Slashdot Mirror
FCC Investigating Google Street View Wi-Fi Data Collection
adeelarshad82 writes "The Federal Communications Commission is looking into whether Google's Street View Wi-Fi data collection violated the Communications Act. At issue is a May admission from Google that equipment attached to its Street View cars collected data that was traveling over unencrypted Wi-Fi networks, known as payload data. At first Google said it did not know if that data included personally identifiable information, but the company admitted last month that it did include entire e-mail addresses, URLs, and passwords. Google has pledged to work with the FCC."
Access point MACs, signal strength, and latitude / longitude coordinates gives you a geolocation database you can use to calculate your position via WiFi, ie: skyhook.
Why is it illegal for Google to listen as it drives down the street to something you're broadcasting into the street?
Make it illegal to broadcast it into the street in such a way that a normal consumer device won't hear it, THEN you can go after Google if they used something to cheat and listen in on people.
Right now they're being investigated because they drove down the street with a microphone and recorded all the idiots shouting out their private info to anyone willing to listen ... without special listening equipment!
I understand making it illegal for someone to use a laser mic to listen to my private in home conversations. I expect anything that normally would not be heard outside my home to be private.
Wifi most certainly is expected to be heard outside the home. Its not something that someone can claim ignorance on, people understand that television broadcasts and radio broadcasts travel many miles, so anyone claiming ignorance just doesn't count as they are too stupid to matter.
I really can't see how you can call google wrong in these case, if you broadcast it over the airwaves, and someone hears it, too damn bad. Encrypt it, or hell at least use WEP, where it might not be actually secure, but at least you can say you made it clear it was not intended for unauthorized parties.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Having played with Kismet (which is what Google is using), it seems to me that it's really easy to accidentally capture packet payloads. Kismet will dump payloads in to handy pcaps by default.
Wardriving generally sucks for data capture. It's good for surveying (its interesting to see the proliferation of WAPs and secured APs at that... and some people choose really amusing SSIDs). But driving around alters signal strength which means losing packets. You're also channel hopping which means losing packets. If you really want to log people's data, you wardrive first to identify targets then come back and listen to just that (or a very small subset) of targets.
Yes that is exactly what they are telling you.
They used common off the shelf linux utilities to collect this information. The collected beacon information, wrote it to disk with the current location information.
Rather than a "database" it was a simple flat file of location plus beacon data.
Someone forgot to filter it so that only beacon packets were written.
So in the 5-10 seconds the car was within range of an unencrypted wifi some other data might have been geo-tagged and written.
Don't try to make more of it that it was. It was not a relational database. Its no where near that sophisticated. And google was unaware that they were even collecting the information till they noticed their disk were filling faster than they should. Since all they wanted was Beacon packets they never even looked at the rest.
And guess who reported this to government: Thats right, Google.
No one goes to jail for a harmless mistake.
The only way this data gets sold is when the governments that demanded it for their witch-hunt release it under freedom of information requests.
Now run along and go turn your wireless encryption on and put your tinfoil hat back in the closet.
Sig Battery depleted. Reverting to safe mode.