Slashdot Mirror
My Location the Next Google Privacy Controversy?
theodp writes "While Google boasts one of its Privacy Principles is making the collection of personal information transparent, even techies are left guessing about what's going on behind the scenes of certain products. The American Dictator points out that Google's Wi-Fi collection efforts don't stop with its Street View cars, offering up this explanation of Google's My Location: 'When you allow Google to "know your location," what you are really agreeing to is to send to Google's computers your Wi-Fi environment — not only the name of the Wi-Fi hotspot you are logged into, but also the names and signal strengths of every Wi-Fi hotspot around you. In other words, the same things that those Google Street View cars were sucking up as they drove by your house.' So, will changes in privacy attitude prompt changes in Latitude?"
This make me glad I never use he internet, ever.
Don't use this feature! It's linked to Googlepredator.
I thought the "My Location" had long been considered a massive privacy breach,
Who actually uses it?
This method of radio-location is not special or unusual in any way. If anything, it is rather common and not even innovative on google's part. Several firms have exited for _years_ which focus on location based services as determined by nearby hotspots. Also, Latitude is littered with warnings about the nature of the service, and the fact that your location information will be sent back to Google. Of course, this is even less interesting when you consider the fact that your cell phone carrier already knows all of this information all the time and always has, which nobody makes any fuss about whatsoever.
You mean that in order to use a service that uses your Wifi surroundings to determine your location, you have to send the service data about your Wifi surroundings? Holy shit!
Next, you'll tell me you have to send your private, personal *search terms* to Google to get search results - the horror!
They are too big and know too much.
I'm a government spy, you insensitive clods!
Google Chrome / Firefox asks me if they can have my location, for the websites I go on. I say yes, and they get it right. They use Wifi geolocation, and not the IP address as you'd expect. So they know my town when I'm behind an American proxy. The buggers!
The issue was with Google mining Wireshark style packets from open wireless networks, not SSID's. WTF is this, guys? Sheesh.
That makes it public. Google is merely asking you to forward some public information to them. You may, if you wish, decline.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Seriously, anyone can wardrive and post public SSIDs to a public website. What's the big deal?
ok there's a geolocation feature in Google toolbar. No big business.
I think many of the people screaming loudest about the street view data collection never understood that Google was intentionally and unapologetically logging the SSIDs.
Nerd rage is the funniest rage.
People go to great pains to send a hundred mW throughout the air as far as it'll go, and are surprised when it does just that?
I'm on a volunteer ambulance squad; being a nerd I made a python script to scrape our crappy eDispatch provider's website for our dispatches and assemble them on a nice website. There was a big fight over password protecting this... despite the fact that we are going to great pains and expense to pump the very same information at about 50W. I ended up throwing a trivial password on it, until everybody forgot.
Point is, people don't seem to understand the 'broad' part of 'broadcast', and get annoyed that they don't have full control of the signals they emanate past their walls.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
I completely agree, it's surprising how many people think that when they send something to EVERYONE, that they have no ability to tell EVERYONE that "that was a secret. don't tell anybody, K?"
The recent privacy controversy was never about Google detecting and recording the names, unique IDs, and signal strength of local WiFi hotspots -- It was about Google mistakenly recording traffic, including unencrypted information that anyone could easily utilise.
In addition to that, there are only four ways to locate someone connected to the Internet:
- GeoIP which can perhaps pin you down to a city, perhaps even a town,
- WiFi triangulation which can pin you down to within a few metres
- Latency triangulation which is frankly uncompletely unworkable on something as complex as the internet
- IP->Postal Address Mapping (Read: ISP's database)
Obviously only two of these are workable for someone like Google and GoeIP is completely inaccurate. No ISP is going to give Google access to their address database.
If you have Google Maps on your phone (iPhone excluded), and you have wifi enabled, it will give you your 'wifi location'. That means google already knows about where the wif access points are? But how does it know you ask? Well, when you walk around with GPS enabled, and wifi enabled, Google seems to take this data and correllate it so that it has that access point mapped out. While I don't have any kind of reference for this, I've seen it done (new router, no other wifi around, and bingo after enough times I go by it with gps, it suddenly knows where it is without). I don't care if they know the location of access points, however I am concerned about them capturing packet data. Of course, if you leave your access point open - anybody can do that....
x86, oh yes, I'm pro.
How many people have scanners these days?
How many people have the Internet?
Now do you understand why there might be concern about putting the dispatches in a central location on the Internet?
There are a lot of idiots out there, and they can really waste your time. That really is the biggest pitfall of open information, imo.
I don't understand how Google tracking wifi networks is bad for me.
And I don't understand why Google wants that information in the first place. How does knowing my SSID help them?
Always bragging about how Android does this, how Android does that.
Well, the iPhone was doing this *first*! Put that in your I/O socket and smoke it.
Point is, people don't seem to understand the 'broad' part of 'broadcast'
Or the 'cast' part.
How many people have scanners these days?
How many people have the Internet?
Now do you understand why there might be concern about putting the dispatches in a central location on the Internet
I have got to study my logical fallacies again. I can tell that this is one, but not which one it is.
Put in simple English, however, it might go something like this: Scanners are cheap, especially the ones which can only handle a couple of frequencies, which is all you need to monitor dispatches. In fact, I have not only regularly seen them on Craigslist for $10, but I occasionally see them on Freecycle for nothing. Anyone who is motivated to scan these dispatches, therefore, can do so. You could panhandle for the cost of a used scanner in most American cities in just one day, or substantially less if you're any good at spanging. So realistically, passwording the web dispatch log accomplishes basically nothing.
Your argument would only be valid if the bar to intercepting those radio broadcasts were high, which it isn't. Odds are that you could actually buy a radio used that was already programmed/crystal'd for the frequencies you want. Shit, for less than what it costs to get a computer that can run a modern web browser you could probably get one that would permit you to transmit on those frequencies.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Is this system actually relying on MAC addresses rather than SSID's? Otherwise how can a system like this rely on a property that is often left set to the factory default or could change at any time?
Also, I guess this relies on the Google Toolbar to work since I assume there's no way for a browser to collect information about nearby SSID's (or even your SSID), right?
By the way, the above questions aren't me being worried about any of this. I'm just curious about how the system works.
I am the inventor of the hilarious refrigerator alarm.
Your location could not be determined.
I remember when privacy invasions happened automatically without consent, and a person had to go to extra trouble to opt out of getting tracked. Boy, people sure were pissed.
Now we have situations where people are knowingly downloading and running programs whose purpose the user knows in advance is to track where they are, and people are complaining that it does what it needs to do.
We all know we're wimps compared to the people who struggled through life 10000 years ago, but now we're wimps compared to the people who clicked their mice 10 years ago.
Google at one point funded the company Fon to provide wifi access "to the world".....I even got a free router out of the deal. To abide by their policies, I had to provide an open channel to be used by any other Fon user, and the location of my hotspot was broadcast on their website as were all other users of the service.
This isn't the same. You agreed to give Google that information. They can pretty much do anything they want with it.
it's called a MESH network, and maybe someday
we won't need a internet "backbone" anymore?
my guess? google's just probing to see if it's feasable. if enough
hotspots overlap from the east coast to the west coast >: )
I completely agree, it's surprising how many people think that when they send something to EVERYONE, that they have no ability to tell EVERYONE that "that was a secret. don't tell anybody, K?"
Interestingly, that seems to be DirecTV's business model.
People are getting nervous because Google is collecting MAC addresses of WiFis it sees from their street-view cars. How many such cars do they have and how often one of them passes your neighbourhood? NOKIA did it better - all new nokia (smart) phones are uploading WiFis (together with current location) when doing A-GPS query. That means hundreds of thousands, event millions devices scooping on WiFis all the time!
I've managed my personal information for a long time, being careful what's public and what's not. For example, I make no secret about my home phone number. My home address, on the other hand, is strictly confidential, and only a handful of people know it.
If you type my name in to a search engine you will find me, as well as lots of other people with the same name as me. You will find what I want you to know about me. There is information about me that is not on the Internet (one biggie in particular), and I make damned sure it stays that way.
...laura
Good jeorb editors.
This is complete BS. First of all, Latitude makes it exactly clear what they are doing, this is how the iPod Touch does location (btw, anyone else get really annoyed when people call it the iTouch, or is that just me?), along with many other implementations. The Google street view car got in trouble because it was recording *more* than just SSIDs and signal strengths. It was recording actual data being transmitted across these networks. Latitude is not instructing your phone to sniff all open wireless networks around you and send back a sample of TCP traffic to Google. The suggestion is ridiculous.
We always knew Comcast was corrupt, here's the proof: http://tech.slashdot.org/comments.pl?sid=1909890&cid=34545432
I would have named their service Google Wardriving which is pretty much what they are trying to patent.
You don't have to guess what Google does because they do the same thing everybody else does.
Skyhook and lots of other companies have WLAN geolocation databases. Lots of phone apps use such databases and services, including iPhone and Nokia.
EyeFi and other cameras determine your location from visible WiFi APs and encode it in your images. They probably transmit your locations to your server. When you upload your images to Flickr, Picasa, or your own web site, you transmit that information along.
HTML5 has a standard location API. Every mobile phone browser will support that because it's so darn useful.
Mobile operators already know where you are; in fact, they are required to know that by law, supposedly to allow "Enhanced 911" calls, but also for law enforcement purposes. They clearly share that information with governments and police. They almost certainly also share it within their own "group". They offer location services to you. They may or may not sell that information as well.
Phone applications can find out which tower they are talking to (and have been able to do so for a while), so on most smartphones, sofware already could track you.
The only thing that's different about Google is that they actually offer you a free and useful service based on that data, whereas others have been using the data without telling you and/or have been charging you for it. And Google has stopped collecting this data because they don't actually need to; most geolocation is now done via towers or GPS, and for the few WiFi-based use cases, they can just buy the data from several vendors.
And even if all of those are not available, web sites can usually tell roughly where you are from your IP address. For cable, DSL, and WiFi that can be very accurate; for 3G connections, it usually is some proxy server that's not too far away.
If you're worried about people tracking you, Google is probably the least of your worries; at least they tell you and you can turn it off. That's a lot better than most of the other people who have access to your location.
This is the not the first time he has submitted biased garbage masquerading as fact in his own personal crusade against Google and for some reason someone keeps approving his ridiculous submissions. For gods sake, can we start out discussions out with real questions instead of "So why do hate America, Google?"
Let's take a look at some of the other crap he's submitted and has subsequently been posted:
Here we have: Are Googlers too smart for their own good?
http://developers.slashdot.org/story/10/05/21/1427245/Are-Googlers-Too-Smart-For-Their-Own-Good
And here we have the first "expose" on the conspiracy that Google has perpetrated on us all by intentionally collecting payload data on Accident:
http://yro.slashdot.org/story/10/05/29/0818219/Google-Describes-Wi-Fi-Sniffing-In-Pending-Patent
If you want to use "wireless networks" to determine your approximate location on an Android phone (something quite common I think), you _HAVE_ to agree to your location data being sent to Google even when no app is running. If you disagree, you can't activate Wireless Networks Location. This means you either have to use GPS everytime you want to look something up on Google Maps etc., or have to enter your location by hand (if you don't agree with their "consent"). The exact text of the "Location consent" is: "Allow Google's location service to collect anonymous location data. Collection will occur even when no applications are running." Here is a ticket regarding this issue: http://code.google.com/p/android/issues/detail?id=2813 In my opinion this is really bad.
look at the submitters history - he is a well known troll but somehow get his stories upvoted. this site has jumped the shark and is full of apple astroturfers
Sorry to see you got modded offtopic. Judging from the comments on theodp's recent equally-BS posts, almost everyone on Slashdot would wholeheartedly agree.
If its a corrupt company and the phone doesn't actually have a real GPS (only training wheel GPS) then it can't. But if you have (perhaps one of the few?) phones who do have a real GPS they can find your position without connection (or even sim cards in them)
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
The data google stored was not for google, they where a man in the middle. They also kept the data and seem to be stonewalling.
Domestic spying is now "Benign Information Gathering"
Why are such ridiculous posts allowed on Slashdot? Anyone with a slightest shred of common sense and logic would understand that, without this requirement, "My Location" is not possible. If you are so paranoid about "privacy" dont use this feature....
...no shit sherlock. they needed scientific research for that? I found that out all by myself, and have since successfully kicked my caffeine addiction. pro tip: after about three months without caffeine, you will actually feel the boost again when you do drink it. just be careful not to get addicted again :)
come to think of it, this kind of scientific research always makes me think of scientists sitting around, feeling lazy, and coming up with "hey, what if we just drink coffee all day, then write a paper about it?"