Residential Wi-Fi Mapping Database Revealed

Talaria writes "An enormous database of home wifi routers and their locations has been revealed after the Internet Patrol did some digging following AOL's recent announcement of their new "Near Me" service, which allows AIM users to see which of their instant messenger buddies are geographically near them. The database, containing the unique IDs of more than 16 million wireless routers and their locations, has been compiled by AOL partner Skyhook Wireless, which claims to have mapped the majority of residences in the U.S. and Canada."

Wow...

[physicsboy500]

Why don't they just color code it to show the non-secure points and send a fax to all known hackers?

oh... just got an email!!

First post and it's slashdotted?!!

[writertype]

Man, that's some weak sauce.

Re:First post and it's slashdotted?!!

How about some cyber sauce?

AOL Introduces Location Plug-In for Instant Messaging So Users Can See Where Buddies Are

[...Adam McDugle (an IT manager and regular slashdot user) is testing out the Skyhook plugin on a late Saturday night over a scotch on the rocks at the house. Meanwhile an AIM session takes a curious turn...]
adam_mcdugle - So, you really look like that jpeg you sent me?
hotgrl69 - well my gf took the pic of me while i was showering lol!
adam_mcdugle - ORLY? Where did you say you live again?
hotgrl69 - my gf and i live in an apt in daytona beach :)
[ Adam notices the blue dot graph showing hotgrl69's actual location. He fires up google maps and sees hotgrl69 is actually in a trailer park in Jasper Arkansas. At this point, Adam pretty much realizes a set of twigs and berries is probably on the other end of the screen but really doesn't care... ]
adam_mcdugle - Tell me a little more about yourself. What makes you hot?
hotgrl69 - me and trish like long baths
hotgrl69 - we take turns with the sponge
hotgrl69 - we like to snorkel like ocean divers
hotgrl69 - hello?
adam_mcdugle - Yeah. I'm still here. But I only type 25 wpm per hand.

Figures ...

[petabyte]

My GPS unit for wardriving comes via Fedex tomorrow. Now they've taken all the fun out of it :(.

Coral Cache

[TubeSteak]

The site isn't loading for me
Hit the Coralized link:
http://www.theinternetpatrol.com.nyud.net:8080/eno rmous-map-of-wifi-servers-including-yours-revealed -by-aol-and-skyhook-announcement

My only response to "ZOMG databse!!"
is that anyone could do this if they had time and money.

No surprise

[DogDude]

Who would be surprised about this? Are there still people out there who think that there's some magical way of being attached to the Net and still being anonymous? You've gotta be especially naive to think that your wireless router, broadcasting information into the air, isn't going to be picked up by somebody other than you.

Re:No surprise

[Ankur+Dave]

Couldn't you just have changed the channel their router operated on? That would let them continue to use their wireless unharmed (so you avoid the bad karma :-) ) and your signal wouldn't get drowned out.

They advertise it

[DogDude]

I love this silly blog... "according to news sources..."... like it's some kind of secret database. Here's a better source: http://www.skyhookwireless.com/ On their front page

"Skyhook Wireless provides a software-only positioning system that leverages a nationwide database of known Wi-Fi access points to calculate the precise location of any Wi-Fi enabled device. "

How about a photo of your house in a database?

[shalunov]

A truck records signal from your WiFi router? How about people taking a picture of your house to sell to banks and insurance companies? Or aerial close-ups of your backyard?

Re:How about a photo of your house in a database?

[fyrewulff]

Almost every house in Omaha is already photographed and can be pulled up from the Douglas County Assessor's website. If also available, you can get the floorplan for the house, see it's last appraised worth, etc.

The photographs are always taken from the street and you never see people in them. The only name attached to the files are the owners of the property. Heck, my mom's house is 75% covered by the tree in front of it - even though they took the picture at an angle.

When I worked at the library, we used this site to look up people that did not have a ID with an address inside the county but owned property inside the county, which qualified them for a free library card.

WiGLE

[lthown]

I've been uploading wardriving stuff to WiGLE for over a year, using that you can actually even see the access point names and if security is turned on: http://www.wigle.net/.

mod parent up

I honestly don't understand all the hype regarding wireless. Sure, it's convenient for laptops in an airport, cafe, or other public location, but to me it just doesn't make sense for most residences. I think it's main selling point is the fact that people don't have to run wires and people are generally cheap and lazy. But I wired my house myself (16 outlets over 6 rooms) for about $300 in equipment (router, patch panel, 1000' cable, tools, etc) and two days of my time. The setup is fantastic and I don't have to worry about some random jackass piggy-backing my connection. Even if you have a couple of laptops in your house it wouldn't be a problem if you planned an appropriate wiring scheme. Of course if you want to roam around your house and in your yard with your laptop wireless is really the only option, but in my estimation the vast majority of residences consist of exclusively non-portable desktop machines. In that regard wireless is used simply because it is easy and cheap.

Little girls go wiresless; real men run wires.

Re:mod parent up

[_xeno_]

Actual wireless makes sense if you are in an apartment or a place that you do not own. But if you own it and your house is less than 50 years old and you run wireless, then the person is either lazy or a total idiot.

Or if you use a laptop and don't feel like being tethered to your desk.

I have an apartment, and my desktop, TiVo, and PS2 are all hooked up by wires (that run along one wall), but I still have wireless enabled: it's for laptop/Nintendo DS use.

I can, of course, also plug the laptop in directly via a wired connection, but then it'd be tethered to my desk. So instead I use wireless, and can use the laptop all over my apartment. Wireless is more for mobile device use than for simply avoiding having to run wires.

Re:mod parent up

[EatHam]

Or if you have 100 other things to do besides take an entire weekend running wires. Or if you want to use your laptop outside. Or if you don't want to drill holes everywhere. Or if you don't have easy access to an attic or basement. Or, or, or, or. There are valid reasons to go wireless. Being lazy is one, being an idiot is one, and just liking to have the freedom that comes with a wireless connection is another.

Noone loves me

[Cytlid]

Noone ever connects to my wide open wireless with an SSID of "Honeypot".

Revealed? Huh?

[Lumpy]

http://www.wigle.net/gps/gps/Map/onlinemap2/

it's been out there for a long time. Most people into war driving know about it.

Re:Does anybody know their methods?

Every access point has a hardware address that never changes (unless the owner is a firmware-flashing geek) and is always broadcast, even if you turn off SSID broadcasts. If you have a powered-on wireless access point and they've scanned your area, your AP is in the database. I don't think people should be worried about this any more than they should be worried if there were no such database: If your wireless AP is configured properly, you're safe and there's no negative impact from someone using the broadcasts of your AP to determine his location. If you want your net to be private and your AP is open or using an insufficient password or encryption method, what exactly are you waiting for? If you want your AP to be open, then you probably want that people use it, so the database can only help, right?

WiFi Mapping

[drewzhrodague]

I am not surprised by this. In fact, having been the guy that started WiFiMaps.com (In '02), I've been talking about this to others for quite a while now. Positioning yourself using wifi is probably the most useful application for wardriving data. Does it need to be accurate? No, not really. I've talked to scientists working on sub-meter acuracy, and it is very difficult. If you can find out on which part of which block, there are tons and tons and tons of location applets you can think of off the top of your head to make use of that. If there are people interested in a copy of our national (and some other countries) database of wifi locations, ours is GPL'd. What we don't have, is an all-in-one IM applet, which I guess Skyhook and AOL are now trying. Kudos. I sure wish I had some business skills. That can be the difference between the company's product as a topic on slashdot, and a dude at home posting on slashdot with no pants on.

Re:WiFi Mapping

[muellerr1]

That can be the difference between the company's product as a topic on slashdot, and a dude at home posting on slashdot with no pants on.

I'm at the office posting on slashdot with no pants on, you insensitive clod.

you name your network after your girlfriend?

[davidwr]

Oh wait, this is slashdot. Nevermind.

Re:Skyhook trucks

[couchslug]

That's not a Slashdot solution.

A camera to monitor your street, and a switch that cuts power to your router while discharging a HERF weapon concealed in a lawn gnome is a Slashdot solution.

wireless is good for homes too

Wire to each room is a no brainier but wireless is also useful, I dont want a wire draped accross the couch when I am checking sports scores on my notebook and watching TV...what if I want to sit outside on the porch, or in the middle of the back yard for that matter, am I supposed to string a cable drop to the old oak tree? a drop that I may use 3 times a year...why be tethered? doing huge file transfer is one thing, but wifi is great for most every day stuff. Your post shows a sense of elitism that is the essence of what turns people off to this site.

Re:wireless is good for homes too

[hjf]

no. you're just wrong. I can see that you have never used wireless. My cousin lives in a regular latin american house. That is, brick and mortar. No drywall. There's no more than 30 feet to the access point, yet she has trouble to get signal. Sure, it's 2 walls away. But it's supposed to be convenient . It just doesn't work. And no, it's no crappy gear. It's a 200mW AP and a Centrino laptop (awhich are supposed to be the best wireless cards around). The other day I wasn't getting ANY signal, on the spot where she uses it all the time. Guess what I found? There was a BOTTLE OF WATER 2 feet away from the computer. I moved that bottle and it worked. That means wireless is NOT practical. No. It's not practical to need to install high gain antennas and range extenders everywhere. They are pretty expensive, too (remember: we are in the third world). And you need outlets all over the place. And don't get me started on how wireles works in my house (a two story house, all brick).

Re:wireless is good for homes too

[anagama]

I have a pottery kiln/studio in the middle of field. A neighbor about 400' away or more lets me uses his broadband connection. Trenching a line that far -- through blackberries and fences -- would be a nightmare. Instead, I picked up two wireless routers, put on DDwrt so I could adjust power output (80mw seems to work just fine), and got a couple cheapo antennas (they are about 2.5" square -- sort of directional). The whole setup was under $200, and the biggest bonus, I didn't have to dig a trench. I've done enough digging in my life. The connection has been really solid.

Of course, if I had to go through brick, that would be a different story. The radio just won't penetrate that. In order to improve my signal for example, the antennas on the kiln side are placed outside the wall, the router at the neighbor's has the antenna in a window, so the only thing separating them is glass, air, snow, fog, and rain -- none of which seem to make an appreciable difference. I would think that a few layers of brick though, would make the system fail.

Anyway, in the right circumstances, wireless is great and wired is a pain. And vice versa of course.

Re:wireless is good for homes too

[The+Darkness]

Installing 25km outdoor wifi links is a different beast from getting wireless working in a home. I've helped set up many in home wireless networks and even helped debug situations like yours. It's not just the AP; the quality of the antenna on the mobile device can have a large effect on the distance it can roam.

You know that the marketing people are going to take numbers from a "straight through the air-gap drywall" test where the line from the AP to the Wireless card is perpendicular to the line of the wall. Realistically speaking when those lines aren't perpendicular the signal has to travel through more material than just the thickness of the wall. Add that to the material that composes the walls of your home and it's a recipe for failure in your house. That doesn't make it bad for everyone, just you in your situation.

If you really want wireless then you're probably going to be better off with one or more APs per floor and then wiring them together. If you're against wiring them you could try using a mesh if you can get line of sight between a couple of them. I'd want at least two access points in a 2000 sq ft house to ensure yard access. I'd probably want three or more in a 4000 sq ft home.

Come on guys!

[CasperIV]

Quick, everyone trade routers! Let's make some poor data entry grunt cry.

Re:Does anybody know their methods?

[SCHecklerX]

I want people to stumble upon mine, and proudly broadcast it. Teenlesbianorgy.

Not an accurate representation of what's going on

[eggboard]

Here's what I wrote to the fine person who wrote the linked article, who I respect enormously, but think got it wrong in this case:

First, and sort of a priori, Wi-Fi uses unlicensed spectrum. The use of that spectrum means that you accept (however unknowingly, your point!) that any use treads in the public space. There are ways to reduce the signal strength of many Wi-Fi gateways if you want to penetrate further.

Second, what they're gathering is just a number (the BSSID, which is the unique base station identifier for networks that are set to broadcast). They do not access the network. And they can't provide any kind of exact correlation. Nor is there a way to associate BSSIDs with individuals or addresses in their system or elsewhere. (It's also not all home networks; there are millions and millions of business networks also being recorded.)

Third, their data is their crown jewel. They have every interest in protecting it in the strongest possible ways. The information they release is a set of coordinates based on signals measured and sent via their system. So you can't really perform millions of arbitrary queries, but rather only queries mediated through their software. This limits exposure.

So you have no specific information based on public use of public spectrum and strong needs to protect the data against unwanted access...

Sounds fairly reasonable to me.

If they started pairing individual addresses with BSSIDs, and sold that to Wi-Fi makers and others who would then perform direct mailings to users to get them to switch brands or add security -- that would be creepy.

Re:Not an accurate representation of what's going

[Greg+Lindahl]

Nor is there a way to associate BSSIDs with individuals or addresses in their system or elsewhere.

Unless the SSID has the address in it, which I see that several of the networks around my apartment do. "shadows109" is apt 109 of the complex I live in, 1600villa_107 is unit 107 of the apartments at 1600 Villa street, and so on.

But it's a great way to find stolen gear

[Ungrounded+Lightning]

Every access point has a hardware address that never changes (unless the owner is a firmware-flashing geek) and is always broadcast, even if you turn off SSID broadcasts. If you have a powered-on wireless access point and they've scanned your area, your AP is in the database.

Sounds like a great way to find stolen Access Points, WiFi cards, laptops with built-in WiFi, and other such gear. B-)

How many petty thieves are going to re-flash the gear to change the MAC address? (And if they do it will still show up as MAC addresses appearing multiply in the maps and/or addresses outside the allocated ranges.)

(Our company had some APs stolen a while back. The IT guys did a little wardriving but didn't find them. We've upgraded since so it probably won't matter to us. But it could be really useful for people who had stuff stolen more recently.)

Re:That's illegal, see case referenced in comment.

[Nukenbar2]

um, not even close. By simple click the link you provided, you can see in the summery that he was attempting to steal customer credit card information from that network.

A little different from checking your e-mail and worth some jail time.