50 comments

[ 2.8 ms ] story [ 99.8 ms ] thread
SSIDs are a signal you broadcast to identify yourself. if you don't want people receiving that signal, stop broadcasting it. if i stand on my roof and shout at the top of my lungs "HEY LOOK AT ME", i can't then expect people not to look at me. broadcasting your SSID is essentially the same thing, and you can't blame google for the fact that your router does this. pretty much any router will allow you to turn off SSID broadcast.
Exactly. It seems as if the OP just wanted to score some karma points with the sensationalist headline and ridiculous article header graphic. If you don't want your broadcasted SSID to be potentially indexed by Google, or by me as I walk by, then don't broadcast it. Simple.
You don't have to broadcast an SSID (the human-readible name for the access point) for Google's system to pick it up. I'm pretty sure (based on some packet sniffing I've done on the Android Google Maps app suite) that Google's grabbing the BSSID, the MAC-address-like thing that uniquely identifies a Wifi wireless device.

Even if you turn off SSID broadcast, your router will still send out broadcasts of some sort.

If someone has gone out of their way to disable SSID broadcasting, that seems like a pretty strong message that they would like to opt-out of Google's Wi-Fi trawling.
The arguments for and against could be evaluated better if someone can explain how one can misuse this service.

What ever it is that google is noting down about the broadcasting station and tagging it with its lat-long, if it also appears in some form in the packets that originate from a host behind this station, then some one can infer the geographic location of this traffic source. Is that the case here?

Unless that's the case, is there any other way someone can misuse this? The only other exploitation I see is tracking a router from it's point of sale to it's point of deployment and finding out the location of the buyer. Where else does the BSSID of the station appear other than within it's geographic neighborhood and the manufacturer's/retailer's database?

May be the database should not be indexed directly with this BSSID but a one-way hash of (BSSID, something-about-the-neighborhood) - to make sure no one can do an arbitrary lookup but will already need to be in the neighborhood of the station to make a successful query. At least it will raise the bar.

I in fact would like to use this in my app! Continuous location tracking using GPS drains out the battery so fast that it is not even an option for me. The significant location change accuracy is not good enough for what I'm doing. I'm trying to figure out how to use this service. Does any one know?

Can someone explain what this wi-fi mapping means? What are its implications?
That is what is powering the geolocation service for Firefox and Chrome.
Generates a mapping of geolocation -> SSID of access points. Used as a fingerprinting method to locate users in the real world, very useful when you're working with mobile or ubiquitous computing.
Let's say you walk down the street and every block, you look at your iPhone and see what wireless base stations are available. Say on a certain corner, you see "Linksys", "Free_Porn", "Mom's Wifi". You write that down in your notebook.

You do this block by block for an entire city. So now you hold in your hands a notebook of all the WIFIs in the city. So let's say I blindfold you and throw you in a random street corner in the city. Using this notebook, your iPhone, and the wifi signals, you can easily figure out where you are in the city.

To be even more accurate, you may record the signal levels every 5 feet. So now from any given point, you can say "Linksys" has 5 bars, "Free_Porn" has 2 bars, and "Mom's Wifi" has 3 bars... I must be at the south east corner of 59th st.

So now you have a notebook of all these wifi signals. Your friend comes to visit your city and you give him a copy of your notebook. He can then use that to figure out where he is even if he can't get a GPS signal.

What's also nice about this is that it works indoors. Using a database of wifi signals, you can figure out that you're standing next to the kitchen in your 5th floor office.

That's basically what this wifi mapping is.

At least Google offers an opt-out option. As far as I know neither Apple nor Skyhook do.
Does anyone have a reason for why this wifi mapping invades my privacy?

I just can't see what makes it so wrong, I mean I am not ecstatic about my router mac and general area being tied together but is it easy for someone to find where I am based on what wifi I am connected to through a browser?

The only time I see it being a problem is if you have malware and they are able to target you by location but depending on what malware you are infected with it might be just as easy for the malware users to look somewhere else for location.

Maybe I am just being dense.

There was a vulnerability in dd-wrt a few months back, allowing anyone to get your router's mac addy -- then presumably they can lookup your MAC using a service such as this or skyhook to get your EXACT location (not just an IP address approximation) Here's the HN coverage of that: http://news.ycombinator.com/item?id=2044371
Google is mapping publicly broadcast wifi access points to provide location services to augment GPS (faster locks for example) or when GPS is unavailable due to location or device. It's a very useful service - if you use a smartphone with mapping software, you likely benefit from this on a daily basis without realizing it.

Apple does the same thing, although they collect it from user's iphones and ipads: http://www.apple.com/pr/library/2011/04/27Apple-Q-A-on-Locat...

One of the original companies that did this was skyhook and they also use vehicles driving around: http://www.skyhookwireless.com/howitworks/

Google is actually going above and beyond normal industry privacy protections by offering a reasonably simple opt-out. They are recommending that others in the industry do the same. Calling instead for an opt-in system effectively destroys this whole service's effectiveness for everyone.

You are absolutely right, an opt-in system would destroy the whole location-by-wifi-ssid service for everyone.

...but that doesn't create leverage or a good reason for having such a poor and inelegant opt-out. This is an "ends justifies the means" argument, which is in itself Machiavellian.

From a different perspective, there are other ways Google could handle an opt-out list - such as letting people add their SSID/Mac Address to a central opt-out registry they maintain.

This would be trivial to implement, but I would suggest that Google have intentionally created a high-friction solution of "-nomap" to your SSID simply to make it as difficult and unpalatable as possible. And that really stinks.

For the average access point user, changing the SSID is probably the least difficult option. It also has the useful feature that it actually indicates the owner is the one taking the opt-out action, rather than someone else who can wardrive and opt-out access points for a region.

The HN crowd might skew a little different distribution in their technical ability to do things like identify a mac adddress.

There are two problems with the MAC approach:

1) The amount of Mac addresses for each vendor is very limited. Blacklisting a few Mac addresses would therefore blacklist lots of routers. Combining this with the SSID doesn't really help that much, as many users will stick to the default SSID. (And if you require that users change their SSID to a non-default one you can as well require that they just add a given suffix).

2) In the EU there have not only been complaints about Google offering the data, but also about Google processing the data. So I guess they want to make sure that their streetview cars that log this data don't log opt-opt routers at all. It's simple to do if the SSID has such a suffix. It'd be much harder if the software system in the card would need to query a central opt-out database before processing a router's data.

>The amount of Mac addresses for each vendor is very limited. Blacklisting a few Mac addresses would therefore blacklist lots of routers.

MAC addresses should be globally unique. If your hardware vendor is shipping lots of routers with a shared MAC, they've messed up really badly.

They should, but in practice it seems they aren't.

In the past (working at an ISP) I've seen collisions on Ethernet hardware (two Ethernet cards with the same MAC address). So if that even happens in a relatively small Ethernet, I assume that this will be fairly common if your address space includes each active WiFi router.

That has to mac address cloning where, the router clones a computer's Mac address; then that computer is given to someone else who connects it to the network.
> I would suggest that Google have intentionally created a high-friction solution of "-nomap" to your SSID simply to make it as difficult and unpalatable as possible.

A serendipitous example of the difficulty of Google's opt-out "solution" is that the correct SSID suffix is "_nomap", not "-nomap"! The Icrontic article is incorrect. I would hope Google forgivingly matches any "*nomap" SSID.

http://googleblog.blogspot.com/2011/11/greater-choice-for-wi...

I don't know why your comment is being down voted. It's perfectly okay for people on Hacker News to be expected to add "_nomap" to the SSID but for most people, they just won't even be aware that Google's collecting this data, let alone figure out how to opt-out.

I love Google as a company but it seems that more and more of it seems to be getting shrouded behind lawyer speak. It makes me uncomfortable.

I don't know why your comment is being down voted.

Thank you, that's a kind comment. But this happens on almost every comment I leave: I get downvoted once or twice and then the comment slowly gets upvoted.

I think I have a troll (or even a script) that downvotes new comments I make to HN. Sad.

No. Google is not going above and beyond normal privacy protections outside the US.

Just because you can collect the data, doesn't mean you are allowed to. In countries with other definitions of privacy it can be considered a reasonable expectation the your AP's SSID is only visible to people within a small radius. The owners clearly didn't have the intention to have it collected by a major corporation, collated with other data about their location and then published world wide for entirely different purposes then for which the AP was set up.

In many countries, the law protects people against those kind of unintended consequences, and several European authorities have made it clear that they consider this kind of use an invasion of privacy. And that is considered more important than multinational giant's ability to offer an "effective" service.

You can argue the merits of this, but Google's stance of "just fucking opt-out then" is blatantly disrespectful.

When it comes to privacy violations in the digital age, this is so far down the list of concerns that I don't understand why we're talking about it. Probably just because some politicians in (I believe it was) Germany misunderstood what it is and took legal action against Google.

Facebook / other social networks, poorly secured databases, warrantless GPS tracking (in the U.S.), cell phone data being stored; these are all orders of magnitude more worrying and more likely to cause harm.

Oh, I agree it's way down the list.

But this attitude is exactly what I mean: nobody misunderstood anything. Really. Just because people have different values and priorities doesn't mean that they are too stupid to understand the issues. It certainly doesn't mean their laws can simply be ignored if you do business in their country.

Anyway, I'm going to stop arguing that point, since apparently this place is turning into Reddit, and downvotes our now used just to bury other opinions.

Personally I see this as being much less invasive then taking pictures of someone's house and posting the location of the picture. Which is pretty much Google Street View, are you opposed Street View as well?
Street View has been quite controversial in many European countries.
Business has been quite controversial in many European countries.
Business at the expense of civil rights has been quite controversial in many democratic nations. Shocking, really.
By civil rights you refer to the right to prohibit anyone from taking a single pictures of your house from public property? Personally, I'd rather have the right to not be interrupted by people asking for money during dinner.
Would turning off the beacon hide the AP from Google mapping? Are there any details how they detect APs exactly?
The person who wrote the article this link goes to doesn't seem to understand what Google's Wifi AP database is for. He seems to think it's going to be some searchable database instead of just used for device positioning. It would have been better to just post the link to the Google blog post instead of this misinformed blog.
To be useful for device positioning, doesnt it by definition, have to be searchable?
Not necessarily directly. It could work by saying "Here's a list of SSIDs I can see", to which the server responds "You're probably at [<lat, long, confidence>, <lat, long, confidence>, ...]".

Under such a system, you'd have to know the SSID ahead of time, which probably means you're in close proximity to it already.

Oh god, here we go again. Why doesn't Google (or a large portion of HN for that matter) ever learn? Privacy has a different meaning outside the US, and in many places, especially Europe, is strongly protected.

Just because the information is public doesn't mean you have the right to collect it and use it any way you see fit, and it certainly doesn't mean it isn't in invasion of privacy.

Given the issues in the past, this is just a big fuck you to Europe (and clearly deliberate, since it is explicitly cross posted in their European Public Policy Blog).

You can disagree with values and laws in other countries, but you don't just piss all over them like that and expect to still be able to do business there unhindered unless you have a serious attitude problem. Google is rapidly becoming the corporate embodiment of the "Ugly American".

Speaking as a European (albeit living in the US) this doesn't offend me at all. If you're broadcasting an AP, then it's like walking past your house and noticing what color it's painted. Don't want to broadcast, then plug in a wire. It's not like they're monitoring your traffic.

When I was growing up, every household with a telephone got a book that had everyone's name and home address in it. That too was an opt-out system and that approach worked pretty well.

Noticing something as you walk by and a corporate giant collecting, collating and using that information for something the owner never intended it for are two wildly different things. Context is everything.

The phonebook was a well known consequence of having a phone, dating back to the days when the phone companies were state owned public services. These days it would be utterly unacceptable if for instance internet access providers would do the same thing. Again, context is everything.

And just to make it clear: as a European, you are not offended by an American company that thinks it has the right to ignore local laws and sensitivities?

No, I don't think they are ignoring laws and I don't share your sensitivities. Of course, that has something to do with my decision to live in the US rather than Europe, but OTOH I make a frequent habit of saying that the US could be more like the EU in some ways, not least having a constitutional right to privacy. But although I am an enthusiastic privacy advocate, the fact is that if you're broadcasting a wifi AP then anyone going past with a wifi device can observe the fact. Choosing to collect and collate that information is no different from a glazier travelling through a neighborhood estimating the size of the window market.
It'll probably make apps better if they know where every SSID is. I don't see this as a bad thing, although it is a minor privacy intrusion.
If you configure your AP to broadcast your SSID, you are advertising yourself to the rest of the world and you should expect the rest of the world, including Google, to catalog your existence.

If you disable your AP's SSID broadcast, then Google should not catalog your AP and if they do it by sniffing packets then I would say that's unethical.

But complaining about Google with SSID broadcast enabled is like hanging out in a singles bar after taking a vow of celibacy.

Opting out is simple: stop voluntarily broadcasting unique identifiers out unencrypted on the public airwaves.

This is like complaining that your neighbors keep posting naked pictures of you on the Internet because you like to sunbathe nude on your front lawn.

If you transmit the rays, other people can record them. It's as simple as that.

See also: cordless phones, DECT, FRS, street view, pre-digital unencrypted 800MHz cellular

I would actually like the opposite feature from Google: let me update my location in your DB! The last time I moved house, it was months before before my phone started locating me correctly when at home. Of course, the hard problem in doing this is to figure out ways to avoid contamination of the DB.
Coming up next: Hyper-local ad targeting that knows to-the-block your position. Current IP-address based targeting is not very accurate, but knowing where you are exactly by your router opens up another frontier of monetization potential.
Which...may not be a bad thing. If I'm gonna see ads, I'd rather see ads that are relevant to me. If I'm gonna sell ads, I'd rather sell them to people who are most likely to find them useful/actionable.
To all the people saying "Don't broadcast it if you don't want it collected" or "what's the problem" - there are two problems here.

i) Google has unfortunate previous form. They've collected information from unsecured wifi, including snippets of emails; lists of people suffering from certain medical conditions; passwords; etc.

(http://www.bbc.co.uk/news/technology-11797907)

They've made a "mistake" once. People want to be sure they don't make the same mistake again. (Scare quotes around mistake because, really, that's a lot of data to be accidentally scraping.)

ii) EU tends to prefer "Opt In" over "Opt Out", and it needs to be an explicit opt in. That means the company has to tell you what they're gathering, and why, and give you the choice to agree. Sure, that makes it very hard for companies to gather information (such as this which is on the very lower end of the privacy scale) and do useful cool things with that data. Some people (and I'm one of them) welcome the clear bright line that explicit opt in would draw between ethical companies (like Google; they're not evil and this wifi data gathering doesn't come close to being evil) and unpleasant seedy dodgy companies, who wouldn't bother obeying EU best practice data laws.

The collection of data was a result of Google storing the whole packet which was broadcast unencrypted for anyone to see. To me this is similar to not installing curtains in your house and then getting upset about people taking naked pictures of you. If privacy is important to then you have to take the first steps to protect it. It is unreasonable to put the burden of protecting your privacy entirely on everyone but you. If you don't bother to do something simple like encrypt your wifi I have to assume that means you don't care if it public. (I personally leave my wifi unencrypted for this exact reason.) As for cost and required knowledge installing curtains is probably trickier and more expensive then having the Geek Squad setup encrypted wifi.
People are stupid, but exploiting that stupidity is still evil. (I'm lousy at analogy, but here's an attempt: People dis-enrobing with no curtains are stupid, but it's the pervs who post pictures to the Internet; polite people glance and walk on.)

Even Google disagrees with you.

(http://www.guardian.co.uk/technology/2010/may/15/google-admi...)

> "As soon as we became aware of this problem, we grounded our Street View cars and segregated the data on our network, which we then disconnected to make it inaccessible. We want to delete this data as soon as possible, and are currently reaching out to regulators in the relevant countries about how to quickly dispose of it."

Accessing a person's unencrypted wifi without their permission is, in England, a criminal offence and that's been tested by the courts.

(http://news.bbc.co.uk/1/hi/technology/4721723.stm)

Having said all that, this German case says that people shouldn't be stupid and they are responsible for the security of their networks:

(http://www.bbc.co.uk/news/10116606)

I'm tinkering on a hobby project to create a crowdsourced, open-data replacement to Google's geolocation web service that could be used for open-source projects like freedesktop.org's Geoclue [1] that might be blocked by Google's terms of service.

Companies like Google and Skyhook have massive wardriving efforts. If Google gets legal challenges about data privacy, could individual wardrivers be exposed to the same legal challenges if they published people's Wi-Fi data publicly? This would put a damper on my hobby project..

WiGLE.net is a similar crowdsourced, wardriving project. They've collected 48M Wi-Fi networks over 10 years from wardriving hobbyists, BUT they refuse to make their data available for download or create a public web API. They force people to use a crappy Java client and undocumented network protocol to access their server. Plus, they resell their users' crowdsource wardriving data to undisclosed buyers!

[1] http://www.freedesktop.org/wiki/Software/GeoClue

[2] http://wigle.net/gps/gps/main/stats/

Here's a little update: the majority of Dutch parliament rejects Google's proposal. http://translate.google.com/translate?sl=nl&tl=en&js...

Right or wrong, this tends to happen if you try to arrogantly dictate instead of negotiate. It turns public opinion against you and it pisses politicians off, even business-friendly conservatives.