Slashdot Mirror
Germany Finds Kismet, Custom Code In Google Car
theodp writes "While waiting for a hard disk of Wi-Fi data that Google says its Street View cars gathered by mistake, the Hamburg Information Commissioner's office performed tests on a Google Street View car in a controlled environment with simulated wireless networks and issued the following statement: 'For the Wi-Fi coverage in the Street View cars, both the free software Kismet, and a Google-specific program were used. The Google-specific program components are available only in machine-readable binary code, which makes it impossible to analyze the internal processing.' Interestingly, a 2008 academic paper — Drive-by Localization of Roadside WiFi Networks (PDF) — describes a similar setup, and its authors discuss how they 'modified Kismet, a popular wireless packet sniffer, to optionally capture all packets received on the raw virtual interface.' Computerworld reports that lawyers in a class-action suit have amended their complaint to link a Google patent app to Street View data sniffing."
The Google-specific program components are available only in machine-readable binary code, which makes it impossible to analyze the internal processing.
No. It makes it very difficult and tedious and impractical to analyze. It is not, however, impossible.
Seven puppies were harmed during the making of this post.
If I did what google did I could be charged with unauthorized access to a system. Why is there no criminal trial here?
They're not being evil now, are they?
I know a little bit about IP geolocation, but when I got an iPod touch and fired it up for the first time on my home network I was *stunned* to see that it pinpointed my location to within one or two houses when using the Google Maps app despite having no GPS and no other identifiable information entered into the device. Maybe they are using this data to drive geolocation based on SSID instead of IP? Can anyone explain how else IP geolocation can be so accurate?
There isn't anything inherently illegal about what they did, unfortunately. Encrypt your networks folks. However, being a professional user of the Kismet application I would contend that using Kismet shows that all the data collection was far from "accidental".
Where genius and insanity become confused true wisdom is found
Yeah seriously. Why does the German government have to be such a bunch of Naz... oh, I see.
Give me Classic Slashdot or give me death!
Try intercepting someone's cell phone signals - with your dumb argument, you should be able to listen to them too and not get sued.
You should, absolutely. Just as if you were overhearing a walkie talkie. If you don't want it heard by the public, don't broadcast it. If you need to broadcast it, encrypt it.
Give me Classic Slashdot or give me death!
Google location API. Doesn't matter if the network is secure or not.
"Hey I found AA:BB:CC:DD:EE at this location"
Person with iPod Touch or other device with wireless only sends to google: "Hey I see access points AA:BB:CC:DD:EE, AA:BB:CC:DD:FF and AA:BB:CC:DD:00" Google goes: "Yea, you're around here".
Go to google maps with a new version of Firefox or Chrome. Click on the button that just has a circle in it. It'll ask for permission to send your location and should show you where you are on the map.
For what it's worth Google claims that patent is totally unrelated and they're also trying to find someone they can pin this on so their multinational company doesn't take any of the heat. Remember, it's just one engineer behind this and once we find Scapegoaty McSeverancePackage this can all be put behind us and you can rest assured that Google is back to Do No Evil status. Ha.
My work here is dung.
A company named Skyhook Wireless is doing this. They are continuously driving trough whole continents with cars, mapping out wifi routers/stations/etc.
They are what gives the iPhones/iPods their navigation (they have to real GPS). They are behind Maps Booster which plugs right into the Symbian (Nokia & others) geolocation APIs. (I bought it for 3€, and while it is less exact than GPS here, it also works inside buildings. Plus it makes first-time GPS satellite locking much faster.)
I wonder how this is different from what Google does, though.
But I don’t have a problem with SSID logging anyway. I mean, people who rely on SSIDs for security, really are idiots anyway. It’s not worse than knowing an IP. I can’t see where privacy could be a concern here. And I’m extremely strict about my privacy rules.
I think it’s a good service. Hell, how could I not think that paying 3€ for someone to drive across every street on the continent is a good deal?
P.S.: No, I’m not affiliated. And I repeat: It’s not very exact here. I am lucky if I get 50m accuracy. While my A-GPS can get down to 3m. (Oh, and if anyone of you know a service that requires no further hardware, and can get down below 50 cm [ideally below 10cm], please contact me! :)
Any sufficiently advanced intelligence is indistinguishable from stupidity.