London Bans Recycling Bins That Track Phones

← Back to Stories (view on slashdot.org)

London Bans Recycling Bins That Track Phones

Posted by samzenpus on Monday August 12, 2013 @05:02AM from the no-trash-talking dept.

judgecorp writes "In a swift response to a media storm, the City of London has closed down a trial of recycling bins which track the phones of pedestrians. Renew provides recycling bins funded by digital advertising, and has been told to stop a trial where bins tracked phones. Although the CEO of Renew claims there was no intention to breach privacy, his own marketing material says otherwise."

179 comments

Min score:

Reason:

Sort:

Removing bins will not fix underlying problem by sinij · 2013-08-12 05:08 · Score: 5, Insightful

Removing bins will not fix underlying protocol implementation problem. This has to be treated as any other vulnerability and patched, so it is not possible.
1. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 05:22 · Score: 1
  
  It is astonishing how few people seem to understand that.
2. Re:Removing bins will not fix underlying problem by mcrbids · 2013-08-12 05:28 · Score: 2
  
  Wow. Talk about ignorance aloud. And on Slashdot!
  The "issue" to be addressed is the need for a way to uniquely identify a device as distinct from other devices. This is accomplished by the use of a number called a MAC address. Because it uniquely identifies a device, it can be used to (gasp!) uniquely identify a device.
  That's what Renew (the company in question with the "smart bins") was doing... logging MAC addresses announced by wifi cards as they try to moderate a wifi connection.
  
  --
  I have no problem with your religion until you decide it's reason to deprive others of the truth.
3. Re:Removing bins will not fix underlying problem by ackthpt · 2013-08-12 05:33 · Score: 4, Insightful
  
  It is astonishing how few people seem to understand that.
  Rather like war-driving in reverse. How times change.
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
4. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 05:34 · Score: 0, Interesting
  
  And there is no reason a MAC address should not randomize itself in between network connections.
5. Re:Removing bins will not fix underlying problem by compro01 · 2013-08-12 05:34 · Score: 2
  
  And what need is there to announce the MAC address when not connected to anything?
  
  --
  upon the advice of my lawyer, i have no sig at this time
6. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 05:37 · Score: 0
  
  You need to attack from several angles. Both physical security to increase the effort required to be an asshole, and laws that reduce the economic incentive by preventing reputable entities from doing business with them. Defense in depth. Make it both impossible and illegal.
  That's true whether you're dealing with drugs, spam or privacy invasion.
7. Re:Removing bins will not fix underlying problem by ericloewe · 2013-08-12 05:37 · Score: 3, Insightful
  
  Here's the problem:
  If the user doesn't say "I want to connect to 'Trash can Wi-Fi'", why should the phone decide on its own to connect to 'Trash can Wi-Fi' without asking?
  If the phone doesn't (stupidly) try to connect to any open network it sees, it doesn't broadcast its MAC address whenever some dubious access point asks for it.
8. Re:Removing bins will not fix underlying problem by mspohr · 2013-08-12 05:37 · Score: 4, Interesting
  
  There is something I don't understand here.
  If I have my WiFi turned on and it is set to automatically connect to "known" access points but not set to connect to random unknown access points, why would it broadcast my MAC?
  I can understand that it will listen for a "known" access point and when it finds one, send the MAC to connect and that is fine.
  However, why would it broadcast my MAC if it has no intention of connecting?
  
  --
  I don't read your sig. Why are you reading mine?
9. Re:Removing bins will not fix underlying problem by timeOday · 2013-08-12 05:38 · Score: 1
  
  What do you mean it's "not possible?"
  I would think simply re-generating a random MAC address each time you enable WiFi would work well enough.
10. Re:Removing bins will not fix underlying problem by Molochi · 2013-08-12 05:38 · Score: 1
  
  True, there aren't a lot of reasons for your phone's wifi to be spamming its MAC all the time, unless it is also configured to connect to any open AP in range. That itself is a BadIdeaTM without an autostarting VPN client.
  
  --
  "The Adobe Updater must update itself before it can check for updates. Would you like to update the Adobe Updater now?"
11. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 05:41 · Score: 0
  
  You don't have to be a dick.
  We don't need to permanently identify specific devices. We only need the device to be identified while using a given connection. You've never spoofed a MAC address? Ever? We only need a temporary identifier which is unique. Conflicts are unlikely and easily resolved.
12. Re:Removing bins will not fix underlying problem by bandy · 2013-08-12 05:42 · Score: 2
  
  And if two devices randomize to the same MAC? That Would Be Bad.
  
  --
  "You might as well get your son a ticket to hell as give him a five string banjo." -unknown minister
13. Re:Removing bins will not fix underlying problem by Carewolf · 2013-08-12 05:49 · Score: 2
  
  If you have set up the phone to connect to a hidden SSID, then it will broadcast it MAC (and the hidden SSID) all the time asking if it is there.
  It can also prompt for nearby access points instead of waiting for them to announce themselves, this also broadcasts their MAC.
  The first is easy to solve (don't use hidden networks ever). The second one can be a bit of a compatibility issue.
14. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 05:49 · Score: 0
  
  only for one device that would then re randomize itself and it would be fine. so what maybe a half a second of non service? maybe a minute? not bad if you ask me.
15. Re:Removing bins will not fix underlying problem by sinij · 2013-08-12 05:49 · Score: 1
  
  There are multiple issues here:
  
  a. MAC addresses being broadcast without any regard to who is listening. Even when not negotiating/partaking in a connection.
  b. MAC address is static.
  
  Compare above situation to banking. You have a bank account number, it uniquely identifies you but it is not transmitted unless you initiate transaction (and even then only on need-to-know basis) plus it can be changed at any time. Now imagine that instead of MAC these bins were skimming banking information (without intend to defraud), would you still be as relaxed about this?
16. Re:Removing bins will not fix underlying problem by Z00L00K · 2013-08-12 05:52 · Score: 1
  
  The phone don't connect, it just announces the MAC address in the request when it's looking for a valid access point. You only need devices that can listen, they don't have to talk back to the phone.
  It's a low level protocol issue. It's hard to identify a person knowing the MAC address, but if you find a phone or know the MAC address of a specific phone you can see where it has been.
  So far we know that someone has used this with the intent for commercial interest, but realize that this can as well be the top of an iceberg where you have several other users of this. From the harmless snooping to create an understanding of movement patterns of people to the tracking of a certain individual on a level similar to what you can see in "Enemy of the State".
  
  --
  If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
17. Re:Removing bins will not fix underlying problem by cusco · 2013-08-12 05:53 · Score: 4, Informative
  
  IIRC, the address space available for MAC addresses allows something like 1000 devices for each square foot of land area on Earth, so there isn't much chance of collision. Having said that, AC is wrong. DHCP reservations (used on many, many networks for hardware that needs to maintain the same IP address) require MAC addresses that do not change. Many manufacturers have sniffer programs that are needed to do installations and service on their hardware, which sniff the set of MAC addresses assigned to their company. There are lots of other reasons that MAC addresses are linked to a piece of hardware.
  
  The issue here isn't that MAC addresses are unique, it's that users aren't bright enough or are too lazy to turn off wi-fi detection when they're not using it.
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
18. Re:Removing bins will not fix underlying problem by afidel · 2013-08-12 05:53 · Score: 1
  
  Yep, it's one of the most irritating things about my Android phone, even after I explicitly turn off WiFi I still get popups about available wireless networks, why is the damn phone powering a radio I told it to turn off? I'm not sure if it's trying to connect to those detected networks without my ok but it wouldn't surprise me in the least if it was since it failed to listen to me in the first place.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
19. Re:Removing bins will not fix underlying problem by interval1066 · 2013-08-12 05:53 · Score: 1
  
  This is accomplished by the use of a number called a MAC address.
  Easily defeated by spoofing. And don't give me that "but few know how to do it" nonsense. Its not difficult and people learn how to do things when they realize they need to do it. REAL ignorance is believing that using MAC addresses for anything involving ID or security is a good idea.
  
  --
  Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
20. Re:Removing bins will not fix underlying problem by Charliemopps · 2013-08-12 05:53 · Score: 1
  
  The chances of that happening are VERY small. And would only be detrimental if both connected to the same WAP at the same time. Even then it would just lock up and drop the connection most likely. I do change the mac address on my wireless devices every couple of weeks, but not for every connection attempt... but if there were software that did it for me I'd definitely take advantage of that.
21. Re:Removing bins will not fix underlying problem by Charliemopps · 2013-08-12 05:55 · Score: 1
  
  That's the point, the bins were offering up a fake WAP in order to get the devices MAC address when they tried to connect. If you have Wifi off, then this wouldn't happen. But most carriers default their phones to auto-connect to open WIFI to save themselves bandwidth.
22. Re:Removing bins will not fix underlying problem by Charliemopps · 2013-08-12 05:56 · Score: 1
  
  Auto-connecting to open wifi is an option that's set to on by default by most carriers.
23. Re:Removing bins will not fix underlying problem by aristotle-dude · 2013-08-12 05:57 · Score: 1
  
  And there is no reason a MAC address should not randomize itself in between network connections.
  No reason other than that the MAC address exists to uniquely identify the device connecting to the network. You seem to have missed the point of the MAC address. Some networks lock down access by MAC address as it is supposed to identify specific devices.
  
  --
  Jesus was a compassionate social conservative who called individuals to sin no more.
24. Re:Removing bins will not fix underlying problem by cusco · 2013-08-12 05:58 · Score: 1
  
  And you don't have to be a moron. There are many reasons why MAC addresses are linked to a specific device, some of them are laid out in the initial RFC. You can play with your MAC if you want, but if my security cameras start changing MACs then their DHCP reservations aren't going to work any more and they'll drop offline. If my elevator interface changes MAC address then the manufacturer's sniffer program isn't going to be able to detect it and we'll have no way to connect to the thing for service. If that fancy new HVAC system doesn't have a dedicated MAC then I won't be able to telnet into the thing to set its initial IP address and port settings.
  
  Sorry AC, your iToy isn't the only thing that networks exist to support. Some of us do real work on networks.
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
25. Re:Removing bins will not fix underlying problem by compro01 · 2013-08-12 06:06 · Score: 1
  
  But most carriers default their phones to auto-connect to open WIFI to save themselves bandwidth.
  I'm thinking that must be a British thing. My GS3 (on Virgin/Bell) in Canada doesn't autoconnect to anything WiFi unless you've previously explicitly connected to a given network and AFAICT, there's no option to even make it do so.
  
  --
  upon the advice of my lawyer, i have no sig at this time
26. Re:Removing bins will not fix underlying problem by sinij · 2013-08-12 06:07 · Score: 1
  
  This is problematic on many levels. Just like with "desktop Linux", expecting technical competency for average user is unrealistic assumption. Masses will not spoof MACs, because they don't even know what it is or care to find out.
  
  MAC is not used for security, but rather identification. It is your device's static identity where it can be easily mapped to owner's identity. The underlying issue isn't that some marketing scumbags collecting MACs, it is that once these MACs collected it is trivial to aggregate this information.
27. Re:Removing bins will not fix underlying problem by sjames · 2013-08-12 06:08 · Score: 1
  
  There's no reason for the devices to be broadcasting the mac when it is not in use. There''s also no reason it can't generate unique ids on demand and discard them when it is done talking. For example, it can take the time since last boot in milliseconds, hash it and XOR it with the actual MAC address setting the locally administered flag. Or, just don't send out probe requests unless the user has told it to look for new APs.
  The issue is that people don't like being stalked every waking moment. The one-off solution is to ban this particular attempt. broader solution is to make the technique somewhere between difficult and impossible by changing the way the phones behave.
28. Re: Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 06:10 · Score: 0
  
  No it isn't! My default Android setting from AT&T it's set to off in the USA by default.
  Auto connecting to open WiFi is a horrible security risk. I'm sure no phones do this by default factory setting.
29. Re:Removing bins will not fix underlying problem by bandy · 2013-08-12 06:10 · Score: 1
  
  "Very small" - how many problems have we seen where the RNG used hasn't been adequate or was seeded with the same value across multiple devices?
  
  --
  "You might as well get your son a ticket to hell as give him a five string banjo." -unknown minister
30. Re:Removing bins will not fix underlying problem by sjames · 2013-08-12 06:12 · Score: 1
  
  Those are valid concerns. Perhaps turn off the randomization when connecting to designated APs but use it for anonymous public wifi?
  Or just use it for probe requests but not when actually connecting.
31. Re:Removing bins will not fix underlying problem by bandy · 2013-08-12 06:13 · Score: 1
  
  The issue here isn't that MAC addresses are unique, it's that users aren't bright enough or are too lazy to turn off wi-fi detection when they're not using it.
  Exactly. As to the "large" address space - it's large if the random-number generator is actually random and has been seeded with a unique value. We've seen lots of bugs and exploits show up because those two conditions were not met.
  
  --
  "You might as well get your son a ticket to hell as give him a five string banjo." -unknown minister
32. Re: Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 06:13 · Score: 0
  
  We're talking about phones here, not elevators or space shuttles. And default behavior, not mandatory behavior for everything everywhere at all times..
33. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 06:14 · Score: 0
  
  Wow. Talk about ignorance aloud. And on Slashdot!
  The "issue" to be addressed is the need for a way to uniquely identify a device as distinct from other devices. This is accomplished by the use of a number called a MAC address. Because it uniquely identifies a device, it can be used to (gasp!) uniquely identify a device.
  That's what Renew (the company in question with the "smart bins") was doing... logging MAC addresses announced by wifi cards as they try to moderate a wifi connection.
  Why does my wifi card have to give over info in order to know there's a network available? It doesn't try to connect - it just listens occasionally. No need for my MAC address to be given to any device for that surely?
  The AP only needs to know my Unique ID when I actually want to 'speak' to it - not before. This is the behaviour that the GP wants patched.
34. Re:Removing bins will not fix underlying problem by sjames · 2013-08-12 06:15 · Score: 1
  
  It should be able to listen passively unless you tell it you want to connect. Unfortunately, most aren't set up for that.
35. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 06:16 · Score: 1
  
  And there is no reason a MAC address should not randomize itself in between network connections.
  Probably would require a bit more smarts than that. Such as the randomization would be turned off when the device
  sees a beacon from a known router. e.g. The device would see the router's mac, and it it is one it had connected to previously
  it would use the same mac address it did upon first connection.
  This solves problems with mac-address filtering that some people use as an ill-conceived attempt at wifi security.
  Also DHCP servers use mac addresses to hand out the same IP addresses, upon re-connection which saves a lot of IP churning
  just because your phone changed its mac in the middle of a connection. Some routers use IP reservations as well.
  Other than that this seems to be a reasonable
  
  --
  Sig Battery depleted. Reverting to safe mode.
36. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 06:17 · Score: 0
  
  But most carriers default their phones to auto-connect to open WIFI to save themselves bandwidth.
  I'm thinking that must be a British thing. My GS3 (on Virgin/Bell) in Canada doesn't autoconnect to anything WiFi unless you've previously explicitly connected to a given network and AFAICT, there's no option to even make it do so.
  Nope - my phone alerts me that are networks nearby, but doesn't connect until I explicitly tell it to. From what was said in the office today, I now know that applies to a large range of devices and all carriers I've head of. No valid reason to hand over the MAC address until I say connect surely?
37. Re:Removing bins will not fix underlying problem by sinij · 2013-08-12 06:17 · Score: 1
  
  I am curious if you are aware that others can and will try to connect to your elevator diagnostics or HVAC system? You are compromising your security by opening your infrastructure tot he Internet.
  
  If not, then you shouldn't care about MACs, as long as they are static. Your isolated infrastructure network won't ever collide with Joe Shmoe smartphone, because there won't be any way to come into contact.
38. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 06:19 · Score: 3, Informative
  
  And there is no reason a MAC address should not randomize itself in between network connections.
  No reason other than that the MAC address exists to uniquely identify the device connecting to the network. You seem to have missed the point of the MAC address. Some networks lock down access by MAC address as it is supposed to identify specific devices.
  Your phone knows its real Mac, and the mac of the routers it has connected to before.
  All it need do is use the same mac for any router it has seen before, or use its REAL mac when you request
  a connection to any router.
  Routers you don't CHOOSE TO connect to, have no valid reason to know your mac.
  
  --
  Sig Battery depleted. Reverting to safe mode.
39. Re:Removing bins will not fix underlying problem by sjames · 2013-08-12 06:19 · Score: 1
  
  It's not hard to connect name and MAC address with a bit of data mining. For example if the POS terminals see MAC X every time John Q makes a purchase, then MAC X is John Q.
40. Re:Removing bins will not fix underlying problem by cusco · 2013-08-12 06:30 · Score: 1
  
  Of course they can, this is why you put security on those systems (that many of them are left with factory-default configs is a whole other issue that we in the industry need to deal with), and protect your network from the Great Wide World. I have worked with customers who DO connect to their security cameras, HVAC system, etc. with smart phones, those pieces of infrastructure normally aren't isolated from the rest of the network unless there is a specific reason to do so. If you have RAS access to your company's network you probably have access to most of its infrastructure, whether you know it or not.
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
41. Re:Removing bins will not fix underlying problem by amicusNYCL · 2013-08-12 06:31 · Score: 1
  
  I've never seen that behavior with the Evo 4G or HTC One. If wifi is off, the radio is off (as far as I can tell). I was looking at the comments wondering why people are walking around with wifi enabled, I don't see any point in doing that. It's actually kind of stupid, you're draining the battery and exposing yourself to whatever vulnerabilities would use wifi.
  
  --
  "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
42. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 06:32 · Score: 1
  
  Yep, it's one of the most irritating things about my Android phone, even after I explicitly turn off WiFi I still get popups about available wireless networks, why is the damn phone powering a radio I told it to turn off? I'm not sure if it's trying to connect to those detected networks without my ok but it wouldn't surprise me in the least if it was since it failed to listen to me in the first place.
  Pictures or it didn't happen. Not on Android, and not on any cell phone. Off means off.
  Turning off wifi powers down the wifi, and down means off.
  You can still get prompts for bluetooth.
  
  --
  Sig Battery depleted. Reverting to safe mode.
43. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 06:35 · Score: 1
  
  So perhaps it is time to update the underlying protocol.
  Right now:
  Server: Hello, I am Bob the Server, announcing my presence to the world, please connect to me! My MAC is DE:AD:BE:EF:FE:ED.
  Client: Hello Bob at DE:AD:BE:EF:FE:ED. Let's talk. I'm DE:AF:CA:FE:BA:BE
  Server: Cool. Let's connect... or not. Your choice, I have your MAC anyway. Hey, weren't you here yesterday?
  Change this to
  Server: Hello, I am Bob the Server, announcing my presence to the world, please connect to me! My MAC is DE:AD:BE:EF:FE:ED.
  Client: Hello Bob, I may wish to connect to you. My temporary and randomized MAC is FE:ED:BA:BE:BE:EF
  Server: Hey FE:ED:BA:BE:BE:EF. What's up? I don't recognize you. need a password to let you in! ...
  Client: Let's hook up! My password is Swordfish.
  Server: Correct! Come on in!
  Client: Cool. My real MAC is DE:AF:CA:FE:BA:BE; forget that other one.
  or
  Client: Nevermind. You were shouting loudly so I couldn't help but look. Bye!
  E.g., clients only offer a randomized and non-identifying MAC until a full connection is made. Assuming a large enough pool (we might need to go bigger than the current 48-bits used by MACs currently), collisions should be infinitesimal. Once the connection is made the real MAC is provided, preferably behind a password and encryption.
  Would that work to minimize tracking? All the server would see is that /somebody/ tried to connect to it as a response to it announcing its presence to the world, but barring a manual connection it ends up with just a randomized string of hexadecimal digits that are unlikely to be repeated anytime again within the lifetime of the universe. E.g., something useless for identifying a user.
  A change like that should be easy to implement, right after we switch 100% to IPv6 ;-)
44. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 06:36 · Score: 1
  
  Auto-connecting to open wifi is an option that's set to on by default by most carriers.
  Carriers have nothing to do with wifi. And further, you have to explicitly connect to each router the first time. No phone automatically connects to random open wifi routers unless you set it to. (There are apps that will attempt this for you).
  
  --
  Sig Battery depleted. Reverting to safe mode.
45. Re:Removing bins will not fix underlying problem by Carewolf · 2013-08-12 06:38 · Score: 1
  
  That can already happen. MAC addresses are not guaranteed unique. It is extremely unlikely to happen but it can.
46. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 06:41 · Score: 1
  
  Mac addresses were originally designed to be static, but in the real world almost every smartphone uses software mac addresses.
  Their nics are built to allow MAC changing. For Android there are any apps for that.
  
  --
  Sig Battery depleted. Reverting to safe mode.
47. Re:Removing bins will not fix underlying problem by afidel · 2013-08-12 06:43 · Score: 1
  
  No pics necessary, it's in the source check out this link. My phone does the same thing but unlike under 4.3 there's no obvious way to turn it off without turning off all WiFi notifications.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
48. Re:Removing bins will not fix underlying problem by radarskiy · 2013-08-12 06:44 · Score: 1
  
  It is seeking out known SSIDs, instead of waiting for the AP to broadcast. This is an otherwise reasonable action in certain situations, e.g. you have just turned on the device or just turned on wifi.
49. Re:Removing bins will not fix underlying problem by radarskiy · 2013-08-12 06:45 · Score: 1
  
  a) seeking a non-broadcast but known SSID
  b) seeking a known SSID pre-emptively instead of waiting ofr the AP to broadcast
  c) connecting to a known SSID in the vicinity
50. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 06:48 · Score: 4, Informative
  
  With your question, you've touched the heart of the problem.
  Lazy software designers (those working for wifi chip designers) are sending mac addresses even while they are not associated with any network.
  Some say that these only occur when you have previously associated with a hidden SSID network, but that is not the only case, and most
  modern chip sets send a mac address all the time for no reason at all.
  Its not part of the standard to broadcast your mac unless you are a router. But since the advent of ad-hoc networks, there are a lot
  phones that broadcast it all the time looking to join an adhoc network. Furthermore, bluetooth also broadcasts its mac all the time
  and often bluetooth and wifi are built into the same chip.
  
  --
  Sig Battery depleted. Reverting to safe mode.
51. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 06:48 · Score: 0
  
  Because some routers are configured to not broadcast their MAC addresses? One of the two will have to do so, or else they won't know about each other! My suggestion: Add a feature via software to the phone to use a new MAC address with random components on each connection attempt to a unknown network.
52. Re:Removing bins will not fix underlying problem by ericloewe · 2013-08-12 06:51 · Score: 1
  
  The first one almost never happens. The second one isn't much of a compatibility issue, from what I know, just a very minor inconvenience (waiting a few seconds at most until the access point broadcasts its existence).
53. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 06:55 · Score: 1
  
  What do you mean it's "not possible?"
  I would think simply re-generating a random MAC address each time you enable WiFi would work well enough.
  There are times when you want to use your real mac (or at least the same mac you used last time you connected).
  Mac filtering is sometimes used to limit who can connect.
  DHCP servers use mac to give out the same IP upon re-requests, and can run out of IP addresses if a gazillion phones power up with ever-changing mac addresses.
  But if the software could use the same mac each time it connected to a specific router, then that SAME MAC could be what ever random mac was in use at the time it first connected with that particular router. Its a tad more record keeping for the phone, but it already keeps SSIDs and Access Point MACs and Passwords, so its not that big of a deal to keep a few more bytes to hold your router specific spoof-mac.
  
  --
  Sig Battery depleted. Reverting to safe mode.
54. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 06:58 · Score: 0
  
  DHCP reservations (used on many, many networks for hardware that needs to maintain the same IP address) require MAC addresses that do not change.
  Isn't that what Static IPs are for? Why have a Dynamic ("Characterized by constant change, activity, or progress") IP... that's always the same??
55. Re:Removing bins will not fix underlying problem by Xenx · 2013-08-12 06:59 · Score: 1
  
  While I wouldn't want to call you a liar, my android devices definitely don't behave like that. If the wireless is off, the wireless is off.
56. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 07:00 · Score: 0
  
  Its broadcasting your MAC because it is a necessary identifier and because the protocols were developed in a simpler, less paranoid time. People didn't expect MACs to be misused to track people. Of course, when the underlying technology was developed, "tracking" wasn't an issue. Everyone knew where the computers were because they weighed half a ton and couldn't broadcast while moving anyway ;-)
  But its also a necessity because networks can be noisy and you want to make sure your signal gets to the right person while adding the minimum of additional noise. You exchange MAC addresses as soon as you can so other computers can know to ignore your conversation. The protocol could have been designed so the server announcements held all the necessary connection information and clients just had to listen without giving anything in return, but that was considered wasteful because /every/ machine would have to receive all that info. Better to just shout out your MAC, and then if somebody connects, THEN start telling them the specifics.
  Sort of like:
  Server: HEY! 12:12:55:55:AD:AD
  versus
  Server: HEY! 12:12:55:55:AD:AD. Cisco Router, SSID SuperNet, Wireless protocols 801.11bgn, etc.
  The latter would let a client decide beforehand whether or not it wants to connect, but it makes for a much "noisier" environment requiring more bandwidth and resources. It would be superfluous to all clients that either have already connected or have decided not to connect.
57. Re:Removing bins will not fix underlying problem by fullmetal55 · 2013-08-12 07:06 · Score: 3, Informative
  
  because it's easier to change DNS entries in a DHCP Server than going around to 100+ individual devices to change the DNS entries when a DNS server dies. and since DHCP hands out more than just an IP, it makes sense to use reservations. thats why every DHCP server I've ever seen allows for reservations.
  There are many other things that DHCP can hand out as well, DNS is simply an example. other issues are default gateway changes, subnet mask changes, voip server changes, Dynamic DNS updating. which are all fine on a handful of devices to manage that as static, but once you get into 100s, or 1000s, reservations make a lot more sense.
58. Re:Removing bins will not fix underlying problem by Yaur · 2013-08-12 07:08 · Score: 1
  
  because it is easier to manage when your "static" IPs are set up on a central server.
59. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 07:10 · Score: 0
  
  The Android phone I have from my carrier (AT&T) does automatically connect to any open wifi network with the SSID 'attwifi' unless I have specifically told it to disconnect the last time I was connected to said network. i.e. until it is already automatically connected, you cannot disable auto-connect.
60. Re:Removing bins will not fix underlying problem by girlintraining · 2013-08-12 07:15 · Score: 1
  
  However, why would it broadcast my MAC if it has no intention of connecting?
  As I mentioned in yesterday's thread about this, to much applause and condemnation by people who apparently don't understand how packet-switched networks work at layer 2...
  Broadcasting is to find out what's available or in-range. This is done because broadcasting the SSID is not mandatory in the 802.11(a/b/g/n) spec. As a result, almost every device defaults to sending a probe packet containing a list of preferred networks. A receiving station can then reply to that with the equivalent of a "yes, I'm here" packet. It's similar to how ARP queries work.
  Of course, everyone thinks this is some kind of security vulnerability when it isn't. Any wifi connection sends the source and destination address in the clear on that channel during the setup phase. Disabling these probe packets would do nothing to address the problem; Anyone connecting to any other wifi device in any mode has to broadcast their MAC address anyway.
  As well, Bluetooth also broadcasts its MAC address; while the range is considerably shorter, just about everyone these days has an 'ear leech' for their phone. Many car radios these days also support bluetooth pairing... so not just your phone will be picked up, but possibly your vehicle, ear piece, ipad, etc.
  Again, this is not a security vulnerability. Not. Is not. It's built into the protocol. The protocol does not need to be changed. In fact, every packet-switched network depends on having a source and destination address... encrypted or not, you need to be able to route the packets.
  It is this fundamental truth about networking that these market-droids are exploiting -- by itself, it means nothing, but over time you can build profiles of people's movements, and all it takes is using a credit card in a building that is also tracking your cell phone movements to tie your address to a realworld identity. And that is where the vulnerability comes in. It's not a problem with the technology, but rather with correlative statistical analysis.
  This cannot be fixed by changing the wifi protocol, or any other OTA protocol. The closest you'll come to a "fix" will break networks very badly; Which would be to randomly generate MAC addresses on a per-session basis. Networking equipment handles MAC address collisions very badly because the MAC address is assumed to be unique. While in practice, the end-user may not notice any problems, it makes the job of every network administrator many times harder because the ugliest problem to track down on a network is intermittent problems. And that's what such a solution would create.
  The correct solution in this case is to heavily fine and make illegal such data collection efforts. And yes, tin foil hat crowd, the government will probably still use such technology. But let's be honest: Even the NSA's recent privacy invasions are a trifling matter compared to private businesses doing it. The NSA at least is accountable to Congress. Businesses are accountable only to profit. With all the things going on in the world, this technology being used by the government is not high on my list of concerns.
  
  --
  #fuckbeta #iamslashdot #dicemustdie
61. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 07:16 · Score: 1
  
  Apparently you didn't read you own link.
  
  The important thing to keep in mind is this if you hate this, you can turn it off. The option is just buried under an "advanced" menu. Turning off "Scanning always available" will make "off" for Wi-Fi really be "off."
  And further, its only on a leaked version of 4.3, not anyone's production version.
  
  --
  Sig Battery depleted. Reverting to safe mode.
62. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 07:17 · Score: 0
  
  As in the first half of the address being assigned to manufacturers and the last half being dictated by those manufacturers. That is to say, usually incremental and occasionally repeating.
  There really is little at all random about MAC addresses save for how the hardware itself is dispersed.
63. Re:Removing bins will not fix underlying problem by mspohr · 2013-08-12 07:43 · Score: 1
  
  Thanks for this explanation.
  I would think that one could have a setting for your phone wifi which would not broadcast your MAC and would only listen for SSIDs. When a "known" SSID is found, the the MAC could be sent to establish the connection. This would avoid the problem of walking around with a personally identifiable beacon in your pocket.
  This would still leave the problem of connecting to stations where they do not broadcast an SSID but this "feature" doesn't seem to be of much value to anyone.
  
  --
  I don't read your sig. Why are you reading mine?
64. Re:Removing bins will not fix underlying problem by jkflying · 2013-08-12 07:49 · Score: 1
  
  I understand why infrastructure might need static MACs. But phones? How about specifying a range of random MAC addresses that they can choose from to prevent collisions with critical infrastructure?
  
  --
  Help I am stuck in a signature factory!
65. Re:Removing bins will not fix underlying problem by gl4ss · 2013-08-12 07:54 · Score: 1
  
  your security cameras would have the same mac in respect of the network they're connected to... dhcp would be just fine.
  and when you would create a new wifi network, you'd use the hardcoded mac on the ap or create a new one.
  accountability is pretty much the only reason for enforcing mac addresses and even for that it's very stupid. collisions would be a pretty exotic thing to happen.
  
  --
  world was created 5 seconds before this post as it is.
66. Re:Removing bins will not fix underlying problem by robot5x · 2013-08-12 08:21 · Score: 1
  
  so for example in my iphone setting wi-fi menu, there is a button 'ask to join networks'. Underneath it says
  
  'known networks will be joined automatically. If no known networks are available, you will have to manually select a network'.
  So where the network is unknown, it won't connect automatically. But you're saying it will still nevertheless broadcast my MAC to available APs??
  
  --
  Hej! Nasi tu byli!
67. Re:Removing bins will not fix underlying problem by halltk1983 · 2013-08-12 08:22 · Score: 1
  
  If my elevator starts jumping onto random wifi networks, I think I have bigger problems than being able to remotely work on it.
  
  --
  Watch for Penguins, they eat Apples and throw rocks at Windows.
68. Re:Removing bins will not fix underlying problem by cant_get_a_good_nick · 2013-08-12 08:32 · Score: 1
  
  ...It's that users aren't bright enough or are too lazy to turn off wi-fi detection when they're not using it.
  I think you're being a bit harsh here.
  One, this is a moderately complex concept, that your phone is emitting uniquely identifying info when you're not even connected to a network.
  Two, we've conditioned people to keep WiFi on. Between capped bandwidth plans, video services restricted over Cell data, and even Apple asking you to keep it on (they use the GPS + SSID data to help their mapping efforts) having WiFi on 24/7 is normal to a lot of people.
  We live in a complex world with a huge number of interactions. It's pretty normal to not think of them all. Ask Jon Corzine if there was any complexity that he missed. And he's a pretty smart guy.
69. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 08:42 · Score: 1
  
  Known networks are those that you have previously connected to. This terminology is true for both iPhones and Android.
  If a new network appears, even if it requires no password, it will not be connected to automatically.
  It appears that most wifi devices (not limited to android or IOS) still broadcast their Mac Address even when you
  do not attempt to connect. The standard says that this should be done for Access Points/Routers, but
  the problem is that almost every device out there does this for no apparent reason even when not connecting.
  
  --
  Sig Battery depleted. Reverting to safe mode.
70. Re:Removing bins will not fix underlying problem by zzsmirkzz · 2013-08-12 08:44 · Score: 1
  
  You're missing that this is wireless technology and there is no way to directly connect to one AP while ignoring all others (at least in the connection phase). Every packet is broadcast to every antenna that can receive it, every packet is coded with the MAC address of the source (so the recipient knows who sent it and can reply) as well as the intended recipient (or all if it is a real broadcast). AP's that aren't listed as the recipient should drop/ignore packets they receive that aren't addressed to them but there is nothing forcing them to do so. While maybe not 100% technically correct, I believe it is sufficient to explain the problem. The problem is this: every antenna in range can receive every packet and can decode basic information about the sender and intended receiver of the packet. This cannot be fixed technically as it is by design. The only thing than can be done is to legislatively outlaw the practice of gathering this information and/or using it to compile a database.
71. Re:Removing bins will not fix underlying problem by mspohr · 2013-08-12 08:57 · Score: 1
  
  I was proposing that my smartphone should have a setting which would keep it from broadcasting my MAC address all of the time but only broadcast it when it "hears" a known wifi access point. My phone only needs to broadcast my MAC address when it wants to connect. The rest of the time, it should just listen and stay quiet.
  There is no need to broadcast my MAC until I want to connect.
  This would eliminate the ability of London garbage cans (as well as Macy's, Target, Walmart, etc.) to track me.
  
  --
  I don't read your sig. Why are you reading mine?
72. Re:Removing bins will not fix underlying problem by Ash+Vince · 2013-08-12 09:12 · Score: 1
  
  But most carriers default their phones to auto-connect to open WIFI to save themselves bandwidth.
  I'm thinking that must be a British thing. My GS3 (on Virgin/Bell) in Canada doesn't autoconnect to anything WiFi unless you've previously explicitly connected to a given network and AFAICT, there's no option to even make it do so.
  It's not a british thing, its apparently how android and maybe iphones work. Even though you were not actually connecting to the wifi access point as it came into range your phone does a little hello to get a signal back and determine range and stuff that included its MAC address. They then logged the MAC and monitored whether the signal was getting stronger or weaker in order to figure out your rough direction of movement. Apparently all this was done even when you just walked past the bloody things even though you never actually associated the device with the access point.
  I have been walking past these things for months so they must have a nice track showing my walk to work every day as I am fairly sure I walk past a few of them between Bank and Shoreditch.
  
  --
  I dont read /. to RTFA, I read /. to offend people in ignorance.
73. Re: Removing bins will not fix underlying problem by jonbryce · 2013-08-12 09:36 · Score: 1
  
  The UK Mobile networks either operate their own public wifi networks (O2 and T-Mobile) or have an agreement with another wifi operator such as BT to provide access for their customers. The phones are configured to connect to that wifi network when in range, so that when you go to a busy location such as a train station or shopping centre, it takes pressure off the network, and the customer benefits because the data they use doesn't count towards their bundled allowance.
74. Re:Removing bins will not fix underlying problem by jareth-0205 · 2013-08-12 09:40 · Score: 1
  
  it's that users aren't bright enough or are too lazy to turn off wi-fi detection when they're not using it.
  Bit harsh! You cannot expect the usual non-computer person to be able to appreciate the privacy implications of a phone in its default wifi scanning mode any more than I can describe the correct way to lay the foundations for a tarmac road. It either should be secure-by-default, or a clearly explained tradeoff that the user can make, nether of which is true for modern smartphones.
75. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 09:42 · Score: 0
  
  collisions would be a pretty exotic thing to happen.
  I've seen MAC collisions before, it's no fun to troubleshoot. Especially when it's completely random, adding an additional layer of "Oh, I have 17 phones connecting all at once and 4 use a MAC randomizer" means I can't neccessarily walk up look at the mac address on the phone and verify whether or not they are the problem child.
76. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 10:33 · Score: 0
  
  Except that'd break connecting to any network with multiple access points, such as hotspot networks such as you find in train stations, airports, onboard trains etc.
77. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 10:37 · Score: 0
  
  They already have a 'range'... the first few digits indicate manufacturer and probably model. If you start randomising within that range there becomes the risk (though small) that you'll collide with other users. When you're on a roaming hotspot network that could cause major issues because the number of MACs you could collide with potentially becomes nationwide. Your MAC is tracked centrally and used to authenticate you have permission to access the hotspot.
78. Re:Removing bins will not fix underlying problem by icebike · 2013-08-12 10:42 · Score: 1
  
  Why?
  All those multiple access points are going to share the same SSID. It should work.
  
  --
  Sig Battery depleted. Reverting to safe mode.
79. Re:Removing bins will not fix underlying problem by LordNimon · 2013-08-12 14:07 · Score: 1
  
  So where the network is unknown, it won't connect automatically. But you're saying it will still nevertheless broadcast my MAC to available APs??
  
  Yes. It does this so that it doesn't have to wait for the APs to send their beacons. The AP sees the probe request, and sends out a beacon right away, instead of every tenth of a second. Supposedly, this saves time.
  
  However, I wonder what the value of this feature is. If you have a dozen nearby phones, all sending probe requests every second, then the AP is sending out hundreds of beacons every second.
  
  --
  And the men who hold high places must be the ones who start
  To mold a new reality... closer to the heart
80. Re:Removing bins will not fix underlying problem by Anonymous Coward · 2013-08-12 19:17 · Score: 0
  
  Sone access points never broadcast themselves and only respond to prompts for access points.
81. Re:Removing bins will not fix underlying problem by Wootery · 2013-08-12 21:17 · Score: 1
  
  Or just have the random-number-generation done not by the phone, but by the telco.
82. Re:Removing bins will not fix underlying problem by Wootery · 2013-08-12 21:20 · Score: 1
  
  Oops, I got it wrong - they're tracking using Wi-Fi, not mobile telephony.
  In that case I agree. Also, the odds of actually ever seeing a collision are inifinitesimal.
83. Re:Removing bins will not fix underlying problem by Yer+Mom · 2013-08-13 04:16 · Score: 1
  
  Just looked at my Nexus 7, running the production version of 4.3. That option is present, though it defaults to off.
  
  --
  Never mind Spamassassin. When's Spammerassassin coming out?
84. Re:Removing bins will not fix underlying problem by mstefanro · 2013-08-13 06:01 · Score: 1
  
  Collisions are exponentially unlikely, therefore practically impossible for large bitstrings.
85. Re:Removing bins will not fix underlying problem by uninformedLuddite · 2013-08-13 12:08 · Score: 1
  
  and you are here because?
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
86. Re:Removing bins will not fix underlying problem by uninformedLuddite · 2013-08-13 12:14 · Score: 1
  
  Then when John Q is standing at the bus stop the advertisements can be targeted for him. Isn't that lovely?
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
Good call by Anonymous Coward · 2013-08-12 05:10 · Score: 0

Tho I do hope they recycling part of that is still up even after they stop tracking phones.
1. Re:Good call by ackthpt · 2013-08-12 05:27 · Score: 1
  
  Tho I do hope they recycling part of that is still up even after they stop tracking phones.
  All the better reason to go around with your mobile phone turned off until you need to use it or wish to check messages.
  "I see you post on /. Please look at all these cheesey t-shirts on ThinkGeek.com!"
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
2. Re: Good call by Anonymous Coward · 2013-08-12 05:48 · Score: 0
  
  I hope the standard advertising keeps them going. I walk past them every day and they display live public transport information and the weather forecast, which is nice.
3. Re:Good call by noh8rz10 · 2013-08-12 05:57 · Score: 1
  
  All the better reason to go around with your mobile phone turned off until you need to use it or wish to check messages.
  but then people couldn't call you? which is a key feature?
4. Re:Good call by uninformedLuddite · 2013-08-13 12:22 · Score: 1
  
  but then people couldn't call you? which is a key feature?
  I would call it a key feature. I am currently being spammed by Indians trying to sell me shit.
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
5. Re:Good call by noh8rz10 · 2013-08-13 15:43 · Score: 1
  
  LOLWUT? telephone spam is way better than email spam because you can tell the telemarketers to fuck off.
Tracking in the UK... by Frosty+Piss · 2013-08-12 05:10 · Score: 1

Given the level of tracking going on by the government in the UK, espescially London, if the spooks there are not already doing this themselves, they will be soon.

--
If you want news from today, you have to come back tomorrow.
1. Re:Tracking in the UK... by Anonymous Coward · 2013-08-12 05:15 · Score: 0
  
  There's a difference between being tracked by a random company and a government body. At least the latter operates under the scrutiny of elected representatives.
2. Re:Tracking in the UK... by Cornwallis · 2013-08-12 05:18 · Score: 2
  
  There's a difference between being tracked by a random company and a government body. At least the latter operates under the scrutiny of elected representatives.
  Say what?!
3. Re:Tracking in the UK... by Anonymous Coward · 2013-08-12 05:24 · Score: 0
  
  At least the latter operates under the scrutiny of elected representatives.
  Yeah, sure they do.
  Good troll.
4. Re:Tracking in the UK... by Anonymous Coward · 2013-08-12 05:28 · Score: 0
  
  What's on second.
5. Re:Tracking in the UK... by Feyshtey · 2013-08-12 05:28 · Score: 1
  
  Surely you're not that ignorant...
  
  --
  "But we have to pass the bill so that you can find out what is in it,..." - Nancy Pelosi
6. Re:Tracking in the UK... by Anonymous Coward · 2013-08-12 05:28 · Score: 0
  
  +1 funny
7. Re:Tracking in the UK... by ackthpt · 2013-08-12 05:31 · Score: 1
  
  Given the level of tracking going on by the government in the UK, espescially London, if the spooks there are not already doing this themselves, they will be soon.
  It's a wonder your mobile isn't photographing where you are and what you are doing and adding that to the pool of publicly recorded video. Probably only a matter of time on that front.
  "no-trash-talking" uh more of a "bin ban, banning bin bother"
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
8. Re:Tracking in the UK... by Anonymous Coward · 2013-08-12 05:34 · Score: 0
  
  Cornwallis, when will you accept that the government is just trying to do what's best for you? You really need to grow up.
9. Re:Tracking in the UK... by mcgrew · 2013-08-12 05:38 · Score: 1
  
  Indeed. Rather than our elected "representatives"* tracking us, they should be stopping the corporations from tracking us. At least the British seem to have representation... somewhat, I guess. There's way too much stalking in the world by both government and industry, and I'm disgusted by it.
  * I'm American. My "representatives" only represent the corporations. If they represented the citizenry pot would be legal, since over half the population thinks the laws against it are stupid.
  
  --
  Free Martian Whores!
10. Re:Tracking in the UK... by Bigbutt · 2013-08-12 05:40 · Score: 1
  
  I'm not, and don't call me Surely. [autocorrect: Shirley]
  [John]
  
  --
  Shit better not happen!
11. Re:Tracking in the UK... by ackthpt · 2013-08-12 05:43 · Score: 1
  
  There's a difference between being tracked by a random company and a government body. At least the latter operates under the scrutiny of elected representatives.
  Only in the House of Commons. You don't have much say after that, they pick the PM and the House of Lords is like Forrest Gump's box of chocolates -- you never know what you will get (may contain nuts.)
  The majority of Britons seem quite content to be under constant surveillance, at least when someone runs over their cat they'll know who owned the vehicle.
  
  --
  
  A feeling of having made the same mistake before: Deja Foobar
12. Re:Tracking in the UK... by Anonymous Coward · 2013-08-12 06:09 · Score: 0
  
  As an American too I agree. but I think tracking should only be done to those Representatives that we "elected"
13. Re:Tracking in the UK... by Anonymous Coward · 2013-08-12 06:23 · Score: 0
  
  Ive always worried about this, but then I think wait they are just going to get a bunch of blurry dark pictures of my pocket lint.
14. Re:Tracking in the UK... by uninformedLuddite · 2013-08-13 12:23 · Score: 1
  
  In the US the government can get around those pesky laws by having data aggregated by a private company and then buying it from them as a commercial product
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
15. Re:Tracking in the UK... by uninformedLuddite · 2013-08-13 12:24 · Score: 1
  
  Google Glass
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
Exclusive Rights by some+old+guy · 2013-08-12 05:10 · Score: 2

I should think that this is really just GCHQ exercising it's exclusive sovereign right to track everyone, everywhere, all the time.
The American way is more efficient: let business collect the data and then the government can demand to share it.

--
Scruting the inscrutable for over 50 years.
1. Re:Exclusive Rights by CanHasDIY · 2013-08-12 05:51 · Score: 1
  
  Exactly; it's not 'we're putting a stop to this because it's wrong,' but rather 'we're putting a stop to this because you're not being sneaky enough, and that jeopardizes our own domestic spying operation.'
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
So, enough surveillance now? by lgw · 2013-08-12 05:10 · Score: 1

Wow, London has decided that there is such a thing as too much surveillance? Maybe the pendulum has finally reached the end of the swing. Hey, a guy can hope.

--
Socialism: a lie told by totalitarians and believed by fools.
1. Re:So, enough surveillance now? by Captain+Hook · 2013-08-12 05:26 · Score: 1
  
  its the shock factor which did it, the Local Government had no idea this was happening and the suddenly read about it in national papers as being a completed and implemented system on their doorstep without them knowing anything about it.
  
  i bet if they had been told about it in advanced they would have been happy to let the system run.
  
  --
  These comments are my personal opinions and do not necessarily reflect the opinions of the other voices in my head.
2. Re:So, enough surveillance now? by Feyshtey · 2013-08-12 05:30 · Score: 1
  
  Or maybe they found a very convenient non-government scapegoat they can point to and say, "Look what we're doing to protect you! Do you see now that what we do is really not that bad!?"
  
  --
  "But we have to pass the bill so that you can find out what is in it,..." - Nancy Pelosi
3. Re:So, enough surveillance now? by Anonymous Coward · 2013-08-12 06:47 · Score: 0
  
  implemented system on their doorstep without them knowing anything about it.
  Translation: "Where's our slice of the pie?"
4. Re:So, enough surveillance now? by Anonymous Coward · 2013-08-13 05:54 · Score: 0
  
  Not London, the City of London, which is just one square mile in central London, it has its own police force independent of that of the rest of London, I think it is governed separately from the rest of London as well, but I'm not sure. Its where a lot of financial institutions have there offices.
5. Re:So, enough surveillance now? by uninformedLuddite · 2013-08-13 12:27 · Score: 1
  
  The conspiracy theorists have a lot to say about that little fact
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
That's right by phantomfive · 2013-08-12 05:11 · Score: 1

Good thing there's no tracking of citizens going on in London now.

--
"First they came for the slanderers and i said nothing."
No prosecution? by AmiMoJo · 2013-08-12 05:11 · Score: 2

Why no criminal investigation, or at least massive fine under Data Protection laws?

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
1. Re:No prosecution? by sinij · 2013-08-12 05:27 · Score: 3, Informative
  
  >>>Why no criminal investigation, or at least massive fine?
  
  Likely because phone is actively broadcasting information in the public space. If I go out shouting my Social Security number, others are not liable for overhearing it or even writing it down.
2. Re:No prosecution? by Anonymous Coward · 2013-08-12 05:34 · Score: 0
  
  That depends on how they write it down. If they purposely store many of those numbers knowing that they are considered to be private data they would probably run afoul of the data protection laws in many EU member states, regardless of how loud you are shouting.
3. Re:No prosecution? by wonkey_monkey · 2013-08-12 05:55 · Score: 1
  
  Who's to say that isn't coming?
  
  The corporation has taken the issue to the Information Commissioner's Office.
  This isn't even an actual ban - the company has only been asked to stop, and has done so.
  
  --
  systemd is Roko's Basilisk.
4. Re:No prosecution? by gl4ss · 2013-08-12 06:01 · Score: 1
  
  actually they are...
  and remember this is the UK where court orders have been for shutting people up about who dates who on the side - which you could know by just having been in the same bar with them.
  
  --
  world was created 5 seconds before this post as it is.
5. Re:No prosecution? by Anonymous Coward · 2013-08-12 06:31 · Score: 1
  
  >>>Why no criminal investigation, or at least massive fine?
  Likely because phone is actively broadcasting information in the public space. If I go out shouting my Social Security number, others are not liable for overhearing it or even writing it down.
  Overhearing it; No. Writing it down; they might well be liable - what reason do they have to write it down?
  There's only 1 very tiny little step between your argument and the one that blames victims who dress too sexy for being raped.
  Someone doing something daft is not a reason, nor justification, nor excuse for you doing something illegal or immoral.
6. Re:No prosecution? by Anonymous Coward · 2013-08-12 06:56 · Score: 0
  
  Social Security numbers were never meant to be private when they were first introduced. it was a universal tracking number for all citizens. now with credit and ID theft we have made it so that it needs to be kept private.
7. Re:No prosecution? by AmiMoJo · 2013-08-12 09:35 · Score: 1
  
  Doesn't matter. Under UK law you have to deal with people's data in a safe manner, with their consent and only keep it as long as you have a legitimate use for it.
  I can tell you are not British because we don't have social security numbers. In Europe data protection and privacy are protected far more it seems.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
8. Re:No prosecution? by jxander · 2013-08-12 09:51 · Score: 1
  
  Just being in the public space doesn't mean someone has the right to systematically record all of the info they see/hear
  At lunch today, I handed my credit card to a waiter to pay for a meal. By your logic, that waiter should be allowed to copy down all of the info from my card, because it's a public space. Multiply that by every customer at that restaurant, and then by the total number of restaurants in that chain.
  And you think this is OK, because the numbers embossed on my card aren't encrypted?
  
  --
  This signature is false.
9. Re:No prosecution? by Anonymous Coward · 2013-08-12 12:54 · Score: 0
  
  Unfortunately, the line between overhearing information and recording it is closing quickly as technology moves forward.
  Laws which attempt to differentiate the two only make sense when the two are distinct and simply become ridiculous/unenforceable in the future.
  Even copyright law was seen as reasonable by many people back when copying and distributing data was relatively difficult and expensive. Look at it now.
10. Re:No prosecution? by Zontar+The+Mindless · 2013-08-12 12:55 · Score: 1
  
  I find myself thinking, "Thank goodness I'm a legal resident of an EU member state."
  Followed by, "Oh, shit--I'm still a US citizen, and most of my family still live there."
  
  --
  Il n'y a pas de Planet B.
11. Re:No prosecution? by tragedy · 2013-08-14 15:49 · Score: 1
  
  At lunch today, I handed my credit card to a waiter to pay for a meal. By your logic, that waiter should be allowed to copy down all of the info from my card, because it's a public space. Multiply that by every customer at that restaurant, and then by the total number of restaurants in that chain.
  That's a very interesting analogy to me. It throws into sharp relief the problem here: having to resort to shaky legal principles when the real problem is a poor technological implementation. With cell phones and wireless Internet, the problem is that the protocols being used should not be uniquely identifying themselves in the clear with any random hotspot. Unique IDs for devices on the network are fine, but they should be randomly assigned and negotiated on the fly. If device identification is necessary for authentication on the network, that should be done with crypto tokens that are never transmitted on the same channel, and that kind of authentication is required, it should never be done automatically without user approval. For that matter, the very idea of a unique MAC address is a relic. It made sense with the limited hardware of the time, but who does it actually serve today? If the network requires authentication, it should be done at a higher level and preferably out of channel, if it doesn't, no unique IDs should be required.
  In the example of credit cards... Really, what is there to be be said about credit cards? The basic security model of a plastic card with a magnetic strip that provides all the authentication information to extract any amount from it to every merchant it's used with has been obsolete for decades. Pocket calculators were already dirt cheap by the end of the 1970's and a very basic device using a single hidden key and an on-board pin could have been created with the same technology. Transactions could have been processed based on time of purchase and a vendor id and the hidden key. The old credit card impression machines could have been replaced with a simple battery-operated reader. With modern technology, we should have smart payment devices (NOT cell phones, unless they're using an external cryptographic device with unreadable keys) handling all of our credit cards, holding pre-generated transaction keys for every minute of every day for the lifetime of the device so that every transaction uses a unique key.Credit cards would be an absolute joke from a security standpoint except that there's absolutely nothing funny about them. If the credit card companies actually cared about security at all, they would have to be drooling idiots scribbling on the walls with their own excrement to keep using them as is.
  All that said, there should be legal protections too, but there's honestly no reason for any of this data to actually be available to be misused in the first place.
Privacy by intermodal · 2013-08-12 05:12 · Score: 1

Privacy has a very different meaning to the average citizen as compared to the definition according to the government or corporations. I'm glad London is doing the right thing here.

--
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
City of London = Wall Street by Anonymous Coward · 2013-08-12 05:14 · Score: 0

The banksters don't want their phones tapped by outsiders.
1. Re:City of London = Wall Street by Anonymous Coward · 2013-08-12 05:33 · Score: 0
  
  no that's canary wharf
2. Re: City of London = Wall Street by Anonymous Coward · 2013-08-12 05:44 · Score: 0
  
  No, it's both.
This is why... by gstoddart · 2013-08-12 05:14 · Score: 3, Interesting

This is why I keep wi-fi disabled on my mobile devices unless I need it.
I've found I don't particularly want my device to be phoning home to people when I'm not looking, and I've also found leaving wi-fi on absolutely impacts my battery life.
Stuff like this is only going to get worse as various advertisers decide they're entitled to more information than we're willing to give them.

--
Lost at C:>. Found at C.
1. Re:This is why... by Anonymous Coward · 2013-08-12 05:25 · Score: 2, Interesting
  
  This is why I keep wi-fi disabled on my mobile devices unless I need it.
  That's odd. My phone doesn't send out probes. Like most phones it listens for beacons and connects to those I've told it to. It's possible on some phones to tell it to probe, but that's a bad idea for many reasons.
2. Re:This is why... by radarskiy · 2013-08-12 06:48 · Score: 1
  
  What steps to do take to ensure there is no malicious wifi in range to observe your connection to your desired wifi when you do turn it on?
3. Re:This is why... by Anonymous Coward · 2013-08-12 11:18 · Score: 0
  
  Please, please advise the rest of us who are not idiots, how a device who's transmitter is disabled, is still capable of transmitting.
  Idiot.
4. Re:This is why... by Anonymous Coward · 2013-08-13 05:57 · Score: 0
  
  Are you sure about that? How did you verify it and what phone do you have?
5. Re:This is why... by uninformedLuddite · 2013-08-13 12:30 · Score: 1
  
  I was going to say something really cutting and clever then realised I had nothing. I told you anyway because I like to share.
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
I wonder by engblom · 2013-08-12 05:19 · Score: 1

I wonder how people at all wants to live in a such country. And most of all: why are the people not protesting more.
1. Re:I wonder by Anonymous Coward · 2013-08-12 05:29 · Score: 0
  
  I wonder how people at all wants to live in a such country. And most of all: why are the people not protesting more.
  Of course, it's valid to ask why Americans are essentially doing the same thing.
  "The Land of the Free" has become a joke.
No. by Anonymous Coward · 2013-08-12 05:20 · Score: 2, Funny

Here is what they want:

The voice came from an oblong metal plaque like a dulled mirror which formed part of the surface of the right-hand wall. Winston turned a switch and the voice sank somewhat, though the words were still distinguishable. The instrument (the telescreen, it was called) could be dimmed, but there was no way of shutting it off completely.
[snip]
In the far distance a helicopter skimmed down between the roofs, hovered for an instant like a bluebottle, and darted away again with a curving flight. It was the police patrol, snooping into people's windows. The patrols did not matter, however. Only the Thought Police mattered.
The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live -- did live, from habit that became instinct -- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.
Winston kept his back turned to the telescreen. It was safer, though, as he well knew, even a back can be revealing. A kilometre away the Ministry of Truth, his place of work, towered vast and white above the grimy landscape. This, he thought with a sort of vague distaste -- this was London, chief city of Airstrip One, itself the third most populous of the provinces of Oceania.
Unlike in Orwell's day, they have the means to track everyone, everywhere (at least in densely-populated areas). They have only to generate the will to do so and it will become a reality.
Scream "terrorist" enough times and that will generate the will.
Could have been worse by ThatsNotPudding · 2013-08-12 05:32 · Score: 1

They could have actually followed you around, autoplaying ads.

"Quick! To the stairs!"
1. Re:Could have been worse by Anonymous Coward · 2013-08-12 06:43 · Score: 0
  
  That's Version 2.0.
  No, really: The CEO of this company sounds like the sort of complete twat who was inspired by the stalking ads in "Minority Report" and would like nothing better than to be the first to implement and deploy them.
uummm... by djupedal · 2013-08-12 05:35 · Score: 2

Bins tracking phones tracking bins tracking phones tracking bins....when will it all end?
1. Re:uummm... by Anonymous Coward · 2013-08-12 06:48 · Score: 0
  
  Bins tracking phones tracking bins tracking phones tracking bins....when will it all end?
  read this out loud in a Damon Albarn voice
2. Re:uummm... by Anonymous Coward · 2013-08-12 06:51 · Score: 0
  
  Don't worry, the gorillas will freeze in the winter.
3. Re:uummm... by Anonymous Coward · 2013-08-12 07:26 · Score: 0
  
  It ends the moment that we can practically go darknet i guess.
4. Re:uummm... by PPH · 2013-08-12 08:00 · Score: 1
  
  when will it all end?
  When they bin the phone tracking bins.
  
  --
  Have gnu, will travel.
Where? by Anonymous Coward · 2013-08-12 05:42 · Score: 1

London != City of London. Article and summary say City, but the summary title and parts of the article say London (or "the east of London").
1. Re:Where? by Anonymous Coward · 2013-08-12 07:09 · Score: 0
  
  this is occurring in the City of London, just not over the entire city. Though it is occurring in a section of the city itself. Its like calling Manhattan, New York city, but meaning Wall Street.
Who thought this was a good idea to begin with? by s.petry · 2013-08-12 05:54 · Score: 3, Insightful

Subject says it all. How was this allowed to happen? Garbage bins don't need to other people, they need to track when they are full and need to be emptied. I'm sure that this stems from a Government funding program in a black budget that the people of London (and other areas of the UK) have no idea they are paying for.
I do realize that the US probably has similar or worse programs that we are not yet aware of. I know they have been working on billboard advertising to track people and believe it has been implemented in NYC to some extent. We, all of the free people, need to put an end to this! Nothing good can come from this level of tracking people!

--
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
1. Re:Who thought this was a good idea to begin with? by radarskiy · 2013-08-12 06:49 · Score: 1
  
  " I'm sure"
  What is the factual basis of this surety?
2. Re:Who thought this was a good idea to begin with? by jeffmflanagan · 2013-08-12 07:13 · Score: 2
  
  >Subject says it all. How was this allowed to happen? Garbage bins don't need to other people, they need to track when they are full and need to be emptied.
  
  They do if they're going to start showing targeted ads if the test-program works out.
  
  >I'm sure that this stems from a Government funding program in a black budget that the people of London (and other areas of the UK) have no idea they are paying for.
  
  Maybe you need to adjust your drug intake.
3. Re:Who thought this was a good idea to begin with? by s.petry · 2013-08-12 07:18 · Score: 1
  
  I assume you meant "how do I come to such a conclusion?" because I never stated my opinion was factual.
  Speculation based on events both historical and recent. It's interesting how much work DARPA and the NSA have done to assist certain companies attain certain goals, and how those goals have turned into tools used by politicians and the self proclaimed elites.
  In addition, I pointed out a logical business direction for use of sensors on trash bins. "track when they are full". You could add a list of other business intelligent related sensors that would benefit a business and not a Government. "Tipped over", "Unauthorized User submitting trash", and "On Fire" would make much more sense for society as well as have obvious business benefits. What purpose for a business is there in tracking everyone's cell phone location? The simple answer is that there is none. In fact it is so difficult to invent a reason that the UK has disbanded the program.
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
4. Re:Who thought this was a good idea to begin with? by Anonymous Coward · 2013-08-12 08:14 · Score: 0
  
  Thank you shill # 2981833, you can expect an extra pound in your weekly stipend.
5. Re:Who thought this was a good idea to begin with? by jareth-0205 · 2013-08-12 09:46 · Score: 1
  
  I'm sure that this stems from a Government funding program in a black budget that the people of London (and other areas of the UK) have no idea they are paying for.
  Care to back that up with anything or are you just talking out of your arse?
  As far as I can see, they are just an advertising company that have struck a deal to provide bins in exchange for advertising space. No reason to think any council money was used to fund this.
6. Re:Who thought this was a good idea to begin with? by s.petry · 2013-08-12 10:00 · Score: 1
  
  I answered this to the first person to ask, thanks for reading.
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
7. Re:Who thought this was a good idea to begin with? by Zontar+The+Mindless · 2013-08-12 13:01 · Score: 1
  
  Maybe you need to adjust your naïveté quotient.
  
  --
  Il n'y a pas de Planet B.
8. Re:Who thought this was a good idea to begin with? by uninformedLuddite · 2013-08-13 12:32 · Score: 1
  
  Maybe you need to adjust your drug intake.
  Maybe you need some?
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
9. Re:Who thought this was a good idea to begin with? by uninformedLuddite · 2013-08-13 12:34 · Score: 1
  
  As far as I can see, they are just an advertising company that have struck a deal to provide bins in exchange for advertising space.
  
  and Kroll & Associates is just an investment advisory group
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
CC TV? by Theaetetus · 2013-08-12 05:58 · Score: 2

London, the city with more closed circuit cameras than anywhere else on Earth, wants to ban spying on pedestrians? Or is it only a concern when someone other than the government has control over the information?
1. Re:CC TV? by Anonymous Coward · 2013-08-12 13:28 · Score: 0
  
  Of the tens of thousands of CCTVs in London, more than 95% belong to private individuals - shopkeepers, building owners, homeowners, car park owners.
Maybe wireless specs need to eliminate open MAC by Ioldanach · 2013-08-12 06:17 · Score: 2

Currently wireless devices negotiating connections to nearby WiFi points need to exchange MAC addresses in the initial exchange of data, on an essentially open channel, because all data exchanges recognize each other with the MAC address, to determine routing.
Perhaps the spec could be augmented by allowing a randomized MAC address that is not tied to the device. Define the first octet so manufacturers don't assign anything to it, and leave the remaining bits as completely random. Make the next part of the packet the public half of a key pair that the device expects responses to come back to. Allow the same random MAC address scheme to be used by either side of the connection. Only accept packets that can be properly decoded with the private key of the key pair, which eliminates the problem of random MAC address collisions. As a part of negotiating the secured connection, when exchanging the private key also exchange the real MAC address only after the secured connection is complete. Or, never use the real MAC address and retain the random MAC address for the duration of the connection.
Excellent! by Anonymous Coward · 2013-08-12 06:31 · Score: 0

Very good! Perhaps then they will move on to disabling tracking from obvious sources like mailboxes, then telephone polls, then store signs, then traffic lights, then billboards, then street fences, then shrubs, and then rocks!
wait... by Charliemopps · 2013-08-12 06:36 · Score: 1

Can we just ban tracking phones? Who care what does it...
Wait... let me rephrase that... can we just ban "tracking"? My commercial or government entities?
Free people should not be tracked by anyone.
Automatically setting WiFi off and on by jeffmflanagan · 2013-08-12 07:06 · Score: 1

I use an Android app called Timeriffic to turn radios and sound on and off based on my usual schedule, so WiFi is on at home, but not when I'm out. I expect there are similar apps that can do this for you based on geolocation.
1. Re:Automatically setting WiFi off and on by Zontar+The+Mindless · 2013-08-12 13:03 · Score: 1
  
  You are either INCREDIBLY naïve, or that was a troll of stellar brilliance.
  
  --
  Il n'y a pas de Planet B.
2. Re:Automatically setting WiFi off and on by uninformedLuddite · 2013-08-13 12:36 · Score: 1
  
  You really are very entertaining. Can you roll over?
  
  --
  The new right fascists are bilingual. They speak English and Bullshit.
I think to make the point by Stan92057 · 2013-08-12 07:12 · Score: 1

I think to make the point to theses money mongers is to hire a detective to follow them outside and write down little notes and make it so theres no confusion they are being followed and tracked for what they are doing. We dont tell the detective who it is they are following just need a picture of them And there home address i wounder just how they might feel. Advertisers its NOT ok to spy on people without permission or we will start to follow you. :}

--
Jack of all trades,master of none
I get it. by Anonymous Coward · 2013-08-12 07:25 · Score: 0

The gov is worried that people increases their security so much that the gov gets harder to spy on the population.
1. Re:I get it. by Anonymous Coward · 2013-08-12 13:05 · Score: 0
  
  Next time you "get" something, please endeavour to share it with us in an intelligible form. Thanks.
Given the reaction to Google's "wardriving" by msobkow · 2013-08-12 07:46 · Score: 1

Given the reaction to Google's "wardriving" StreetView cars, they had to have known this would be banned.

--
I do not fail; I succeed at finding out what does not work.
City of London != London by Anonymous Coward · 2013-08-12 18:54 · Score: 0

It's just 1 square mile with a population of less than 7500 people, the smallest city in England.
London, meanwhile, is the most populated city in Europe with just over 8 million people in 600 square miles.
Comment removed by account_deleted · 2013-08-13 16:15 · Score: 1

Comment removed based on user account deletion
Comment removed by account_deleted · 2013-08-13 16:24 · Score: 1

Comment removed based on user account deletion