Residential Wi-Fi Mapping Database Revealed

Talaria writes "An enormous database of home wifi routers and their locations has been revealed after the Internet Patrol did some digging following AOL's recent announcement of their new "Near Me" service, which allows AIM users to see which of their instant messenger buddies are geographically near them. The database, containing the unique IDs of more than 16 million wireless routers and their locations, has been compiled by AOL partner Skyhook Wireless, which claims to have mapped the majority of residences in the U.S. and Canada."

Wow...

[physicsboy500]

Why don't they just color code it to show the non-secure points and send a fax to all known hackers?

oh... just got an email!!

No surprise

[DogDude]

Who would be surprised about this? Are there still people out there who think that there's some magical way of being attached to the Net and still being anonymous? You've gotta be especially naive to think that your wireless router, broadcasting information into the air, isn't going to be picked up by somebody other than you.

Re:Does anybody know their methods?

Every access point has a hardware address that never changes (unless the owner is a firmware-flashing geek) and is always broadcast, even if you turn off SSID broadcasts. If you have a powered-on wireless access point and they've scanned your area, your AP is in the database. I don't think people should be worried about this any more than they should be worried if there were no such database: If your wireless AP is configured properly, you're safe and there's no negative impact from someone using the broadcasts of your AP to determine his location. If you want your net to be private and your AP is open or using an insufficient password or encryption method, what exactly are you waiting for? If you want your AP to be open, then you probably want that people use it, so the database can only help, right?

WiFi Mapping

[drewzhrodague]

I am not surprised by this. In fact, having been the guy that started WiFiMaps.com (In '02), I've been talking about this to others for quite a while now. Positioning yourself using wifi is probably the most useful application for wardriving data. Does it need to be accurate? No, not really. I've talked to scientists working on sub-meter acuracy, and it is very difficult. If you can find out on which part of which block, there are tons and tons and tons of location applets you can think of off the top of your head to make use of that. If there are people interested in a copy of our national (and some other countries) database of wifi locations, ours is GPL'd. What we don't have, is an all-in-one IM applet, which I guess Skyhook and AOL are now trying. Kudos. I sure wish I had some business skills. That can be the difference between the company's product as a topic on slashdot, and a dude at home posting on slashdot with no pants on.

Re:Skyhook trucks

[couchslug]

That's not a Slashdot solution.

A camera to monitor your street, and a switch that cuts power to your router while discharging a HERF weapon concealed in a lawn gnome is a Slashdot solution.

wireless is good for homes too

Wire to each room is a no brainier but wireless is also useful, I dont want a wire draped accross the couch when I am checking sports scores on my notebook and watching TV...what if I want to sit outside on the porch, or in the middle of the back yard for that matter, am I supposed to string a cable drop to the old oak tree? a drop that I may use 3 times a year...why be tethered? doing huge file transfer is one thing, but wifi is great for most every day stuff. Your post shows a sense of elitism that is the essence of what turns people off to this site.

Not an accurate representation of what's going on

[eggboard]

Here's what I wrote to the fine person who wrote the linked article, who I respect enormously, but think got it wrong in this case:

First, and sort of a priori, Wi-Fi uses unlicensed spectrum. The use of that spectrum means that you accept (however unknowingly, your point!) that any use treads in the public space. There are ways to reduce the signal strength of many Wi-Fi gateways if you want to penetrate further.

Second, what they're gathering is just a number (the BSSID, which is the unique base station identifier for networks that are set to broadcast). They do not access the network. And they can't provide any kind of exact correlation. Nor is there a way to associate BSSIDs with individuals or addresses in their system or elsewhere. (It's also not all home networks; there are millions and millions of business networks also being recorded.)

Third, their data is their crown jewel. They have every interest in protecting it in the strongest possible ways. The information they release is a set of coordinates based on signals measured and sent via their system. So you can't really perform millions of arbitrary queries, but rather only queries mediated through their software. This limits exposure.

So you have no specific information based on public use of public spectrum and strong needs to protect the data against unwanted access...

Sounds fairly reasonable to me.

If they started pairing individual addresses with BSSIDs, and sold that to Wi-Fi makers and others who would then perform direct mailings to users to get them to switch brands or add security -- that would be creepy.