Slashdot Mirror
Google Street View Logs Wi-Fi Networks, MAC Addresses
An anonymous reader points to this story at The Register that says "Google is collecting more than just images when they drive around for the Street View service. 'Google's roving Street View spycam may blur your face, but it's got your number. The Street View service is under fire in Germany for scanning private WLAN networks, and recording users' unique MAC (Media Access Control) addresses, as the car trundles along.' There's a choice quote at the end: 'Google CEO Eric Schmidt recently said Internet users shouldn't worry about privacy unless they have something to hide.'"
Wow. That's pretty shitty reporting, even for The Register. Yes, Google records SSIDs and (I guess) MAC addresses of wifi APs. That way they can estimate your position for Google Maps on a mobile device, even if you have no GPS on that device. This has been public knowledge for at least a year now.
In regards to Streetview itself and recording SSIDs and such, there is simply no privacy concerns. When you are in public, people can see you. When you broadcast signals, people can receive them. If you don't want to be seen, don't go out in public. If you don't want people to see the SSID of your AP, don't broadcast it.
How we know is more important than what we know.
If I don't have anything to hide, then what logical reason do you have to spy on me?
Of course this applies to private companies just as much as government.
No, actually, he said that if you have $SOMETHING to hide then doing stuff concerned with $SOMETHING on t'internet is not a smart idea.
I know I'm supposed to be outraged about Street View. I'm trying, I really am. But the outrage just isn't there.
It's (generally) not illegal to take one picture of a storefront from your car. It's not illegal to take two, or three. Nor is it illegal to put those pictures on the internet. Google is just taking this process and deploying it on a larger scale than anyone previously had the resources for. I think it's the same with wireless networks. YOU have chosen to blast your MAC address into the ether for anyone within a certain radius to record, so why should you be surprised when someone does?
Google is just acting as an army of men with clipboards, no single one of whom is doing anything wrong, and for me it doesn't follow that there's something wrong when they do it en masse, provided they stick to public roads and take the privacy precautions (blurring faces, etc.) they have been.
Dislike the Electoral College? Lobby your state to join the National Popular Vote Interstate Compact.
The privacy concern is that Google is building a massive database of SSIDs -- this is not the same as your neighbors being able to see your SSID, this is a corporation with global reach.
This is the same sort of problem that we complain about when a company collects little bits of information that you leak in public, and builds a dossier on you. Yes, the information is technically public, but the fact that it is being assembled en masse is the problem. It is impossible to hide ever detail of your life from view, but when such a large database is built up, it reveals a lot about a person, potentially including things they did not want revealed.
Palm trees and 8
so I guess only people unsavvy enough to use MACs will have their addresses recorded! Whew!
creation science book
And what if I have nothing to hide for the current government but don't get the assurance that today's laws are tomorrow's laws?
With enough information in the hands of governments, it's very easy to change a law, criminalize something that was perfectly legal and find and eliminate most of the 'criminals' under those new laws.
I know I'm kind of invoking Godwin's law here, but in 1939 it was perfectly legal to be Jewish here in the Netherlands. In the 1930s the Dutch government made an almost perfect register of the whole population, so in 1940 it was very easy for the Nazis to eliminate almost all the Dutch Jews.
I don't have a mac address. I use PCs.
rewriting history since 2109
What they are doing is not even questionable, it is completely legal.
Do you know much about German law?
Because in the USA it IS questionable and in some cities it is ILLEGAL.
How do people use public wireless, then? They have to enter all the information manually, as opposed to scanning and just picking out the right SSID?
Could you post some of the case law / legal statutes involved? Thanks!
What they are doing is not even questionable, it is completely legal.
That's true here in the US. Existence of companies like Skyhook and the iPod Touch's location feature make that evident. The question is if it's legal in Germany.
Not that it shouldn't be, particularly when an AP is metaphorically screaming,
Hello there, anyone who can hear me!
My name is Linksys!
You can tell me apart from other folks with the same name because I'm XX:YY:ZZ:AA:BB:CC!
If you like, I can give you an IPv4 address!
No, no, I haven't been told to exclude anyone who doesn't know my favorite word or phrase!
Please talk to me! I love you!
Here in the States, logging that you heard such a declaration rightly isn't against the law. Further, based on my very crude analogy, I also don't think that "unauthorized" connection/use of an unprotected/unconfigured AP should be a criminal offense either. Perhaps if someone learns that their pipe is being used against their knowledge, they could (and should) take civil action to force that person to pay for what he's been freeloading on, but I digress.
... Sorry about this, but unless you speak Italian and ol' Tony tells you what my favorite word or phrase is, I can't give you an IPv4 addres!" Any situation where network encryption is either bypassed or broken without the network owner's knowledge and permission is nefarious outright, regardless of intention, and that should most definitely be a criminal offense. Although if ol' Tony finds out before the cops do, you're probably even worse off.
For someone who actually breaks in to an encrypted AP (and yes, WEP counts), consider that WEP might be like a retarded-midget bouncer who'll believe you if you lie to him, whereas WPA could be, "My name is Linksys
Boot Windows, Linux, and ESX over the network for free.
In another ominous development, the phone company is planning to release a compiled document containing every name, address, and phone number of all their wired clients. The books will be published by region but be available globally. They'll be called by the disturbing name "White Pages".
They also will provide a charge-per-call service wherein on a request from not only government agencies but also private citizens, they will mining their data stores nationally in search of a particular individuals detailed info. While there is no clear consensus on this point, it appears this service will either be called 'Information' or mysteriously... just '411'.
They claim there will be an 'opt-out' option, but it will not be enabled by default, and there will be an extra charge for it's use.
Just some perspective to apply, not really meant as humor. This issue is about as dangerous as the phone book IMHO. You've got (or should have) an option in your router to hide your SSID. If you aren't using it, then you are BROADCASTING it. If someone tracking this information centrally really concerns you, change your SSID randomly every 30 days, and the MAC of your router. If your router doesn't support changing it's MAC, get a better one.
If it REALLY concerns you, don't use WiFi! There are much more nefarious things that can be done against WiFi than just logging an SSID/MAC that might actually be worth worrying about (again, IMHO).
"If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place, but if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it's important, for example that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities."
That is the actual quote. I am pretending nothing.
Except, you know, the quote given in the summary and article isn't what he said. What he actually said was "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place." To me, that's quite a bit different from the quoted "internet users shouldn't worry about privacy unless they have something to hide." At worst, I would take his actual quote to mean that trying to hide illegal and/or amoral acts is impossible in the internet age, at least if such acts are done on the internet.
Sorry but recording all MAC addresses? Google's "Do no evil" just went out the door. There is no reason for Google to record the MAC addresses of devices.
Actually, they do have a reason - it's called "WiFi geolocation", and can be used in conjunction with cell towers to pinpoint one's position much more precisely than towers alone can do. It's used in such capacity in Android, for example.
I've also heard that iPad (at least the non-3G variety) also uses WiFi geolocation.
In any case, I don't see the problem. On Slashdot, it has been said countless times in the past (e.g. with respect to websites being crawled when they don't want it to happen) that "if you put it in public, it's public". Well, guess what, that's precisely what a wireless access point does, if you tell it to broadcast its ESSID! It's not even something of the "unlocked door" variety, it's literally actively transmitting this information for everyone to hear. Noting it down is absolutely not a privacy threat - not anymore than the broadcast itself is in the first place!