Slashdot Mirror

← Back to Stories (view on slashdot.org)

London Bans Recycling Bins That Track Phones

Posted by samzenpus on from the no-trash-talking dept.

judgecorp writes "In a swift response to a media storm, the City of London has closed down a trial of recycling bins which track the phones of pedestrians. Renew provides recycling bins funded by digital advertising, and has been told to stop a trial where bins tracked phones. Although the CEO of Renew claims there was no intention to breach privacy, his own marketing material says otherwise."

24 of 179 comments (clear)

  1. Removing bins will not fix underlying problem by sinij · · Score: 5, Insightful

    Removing bins will not fix underlying protocol implementation problem. This has to be treated as any other vulnerability and patched, so it is not possible.

    1. Re:Removing bins will not fix underlying problem by mcrbids · · Score: 2

      Wow. Talk about ignorance aloud. And on Slashdot!

      The "issue" to be addressed is the need for a way to uniquely identify a device as distinct from other devices. This is accomplished by the use of a number called a MAC address. Because it uniquely identifies a device, it can be used to (gasp!) uniquely identify a device.

      That's what Renew (the company in question with the "smart bins") was doing... logging MAC addresses announced by wifi cards as they try to moderate a wifi connection.

      --
      I have no problem with your religion until you decide it's reason to deprive others of the truth.
    2. Re:Removing bins will not fix underlying problem by ackthpt · · Score: 4, Insightful

      It is astonishing how few people seem to understand that.

      Rather like war-driving in reverse. How times change.

      --

      A feeling of having made the same mistake before: Deja Foobar
    3. Re:Removing bins will not fix underlying problem by compro01 · · Score: 2

      And what need is there to announce the MAC address when not connected to anything?

      --
      upon the advice of my lawyer, i have no sig at this time
    4. Re:Removing bins will not fix underlying problem by ericloewe · · Score: 3, Insightful

      Here's the problem:

      If the user doesn't say "I want to connect to 'Trash can Wi-Fi'", why should the phone decide on its own to connect to 'Trash can Wi-Fi' without asking?

      If the phone doesn't (stupidly) try to connect to any open network it sees, it doesn't broadcast its MAC address whenever some dubious access point asks for it.

    5. Re:Removing bins will not fix underlying problem by mspohr · · Score: 4, Interesting

      There is something I don't understand here.
      If I have my WiFi turned on and it is set to automatically connect to "known" access points but not set to connect to random unknown access points, why would it broadcast my MAC?
      I can understand that it will listen for a "known" access point and when it finds one, send the MAC to connect and that is fine.
      However, why would it broadcast my MAC if it has no intention of connecting?

      --
      I don't read your sig. Why are you reading mine?
    6. Re:Removing bins will not fix underlying problem by bandy · · Score: 2

      And if two devices randomize to the same MAC? That Would Be Bad.

      --
      "You might as well get your son a ticket to hell as give him a five string banjo." -unknown minister
    7. Re:Removing bins will not fix underlying problem by Carewolf · · Score: 2

      If you have set up the phone to connect to a hidden SSID, then it will broadcast it MAC (and the hidden SSID) all the time asking if it is there.

      It can also prompt for nearby access points instead of waiting for them to announce themselves, this also broadcasts their MAC.

      The first is easy to solve (don't use hidden networks ever). The second one can be a bit of a compatibility issue.

    8. Re:Removing bins will not fix underlying problem by cusco · · Score: 4, Informative

      IIRC, the address space available for MAC addresses allows something like 1000 devices for each square foot of land area on Earth, so there isn't much chance of collision. Having said that, AC is wrong. DHCP reservations (used on many, many networks for hardware that needs to maintain the same IP address) require MAC addresses that do not change. Many manufacturers have sniffer programs that are needed to do installations and service on their hardware, which sniff the set of MAC addresses assigned to their company. There are lots of other reasons that MAC addresses are linked to a piece of hardware.

      The issue here isn't that MAC addresses are unique, it's that users aren't bright enough or are too lazy to turn off wi-fi detection when they're not using it.

      --
      "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
    9. Re:Removing bins will not fix underlying problem by icebike · · Score: 3, Informative

      And there is no reason a MAC address should not randomize itself in between network connections.

      No reason other than that the MAC address exists to uniquely identify the device connecting to the network. You seem to have missed the point of the MAC address. Some networks lock down access by MAC address as it is supposed to identify specific devices.

      Your phone knows its real Mac, and the mac of the routers it has connected to before.
      All it need do is use the same mac for any router it has seen before, or use its REAL mac when you request
      a connection to any router.

      Routers you don't CHOOSE TO connect to, have no valid reason to know your mac.

      --
      Sig Battery depleted. Reverting to safe mode.
    10. Re:Removing bins will not fix underlying problem by icebike · · Score: 4, Informative

      With your question, you've touched the heart of the problem.

      Lazy software designers (those working for wifi chip designers) are sending mac addresses even while they are not associated with any network.
      Some say that these only occur when you have previously associated with a hidden SSID network, but that is not the only case, and most
      modern chip sets send a mac address all the time for no reason at all.

      Its not part of the standard to broadcast your mac unless you are a router. But since the advent of ad-hoc networks, there are a lot
      phones that broadcast it all the time looking to join an adhoc network. Furthermore, bluetooth also broadcasts its mac all the time
      and often bluetooth and wifi are built into the same chip.

      --
      Sig Battery depleted. Reverting to safe mode.
    11. Re:Removing bins will not fix underlying problem by fullmetal55 · · Score: 3, Informative

      because it's easier to change DNS entries in a DHCP Server than going around to 100+ individual devices to change the DNS entries when a DNS server dies. and since DHCP hands out more than just an IP, it makes sense to use reservations. thats why every DHCP server I've ever seen allows for reservations.

      There are many other things that DHCP can hand out as well, DNS is simply an example. other issues are default gateway changes, subnet mask changes, voip server changes, Dynamic DNS updating. which are all fine on a handful of devices to manage that as static, but once you get into 100s, or 1000s, reservations make a lot more sense.

  2. Exclusive Rights by some+old+guy · · Score: 2

    I should think that this is really just GCHQ exercising it's exclusive sovereign right to track everyone, everywhere, all the time.

    The American way is more efficient: let business collect the data and then the government can demand to share it.

    --
    Scruting the inscrutable for over 50 years.
  3. No prosecution? by AmiMoJo · · Score: 2

    Why no criminal investigation, or at least massive fine under Data Protection laws?

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    1. Re:No prosecution? by sinij · · Score: 3, Informative

      >>>Why no criminal investigation, or at least massive fine?


      Likely because phone is actively broadcasting information in the public space. If I go out shouting my Social Security number, others are not liable for overhearing it or even writing it down.

  4. This is why... by gstoddart · · Score: 3, Interesting

    This is why I keep wi-fi disabled on my mobile devices unless I need it.

    I've found I don't particularly want my device to be phoning home to people when I'm not looking, and I've also found leaving wi-fi on absolutely impacts my battery life.

    Stuff like this is only going to get worse as various advertisers decide they're entitled to more information than we're willing to give them.

    --
    Lost at C:>. Found at C.
    1. Re:This is why... by Anonymous Coward · · Score: 2, Interesting

      This is why I keep wi-fi disabled on my mobile devices unless I need it.

      That's odd. My phone doesn't send out probes. Like most phones it listens for beacons and connects to those I've told it to. It's possible on some phones to tell it to probe, but that's a bad idea for many reasons.

  5. Re:Tracking in the UK... by Cornwallis · · Score: 2

    There's a difference between being tracked by a random company and a government body. At least the latter operates under the scrutiny of elected representatives.

    Say what?!

  6. No. by Anonymous Coward · · Score: 2, Funny

    Here is what they want:

    The voice came from an oblong metal plaque like a dulled mirror which formed part of the surface of the right-hand wall. Winston turned a switch and the voice sank somewhat, though the words were still distinguishable. The instrument (the telescreen, it was called) could be dimmed, but there was no way of shutting it off completely.

    [snip]

    In the far distance a helicopter skimmed down between the roofs, hovered for an instant like a bluebottle, and darted away again with a curving flight. It was the police patrol, snooping into people's windows. The patrols did not matter, however. Only the Thought Police mattered.

    The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live -- did live, from habit that became instinct -- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.

    Winston kept his back turned to the telescreen. It was safer, though, as he well knew, even a back can be revealing. A kilometre away the Ministry of Truth, his place of work, towered vast and white above the grimy landscape. This, he thought with a sort of vague distaste -- this was London, chief city of Airstrip One, itself the third most populous of the provinces of Oceania.

    Unlike in Orwell's day, they have the means to track everyone, everywhere (at least in densely-populated areas). They have only to generate the will to do so and it will become a reality.

    Scream "terrorist" enough times and that will generate the will.

  7. uummm... by djupedal · · Score: 2

    Bins tracking phones tracking bins tracking phones tracking bins....when will it all end?

  8. Who thought this was a good idea to begin with? by s.petry · · Score: 3, Insightful

    Subject says it all. How was this allowed to happen? Garbage bins don't need to other people, they need to track when they are full and need to be emptied. I'm sure that this stems from a Government funding program in a black budget that the people of London (and other areas of the UK) have no idea they are paying for.

    I do realize that the US probably has similar or worse programs that we are not yet aware of. I know they have been working on billboard advertising to track people and believe it has been implemented in NYC to some extent. We, all of the free people, need to put an end to this! Nothing good can come from this level of tracking people!

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

    1. Re:Who thought this was a good idea to begin with? by jeffmflanagan · · Score: 2

      >Subject says it all. How was this allowed to happen? Garbage bins don't need to other people, they need to track when they are full and need to be emptied.

      They do if they're going to start showing targeted ads if the test-program works out.


      >I'm sure that this stems from a Government funding program in a black budget that the people of London (and other areas of the UK) have no idea they are paying for.

      Maybe you need to adjust your drug intake.

  9. CC TV? by Theaetetus · · Score: 2

    London, the city with more closed circuit cameras than anywhere else on Earth, wants to ban spying on pedestrians? Or is it only a concern when someone other than the government has control over the information?

  10. Maybe wireless specs need to eliminate open MAC by Ioldanach · · Score: 2
    Currently wireless devices negotiating connections to nearby WiFi points need to exchange MAC addresses in the initial exchange of data, on an essentially open channel, because all data exchanges recognize each other with the MAC address, to determine routing.

    Perhaps the spec could be augmented by allowing a randomized MAC address that is not tied to the device. Define the first octet so manufacturers don't assign anything to it, and leave the remaining bits as completely random. Make the next part of the packet the public half of a key pair that the device expects responses to come back to. Allow the same random MAC address scheme to be used by either side of the connection. Only accept packets that can be properly decoded with the private key of the key pair, which eliminates the problem of random MAC address collisions. As a part of negotiating the secured connection, when exchanging the private key also exchange the real MAC address only after the secured connection is complete. Or, never use the real MAC address and retain the random MAC address for the duration of the connection.