permissions in modern operating systems.
You are talking about the privacy of a device user, who may want to prevent apps from learning the location of their own device (and that is the point of the location permission). The claimed privacy issue I was responding to has to do with the privacy of the owner of an AP whose SSID is included in the database.
I don’t use their software yet my ssid was tracked and associated with me and others.
This argument “don’t use google” or “don’t use Facebook” is very frustrating because others make this decision for me. If only it was possible to not use these services.
If you run OpenWRT you might have hope for this (assuming the firmware supports it). This would not land in your average consumer router for a few years, if at all.
I mean, if Google was as zealous about standardizing privacy as they are about standardizing ways to track people, Google could get that configuration option introduced to the firmware of most common consumer routers.
SSIDs aren't private information, but it does seem like the natural privacy of scale should apply. I'm ok with people who are nearby being aware of my SSID... does that mean it should be ok for Google to collect millions of SSIDs to use in a profit-generating positioning database?
It seems like it should fall under a regulation similar to photographs. You can take photos of me in a public place and do whatever you want with them until you're using my likeness in a commercial capacity... then you need to ask me first. Opt-out isn't enough, it needs to be opt-in. If that doesn't work for your business then too bad.
Your "SSID privacy" is at risk regardless of whether Google collects information or not: https://wigle.net/
In the end, asking people to please not snoop on you never has and never will be a security measure that works. You need something tangible to protect your privacy, so as to make it virtually impossible.
We already have this. Every modern mobile OS gates the SSID API behind location permissions.
Given such protections, practically speaking, there isn't any problem with SSID being bound to location information.
I'm not asking people to stop snooping. I'm asking for corporations to be barred from profiting off of publicly accessible information that can personally identify me without asking for permission first.
Education, journalism, research and the like fall into a different category... this also applies in the "photographs of people in public spaces" example. WiGLE would still exist in that niche.
Its one of those cases where data becomes dangerous when there's enough of it.
Google knows practically every SSID location in the developed world. Now your Android phone browsing and mapping every SSID it sees as you move about is a reliable "Location mapping" of the user even though they may have no GPS or have it disabled.
You can map a person's movement through cities/towns just based on the SSIDs their device(s) saw as they moved about.
You say that like it’s always a bad thing, but sometimes we actually do want to use our phones to find out our location, and GPS is often slow or doesn’t always work.
The issue here is having control over when your phone looks up your location, not the existence of a database that makes it work.
The existence of that database under the control of a surveillance company is the problem. If Google published the dataset so that many others could use it freely, then they would have an argument that they're just promulgating public data. However, by keeping it to themselves and forcing queries to go through Google (with a bunch of fine print attached), they're agglomerating personal data for their own private purpose.
Isn't that just what companies are all about? Anyone can do it if they want, (it's not like Google has a State defined monopoly), it's just that it isn't worth it to others.
If you want everyone to have that data publicly then have your government do it...
The point is to weigh whether the mass collection of personal data is justified. The reason why it is being done matters - if the data is easy to collect and is merely being format shifted by a curious person, then there clearly isn't much of a barrier to anyone doing the same. Meanwhile a company investing a significant amount to create a proprietary database for their own purposes has much different incentives - cf Google's sorry excuse for an opt out. Furthermore, a published dataset is transparent in that it allows individuals to see exactly what data has been collected about them, act to remove themselves, complain politically, etc, whereas most people will never become aware of the proprietary database.
But in this case (wifi based positioning) it is not at all about tying the SSID to an individual. It's the equivalence of some of us walking around noting SSIDs, and their locations, and some of us saying "can you tell me where I am? I'm currently seeing wifi1, wifi3 and wifi11". Basically mapping part of the global frequency spectrum.
It really isn't a privacy risk when the SSID isn't accessible to apps and services without a location permission. (Unless you are putting PII in your SSID itself, of course, in which case, yeah, no one can help.)
SSID are PII, for sure. Its easy to geolocate the AP to a few meters. The fact the information is publicly available (when within physical vicinity) does not make it less so.
Well Judging by the blog a person working in ads recently published it's perfectly fine to throw up these dark patterns and misleading terms in the name of "free internet". And to top it off half of their half million salary is donated so any residing moral debt is taken care off like so.
> To help apps like Google Maps work better, you can let Google's Location services use your Wi-Fi access point.
Wow, that's pretty nasty. That sentence sure makes it sound like you're opting in, but in fact you have to rename the SSID with a "_nomap" suffix to opt out.
Your neighbors are currently monitoring your wifi network. That is how wifi works -- we all monitor each other's transmissions to avoid interfering with each other's networks. Most wifi APs will also monitor the ISM bands to find the least-congested channel to use, and will typically do so continuously and change to a different channel as needed. You may also have noticed that when you connect to a new network you start with a list of nearby SSIDs that you can choose from -- do you think looking at that list is a violation of privacy?
Moreover, there are companies that operate large numbers of APs across a broad geographic region, and they may have a centralized system for managing those APs -- which means that they are collecting information about all nearby wifi stations (including client devices) across a broad region in a single place. Do you have a problem with that practice or view that as a violation of privacy?
Radio is not private (except, possibly, cellular services, which may be treated as phone services with legal restrictions on wiretapping), especially when you are talking about unlicensed operation.
Monitoring something in good faith to avoid interfering with it is completely different from performing a mass-gathering of potentially personal identifiable information in the form of MAC, SSID and geographical position and putting it in a database for making money.
What Google is doing is a cool hack and might be fully legit, but it's foolish to claim there's no potential privacy issues in it.
Would you make the same argument about a WISP that monitors wifi beacons across a large geographic region to coordinate its frequency selection for some proprietary wireless protocol used in its backhaul links (which it then makes money on by selling ISP services)?
Broadcasting your SSID from a fixed station means forfeiting privacy rights over the SSID. You have plenty of alternatives to the 2.4Ghz and 5Ghz bands if you are concerned -- 60Ghz equipment is easy to buy and has many advantages, and wired connections are another option. I have zero sympathy for people who are worried about the privacy of their radio transmissions, especially transmissions on the unlicensed bands. Radio by its nature is not private.
As for the monetization issue, is that really the argument here? You have no problem with open-source location databases like OpenWLANMap, which is literally the same thing as Google's database but without any profit motive? That seems pretty weak. Heaven forbid someone should make money doing something that is otherwise unobjectionable...
Its fine, except for the opt-out. I avoid google services in every way possible and as mentioned in another's posters comments, if I am using a google service it is due to the choice of some other service I use. What is ridiculous is the opt out strategy because if n number of companies start doing something like this and I have to keep appending stuff to my ssid name and reconnecting my devices, it now creates an unnecessary burden.
If people want to partake, fine. But don't make it a burden for me to opt out. AND MORE IMPORTANTLY, most people are not tech people and will not even know of this and many are not technically savvy to know how to change their SSID if they even know where to find out how to opt out. Many WAPs around me still have their default ssid from the box from their ISP provided device and probably only WAP because thats that the cable guy had them do when he plugged the box in.
Honestly, this is the equivalent of Google's web crawler. You may not have signed up to have your website indexed by Google's search engine, but it would be impractical and completely unreasonable for Google to have an opt-in web index. Any reasonable person understands that wifi network names are publicly viewable, because it is extremely common to view a list of nearby SSIDs; one need not be a technical expert of any kind to understand that. If you are concerned about the privacy of your wifi beacons you have many options to avoid others receiving the beacons, the most obvious being to not use wifi.
Google should be given credit for offerring an opt-out -- they had zero obligation to do so and there is zero expectation of privacy in this case (it is no different from collecting a database of street addresses -- anyone can drive down a street and write down all the house addresses, and nobody has a right to object to that).
If they limited themselves to their own vehicles you might have a point, but that’s not what their doing.
People should have a reasonable expectation of privacy when their SSID isn’t deductible past their private land. It’s spying cellphones not street vehicles that’s collecting most of this data. And for what benefit?
If you don't want them to have data for something which is only detectible on your own land, just turn off Google's location services. Of course, the odds are very high that it's not only detectible on your own land.
Turn off location services isn’t enough. You would also need to never invite anyone over or call a freaking plumber etc.
That’s the problem it isn’t something most people are aware of let alone have much of a choice about. This is Google deciding it’s probably not illegal to spy on people in their own homes.
Sure, their probably not actually listening to conversation, but consider if they where would you consider they where spying if this was the level of consent given?
There is no spying involved. There is no expectation of privacy in data that you broadcast publicly, using public airwaves, which are mandated as public by the laws of literally whatever country you live in.
All Apple devices do this by default as well, and they don't seem to publish an opt-out for it. Possibly they also follow the _nomap suffix as a few others do, but seems more likely they just don't let you opt-out at all.
> If Location Services is on, your iPhone will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers (where supported by a device) in an anonymous and encrypted form to Apple, to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations.
Mozilla will also respect the Google opt-out suffix for their own WiFi data collection; Apple collects this data too but offers no published way to opt out.
When a user's phone attempts to get a location fix, it will use the beacons which are publicly transmitted by Wifi networks around it (I assume it's the BSSID/MAC address, specifically) to reference against (or update) a Google database mapping those BSSID's to coordinates.
Yes. That is precisely what you're being told. The Google evidence is linked upthread. Although, I've just done a search and it looks like the Microsoft feature that required the "_optout" substring was removed at some point. I'm going to leave it in my SSID for posterity.
opting out by adding random strings to your ssid is pretty shady. that's why my wifi scanning startup will require explicit opt-in by adding either "_optout" or "_nomap" to your SSID
Sheesh. SSIDs can only be 32 characters total. This new 19 character limit after reserving 13 of them doesn't leave a lot of room to play with for the rest of the name. Someone should start looking for an "_internationalization" flag now.
I'm not sure this one matters to me much. It's something you spew into the public space, and they're just recording the name and where it is. To me it seems no different than your address, or if your door is a certain color, or the color of your house. Zillow likely has a picture of the front of your house if you're in one, and a bunch of other info about it as well.
Changing the SSID to prevent them collecting the info is sort of like hanging a big sign that says "no pictures" to prevent services from taking pictures of your house. It's a little ridiculous to have to do that, but it's also a little ridiculous to expect that people are going to ignore what is publicly visible. Honestly, I'm a little impressed that Google lets you opt out (and Microsoft apparently as someone noted, although with a different suffix).
So I have to change my custom Wi-Fi SSD (something that I like) and add a brain-dead suffix called "_nomap" to prevent Google from tracking me? Who the hell greenlights such changes?
Your router is publicly broadcasting its SSID ("Pretty fly for a WiFi" or whatever). Google Street View cars, Android devices, etc. have noticed the SSID in their vicinity and submitted the SSID with an approximate location to database. Now, when another device using Google's location service is trying determine it's location, it can submit the list of SSIDs (including yours) it can detect to get back a fairly accurate location. If you add "_nomap" to your SSID, Google won't use it; it's crude because broadcasting metadata along with SSIDs isn't a part of the WiFi specs.
I don't see how using public router SSIDs as a landmark is "tracking you." If you use Google location services to determine your location based on your SSID or others, particularly while logged in to a Google account, then in some sense they're tracking you.
I always ask why it would not be okay if someone followed you around all day writing down everything you do (like a PI or stalker) but it is okay if some dude named Mark does it to a billion people.
Just like how you're allowed to use peoples images in public but if you only photograph one person and follow them around that's considered stalking and/or harassment.
It's weird to me that with tech we always bring up "well it is public" as if it is the same as our public laws but they aren't. Not only is the degree to which information can be gained substantially higher on the internet, but we have laws that would prevent similar actions in public and it generally considered creepy but the public. The only difference I see is that in public you have a better chance of seeing the person following you than you do online. I'm sure there's some psychology to this: people acting different when being watched through cameras vs in person.
I expect that if an SSID is not associated with a stable location, it's not even stored in the db because it doesn't serve the purpose of being a landmark (or stores it but with "hotspot," based on some heuristic, and therefore unreliable for location mapping).
Doesn't really matter what you expect, they're collecting the data and there's no evidence that they aren't using it to track... so we have to assume they do. Remember they were going as far as collecting data from people's networks using their Google Maps wifi-sniffing vehicles before they were caught.
First link[1] I found says otherwise, unless you consider having a plan to collect and analyze email, phone numbers and other information from the payload data and having internal reviews of the code intended to do just that to be a "configuration error"? People really should stop trusting everything known habitual liars / big corporations say.
Thanks, I hadn't seen (or don't recall) those details.
Even that story portrays the payload collection as basically one "rogue" engineer's intention, not a part of a business or project plan. While other engineers accessed the collected payload data later, they may have reasonably assumed that if they had it, someone had ok'd it.
So rather than a coding error, it was an organizational failure to oversee the engineers' work, the FCC's report says as much.
The problem is that they followed the classic of denying everything they could until evidence against it turned up:
1. we didn't do it
2. we did it by accident in small cases
3. we did it by accident in worse cases
4. we did it intentionally but one guy was responsible
5. we did it but it was just one rouge dev. team
Add to that the unredacted report noting that Google kept delaying and hindering the investigation and it is rather clear that "6. we did it and management was neck deep into it" is more likely than not.
Seems like basic data security to me. If my credit card number (valuable data) is posted to the dark web I have to assume someone will use it and it's insecure. Google has the data, so they can now use it whenever they decide it's valuable. Until I have evidence that it can't be used, I have to assume it's insecure.
Good point. It could be a short-term cache only only adds networks to longer-term storage if their relative location doesn't change over a period. Or, what I already wrote, they store it but with "hotspot," based on some heuristic, and therefore unreliable for location mapping.
It's kind of an interesting problem because Google drives cars around and reads the all the networks and saves the location for use later. Even if you don't use Android, just like they took a picture of your front door with their car, they wrote down the name of publicly broadcast networks as they drove by.
Should there be a way to tell the Google cameras to turn off when they drive by, and similarly, to tell the Google wifi setups to ignore our publicly broadcast network?
I imagine they have the right to take pictures from the street and record publicly broadcast names.
It seems like the entire specification of wifi should evolve to natively build these flags into how we manage our wifi, but even then, could we ever prevent a car driving by from reading the name of our SSID and logging the location and name for their personal use?
Perhaps the solution is that we should not publicly broadcast our SSID at all. Like bluetooth, we should "pair" and then stop the broadcast.
A Google engineer went a step further, however, the F.C.C. report said, and included code to collect unencrypted data sent from homes by computers — e-mails and Internet searches — as specially equipped cars drove by. That data collection occurred from 2007 to 2010.
Google long maintained that the engineer was solely responsible for this aspect of the project, which resulted in official investigations, some still unresolved, in more than a dozen countries. But a complete version of the F.C.C.’s report, released by Google on Saturday, has cast doubt on that explanation, saying that the engineer informed at least one superior and that seven engineers who worked on the code were all in a position to know what was going on.
WiFi beacons are extremely important for good geolocation in buildings and in cities. Are you saying we should get rid of this functionality just to ensure nobody has a database of the physical location of hardware addresses?
Phones already have random hardware addresses, so it's not like your movements are being tracked because of your mobile hotspot.
I didn't make any comment for nor against, I simply stated a fact.
As for my opinion, I have no issue with the collection of the physical location of access points, I take issue with making me litter my chosen SSID with garbage so that I can opt out.
Regarding hotspot, I'm not sure what you mean, none of this discussion is about mobile hotspot.
I wasn't responding to you, but what other way would you choose to opt out? SSID is one of the few things you can adjust on almost any access point.
Hotspots are relevant because they are often personal and they follow you around, so if they didn't randomize their hardware address, then anyone could track your movements.
This is Google's problem to figure out (how we should opt-out, or if it should be a opt-in service), the fact that you are putting the responsibility on the user is crazy in itself. We are talking of a billion dollar company tracking the location of your own router against your will and without permission.
Well, my laptop is currently monitoring the wifi frames my neighbors' devices are transmitting, and I never asked their permission. Their devices are doing the same to mine and they never asked my permission. Your phone is monitoring all wifi frames being transmitted around you, regardless of what network those other wifi stations are connected to. That is part of the wifi standard -- stations try to avoid interfering with each other, and necessissarily monitor each other's transmission without anyone asking for any permission.
Do you want to live in a world where wifi requires permission? Trying tracking down all the people in your area who are using wifi -- I have literally hundreds of wifi stations around me, operated by dozens of different people, and I have no idea who they are or how to contact them. The next time you turn on your laptop, before connecting to a wifi network (by which point you have already recorded transmissions from other wifi networks in the area), try making sure you have everyone's permission -- after all, you would not want to benefit (by being able to use wifi and not having to carry an ethernet cable around) from your device monitoring another person's network if they did not say it was OK!
Most wifi is operated in the unlicensed band, which is meant to be permissionless. That makes it convenient and suitable for consumer applications, and it also means that you have NO right to complain that Google and Microsoft dared to record your wifi beacons without asking your permission.
Why are you singling out Google, though? Mozilla uses the same opt out mechanism, as do the various open databases such as OpenWLANMap.
If you are worried about this, do you realize Google Photos also stores the location of photos of objects, and owners of those objects cannot opt out of this "tracking"?
What pisses me is that a company keeps a list of where OUR beacons are, and uses that for their own products, while not giving back anything in return.
If Google wants to build a database of access points that we all pay for (both the device and its energy consumption), I, at a minimum, want access to a copy of such a database so I can use it too.
> Are you saying we should get rid of this functionality just to ensure nobody has a database of the physical location of hardware addresses?
"Privacy" advocates constantly demand that all of us bear the costs of worse technology just so they can have a little fake relief from their imaginary harms. We're long past the point of diminishing returns in preserving real privacy: now privacy advocacy is all about holiness spiraling.
That said, I don't blame Amazon here: why wouldn't they take advantage of an opportunity to hurt a competitor at no cost to themselves?
Is this any kind of standard? Like if Microsoft comes along and says you need to change your SSID to end in "_noloc" rather than "_nomap" what are you supposed to do?
Mozilla Location Services (and Combain which I think they collaborate with), WiGLE and others use "_nomap", though, so MS seems to walk their own path on this one.
To be fair, they aren't using your WiFi. The SSID is like your house number. Claiming Google using your Wifi when it reads your SSID is like claiming someone is using your toilet because they read your house number off the front of your house.
It's far more unique than your house number. Nobody expects that I can show up directly at their house, if they just say their SSID or simply send me a screenshot of their Android home screen. Just search your SSID [0] and see for yourself.
> Nobody expects that I can show up directly at their house, if they just say their SSID or simply send me a screenshot of their Android home screen.
(It's not relevant to the discussion but Android home screens show the name of the connected WiFi network?)
Where can someone look up a lat,lng by entering an SSID? It sure doesn't work on the site you cited. It looks like the information that is there was explicitly shared by the router operator.
SSIDs only need to differ from neighbors' SSIDs for convenience, to help tell them apart. If you already have neighbors using a default, like "xfinity", you might not want to choose that to avoid extra hassle when setting up new devices. But if you're concerned about someone learning your SSID and finding a database to map it to a location, can pick a generic manufacturer's SSID of which there will be thousands, if not millions, of devices using the same SSID.
> (It's not relevant to the discussion but Android home screens show the name of the connected WiFi network?)
Yes, nearly always in the top drawer [0], but I've also seen widgets on the home screen or in the status bar.
> Where can someone look up a lat,lng by entering an SSID?
Others already linked it, but https://wigle.net/ allows you to - sorry for linking the wrong map!
> . But if you're concerned about someone learning your SSID and finding a database to map it to a location, can pick a generic manufacturer's SSID of which there will be thousands, if not millions, of devices using the same SSID.
I don't know about the US, but in Germany most manufacturers have an unique appendage to the name, i.e. "Vodafone HomeBox DEHGTN". And the name doesn't have to be totally unique; if you can narrow the location down to a country or even a city (which is usually not that hard if you read someones post history or talk with them) it should suffice.
Also, it's not big when someone is aware of this tracking possibility. The real problem is that most people aren't.
EDIT: Just to prove my point, it took me 2 minutes to find out you're in Massachusetts [1]. If you're SSID is a bit unique, this is probably already sufficient.
I'm not making any judgement on the practice itself, however, for the purposes of tracking, I suspect they use the BSSID
The SSID is just the mutable part so you can opt-out, the actual identifier used is much more likely to be the BSSID which should be universally unique, and is (generally, or at least practically) immutable for any one piece of hardware.
Right, BSSID (i.e. the MAC address of the router's WiFi interface) of an access point, unlike a client, needs to be remain consistent. But that's irrelevant to the threat model I was replying to.
Now that one more or less works (not really in the map view but I assume there's an API or some other way to use the raw data). If you're trying to maintain your online anonymity, best to not be casual about revealing your SSID. Or don't choose a super-unique one. "Pretty fly for a WiFi" far from generic but there are still hundreds with that name in a single greater metropolitan area.
They're relying on me to keep my wifi up in order to provide their service.
They're relying on EVERYONE to keep them up in order to provide their service.
Essentially, people for a router and to keep it up and running, but it's google that can sell its service, but won't share the database of routers with the people maintaining them.
Can one make a GPS spoofer with software-defined radio such that Google/Microsoft/Mozilla store the wrong GPS location for your SSID, while not being powerful enough to influence GPS users outside your premises?
Probably, but it would still be illegal (sidenote: IANAL) and they usually don't enter your premise to find your WiFi. So the "easy" no-jail way to do this would be to reduce your transmit power.
Is there a link somewhere that says how they collect that information? If they're geolocating through chrome and building a database out of that I'd consider it a ubusive but if they're just driving around reading brooadcasted wifi ssids and correlating with the vehicles how position I'm not sure that's any worse than using any other landmark.
It's collected by every Android device on the planet which has background scanning enabled. Have neighbours? Have WiFi? Neighbour has GPS on? They can GPS pinpoint your WiFi by signal strength between the devices that "see" it, then correlate that with the GPS from the devices that are allowing it.
I moved home a few years ago, just 200M away, my location in GMaps, when on WiFi remained at my old address 200M away for a good year (I moved my AP with me and kept the SSID).
Any device that has GPS and wifi can contribute data positioning that wifi BSSID. Google has Android which will do that for any device that has opted in (presumably, anyone using the feature for better positioning will participate in the collection). Others use other sources.
Google's (and others) stance is likely that cellular and wifi information is publicly broadcast.
I agree that wifi beacons are publicly broadcast. The issue is no way to use google services that require location without contributing to that data and not being up front about its use.
But all the big companies are abusive in terms of privacy so it seems like it’s par for the course.
I know its not technically a product but it always feels like these sorts of schemes should be illegal tying. Can’t make an iOS app without supporting safari? Should be illegal tying. Can’t use google maps without feeding google information about the wifi networks around you? Should be illegal tying.
I'm not sure that's the case, though? The way I have understood it is that if you opt in to Google's enhanced location (utilizing wifi and cellular APs), you also opt in to the collection of the same.
Personally, I just decline that option and stay with regular GPS. I remember a time before GPS (or Glonass, or Galileo, etc) and I have to say, I think it's just amazing. (I also remember a time with "selected availability", and while I appreciate that that particular veil has been lifted, I am a little bit concerned with the amount of power this gives to the US military. While I am sure Google would be basically an organ of the US military during war, it still feels better that alternatives outside of military power exist).
It’s not clear to me what settings change this, or where I’ve agreed to them. I’ll investigate.
edit: on my pixel this setting for 'google location' was hidden beneath a 'more settings' dropdown in the location setting page. I had no idea it was there. Definitely dark patterns of hiding settings they don't want you to know about. Thanks.
Why would it be illegal to listen to or record broadcasts in the unlicensed ISM band? In fact monitoring the band is part of the wifi standard itself, as wifi devices are supposed to avoid interfering with each other even if they are not associated to the same AP. Most devices monitor the entire 2.4ghz and 5ghz bands for beacons from APs to give the user a listen of available networks and to support roaming.
The Computer Misuse Act [0] makes it an offence to commit "unauthorised access to computer material". Obviously Google thinks they can get away with it, but it's an entirely reasonable question. I'm not saying what they are doing is illegal, but their approach to tax hardly demonstrates good-faith approach to the law.
IANAL but the fact that you are using wifi means that you are authorizing others to monitor everything you transmit -- that is literally in the wifi standard. It is also worth pointing out that no computers are being "accessed" here, we are talking about recording the wifi beacons that APs broadcast (also part of the standard), so the only relevant laws should be those governing radio equipment. Even if we wanted a world of tightly controlled access to radio receivers (again, we are talking about recording and not about transmitting), the ISM bands that wifi uses were specifically set aside for unlicensed use by the general public.
The fact is that your ability to simply plug in a wifi router and use it with any devices you want, without having to coordinate with anyone or buy a SIM card or whatever else, comes with the understanding that anyone else can monitor your wifi network for any purpose (and in fact this is a requirement of the wifi standard). If monitoring someone's wifi transmissions required their explicitly approval, nobody would be able to use wifi -- every time you moved your phone from one place to another, you would first need permission from every wifi station operator to monitor their transmissions before your phone could use wifi (you would not even be able to join a network you had previously used, because doing so requires your phone to listen to beacons being transmitted by nearby APs).
I'm not going to guess the foibles of law, especially the British courts.
But the intention of accessing your network for the purposes of choosing a network you're authorized to use is different from connecting to networks you know you do not have authorization to use, and then for a purpose that a reasonable person wouldn't expect would be assumed.
I.e. I think it's reasonable to expect that I grant permission to my neighbours and passers-by to access my network for the purpose of choosing their own network. I don't expect that they will be adding my address to a data-set.
And maybe individuals do speculatively connect to random networks, but that's different to doing it at an industrial scale.
Except that nobody is connecting to a network without permission. Again, we are talking about monitoring radio transmissions (wifi beacons) in an unlicensed band. You do not need to connect to a wifi network to receive beacons from the AP, those are transmitted periodically as part of the normal operation of the AP.
You seem to be hung up on what is being done with the recorded beacons, but we are talking about the unlicensed band, so you have no reasonable expectations about what is being done by anyone. That is the point of the unlicensed band. It is meant to be a free-for-all, which is the only thing that is suitable for consumer applications (imagine if every phone, laptop, router, drone, microwave oven, baby monitor, etc. you purchased required you to get permission from everyone around you before it could be used).
Not hung up, just interested in exploring it. Thanks for the info, I'd assumed that the SSID broadcast was done on the same band as the actual network communications.
It is broadcast on the same band as the communications, which is almost always in an unlicensed band (if your wifi network used a licensed band you would know -- you would have had to fill out a bunch of paperwork and pay a fee for your license). The point here is that anyone can monitor your wifi transmissions, not just the AP beacons, for any purpose.
Do you really want to make passive wardriving illegal? Literally anybody who sets up a wifi system has probably seen the list of other people's networks within a some-meter radius. How could you possibly think there's a reasonable expectation of privacy with your SSIDs?
I did not say I want to make it illegal, just pointing out that it’s not some completely bizarre idea.
I think it would be reasonable to have various restrictions on all kinds of large scale datasets, especially when they include data that is easy to connect to individuals, and especially when it was not compiled with their explicit (informed, opt-in) consent. This includes public information such as what I’m wearing, where I am at what times, when and where my wifi is on.
I get your sentiment, but there is a big difference between that information being publicly available somewhere and someone building a centralized private database of it.
At least, IF you assume that e.g. "database copyright" serves a valid purpose, then you could make a similar case here that the collection of all these data points is qualitatively different from collecting any single data point.
Note: I used a capital "IF" up there because I do have issues with database copyright. But that's the world we live in...
Are you uncomfortable with the idea of someone monitoring the ISM band and collecting information about what is being transmitted and by which stations? If so, maybe you should stop using wifi, since that is actually part of the wifi standard (your phone is literally monitoring transmissions on your neighbors' wifi networks to avoid interference).
Except you can? The courts (in the US) have consistently ruled that you have no expectation of privacy in the public square. ALPRs on police cars are perfectly legal if there’s no laws prohibiting them.
Sure, take a picture of someone, so his or her face is the main content of the picture and start posting it everywhere (it's your picture so you can do whatever you want, right?).
> ALPRs on police cars
Government is usually exempt from those things or have license.
Why wouldn't I want my wifi beacon used for geolocation? Good geolocation helps everyone. What exactly is the harm that Google is perpetuating here? This SSID stuff is a great example of something that sounds sinister when presented in vague and ominous terms by "privacy" advocates but is actually benign if you think about it for five minutes.
This is a bit like saying: Strangers looking for house #48 on my street are not allowed to look at my door and use my street number #42 on it to orient themselves.
I am all for privacy, but this is a bit paranoid. Google is not distributing any information about an access points. A phone using wifi based location services simply listens to already existing SSID broadcasts. If you don't want your SSID broadcasted, turn off the broadcast. Is there aspect of this that I don't understand?
If I pass by in front of your house, I can see through your windows. If I walk behind you, I can see what you do. Both are somewhat socially acceptable.
If I livestream you the whole time and archive the video of everything you do and everything visible in your windows, I bet you'd not feel as comfortable.
This is exactly the problem here: Your neighbours or passerbys seeing your SSID is not much of a problem, but a total stranger anywhere in the world finding your address only by (B)SSID is a problem.
Especially since these are usually not considered sensitive; you can find quite a few posts showing fun WiFi names or tech support posts were the ID is visible. Hell, maybe some streamers inadvertently show them because they don't know the implication! Combine that with rough information of where the user is from (country should suffice) and you can come knocking on their door.
The real problem here is that we usually are very protective of our actual address. These databases make SSIDs equally sensitive data, without people being aware of this.
> but a total stranger anywhere in the world finding your address only by (B)SSID is a problem.
I am not sure I follow. Total strangers can find my address by looking up ... my address.
My ssid is probably _less_ associated with my name and other identifying info than my address is, for that matter. Whereas I regularly supply my address to forms when I sign up for things or order packages for delivery, I never really explicitly give out my ssid.
A passerby could collect my ssid. They might be able to narrow it down to my building (or maybe the neighbors), but that's not terribly interesting data to strangers trying to "find my address". There are more direct ways to go about that.
> My ssid is probably _less_ associated with my name and other identifying info than my address is, for that matter.
But I don't have your exact address.
> Whereas I regularly supply my address to forms when I sign up for things or order packages for delivery, I never really explicitly give out my ssid.
You'd think so. But it's easy to accidentally do this by submitting/posting a crash report (they quite often contain the WiFi SSID), asking for technical support, sharing a screenshot or simply opening the wrong window while streaming. Maybe you posted once in an "AskReddit: What's a funny wifi name?" thread. I doubt you'd simply post your address freely online and it would be much harder to get you to enter it into a form controlled by me.
> A passerby could collect my ssid. They might be able to narrow it down to my building (or maybe the neighbors), but that's not terribly interesting data to strangers trying to "find my address".
Sure it is. Right now, you could be anywhere in the world; the chance that I'd just walk by your house is minuscule. Even knowing you're near Boston makes that very hard. Only thanks to this database I could find out your exact address in minutes, given your SSID and a cursory look at your profile.
You do have my username. I am fairly confident that you could connect my username to my real name with some minor searching. From there, plenty of tax records, property records, and other important interesting information is just a few clicks away.
I am not arguing that we should or should not be sharing ssids. I am merely wondering why the OP is somehow worried about strangers across the globe somehow going from a list of random ssids to anything more interesting than that.
A list of names, addresses, phone numbers, emails, or other publicly available information (leaked or otherwise) is far more worrisome than a list of ssids.
I agree that a leaked SSID is less worrisome than leaked addresses, but the problem is that this list takes an nearly useless information and makes it a vital part which can basically locate someone down to the street address. And most people are absolutely unaware of how dangerous sharing an SSID is, assuming they try not be found (see: streamers, pop-stars or simply people which do not like to associate their actual name with their alias, unlike the two of us). For them it would feel like if I would tell you the color of my shoes and you'd find my address - it's simply not something you have in your mind.
It's not the end of the world, yes, sure. But it's not great either.
It's a sidenote, but the blow-up point of this is that it's one of the very few data privacy points for which you can directly show the impact. Usually, you have to go with abstract "if your data is leaked" or "someone at XCorp could ...", but in this case, if I can find your SSID I can send you your address, no further questions asked. And everyone knows people who know their SSID and/or can easily imagine this scenario. I'm pretty sure that's why this exact list is blowing up so much more than the far more egregious privacy violations we otherwise see.
Google location doesn't associate identities with addresses like the white pages did, so that is not a perfect analogy. In an unfortunate case of self-reference, I'd say Google Location is much closer to a (paper) map, since it correlates addresses to physical location. As far as I know, no one[1] can delist their address from a map, not even public figures. A map will tell me where Number 8 Mulholland Drive is, nothing more, nothing less.
>This is exactly the problem here: Your neighbours or passerbys seeing your SSID is not much of a problem, but a total stranger anywhere in the world finding your address only by (B)SSID is a problem.
In what case would "a total stranger anywhere in the world" get a hold of your BSSID?
That seems very contrived Which crash logs would contain the SSID? You reporting a bug with wpa_supplicant? What's the risk of that compared to crash logs containing other pieces of sensitive information?
Most SSIDs are not unique and can't be used to geolocate on their own. You need to show off a BSSID which is buried in utility menus and unlikely to be accidentally opened by a user. I suppose malware could share your BSSID with a malicious party to geolocate you, but at that point you're being specifically targeted by a sophisticated adversary and whether or not Google helps along the way is not going to determine whether you win or not.
It's enough to look at your profile to find out you're in Stamford, so locally unique is sufficient. I don't intend to find out your address, but it is usually quite easy to narrow down someones location to state or city level (you'd probably be able to do the same for me). So unless there are hundreds of SSIDs with the same name in your city, finding you is probably not that hard. For mine, state would be sufficient.
> and can't be used to geolocate on their own.
Sure thing! https://wigle.net/ has a perfectly fine API which allows you to search by SSID.
I'm not in Stamford, but nice try :) Regardless you didn't use my SSID to figure that out, which is my point, we all have lots of data points out there that are more public than SSIDs and those will be used to compromise us much faster than the SSID method will.
> Regardless you didn't use my SSID to figure that out, which is my point, we all have lots of data points out there that are more public than SSIDs and those will be used to compromise us much faster than the SSID method will.
I think we intermingled two separate points there:
- An SSID is not unique. My point was, despite this being true, it is usually possible to narrow down the location far enough using auxiliary information so that an SSID is sufficiently unique. That was the point of my previous response to you.
- An SSID is usually not considered sensitive. For the two of us there are enough other data points, but quite a few people prefer not to have their nick linked to their real name. I doubt they are aware how fatal sharing it would be. As mentioned in sister comments, the name is also quite often in crash logs, so something as simple as seeking technical help might lead to your home address being compromised.
Now, this list is surely not the end of the world, but the privacy implications are pretty bad IMO.
Because of these databases if I get near you when you're using your computer, I can tell where you live:
Your computer will poll for the SSID it's setup to auto-associate to (as they may be hidden). I get the SSID of your home network, and look it up in the database.
How creepy is it that these two not very privacy interrupting things -- collecting observed SSID in the wild, and your laptop attempting to connect to things it knows essentially broadcasts your home address when you're at a conference or a coffee shop? Hope you never have a stalker.
Worse, google's "opt out" procedure makes your SSID more unique and makes this attack even more effective.
>Your computer will poll for the SSID it's setup to auto-associate to (as they may be hidden). I get the SSID of your home network, and look it up in the database.
AFAIK this sort of polling only happens if your phone has hidden networks remembered. Also, the probe it sends is for the ESSID (human readable string), not the BSSID (mac address). Most databases (including google) only allows for lookup by BSSID not ESSID so doing that sort of lookup is non-trivial.
> AFAIK this sort of polling only happens if your phone has hidden networks remembered.
Alas, no when you have a SSID remembered it doesn't know if it's hidden or not. (well maybe apple has some privacy behavior for this). It's not only used for hidden networks: clients probe so they can quickly enumerate nearby access points so they can switch over to them fast if they lose connectivity.
A few years ago when the whole "people are tracking your phones using wifi probes!" story got popular I ran packet captures on an android and ios device and found that neither made directed probe requests (ie. the kind that contained SSIDs). The man page for wpa_supplicant (which is used for android) seems to confirm this:
scan_ssid
SSID scan technique; 0 (default) or 1. Technique 0 scans for the
SSID using a broadcast Probe Request frame while 1 uses a
directed Probe Request frame. Access points that cloak
themselves by not broadcasting their SSID require technique 1,
but beware that this scheme can cause scanning to take longer to
complete.
Ok so putting this all together, if you run a hidden network at home that means your phone HAS to use a directed probe request to find that network which it will keep trying to do when you are out and about. Am I reading that right?
If so the best way to have a phone that doesn't leak is to have a home network that does... maybe?
> if you run a hidden network at home that means your phone HAS to use a directed probe request to find that network which it will keep trying to do when you are out and about
That certainly isn't a theoretical requirement; the alternative is "if you run a hidden network, your devices will not connect to it automatically". You'd have to tell them to connect.
GPs second point still holds - the laptop scans for SSID, not BSSID. If all you have is SSID you can't get to location using Google's database. At most you could use it as a data point to connect someone's laptop to a location you already know.
An easy way around this would be to leave your wireless SSID on it's default (or set it to 'Linksys').
Joe Stalker, however, probably won't get it from google. Unfortunately there are many other databases, including ones available at low cost (or free: https://wigle.net/ ) which the stalker is more likely to use, unless they work at google. And when you add "nomap" to turn off google's tracking you'll make your SSID more unique and trackable in every other database.
I just queried my home ssid on there. I thought it was a pretty unique pun, but 216 other access points have the same ssid. If my phone was probing for it then you could narrow me down quite a bit, but you would need more than that.
I'd agree that a basic mapping of SSID name to approximate location is a bit useless on its own, but it can be combined with other information to narrow down your physical location.
Geographically speaking, how were those SSID's distributed? Were they spread all around the world, across the continent, or were they all in the same city?
For example, if your home SSID was known and those 216 SSID's were spread around the world, your home could likely be narrowed down based on some general facts from forum posts. "You spell honor with a U! You often complain about the rain on the forums, and those posts came from that ISP's IP block! According to the public coverage maps for that ISP in that English-speaking country that uses British spellings, your wireless network overlaps with this side of the street, give or take 30m. Let's check it out!"
so if i'm understanding the threat model correctly here, it's based on the uniqueness of your home SSID. a privacy-preserving thing to do would be to choose an SSID that is shared by many other people, but not so many other people that your neighbours share it...
The router manufacturers do, as I was once surprised when my computer was complaining about a friend's wifi -- turns out that they had the same, manufacturer-driven SSID as my mother.
Having noted the WiGLE database I decided to give their mutual Netgear-provided SSID a spin. Over fifty thousand results.
So you could do worse than just name your access point NETGEAR followed by a two-digit number. Of course, your laptop might decide lots of other networks are yours, but it won't have the password for them.
If you wear a T-shirt with your home address on it, people will learn your home address. The correct technical solution seems to be to NOT wear a t-shirt with your home address on it. (Don't use a device that broadcasts your home SSID in the subway)
Sure, except that all your shirts have your address on by default without your knowledge (for >99% of people), and anyone can read your shirt under the jacket you reasonably believed to be opaque, in an instant, without line of sight and undetectably to you.
I have wifi off on my phone with a Tasker script that turns it on whenever I'm connected to one of the cell towers that services my neighborhood. The system works well and my battery life is amazing.
Interestingly it used to be that someone would (for free and without solicitation) drop a book on my doorstep that contained a list of thousands of people's names along with their home address and telephone number. The last time I remember this happening was only 10 years ago. It's fascinating how our threat models regarding privacy have apparently changed so significantly.
If I recall correctly, the phone books even included instructions on them of how to opt out. And given that they were broadly distributed it was very apparent to people that opting out was necessary if they were worried about being stalked, etc.
I didn’t act as if one couldn’t opt out. That’s actually in line with my point. The behavior was opt-out, and from what I remember hearing you actually had to pay in order to do so.
My point is that it used to be well-accepted that one’s home address and telephone number were explicitly public and indexed for easy access by anyone (at least anyone within the regional phone book’s coverage area). Now we get spooked that someone could obtain a home address using a fairly convoluted, difficult to target, and presumably expensive method involving the target’s smartphone attempting to connect to a wireless network and a large commercial database of wireless network locations.
I’m not even making judgements about this. I’m truly fascinated at how privacy threat models can vary so much from person to person and over time.
tshaddox didn't say anything to imply that people couldn't opt out, so I think you're beating a strawman. They pointed out the seeming change in expectations in this thread (where SSID location mapping collection being opt-out is outrage) vs the phone book (which, sensitive PII was broadly shared by a profit-motivated entity that had no relationship with you and you have to opt out to not be included).
If anything, SSID location is generally less sensitive than your name + phone number + city.
I think that it is important to consider the reason _why_ we make some information public.
We make our SSID public so that we, or our friends, can easily access our WiFi, not so that somebody else use it as a tracking tool. Just because I make something possible, it doesn't mean that somebody else should take advantage of it ("hey, your car was unlocked, so of course I took it for a ride"), even more so when we talk about a huge corporation where the effort of taking advantage of this is much more than the effort that an individual must put to protect him/herself.
Want to use my SSID as a location tool ? I'm fine, but first you ask, and the let's talk about how much you're gonna pay for it.
The scale is exactly the problem. The social contract of what's acceptable for friends, mailmen, or passersby hailing a cab does not apply when extended to automated processes running on computers of global megacorps.
I have no issue with a police officer tailing and tracking a suspect with license plate ABC1234. That license plate number is publicly visible information. I do take issue with the police installing license plate cameras that give them a location history of the entire driving population of a city.
I have no issue with an acquaintance recognizing me by the shape of my face. If I go out in public, I expect to be publicly visible. I do take issue with Facebook running facial recognition on photos taken by their users, or installing their own facial recognition cameras, and sending advertisements and connection suggestions to me based on my proximity to other people.
I have no issue with my neighbor, trying to connect his wifi, seeing my SSID alongside his. The router needs to broadcast a publicly visible management beacon so that he can locate his wireless network and I can locate mine. I do take issue with Google making a global database to allow devices to use the visible SSIDs to determine their location.
I have no issue with a web server querying my browser to see what system fonts I have available, or what size my browser window is. These and other bits of information are useful to display the website I'm requesting to me. I do take issue with the server or their advertising partners using these characteristics to construct a fingerprint to track me across sessions or sites.
I recognize that there's no empirical difference between these uses. Public information is public, it's not obvious why the source should be able to determine how it's used or where the line is between acceptable, intended, private party use and unacceptable, automated, exploitative use. But I think I know what's acceptable when I see it.
Interestingly, the initial example of a street address has always existed in large centralized databases. These databases are even published for mass distribution in the form of a phone book, and they've also been available via online queries for the past 25 years (mapquest, et al)
>I guess the problem is the worldwide database it's put in.
Why is it a problem to know the gps location of a specific street name + house number? That seems like a pretty useful piece of information, especially in north america where a single street can span the entire width of a city. As for the downsides, what's the privacy implications of knowing that 73 elm street is located at -52.024290244005,101.13123390478796?
Care to make it? I think it'll be a logistical nightmare (eg. how do you get consent? Do you have to sign a form and send it to tomtom/google? Does filling in your address imply consent? Who can give consent? The property owner? The occupant? If I'm at at a party and want other friends to come over, do I have to explicitly ask the occupant/owner for permission? Google can probably easily get consent from people, but what about mapping startups? What if the previous owners gave consent, can you revoke that consent?), and provide little to zero privacy benefits.
I don't really care to make the argument, no, since I think street numbers are reasonably expected to be in the public domain in the culture I've grown up with.
But I wouldn't rule out that someone else looks at it differently to the degree that I'd pose it as a rhetorical question, as an example that's illuminating in its absurdity. That was really all I was trying to say.
Though whether or not it'd be a logistical nightmare for Google or startups really doesn't play into it; all kinds of privacy (and other) regulations are logistical nightmares for those whose business it is to violate them. E.g. kyc regulations were a logistical nightmare for financial services that didn't bother or didn't want to k their cs.
> Just because I make something possible, it doesn't mean that somebody else should take advantage of it ("hey, your car was unlocked, so of course I took it for a ride")
This is specifically prohibited by law. Now there are gray areas of things that are not prohibited by law that are usually not acceptable but I don't think this is even one of those. [1]
[1] Example might be if there is ketchup at a restaurant and no sign which says 'limit X packets' you could take all of the ketchup (does not violate any law) assuming you are in the restaurant as a customer.
> If you don't want your SSID broadcasted, turn off the broadcast
Hiding the network name doesn't conceal the network from detection or secure it against unauthorized access. It also makes your devices constantly send out that SSID wherever you go when searching for networks. According to Microsoft [0]:
> Non-broadcast networks are advertised in the probe requests sent out by wireless clients and in the responses to the probe requests sent by wireless APs.
It's been argued that hiding the network name can make you more of a target because it makes you stand out more than your seemingly more innocuous neighbors. That is unless you never connect any devices to your hidden AP.
Like being the only person on the block who blurs out their house on Google Maps or Apple Maps, it could backfire due to the Streisand Effect.
It makes the laws really complicated too. Normally, I don't think there's an expectation of privacy for things that you transmit with a radio transmitter, so AFAIK it's still (mostly?) ok to own a radio receiver that can receive (almost) anything anyone transmits. (almost, because things like radar detectors are already illegal in some jurisdictions.)
I think there's a tradeoff here. Having people carve out more and more frequencies that become illegal to monitor might not actually make the world a better place in the long run.
If monitoring the ISM bands was illegal, wifi would be illegal. Wifi stations continuously monitor the channel they are using to avoid interference and will typically monitor the whole band during the frequency selection process (i.e. searching for the least-crowded channel when setting up the AP). The fact that the ISM bands are basically a free-for-all is one of the best regulatory moves in the history of radio, since that has basically made the diverse market for wireless consumer electronics possible (including wifi and bluetooth, two of the greatest inventions in consumer electronics in my lifetime).
You’d have to legislate what you can do with the data. Saying that you’re not allowed to receive random broadcasts would make it so you basically couldn’t connect to wifi APs.
According to US law, what's against the law is intercepting communications that are not readily accessible to the public. A Wi-Fi beacon containing an SSID is not a communication intended for somebody else, so there's no legal issue with receiving it.
The restrictions are on how the hardware is used, not what it's technically capable of.
Interestingly, this varies from country to country, but in the US: yes. With very, very few exceptions, the law errs on the side of "If it's broadcast, anyone may receive it."
Legally, Wi-Fi communications in the US are not considered to be "broadcast", even if anybody sufficiently nearby can receive them. If you're not the intended recipient of a message, and you intentionally intercept it (or attempt to do so), and the content isn't "readily
accessible to the general public", then you're breaking the law.
In particular, the SSID of a network is readily accessible to anyone with a Wi-Fi device, whereas the contents of data packets (even unencrypted ones) are not accessible unless you have packet-sniffing software and know how to use it. This seems to me like a fairly common-sense interpretation.
You can still own general-purpose radio receivers (subject to the usual FCC rules about radiated emissions and so on). The legal restrictions are about what you can do with that equipment.
"If you're not the intended recipient of a message, and you intentionally intercept it (or attempt to do so), and the content isn't "readily accessible to the general public", then you're breaking the law."
...if true, then wifi itself is illegal, because every wifi station will "intercept" (i.e. receive) frames transmitted by nearby stations in order to avoid interference when attempting to transmit a frame.
A Wi-Fi station is an inanimate object that is incapable of breaking the law. The law applies to what people (or legal entities) do.
Sure, whenever somebody else sends a Wi-Fi packet in your vicinity, the components in your phone are physically reacting to the signal that they receive, and inspecting the data to see if you're the intended recipient. If the packet is addressed to somebody else, and your device never stores or displays the payload, then obviously you are not intentionally intercepting anything.
The law assumes judges and juries are human beings, who have at least a modicum of intelligence and common sense. It's not a mathematical formalism in which the slightest contradiction lets you prove absurdities.
Let's not be pedantic here. We call a technology illegal when there is no legal way to use it. Wifi stations do not just discard frames not intended for them; APs typically keep track of the frequency utilization in their immediate vicinity in order to choose the least crowded channel for the networks they manage. More advanced APs (e.g. CBW APs) will also keep track of other APs and nearby stations long-term for various other purposes (mostly related to improving wireless throughput). There is also DFS/TPC in the 5Ghz band, which involves continuously listening for transmissions that are clearly not intended for any wifi devices (and recording the time and frequency on which such a transmission was received so that an AP does not select that channel again).
If your argument is that "displaying" the received transmission is the issue, then Google has done nothing wrong, because the BSSID/GPS database is not "displayed" to any human beings -- the entire system is automated, much like the CSMA and DFS/TPC technologies of wifi itself. Personally I think that is a weak argument since it would make it legally questionable to use a debugger on a device that operates in an explicitly unlicensed part of the radio spectrum.
You are right that judges and juries are human beings. They make mistakes when they are tasked with interpreting laws governing technologies they do not understand, and that is why we rely on organizations like the FCC, which are supposed to rely on actual experts when deciding compliance. I doubt that any major corporation would sell wifi equipment if there was any serious question about the legality of monitoring transmissions intended for other stations in the ISM bands. This whole debate sounds like another case of "Google did something, how dare they!"
> If your argument is that "displaying" the received transmission is the issue, then Google has done nothing wrong, because the BSSID/GPS database is not "displayed" to any human beings -- the entire system is automated, much like the CSMA and DFS/TPC technologies of wifi itself. Personally I think that is a weak argument since it would make it legally questionable to use a debugger on a device that operates in an explicitly unlicensed part of the radio spectrum.
This seems like a plausible argument to me. Google use similar arguments with, say, Gmail: their algorithms can read your mail and use what they learn to show you ads, but individual engineers can't, even for debugging purposes.
It would not at all surprise me to learn that large swathes of technology are technically illegal, just not anticipated (or properly understood by the right people) or against the 'spirit' of the law.
Perhaps, but given how tightly regulated radio is in general and how closely wifi device makers work with regulators (e.g. look at DFS/TPC in the 5Ghz band) it would surprise me if one of the core technologies of wifi (CSMA) was in such a precarious legal situation.
Oh I don't mean I would ever expect it to play out precariously, just that it would be an awkward technicality of the way something happened to be phrased, and fixed when noticed/required.
You're missing a major element: the relative measurements of your wifi signal...a.k.a. radar inside your home, visible to people outside your home.[1]
Your wireless router sends out a constant signal . That signal bounces off stuff, and can be measured in real time. Once a 3rd party has a calibrated measurement of your wifi signal, they can scan it and make relative measurements in real time. They can reconstruct what's going on in the room by reconstructing the triangulation of how the signal is changing. They've been able to fine-tune it enough to see a person breathing, or see their heart beating.
As this technology matures, I believe this will be the next-level of major privacy concerns.
What does that have to do with Google's use of your SSID? If someone wants to use your SSID signal to image what's going on in your house, they don't need to have first gotten your SSID from google's mapping database.
Because the number of your house is there for strangers to identify your house.
Your SSID is there for you to connect to your private network. The fact that it is broadcasted is a technical limitation, and it is not intended for others beside you. Nobody besides technical people know that the SSID broadcasting can be disabled, and even less know how to use their wifi when it is disabled.
This is the crux of the issue to me, they've now made a privacy opt-out that requires you to broadcast an SSID, in order for their systems to ignore your BSSID.
If they don't have an alternative to this opt-out then there's probably a GDPR case right there.
What is surveillance if not just looking at you? So if you object to the state or private actors being able to track you every movement through the public space, you essentially are advocating for banning people from looking at you when you walk the street.
Somehow it doesn't seem the same though. Somehow intuitively it seems different when people just look at you on the street and when some organization compiles a single database where every move of every person is recorded.
> How do they know where my SSID is? Is my phone sharing that info with them?
Yes if you have it turned on and you're signed into Google.
> Is their advertising now using the SSIDs I pass by to track me even when I explicitly turn off GPS?
Turning off GPS stops GPS, not SSID tracking. Modern Android doesn't have a GPS toggle though. It has a "Location" toggle which stops the OS from sending the data to Google. However it does not turn off the location feature in Google Chrome (or other web browsers).
> If I turn off location history in Google, does this prevent that information being shared with others in the ad industry chain?
Google doesn't share their data with 3rd parties.
> Do I need to track all them down and find how to opt out of them having a database of my frequent locations?
There is a dark pattern in Android that is tangentially related only, but I need to share it:
The service in Android using (B)SSID for "a better experience" is configured off on my phone, and I explicitly turn off all location services when I don't actively need it.
Every time I turn on location, then open Google Maps, Maps prompts me to turn on the "enhanced experience". Picture yourself in a bit of a rush, needing to do some quick navigation using your phone and Maps, and how easy it is to quickly dismiss that prompt without realizing you just offered Google more data.
Note: My default behavior regarding Google is to give them the absolute minimum amount of data.
That's how I ended up paying for YouTube premium one time! I clicked on a YouTube (short)link on Twitter or somewhere and YouTube app opened, then a blocking dialog asked about premium membership and the button to get the membership (after trial period) is bolder, so you are more likely to press it accidentally if you are eager to watch the video! I got so angry that I deleted my payment method from my Google account.
They research patterns, and they know how and when to ask you to press a button. Not illegal but unfair IMO. Take this post for example, changing SSID is so inconvenient that the user might not want to go through the whole process.
Maybe it's my imagination. But GPS-only location services on Android have progressively gotten worse to the point of utter uselessness today. My G1 could obtain and retain a GPS-only lock nearly as well as my dedicated Magellan GPS handheld. Meanwhile my Moto G4 will try for hours and be unable to obtain even the remotest idea where I am.
The more cynically minded might even suggest Google has purposefully let GPS-only capability degrade as a dark pattern to push users to opt in to SSID-based services.
While only relevant to a small niche of users [1], I created a tiny Tasker profile to press the back button whenever that dialog appears. It should go without saying that if you decide to use this you should check the code first.
I do the exact same with Google Maps. If I could, I'd stop using Google Maps completely, but I've found no other apps that offer such thorough and up to date information about businesses around me.
PS: Offline GPS turn-by-turn navigation devices from China are about $50 now. I use them myself ever since I decided I wanted to stop leaking my realtime location to Apple and Google.
> To opt out, change the SSID (name) of your Wi-Fi access point (your wireless network name) so that it ends with "_nomap." For example, if your SSID is "12345," you would change it to "12345_nomap."
We can hope that Microsoft will require _bing_nomap as their suffix, While Apple will be more privacy-minded and require _yesapplemaps to be added if you wish to opt-in.
Opting out of Google while opting into MS and Apple scanning is left as an exercise to the reader.
Followed by: "To help ensure your changed SSID is submitted to Google quickly, open Google Maps on an Android device with Wi-Fi turned on. To establish a location fix near your Wi-Fi access point, tap My location My location."
It reminds me that there was a version of Google Maps on iOS where if you wanted to cache a region of the map locally for offline use, you would (1) zoom out to view the full area to cache and (2) search for "OK Maps" to cache that area.†
Yes. Searching for "OK Maps" to cache it. You know, instead of maybe adding a button like in any normal app made for human beings?
I'm not at all surprised by this _nomap "solution".
Most of the replies to you seem to be focused on the relatively uninteresting individual act of recording the location of your publicly broadcast SSID.
But the issue arises from the fact that this is done in bulk and is comprehensively catalogued centrally. I think that commenting on a person photographing your house misses the point, because the scale is the thing that matters here. It's not the individual act of recording your SSID, but the scale of doing it in bulk that transforms this activity into something that is unlike photographing your neighbor's house.
I notice that you said "most" and so you might be technically correct, but you can accurately make out Germany on a map of google streetview availability, because enough people did have an issue with it when it was first introduced.
The difference is that the wifi opt out method is perfect since they can trust that the person with control of the router's SSID is actually opting out when it receives that list.
Yes you have in a sense. Your WiFi router is broadcasting its SSID and anyone in range can pick up this signal. If you do not wish to broadcast your SSID, you should disable it in your router.
What you are suggesting is to me no different than asking why a random passer-by can take a photo of your house. Because of course they can. Saying that a person can not take an image of your house unless you have explicitly put up a sign saying your house can be photographed is an absurd proposition and a sad privatization of the public sphere. The color of your house is not within the domain of your privacy, and neither is the location of your WiFi if you choose to broadcast your SSID.
> If you do not wish to broadcast your SSID, you should disable it in your router.
Don't do that, it'll counter-intuitively have the opposite effect: if you disable broadcasting the SSID on your router, then all the clients (phones, laptops, etc) which wish to connect to it have to broadcast that SSID when searching for nearby access points, instead of just asking all nearby access points for their SSID. That is: disabling broadcasting the SSID on the router means requiring broadcasting that same SSID from all the clients, even (and especially) when they're nowhere near that router.
The solution is for all of us to rename our SSIDs the same (e.g., "Starbucks") and then let the WiFi device sort it out during the authentication step.
Except an average person can’t be expected to understand what “broadcasting an SSID” even means, compared to putting some numbers on your house that are required for essential services. It’s even doubly deceptive because then you need to understand the privacy implications of Google’s data capture, how it feeds into their ad business, etc. I understand all of this stuff but I don’t think it’s reasonable for people in general to, and I think people do have a “reasonable expectation of privacy” when it comes to their SSIDs. Nobody installs a router/AP and thinks “okay good, now Google can index my SSID”, they think “now I can securely connect my devices to my private network”.
They don't need to understand the technical details to realize that network names are public information if they have ever connected to a network in an urban setting, where you can always see your neighbors network names in addition to yours.
I think we have fundamentally different opinions on what control you should be allowed to have on your privacy.
There is a similar debate about being photographed while in public: the fact that I'm walking in the street shouldn't allow anybody to take pictures of me, just because it has been decided that doing so would remove any "expectation of privacy".
That's my image. That's my house. If I don't want people to take picture of it and put in on the internet, it's my choice. And I don't think it is that unreasonable to want to control it.
I don't care about cityscape where the picture is taken from afar, where you can not discern any details of my house. But I don't want strangers to be able to see for example if I have dogs just by googling my address on internet.
It's not an unreasonable desire to want to control it, but you should also consider what it leads to when applied universally. For example, Street View is now almost completely disabled in Germany. I find it a beneficial public service and would be saddened if it was disabled in my country. Similarly, I could not publish a book in France whose cover is an image of the Louvre pyramid - this part of the public sphere has been rendered someone's intellectual property. Something that is seemingly public, inviting and free to use has been made in part private. Not good.
In a world where free public spaces are becoming increasingly rare, we should strive to retain and protect them rather than make everything private and controlled.
That being said, I do think the privacy of what is clearly and truly in the private sphere should be protected strongly – such as what goes on inside your house outside of what is directly and easily visible to the street. But there need to be just as strong rights to enjoy the virtues of the public sphere to counterbalance the strong protection of the private sphere.
> In a world where free public spaces are becoming increasingly rare, we should strive to retain and protect them rather than make everything private and controlled.
by empowering a private company to profit from what this person considers to be private?
By empowering anyone to make free use of what is clearly public. Private company building a service to show streetscape around world should be no different than me publishing photography I took around the city in my blog.
Not broadcasting your SSID doesn't offer any real privacy benefit. If you're using the wifi, every packet sent out by the AP or the clients includes the permanent (and usually unchangeable) hardware serial number (BSSID MAC) of the access point.
IP addresses are considered uniquely identifiable information under most (all?) GDPR jurisdictions. Pinpointed locations are also considered PII for obvious reasons.
I'd argue that by the same reasoning, SSID and MAC address are even more identifying, because IP addresses aren't as static as changing your WiFi configuration. Driving around and mapping this type of data should probably be considered a violation of the GDPR in the same way tracking the IP address of users visiting a website is.
I'm fairly certain you could make a claim against Google for processing this data without consent, without an immediate retraction (Google Streetview still lists 8 year old photos here) or opt-in.
Receiving data is fine, but processing it and mapping it out is not. In the same way, gathering IP addresses for logging and diagnostic purposes is okay, but selling "what IP accessed what page" is not. Taking a picture of your house from the street is not illegal, yet if I were to point a camera at your house that takes a picture every second so I can sell accounts for a premium "vesinisa's house stream" online, you'd probably get the police involved in its removal eventually. Intent matters as much as the actions themselves in most cases.
You opted in by broadcasting to anyone that cares to listen.
I feel like I’m missing something when folks complain that someone geotagged the publicly-viewable SSID that their router, by the owner’s choice, shouts to anyone that will listen. And then act like it’s this big privacy invasion when someone does listen.
This is just another instance of the same old discussion. Many things are perfectly okay on an individual basis. E.g. individual citizens can see my license plate, and this is fine. But when it gets correlated into a picture that effectively tracks where I go, now we're talking about something different entirely.
I agree and think it's weird how often I see variations of that general argument here; where someone says, "Normal thing A is fine, therefore it must be fine if we scale it by a factor of 100,000,000". Scale matters!
where someone says, "Normal thing A is fine, therefore it must be fine if we scale it by a factor of 100,000,000"
Why are we to assume that it isn't fine just because there's more of it?
Scale matters!
For all the "scale matters!" in this topic, no one seems to be able to articulate why. Were laws broken? Hell, were unspoken rules broken? What is $BAD_THING that will happen if $X "at scale!"? But instead what I read are broken analogies that don't stand up to scrutiny.
The fallacy isn't that scale is inherently bad or anything but that scale can change the fundamental nature of what a thing is and so they're not always able to be substituted.
* If I kill an Armenian it's murder, if I kill every Armenian it's genocide.
* If I buy some shares of Google it's investing, if I buy every share of Google it's a takeover.
* If I happen to know where you are because a saw you in town it's a coincidence. If I know where you are 24/7 it's surveillance.
* If a friend sends my address to someone it's no big deal. If they post my address publicly it's doxxing.
The logic "if I can X at some scale then I can do X at any scale" doesn't follow because doing X at different scales might be totally different things. I don't think Google slurping up SSIDs is going to make $bad_thing happen but the justification for them doing the sluping is more complicated than "well it's fine if I wrote down one SSID..."
You are definitely saying it loud enough to reach outside your house. If you aren't, then you don't have to worry about Google because they wouldn't be able to reach it.
I don't intend for it to go outside of my house. I have not placed any access points in locations designed to make the signal reachable outside my own home. I expect that at some points near the perimeter of my property, passerby may detect the existence of my WiFi network. I expect them to politely ignore it and move on, just like I expect them to pay no mind to normal everyday sounds coming from inside my home.
It becomes a different issue when a corporation collects this information for business purposes. They are not random passersby. But I expect them to treat it with the same courtesy -- ignore, move on.
If you care about this, the burden is on you to make sure the signal does not go outside of your house or to make our wifi work in private mode (probably easiest solution). Google is simply taking advantage of what is essentially public information, they are doing it at scale and this should not be problematic at all.
We need to understand that when we live in a technologically advanced civilization (sufficiently advanced as to have Google cars driving around) there are some things we will have to give up as a part of enabling the technologically advanced environment that we chose to live in.
What we would have a problem with is not collecting then, but the way it is being used. A reasonable way to handle this for Google would be: rather than having a SSID opt out, have ad-tech opt-in as in 'we can optimize our ads based on your detected wifi location, would you like that?' Meaning: yes, it's fine that you collect publicly available information at scale, but if you want to use it for me (or against me, depending on your view), you have to ask me. Otherwise it would be violating my right to privacy.
There is no such thing. I have no problem finding the SSID for "hidden" networks.
> they are doing it at scale and this should not be problematic at all.
In fact it is my entire point that this is extremely problematic. Technology enables a whole new range of behavior not previously feasible, and society hasn't yet developed a way to deal with it. Just because Google can do something it does not mean they should do it.
> yes, it's fine that you collect publicly available information at scale, but if you want to use it for me (or against me, depending on your view), you have to ask me. Otherwise it would be violating my right to privacy.
I disagree. The existence of the aggregated data on me is itself the risk, itself the violation of privacy, not the moment when they leverage it for a particular purpose. This data aggregation is dangerous and needs to be regulated.
I do not believe in a utopian corporate world where everything Google does is for my benefit.
> There is no such thing. I have no problem finding the SSID for "hidden" networks.
Yes I meant hidden networks, and I didn't know they were discoverable. Really? Why are are they called hidden then?
> The existence of the aggregated data on me is itself the risk, itself the violation of privacy
Yes it is a risk, but it is not in itself a violation of privacy. I think you are conflating secrecy and privacy a bit here.
You parents or close family posses a lot of private information about you and the very act of possession is not violation of privacy (but it does pose a risk that you have to live with, hoping and expecting they will respect your privacy).
Violation of privacy occurs at the moment this information is used in a way you would not approve.
Anonymity - you do not know about me
Secrecy - I do not want to share information with you
Privacy - I am OK to share my information with you and I trust you to not use it in a way that I would not approve of
I figure the SSID is no less public than the street address. Anyone in the area can determine an address or an SSID, but that information isn't tied to identity. Unless of your SSID is 'scottymuse_5ghz or something.
The street address is officially registered, is attributed by the town and doesn’t belong to you. I don’t think you can find some more public than that.
Compare that to the name of your private router that happens to be broadcasted far outside your house for technical reasons.
I doubt you can claim "ownership" of text strings used for wifi and otherwise freely available. I suspect Google's lawyers would have stopped this feature from being implemented if there were even potential issues.
You are right in that there isn't an ownership angle to this. The same way if you call your cat "Murphy", you wouldn't get a claim on the name, nor should forbid people from memorizing that you call your cat that name.
To be honest I am not sure where I stand on the issue, but I sympathize on the uneasiness of a global corporation taking advantage of a situation in a way few people ever thought about. That's where I think the perception of the public/private status diverge for most people.
It is trivially easy to connect an SSID to an identity, as soon as someone runs any application on the network that has privileges to both an identity and the SSID.
Yes, it's just key-value data and basically every mobile OS has APIs that will hand it to a developer on a silver platter. I'm sure that this data is already available from various data brokers, just as address data is.
But it's not a competition anyway. Address data being freely available doesn't make other privacy abuses any less bad.
> Address data being freely available doesn't make other privacy abuses any less bad.
If the mapping of SSIDs to GPS coordinates is a "privacy abuse", what does it say about mappings of house numbers to GPS coordinates? Should companies like google/tomtom be banned from collecting such mappings?
this is a bad analogy. A house number is assigned by a government in some form and looking up who lives at a certain address is not trivial and will certainly raise eyebrows. Workarounds exist such as election records however those were created during a time when google-level privacy invasion was not as widespread.
An SSID is created by a private individual for private use and its use as a tracking tool must be discouraged.
I'm not saying that anyone should be banned from doing anything. I am just saying that the information is not hard to correlate.
People who are concerned about their address privacy will often put their home in the ownership of trust or a corporation. That data, despite being regularly collected, is exploitable, and is often exploited. I'm not saying this should be legally changed, but pointing out that it is reasonable to bring up the concern.
> I'm not saying that anyone should be banned from doing anything.
Your characterization of it as a "privacy abuse" suggests otherwise. Moreover, my argument is that most people wouldn't call a mapping of street numbers to gps coordinates a privacy abuse, so it would be absurd to call a mapping of BSSIDs to gps coordinates a privacy abuse as well since they're both pretty similar.
Data collection is not automatically abuse, but it can facilitate abuse, and some distributors of that data (i.e. data brokers) and often complacent in that abuse.
Abuse is all about what someone does with the data.
I probably would have been more clear if I had said "potential privacy abuses" above. Any time this data is given/sold to third parties without any legal framework for protecting it, it is ripe for potential abuse.
It's trivially easy to connect a street address to an identity too. Most municipalities in the US have the property owner on public record. This isn't publicized information, but it's very much public information.
Yes, and that's another legitimate privacy concern. It is not uncommon for that data to be abused. And many people who are concerned about their name being linked to their address choose to work around this by transferring ownership to a different legal entity.
Why in the world I've to change my access point to opt out of google's data collection? Why are they collecting information in the first place?
Stop collecting information. This is way beyond anything but privacy intrusion.
It's like telling another some big corporation that one has to change the name else they will profile you irrespective of what you do...
Atrocious isn't? Publicly available information doesn't mean that you will whatever you want with it.
Tomorrow, (already their OS, Android is doing it), they will collect everything about a person and this is going way beyond who has signed up for. This needs to stop. All in the name of providing services or improving lives of people. Who cares about the dark side? How much profiling has gone into the collected data? What kind of risks it may pose in the future?
This needs to stop... the sooner the better...
Everyone has the right to be private. It doesn't mean one has to throw away everything in public about them. Isn't?
I know I might start another discussion thread, but I'm sure there will be people who will battle for and against... But it doesn't matter...
Google and Apple both have WiFi geolocation databases. As far as I can tell there's no way for an AP to opt-out of Apple's database.
Interesting tidbit from [1]: "In older versions of Apple's mobile OS (1.1.3 to 3.1), Apple relied on Google and Skyhook Wireless to provide location-based services -- so Apple left data collection to them. But ever since April 2010, starting with iPhone OS 3.2 and continuing into the current iOS 4 software, Apple has started using its own databases to provide location-based services to iOS devices."
> To opt out, change the SSID (name) of your Wi-Fi access point (your wireless network name) so that it ends with "_nomap." For example, if your SSID is "12345," you would change it to "12345_nomap."
That's annoying, but I don't actually care, that much. My access points are locked down about as well as possible, and having them in there actually helps to improve map accuracy. I just switched ISPs, and I'm currently getting ads that think I'm in New Jersey. As soon as my new router gets re-mapped, I'll be getting ads that make it seem as if stock photo models are local lawyers.
Anyone that really wants to get into my access points could probably do so, but I also have a few layers of security (multiple routers of different manufacture), as well as fixed MAC addresses (which is a pain for the iOS devices).
Also, I'm surrounded by neighbors that have much lower-hanging fruit.
Outrageous. I have to opt out by changing my network, instead of Google asking for my permission or at least providing a form for opt out. Reconfiguring the router and all machines that work with it is just too much work, also it does not work retroactively (but should imho). It's PII at least in some situations, and for someone with Google's power.
It's analogous to the robots.txt file, which one must host to opt-out of crawling (and everyone's basically fine with). Public network, publicly-accessible data. Public airwaves, publicly-accessible SSID.
Google is assuming (much as it assumed with crawling the Internet) that information broadcast in the clear into the world is fine to aggregate.
(Personally, the only part I'm sad about is that since there's no hidden metadata channel to take advantage of in the 802.11 protocols, they can't squirrel away the "nomap" in a hidden state and instead have to gum up the human-visible SSIDs to transmit the intent to not be indexed).
There’s a big difference too in that when you publish a website, you intend for it to be aggregated. Whereas people don’t intend their SSID to be aggregated.
It’s more similar to walking along the street compiling a list of what colour curtains people put up in their window. Sure you’ve technically got it on display but people don’t really expect that information to be aggregated and shared.
Ease dropping on a conversation on the bus or a train is another example. You can’t really complain if someone overhears but that’s a far cry from someone then publishing what they overhear
I don't think one can make the general statement that "when you publish a website, you intend for it to be aggregated." People have attempted to sue Google for exactly that sort of aggregation. And there are plenty of sites that disallow crawling via their robots.txt (for obvious reasons, we don't see them as often as they aren't reachable via search engines).
And certainly in the era when search engines were being developed (in the early '90s, when robots.txt came into existence), there was no such aggregation expectation because the technology wasn't there to do such aggregation yet. Linking from one document to another has always been a part of the standard, but I don't think one could assume anything one published would end up in a vast auto-generated index.
On the flip side, Google operates under the general assumption that in the absence of reasons to the contrary, there is nothing wrong with info aggregation. "Aggregation is okay" is their default stance. Organizing the world's information and making it universally accessible are tent-poles in their mission statement.
> I don't think one can make the general statement that "when you publish a website, you intend for it to be aggregated." People have attempted to sue Google for exactly that sort of aggregation. And there are plenty of sites that disallow crawling via their robots.txt (for obvious reasons, we don't see them as often as they aren't reachable via search engines).
I know, I run such website myself (it’s where I upload family photos to share with other family members. Basically the good bits of Facebook but without having to deal with Facebook).
However your point is that my generalisation was unsound and thus far you’ve just listed edge cases. Edge cases I acknowledge, sure. But edge cases are allowed to exist when one uses generalisations because the purpose of a generalisation is saying “in general” (ie most of the time) and not “all of the time”.
So while your points are valid, they’re not a rebuttal.
> And certainly in the era when search engines were being developed (in the early '90s, when robots.txt came into existence), there was no such aggregation expectation because the technology wasn't there to do such aggregation yet
Aggregated index sites still existed back then. The difference between then and now was that they were curated by humans.
My first website was published in 1994 so I do remember the early web pretty well :)
> On the flip side, Google operates under the general assumption that in the absence of reasons to the contrary, there is nothing wrong with info aggregation. "Aggregation is okay" is their default stance. Organizing the world's information and making it universally accessible are tent-poles in their mission statement.
I’m well aware of Google’s original mission. I don’t think it’s fair to say this remains their current mission (maybe one of their missions but they’re a much larger organisation now and each department will have their own goals and measurements).
However the point of this discussion wasn’t what Google’s past nor present mission was/is, it’s whether it’s ethically sound in the very specific context of SSID aggregation.
I’m not framing it as an absolute. I’m generalising. I accept edge cases exist but my point stands for the majority use cases.
Also you shouldn’t really be using robots.txt any more unless it’s a simple “Disallow: /“ because ironically bad actors use it to decide what URIs to hit. If you have content up you want to limit access to, you’re much better off putting it behind an auth layer (even if it’s just simple HTTP auth + fail2ban)
Not at all. Changing a robots.txt file doesn't break anything. Changing my SSID would mean reconfiguring 50 devices, many of which are not terribly simple to reconfigure.
Yes, this is very true. Analogous to robot's txt, but a poor substitute. It would be far preferable for this state to be encoded in a side-channel that wasn't the network identifier.
So a fair response would be to start broadcasting the whereabouts of Sundar Pichai until he decides to opt-out of this by legally changing his name to Sundar Pichai_nomap.
I remembered that Apple has such a database too, and interestingly, here's a project that reverse-engineered queries to Apple's Wi-Fi geolocation service: https://github.com/zadewg/GS-LOC
That is not a fair comparison. You opted into the information becoming available to nearby people, you did not opt into having it aggregated and provided to the entire world. IMO this is one of the fundamental difficulties the era of digital data collection has brought to our society, things that were once not feasible (and therefore not a concern) are now trivial.
Opt in? I didn't agree to a specific term sheet when I started broadcasting my SSID. Public is public, it's not public with stipulations. At least not yet. I agree tho, we need to have some legislative solutions or something to protect our privacy. Alternatives exist, like not broadcasting your SSID.
Unless I am woefully misinformed, this is in fact not possible. I could set a flag somewhere that would instruct clients not to present the SSID as an option, but I can not hide its existence; not even just the name. The only thing hiding the SSID does is inconvenience me.
I think we should raise the issue repeatedly until we reach an informed consensus (apathy doesn't count as consensus IMO) as to how we handle information in the digital age. So much of our legal system is founded on principles that made sense not that long ago but are upended by the recent emergence of trivial mass data collection possible with current technology. We need to have a conversation about what is a sensible policy, and not just on tech forums.
To be sure, I agree with your general standpoint here. I just couldn't resist when the argument is based on the somewhat random convenience of broadcasting an (often user selected) id of your network, while simultaneously holding that nobody is allowed to keep track of that id.
To be clear, I don't, at all, think this is a workable path forward. I also wanted to point out how brief a period of time this is. Imagine learning about some issue arising from movable type in the 15th century, being solved over a period of a few decades, helping the rise of some corporation/feudality long past.
When it comes to policy, how about making APs not broadcasting a public id, while making it illegal to track any traffic on any identifiers for the spectrum? Would that be called for? Or does the convenience of setting up a new AP make up for the fact that a corporation may make a few more bucks out of an improved positioning service?
I don't know, but I still find it funny that you would defend a particular decade in the early noughts, holding these few years as an ideal.
> still find it funny that you would defend a particular decade in the early noughts
If I came across that way, it was unintentional.
I appreciate the counterpoints to my comments, especially the thoughtful ones like yours. I think I don't really come to HN to convince anybody else of my opinion, but rather to convince myself that I have given my position a decent amount of consideration. The more I have to defend my thoughts, the clearer they become. To me, at least ;-)
For policy, I think we should make data PI data collection transparent to the targeted person. Just like I have the legal right to see collected information in my credit file, I think that legislation should be expanded so that it applies to other forms of data collected about citizens by private companies. Everything from Best Buy's contract with a private company that keeps a 'refund score' (I don't recall what it is actually called specifically) on each customer which it then uses to determine whether or not to reject their product return, to this kind of 'public' data collection Google is engaging in. In some ways the horse has already left the barn, and there is already a serious amount of data which has been collected, but I hope that before it gets used for nefarious reasons we can figure out how to muzzle it. We need a clear definition of what constitutes my data, and public data, which is adapted for modern technology.
When you start broadcasting an SSID, there's no reasonable expectation that some parties will be able to see it, but other parties won't. If you won't to keep a secret, don't share it.
When you start showing your face in public, there's no reasonable expectation that some parties will be able to see it, but other parties won't. If you want to keep a secret, don't share it.
When you start leaving fingerprints in public, there's no reasonable expectation that some parties will be able to pick them up, but other parties won't. If you want to keep a secret, don't leave fingerprints anywhere.
When you start dropping hair strands or dead skin cells in public, there's no reasonable expectation that some parties will be able to sample it for DNA collection, but other parties won't. If you want to keep a secret, don't drop hair or skin cells.
Thank you for this. There is a huge difference between some stranger being able to see your face as you walk down the street, and having the same stranger record your face, upload it to the cloud and then make it searchable by anyone in the world, tied to other pieces of data track your movements, spending, speech, etc.
The lack of privacy comes from how the data is concentrated, combined, and then shared with people and systems beyond your approval. This is not a binary "secret"/"public" classification where privacy only applies to things in the secret bucket, and no privacy protections apply to something you are not actively trying to keep secret.
I guess you're going for reductio ad absurdum. (did I spell that right?) But I actually think it's reasonable that I might be recorded if I go out in public. Maybe I'm the crazy one, but I just don't see how it could work otherwise.
So you'll have no objection to me publishing your exact location to the entire world at all times that I can see you from a public space? After all, you're opting in by being visible.
Actually yes! I found it surprising and thought it deserved a conversation. Thanks for posting the link in the other discussion. I've actually changed my SSID because of this ... though it may have the opposite effect of drawing more attention to my SSID because prettyflyforawifi_nomap doesn't have the same ring as the original.
And my real issue with it is that I have to change my SSID to opt-out.
I have many, many devices using my WiFi, some of them (home made) IoT devices with custom firmware and the SSID/BSSID baked in to the firmware. Changing my SSID is a huge undertaking and I'm sure Google is aware of this.
I don't get to opt out, unless I want half of my home automation to stop working and potentially weeks of effort to get the rest of it back up and running.
I agree it's annoying the onus for opt-out is put onto the generally unaware public. I've been contemplating a project that would "poison the well" as it were. Users could submit a MAC address and SSID to a service allowing other users to broadcast this information to make SSID collection much less useful. The downside to this idea is that it would be easy-ish to filter out the noise if individuals had a constant SSID for their own use.
Perhaps the better way to handle it would have devices rotate SSID's and/or passwords and/or router MAC's on a regular basis. Like algorithmically have all devices compute the SSID on a daily basis (with a few hours dual-broadcasting SSID's to account for clock issues) based on a seed.
Edit: found out a newer post [1] with absolutely no mention on how to opt out.
They also send barometeric pressure level for some reason. They might also start sending device temps to predict the temperature at different places across globe and "help their customers"
[1] https://support.apple.com/en-us/HT203033
Alternatively, and maybe sub-optimally depending on your priorities, disable SSID broadcasting on your AP(s). Google might index it from devices that are manually connected but it won't be usable for the geolocation of others.
Excuse my ignorance, but why is that a problem? Presumably, whoever is snooping on said broadcasts doesn't know how to find "my_awesome_wifi", do they? Would the attack be "harvest SSIDs from Starbucks and then drive around the neighborhood until you find the house it belongs to"?
fingerprinting/tracking. even with wifi mac randomization enabled, if you see a given client broadcasting a certain set of SSIDs you can use that to track them.
Reminds me in a way of paparazzi and so I wonder, when will ‘automated paparazzi’ become a thing, and when will it be considered to have gone too far?
Certainly too creepy for the public to allow (or even imagine) today but perhaps in 5 or 10 years the masses may be sufficiently conditioned to consider the privacy tradeoff worth whatever conveniences (or ‘security’ benefits) it dishes up for them.
Marketed as ‘public view’ imagine Boston Dynamics or drones with more ai, solar powered, operating at amazon or google scale. Maybe they’ll even dress them up like birds and other wildlife to give it an ‘organic’ or natural feel. Fun times.
Note that publicly-searchable AP databases such as https://wigle.net/ operate on the BSSID MAC address (serial number, effectively) of the base station/AP.
Packets are transmitted with this information unencrypted at all times. This means that when you move your AP from your old house to your new, your move is publicly visible unless you replace your AP when moving.
The kicker will be when those companies all sell their SSID info to each other, so that Amazon can supplement Google's warehouse with the SSIDs of everyone who appended "nomap" to theirs, and Google can return the favor with everyone who appended "no_amazon" to theirs.
What's the point of SSIDs, really? They just need to be some strong unique in your proximity. I got tired of coming up with witty puns and just used my street address. Is there any downside to this?
In fact, if everyone did this, the alleged privacy problem would go away. Wifi stations really would just be like street numbers.
There are repeated questions asking how this is a privacy concern. One use case as an example:
I become interested in you. I sniff traffic to see which wifi access points your phone tries to connect to. I look up the SSIDs and find a plausible match for your home or workplace. I show up so we can hang out.
This is death by a thousand cuts. Yet another small annoyance that can be easily dismissed or explained away as is happening in the comments, and we never realize the precise point where we have been stripped of any possible privacy or anonymity in the name of profit and ads.
No need to worry. Yandex ssid mapping, Apple ble "find device" beacons, Foursquare, uber, governments, amazon echo, samsung's tvs and everyone's dog already got you covered.
There is zero need to hide your ssid and location drom google location services.
It does, but it gets the MAC address from the ssid broadcast. What this is saying is that if that broadcast includes an ssid name that ends with "nomap", then the broadcast will be ignored.
Ah. Yet another total dick move that google makes. It's not new but it should be a reminder that google loves data. Your data. And they'll do whatever the hell they want with it, whenever they want.
They can take pictures of my backyard from satellites, planes and distrubute and sell them them to anyone like it's theirs. And i can't opt out.
I am a little worried when politicians will start making laws to control them. The reaction might be "let's just go with the other party" which creates the basis for a 1984-esque future...
It might be a fine line to walk with the definition of "other identifiers" here (especially with a BSSID), particularly when RFID tags count as personally identifiable.
> Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.
How bizarre that you're being downvoted. This is probably the most useful comment in this thread. The answer is in the first line:
WiFi maps do not fall within the scope of existing European privacy legislation. They do not consist of ‘location data’ as defined by the E-Privacy Directive, nor do they consist of ‘personal data’ under the Data Protection Directive, except in highly unusual and very rare circumstances.
Quite amazing isn't it that a company with so many extremely talented employees (I'm actually serious) can produce such utter nonsense at such scales ..?
The most brilliant engineer in the world will produce a shit product if their managers tell them to. These are intentional annoyances to get you to hand data to Google, and they all dissappear when you do. Not shoddy programming.
A lot of Google stuff, including Android phones, and Street View and Waymo cars, engage in Passive Wardriving [0]. They build a database mapping SSID names to GPS coordinates. This is legal, even without requesting consent, because (1) it is not hacking, since they are not actually accessing your network, but merely "approaching" it (2) it is not a privacy violation, because there is no reasonable expectation of privacy for wifi SSIDs.
As a courtesy, Google does allow you to configure your network to not show up in their database, much like robots.txt does for websites. But it involves changing your SSID, which is a very annoying way of doing it, because you have to reconfigure everything on your network to point at the new SSID. It's probably just an underhanded way of making it annoying enough that nobody bothers.
The Google car that is used to take images of the StreetView also collected SSID's (and infamously got in trouble for sniffing packets too).
So GPS location + Multiple SSIDs = triangulated location for mobile devices. Google is able to use each mobile devices' location, and it's GPS co-ordinates, and the location of your neighbours SSID, all that raw data makes for a very accurate location detection even without YOU ever using Google's services.
You might have stood a chance if you lived in a Faraday cage, but the only thing that will stop this behemoth is legislation and politicians with morals.
:max_bytes(150000):strip_icc():format(webp)/001_track-data-usage-on-your-android-121660-defb939deff74d51b9a541e3564f196f.jpg){kind=link}
[0]https://support.google.com/maps/answer/1725632#how_opt_out&z...
EDIT: Added "name" after "WiFi" to try and clarify they're not using your actual WiFi network/bandwidth, just its name to link it with its location for GPS-free location tracking.