Slashdot Mirror


Google Street View Logs Wi-Fi Networks, MAC Addresses

An anonymous reader points to this story at The Register that says "Google is collecting more than just images when they drive around for the Street View service. 'Google's roving Street View spycam may blur your face, but it's got your number. The Street View service is under fire in Germany for scanning private WLAN networks, and recording users' unique MAC (Media Access Control) addresses, as the car trundles along.' There's a choice quote at the end: 'Google CEO Eric Schmidt recently said Internet users shouldn't worry about privacy unless they have something to hide.'"

17 of 559 comments (clear)

  1. Tell Your Wireless ... by WrongSizeGlass · · Score: 4, Insightful

    ... that it has just been 'Googled'.

    This doesn't look good on the surface ... and reeks of Google's Buzz privacy blunders all over again.

    Why can't Google (and everyone else for that matter) just stick to the personal data people are foolish enough to hand over to the web? This type of action puts them on the edge of WiFi hackers who are "just seeing if it could be done" ... except for that they're doing it for tens of thousands of personal and business WiFi networks.

    1. Re:Tell Your Wireless ... by Goaway · · Score: 4, Insightful

      Actually, Schmidt's quote can be better worded as saying "If you have something to hide, you shouldn't show it to the internet, because police can and will request that information from any provider, including Google".

      But that doesn't sound at all as threatening, so let's just pretend he said something else!

    2. Re:Tell Your Wireless ... by Requiem18th · · Score: 4, Insightful

      No, it's more like, if there is a crack in the wall you have agreed to Google selling tapes of you having sex, if you didn't wan't to be recorded you shouldn't be broadcasting it!

      I also got your girlfriend's moaning as my ringtone thanks to Google Street Laser Microphone, thankfully I didn't have to listen to weeks of mundane stuff to get that ringtone because I got a graph of your sad, appalling sexual life thanks to Google Street Thermo-cam.

      I jest but the idea is that you can't claim I agreed to broadcast information I didn't knew I was broadcasting, and that's exactly what Google apologetics want to claim.

      --
      But... the future refused to change.
    3. Re:Tell Your Wireless ... by shutdown+-p+now · · Score: 5, Insightful

      Sorry but recording all MAC addresses? Google's "Do no evil" just went out the door. There is no reason for Google to record the MAC addresses of devices.

      Actually, they do have a reason - it's called "WiFi geolocation", and can be used in conjunction with cell towers to pinpoint one's position much more precisely than towers alone can do. It's used in such capacity in Android, for example.

      I've also heard that iPad (at least the non-3G variety) also uses WiFi geolocation.

      In any case, I don't see the problem. On Slashdot, it has been said countless times in the past (e.g. with respect to websites being crawled when they don't want it to happen) that "if you put it in public, it's public". Well, guess what, that's precisely what a wireless access point does, if you tell it to broadcast its ESSID! It's not even something of the "unlocked door" variety, it's literally actively transmitting this information for everyone to hear. Noting it down is absolutely not a privacy threat - not anymore than the broadcast itself is in the first place!

  2. Ignorance abounds by QuantumG · · Score: 5, Insightful

    Wow. That's pretty shitty reporting, even for The Register. Yes, Google records SSIDs and (I guess) MAC addresses of wifi APs. That way they can estimate your position for Google Maps on a mobile device, even if you have no GPS on that device. This has been public knowledge for at least a year now.

    In regards to Streetview itself and recording SSIDs and such, there is simply no privacy concerns. When you are in public, people can see you. When you broadcast signals, people can receive them. If you don't want to be seen, don't go out in public. If you don't want people to see the SSID of your AP, don't broadcast it.

    --
    How we know is more important than what we know.
    1. Re:Ignorance abounds by Tim+C · · Score: 5, Insightful

      If you don't want to be seen, don't go out in public.

      And yet many countries have laws against following someone around, noting down their movements.

      If you don't want people to see the SSID of your AP, don't broadcast it.

      I don't care if people see my SSID. I may care that a company (which makes its money from selling targeted advertising) has recorded it and stored it in a database along with location details, photographs, etc. That is fundamentally different from my neighbours and casual passers-by being able to see a SSID of "home" as they pass my house.

    2. Re:Ignorance abounds by Rogerborg · · Score: 4, Insightful

      they can estimate your position for Google Maps on a mobile device, even if you have no GPS on that device. This has been public knowledge for at least a year now.

      2+ years. It's a great application, with no more privacy implications than if you were to call someone with local knowledge and describe the landmarks that you could see near you.

      Nobody, least of all Google, cares who owns "BT Home Connect 9923123" or "Pr0n4Free4EvarLan", they just care that there's a SSID in that area with that name.

      Cue objections from Tin Foil Hatters who don't want The Man to be able to describe the outside of their parent's basement, lest their very souuuuls be stolen and sold to, god, I don't know, the Saucer People.

      Fill me in, Hatters. To what Evil use could this information be put? Try to use reasons that might actually be valid on Planet Earth, if you please.

      --
      If you were blocking sigs, you wouldn't have to read this.
  3. Ignorance abounds indeed by betterunixthanunix · · Score: 5, Insightful

    The privacy concern is that Google is building a massive database of SSIDs -- this is not the same as your neighbors being able to see your SSID, this is a corporation with global reach.

    This is the same sort of problem that we complain about when a company collects little bits of information that you leak in public, and builds a dossier on you. Yes, the information is technically public, but the fact that it is being assembled en masse is the problem. It is impossible to hide ever detail of your life from view, but when such a large database is built up, it reveals a lot about a person, potentially including things they did not want revealed.

    --
    Palm trees and 8
    1. Re:Ignorance abounds indeed by ahankinson · · Score: 5, Insightful

      Maybe I'm just ignorant, but how would they map the SSID to you? All they know is that in this area, someone somewhere has a router with a SSID of "X." (And, if you're anything like my neighbours, half of those are named "linksys.")

  4. Origin of Privacy by redelm · · Score: 4, Insightful

    Oh dear, I wish he hadn't said that. I hope he does too. Even quoted a bit out of context (it was possibly a flip tagline), when you direct activities at the biggest datalogger around and have capabilities that most people regard as extremely penetrating, you just do not say anything that might scare people. Bad for business.

    Many people do not understand why privacy is a right. As he says "Why worry if you have nothing to hide?" It is not from nothing: One word answer: PREJUDICE. Privacy is basically a right of self defense against prejudice (and malice too, for that matter). We all have good reason to be concerned about the impression we make upon others since they can often make arbitrary decisions that affect our interests.

    Of course others have a right to relevant information, but we have a right to control how much beyond we choose to present, and to whom. We do have a right to be treated as individuals. Not products of some correlation -- statistics is _descriptive_, not prescriptive.

  5. Re:Privacy by Goaway · · Score: 4, Insightful

    It is also not at all the argument he was making. But it's much more fun to just believe everything we hear on the internet rather than look up what he actually said!

  6. Re:And... by MonoSynth · · Score: 5, Insightful

    And what if I have nothing to hide for the current government but don't get the assurance that today's laws are tomorrow's laws?

    With enough information in the hands of governments, it's very easy to change a law, criminalize something that was perfectly legal and find and eliminate most of the 'criminals' under those new laws.

    I know I'm kind of invoking Godwin's law here, but in 1939 it was perfectly legal to be Jewish here in the Netherlands. In the 1930s the Dutch government made an almost perfect register of the whole population, so in 1940 it was very easy for the Nazis to eliminate almost all the Dutch Jews.

  7. Really? by Mathinker · · Score: 5, Insightful

    What they are doing is not even questionable, it is completely legal.

    Do you know much about German law?

    Because in the USA it IS questionable and in some cities it is ILLEGAL.

    How do people use public wireless, then? They have to enter all the information manually, as opposed to scanning and just picking out the right SSID?

    Could you post some of the case law / legal statutes involved? Thanks!

  8. Re:And... by mcgrew · · Score: 4, Insightful

    Those people who say "if you have nothing to hide" have something to hide -- their ignorance or contempt for your intelligence. There are a lot of things that are not illegal you don't want known; adultery is legal in Illinois. Even in states where it may not be illegal, you still wouldn't want your girlfriend to know she's not the only one. You may be a closeted gay working for a right wing congresscritter, or a closeted conservative working for a left wing congresscritter. You might not want people to know that you watch Mickey Mouse cartoons. The list goes on.

    Either Schmidt is stupid (and I don't buy that) or he thinks you are.

  9. Very true here, but consider the place by RulerOf · · Score: 5, Insightful

    What they are doing is not even questionable, it is completely legal.

    That's true here in the US. Existence of companies like Skyhook and the iPod Touch's location feature make that evident. The question is if it's legal in Germany.

    Not that it shouldn't be, particularly when an AP is metaphorically screaming,

    Hello there, anyone who can hear me!
    My name is Linksys!
    You can tell me apart from other folks with the same name because I'm XX:YY:ZZ:AA:BB:CC!
    If you like, I can give you an IPv4 address!
    No, no, I haven't been told to exclude anyone who doesn't know my favorite word or phrase!
    Please talk to me! I love you!

    Here in the States, logging that you heard such a declaration rightly isn't against the law. Further, based on my very crude analogy, I also don't think that "unauthorized" connection/use of an unprotected/unconfigured AP should be a criminal offense either. Perhaps if someone learns that their pipe is being used against their knowledge, they could (and should) take civil action to force that person to pay for what he's been freeloading on, but I digress.

    For someone who actually breaks in to an encrypted AP (and yes, WEP counts), consider that WEP might be like a retarded-midget bouncer who'll believe you if you lie to him, whereas WPA could be, "My name is Linksys ... Sorry about this, but unless you speak Italian and ol' Tony tells you what my favorite word or phrase is, I can't give you an IPv4 addres!" Any situation where network encryption is either bypassed or broken without the network owner's knowledge and permission is nefarious outright, regardless of intention, and that should most definitely be a criminal offense. Although if ol' Tony finds out before the cops do, you're probably even worse off.

    --
    Boot Windows, Linux, and ESX over the network for free.
    1. Re:Very true here, but consider the place by Sancho · · Score: 5, Insightful

      It's true that this seems legal in the US. However there are lots of things which are legal because they seem harmless in the small scale, but which become privacy concerns on the large scale. The current laws don't deal with situations like this.

      An example is police tailing. Police are allowed to follow someone without practically any oversight. This is self-limiting because it takes manpower, which is a highly limited resource. However courts have stated that surreptitiously monitoring someone's car with a GPS is equivalent to police tailing. This is something which requires considerably less manpower. Tailing with GPS is no longer self-limiting. If this were done on a large-scale, lots of people would consider it an invasion of privacy.

      An entity listening to broadcasts in the 2.4Ghz range in a small area is probably not a problem. An entity with the ability to listen to these broadcasts across the entire US? That's something worth rethinking. Maybe it's a problem, and maybe it's not. I really don't know. But due to the scale, it's a slightly different situation.

  10. Ma Bell (the original) by gnieboer · · Score: 5, Insightful

    In another ominous development, the phone company is planning to release a compiled document containing every name, address, and phone number of all their wired clients. The books will be published by region but be available globally. They'll be called by the disturbing name "White Pages".

    They also will provide a charge-per-call service wherein on a request from not only government agencies but also private citizens, they will mining their data stores nationally in search of a particular individuals detailed info. While there is no clear consensus on this point, it appears this service will either be called 'Information' or mysteriously... just '411'.

    They claim there will be an 'opt-out' option, but it will not be enabled by default, and there will be an extra charge for it's use.

    Just some perspective to apply, not really meant as humor. This issue is about as dangerous as the phone book IMHO. You've got (or should have) an option in your router to hide your SSID. If you aren't using it, then you are BROADCASTING it. If someone tracking this information centrally really concerns you, change your SSID randomly every 30 days, and the MAC of your router. If your router doesn't support changing it's MAC, get a better one.
    If it REALLY concerns you, don't use WiFi! There are much more nefarious things that can be done against WiFi than just logging an SSID/MAC that might actually be worth worrying about (again, IMHO).