Slashdot Mirror
Google Street View Logs Wi-Fi Networks, MAC Addresses
An anonymous reader points to this story at The Register that says "Google is collecting more than just images when they drive around for the Street View service. 'Google's roving Street View spycam may blur your face, but it's got your number. The Street View service is under fire in Germany for scanning private WLAN networks, and recording users' unique MAC (Media Access Control) addresses, as the car trundles along.' There's a choice quote at the end: 'Google CEO Eric Schmidt recently said Internet users shouldn't worry about privacy unless they have something to hide.'"
... that it has just been 'Googled'.
... and reeks of Google's Buzz privacy blunders all over again.
... except for that they're doing it for tens of thousands of personal and business WiFi networks.
This doesn't look good on the surface
Why can't Google (and everyone else for that matter) just stick to the personal data people are foolish enough to hand over to the web? This type of action puts them on the edge of WiFi hackers who are "just seeing if it could be done"
Wow. That's pretty shitty reporting, even for The Register. Yes, Google records SSIDs and (I guess) MAC addresses of wifi APs. That way they can estimate your position for Google Maps on a mobile device, even if you have no GPS on that device. This has been public knowledge for at least a year now.
In regards to Streetview itself and recording SSIDs and such, there is simply no privacy concerns. When you are in public, people can see you. When you broadcast signals, people can receive them. If you don't want to be seen, don't go out in public. If you don't want people to see the SSID of your AP, don't broadcast it.
How we know is more important than what we know.
Google Maps provides WLAN-based location triangulation, on both phones and wi-fi capable computers. To do that, they look up the MAC addresses of visible wi-fi hotspots in a location database. Google is not the only company that does this via wardriving, and they at last have the sense to keep it secure enough that nobody can just look up your MAC address and get your geographic location. Unlike certain other wi-fi positioning systems.
No kidding!!! What do you say at this point?
If I don't have anything to hide, then what logical reason do you have to spy on me?
Of course this applies to private companies just as much as government.
'Google CEO Eric Schmidt recently said internet users shouldn't worry about privacy unless they have something to hide.'
And what if I DO have something to hide? Will you then remove me from all of your databases and registers?
mov ax, 4c00h
int 21h
No, actually, he said that if you have $SOMETHING to hide then doing stuff concerned with $SOMETHING on t'internet is not a smart idea.
I know I'm supposed to be outraged about Street View. I'm trying, I really am. But the outrage just isn't there.
It's (generally) not illegal to take one picture of a storefront from your car. It's not illegal to take two, or three. Nor is it illegal to put those pictures on the internet. Google is just taking this process and deploying it on a larger scale than anyone previously had the resources for. I think it's the same with wireless networks. YOU have chosen to blast your MAC address into the ether for anyone within a certain radius to record, so why should you be surprised when someone does?
Google is just acting as an army of men with clipboards, no single one of whom is doing anything wrong, and for me it doesn't follow that there's something wrong when they do it en masse, provided they stick to public roads and take the privacy precautions (blurring faces, etc.) they have been.
Dislike the Electoral College? Lobby your state to join the National Popular Vote Interstate Compact.
The privacy concern is that Google is building a massive database of SSIDs -- this is not the same as your neighbors being able to see your SSID, this is a corporation with global reach.
This is the same sort of problem that we complain about when a company collects little bits of information that you leak in public, and builds a dossier on you. Yes, the information is technically public, but the fact that it is being assembled en masse is the problem. It is impossible to hide ever detail of your life from view, but when such a large database is built up, it reveals a lot about a person, potentially including things they did not want revealed.
Palm trees and 8
Oh dear, I wish he hadn't said that. I hope he does too. Even quoted a bit out of context (it was possibly a flip tagline), when you direct activities at the biggest datalogger around and have capabilities that most people regard as extremely penetrating, you just do not say anything that might scare people. Bad for business.
Many people do not understand why privacy is a right. As he says "Why worry if you have nothing to hide?" It is not from nothing: One word answer: PREJUDICE. Privacy is basically a right of self defense against prejudice (and malice too, for that matter). We all have good reason to be concerned about the impression we make upon others since they can often make arbitrary decisions that affect our interests.
Of course others have a right to relevant information, but we have a right to control how much beyond we choose to present, and to whom. We do have a right to be treated as individuals. Not products of some correlation -- statistics is _descriptive_, not prescriptive.
It is also not at all the argument he was making. But it's much more fun to just believe everything we hear on the internet rather than look up what he actually said!
so I guess only people unsavvy enough to use MACs will have their addresses recorded! Whew!
creation science book
OK, let me take the learned man's position
The learned man's position is to distrust what he is told by strangers, and check facts for himself.
You didn't do that.
I don't have a mac address. I use PCs.
rewriting history since 2109
He is hypocritical...
Check out the following article:
http://news.cnet.com/Google-balances-privacy,-reach/2100-1032_3-5787483.html?tag=nl
Reaction from Google? CNET is barred one year from google.
http://www.dslreports.com/shownews/Google-Angry-at-CNET-66164
"You can't make a race horse of a pig"
"No," said Samuel, "but you can make very fast pig"
What they are doing is not even questionable, it is completely legal.
Do you know much about German law?
Because in the USA it IS questionable and in some cities it is ILLEGAL.
How do people use public wireless, then? They have to enter all the information manually, as opposed to scanning and just picking out the right SSID?
Could you post some of the case law / legal statutes involved? Thanks!
I think you're confusing Google with the DEA.
Free Martian Whores!
What they are doing is not even questionable, it is completely legal.
That's true here in the US. Existence of companies like Skyhook and the iPod Touch's location feature make that evident. The question is if it's legal in Germany.
Not that it shouldn't be, particularly when an AP is metaphorically screaming,
Hello there, anyone who can hear me!
My name is Linksys!
You can tell me apart from other folks with the same name because I'm XX:YY:ZZ:AA:BB:CC!
If you like, I can give you an IPv4 address!
No, no, I haven't been told to exclude anyone who doesn't know my favorite word or phrase!
Please talk to me! I love you!
Here in the States, logging that you heard such a declaration rightly isn't against the law. Further, based on my very crude analogy, I also don't think that "unauthorized" connection/use of an unprotected/unconfigured AP should be a criminal offense either. Perhaps if someone learns that their pipe is being used against their knowledge, they could (and should) take civil action to force that person to pay for what he's been freeloading on, but I digress.
... Sorry about this, but unless you speak Italian and ol' Tony tells you what my favorite word or phrase is, I can't give you an IPv4 addres!" Any situation where network encryption is either bypassed or broken without the network owner's knowledge and permission is nefarious outright, regardless of intention, and that should most definitely be a criminal offense. Although if ol' Tony finds out before the cops do, you're probably even worse off.
For someone who actually breaks in to an encrypted AP (and yes, WEP counts), consider that WEP might be like a retarded-midget bouncer who'll believe you if you lie to him, whereas WPA could be, "My name is Linksys
Boot Windows, Linux, and ESX over the network for free.
I can just see Google Maps now - "We have found you are near wifi access point Linksys. We have narrowed your location down to one of these 1,232,342 locations."
Wardriving is evil now? This is news to me...
It's not exactly like they are going to jump on your network and listen to all of your traffic. They're just recording your MAC address and your SID (which you chose to make publicly available) which you are blasting out into the world on the electromagnetic spectrum. Really this is no different than them driving past your house and recording what color you painted it.
"linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
Thanks, obviously it does need to be explined. I didn't realize there was already this distinction.
In another ominous development, the phone company is planning to release a compiled document containing every name, address, and phone number of all their wired clients. The books will be published by region but be available globally. They'll be called by the disturbing name "White Pages".
They also will provide a charge-per-call service wherein on a request from not only government agencies but also private citizens, they will mining their data stores nationally in search of a particular individuals detailed info. While there is no clear consensus on this point, it appears this service will either be called 'Information' or mysteriously... just '411'.
They claim there will be an 'opt-out' option, but it will not be enabled by default, and there will be an extra charge for it's use.
Just some perspective to apply, not really meant as humor. This issue is about as dangerous as the phone book IMHO. You've got (or should have) an option in your router to hide your SSID. If you aren't using it, then you are BROADCASTING it. If someone tracking this information centrally really concerns you, change your SSID randomly every 30 days, and the MAC of your router. If your router doesn't support changing it's MAC, get a better one.
If it REALLY concerns you, don't use WiFi! There are much more nefarious things that can be done against WiFi than just logging an SSID/MAC that might actually be worth worrying about (again, IMHO).
Therefore, I'm free to decrypt satellite TV and get HBO for free, right? After all, the signal is OUT THERE, so large corporations should fully expect me to decode it on my own and play it through my TV.
Why is it that corporations expect privacy, but citizens should not expect it?
If telephones are outlawed, then only outlaws will have telephones.
My friends and I all have a wifi router swap program. We each have 2 routers (WRT54G) and we keep one active until google wardrives them then we mail them off to the next person in the list. And he mails you one that google tagged as being elsewhere in the country.
if you are in front of my house, google will tell you that you are in Southern California (1500 miles away)
(no this post is not actually true)
'In the Netherlands, the effort at establishing a comprehensive ... These registration systems and the related identity cards played
population registration system for administrative and statistical
purposes was completed even before the Nazi-occupation (Methorst,
1936; Thomas, 1937). In 1938 H. W. Methorst, who was then the
director-general of the Dutch Central Bureau of Statistics and
formerly also head of the Dutch office of population registration,
reported on the rapid progress being made in the Netherlands in
implementing a new comprehensive system of population registration
that would follow each person "from cradle to grave" and open "wide
perspectives for simplification of municipal administration and at the
same time social research" (1938: 713-714)...
an important role in the apprehension of Dutch Jews and Gypsies prior
to their eventual deportation to the death camps. Dutch Jews had the
highest death rate (73 percent) of Jews residing in any occupied
western European country--far higher than the death rate among the
Jewish population of Belgium (40 percent) and France (25 percent), for
example."
source:
"The Dark Side of Numbers: The Role of Population Data Systems in
Human Rights Abuses." Social Research, Summer, 2001, by William
Seltzer, Margo Anderson, hosted by findarticles.com:
http://www.findarticles.com/cf_dls/m2267/2_68/77187772/p4/article.jhtml?term=
"Kill 'em all and let Root sort 'em out"
Except that you can hide your MAC address by simply turning off SSID broadcast, and your router is no longer screaming it.
TV content distributors use satellites to distribute content. If you use that, you must decrypt it. But you can sit and watch patterned static all day long, use the streamed signal to generate pseudorandom locations, and even point a focused receive-only antenna at the satellite and use the satellite as a point of reference if you want to.
The signals the device intentionally broadcasts in the clear are vastly different from signals that are sent as encrypted and you must decrypt. It's not the interception of the signal, that's perfectly legal. It's the circumvention of the encryption protocol.
You can call your SSID/MAC a "service", but in order to consider it a "protected service" you must encrypt it. Which means you'll have to invent your own 802.11x-ish spec that encrypts the MAC address and SSID as well as all data sent over the data channel. At that point, your analogy would hold. But you've got some serious development to do first.
Or you could simply uncheck the damned "broadcast SSID" checkbox on your router's configuration screen and be done with it. Google's not stupid enough to try and use AirSnort to ferret out hidden APs when there are plenty of broadcasting ones they could use for their Wifi-assisted-GPS service.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
Now, if you read Schmidt's comment...
Which you clearly didn't actually do. You just believed what the internet told you that he said, without bothering to check for yourself.
This is about privacy.
I think if i go and sit accross your house and put down the times you enter and leave the house and publish this on my blog (that is ad-sponsored) you would think different. If i make a note also if you locked your door (WEP or WPA2) then you would become a little more suspicious.
A special note is made
Then i keep this data for 10 year. Anyone who is interested can buy it or browse it.
But i have to stop now, google anology police is knocking on my door.
Is this illegal? That is where privacy starts and passwords stop.
http://support.apple.com/kb/HT1975
"Location Services allows applications such as Maps, Camera, and Compass to use information from cellular, Wi-Fi1, and Global Positioning System (GPS)2 networks to determine your approximate location. This information is collected anonymously and in a form that does not personally identify you.
About location precision or accuracy
Depending on your device and available services, Location Services uses a combination of cellular, Wi-Fi, and GPS to determine your location. If you're not within a clear line of sight to GPS satellites, iPhone 3G and iPhone 3GS can determine your location using Wi-Fi3. If you're not in range of any Wi-Fi, iPhone can determine your location using cellular towers."
Do you know how they figure out your relative location via Wi-Fi? Yep...they've already got a map of transmitters in the wild to refer to, just like the map Google is building.
My