Seattle PD Mum On Tracking By Its New Wi-Fi Mesh Network

← Back to Stories (view on slashdot.org)

Seattle PD Mum On Tracking By Its New Wi-Fi Mesh Network

Posted by timothy on Saturday November 9, 2013 @01:24AM from the progressive-city dept.

An anonymous reader writes "The Stranger reports that Seattle's police department has installed a Wi-Fi mesh network paid for by the Department of Homeland Security. FTA: 'The SPD declined to answer more than a dozen questions from The Stranger, including whether the network is operational, who has access to its data, what it might be used for, and whether the SPD has used it (or intends to use it) to geo-locate people's devices via their MAC addresses or other identifiers.'"

31 of 107 comments (clear)

Min score:

Reason:

Sort:

changing it is a good idea regardless by Anonymous Coward · 2013-11-09 01:35 · Score: 4, Informative

geo-locate people's devices via their MAC addresses
If you use public wireless at all, changing your MAC is just wise, for privacy reasons.
# ifconfig eth0 hw ether
1. Re:changing it is a good idea regardless by EmagGeek · 2013-11-09 02:05 · Score: 5, Insightful
  
  No doubt there is a provision buried in Law somewhere that says that any attempt to subvert the surveillance system, obscure your identity, or obscure your location, shall constitution obstruction of police powers and land you in jail.
2. Re:changing it is a good idea regardless by houstonbofh · 2013-11-09 02:18 · Score: 4, Funny
  
  No doubt there is a provision buried in Law somewhere that says that any attempt to subvert the surveillance system, obscure your identity, or obscure your location, shall constitution obstruction of police powers and land you in jail.
  When it is criminal to use airplane mode, only criminals will have airplane mode.
3. Re:changing it is a good idea regardless by arisvega · 2013-11-09 02:53 · Score: 2
  
  geo-locate people's devices via their MAC addresses
  If you use public wireless at all, keep changing your MAC is just wise, for privacy reasons.
  # ifconfig eth0 hw ether
  FTFY
  
  --
  The three laws of thermodynamics:(1) You can't win. (2) You can't break even. (3) You can't even quit.
4. Re:changing it is a good idea regardless by citizenr · 2013-11-09 02:57 · Score: 2
  
  Im sure your iPhone does this automagically
  
  --
  Who logs in to gdm? Not I, said the duck.
5. Re:changing it is a good idea regardless by schnell · 2013-11-09 05:00 · Score: 2, Insightful
  
  This is insightful? Really?
  The cops aren't setting this up for Joe citizen to use, it's for their use in emergencies. Maybe they can track you, maybe they can't, but we have no idea if they even have any interest in doing that. I live in Seattle and The Stranger is a fun alternative weekly, but they also enjoy stirring the pot and it's probably not a good idea to take their suppositions as fact.
  Only on Slashdot can you get the same people freaking out because the police set up a Wi-Fi network that may know where you are even though they may have no intention of ever doing that ... who will turn around and cheer Google for putting up municipal Wi-Fi that is definitely being used to track you and your location, browsing, mail, search and personal buying habits and send you ads. Why is the police Wi-Fi network the one that people are worried about?
  
  --
  "95% of all Slashdot .sig quotes are incorrect or completely fabricated." -Benjamin Franklin
6. Re:changing it is a good idea regardless by serviscope_minor · 2013-11-09 05:16 · Score: 2
  
  FTFY
  You "fixed" it, but not the part where he was changing the wired MAC address to prevent wireles tracking.
  Try wlan0.
  
  --
  SJW n. One who posts facts.
7. Re:changing it is a good idea regardless by lister+king+of+smeg · 2013-11-09 06:11 · Score: 4, Insightful
  
  This is insightful? Really?
  The cops aren't setting this up for Joe citizen to use, it's for their use in emergencies. Maybe they can track you, maybe they can't, but we have no idea if they even have any interest in doing that. I live in Seattle and The Stranger is a fun alternative weekly, but they also enjoy stirring the pot and it's probably not a good idea to take their suppositions as fact.
  Only on Slashdot can you get the same people freaking out because the police set up a Wi-Fi network that may know where you are even though they may have no intention of ever doing that ... who will turn around and cheer Google for putting up municipal Wi-Fi that is definitely being used to track you and your location, browsing, mail, search and personal buying habits and send you ads. Why is the police Wi-Fi network the one that people are worried about?
  The difference is that Google can't put me in jail on trumped up charges, if they don't like what I say where the police can. All Google wants to do is show me easily blocked ads. Giving the cops recored of my location at all times, which they could easily forge to make it look like you were at a crime or anywhere incriminating is not a good idea.
  
  --
  ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
8. Re:changing it is a good idea regardless by arisvega · 2013-11-09 07:04 · Score: 4, Funny
  
  You "fixed" it, but not the part where he was changing the wired MAC address to prevent wireles tracking.
  Try wlan0.
  Utter nonsense- carrying around miles of ethernet cable is the only way to be safe.
  
  --
  The three laws of thermodynamics:(1) You can't win. (2) You can't break even. (3) You can't even quit.
Looks like Aruba mesh network with Airwave by kaptink · 2013-11-09 01:39 · Score: 4, Informative

This just looks likely to be an out of the box Aruba Airwave (tracking) install on an Aruba MSR4000 mesh network. So just turn your wifi off when your not using it?

--
Those who can, do. Those who cannot, sue.
1. Re:Looks like Aruba mesh network with Airwave by houstonbofh · 2013-11-09 02:20 · Score: 2
  
  This is more trouble than many are willing to take. It would be nice if you could blacklist ESSIDs and never touch them.
2. Re:Looks like Aruba mesh network with Airwave by imjustmatthew · 2013-11-09 03:46 · Score: 2
  
  I wonder if it would be possible to configure the phone's wifi to remain passive until it detects the beacon from a known access point?
  Full disclosure: I'm not very familiar with the physical layer of 802.11 networks, please point out if this is impossible.
3. Re:Looks like Aruba mesh network with Airwave by drinkypoo · 2013-11-09 04:30 · Score: 3, Informative
  
  Install llama on your Android phone. Permit it to learn what your home environment looks like. Disable WiFi outside of the home area. That is also more trouble than many are willing to take, but if you do it once then your phone will disable WiFI for you when you go out.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
4. Re:Looks like Aruba mesh network with Airwave by nospam007 · 2013-11-09 04:54 · Score: 2
  
  "So just turn your wifi off when your not using it?"
  Isn't NOT taking a live cellphone with you when robbing banks or planting bombs equivalent of wearing a clown mask in digital times?
5. Re:Looks like Aruba mesh network with Airwave by adolf · 2013-11-09 05:29 · Score: 2
  
  Llama looks neat, but it also looks like a non-starter for VZW: "Llama uses phone masts to determine your location"
  Attempting to locating oneself using Verizon towers alone only gets, at best, the approximate location of the tower itself, and never that of the handset.
  
  --
  Kid-proof tablet..
6. Re:Looks like Aruba mesh network with Airwave by SuricouRaven · 2013-11-09 06:16 · Score: 3, Informative
  
  What you'd need to do is disable query frames. Easily enough done, but probably not the default.
  When I was hacking all my neighbour's wifi just for practice to see if I could, I noticed that I could detect busses passing by. Their onboard computer queries every few seconds for the depo's ESSID.
  This means that the bus is actually asking 'Are we nearly there yet?' every five seconds, like an annoying child.
7. Re:Looks like Aruba mesh network with Airwave by foobar+bazbot · 2013-11-09 10:52 · Score: 2
  
  AIUI, Android uses a heuristic to classify networks as hidden or non-hidden. If no hidden networks are defined, your device passively listens until it hears a beacon from a known network, and won't transmit anything till then. If one or more hidden networks are defined, it will periodically query all hidden networks, wasting a bit of battery life and conveniently transmitting both your current MAC and your list of known hidden-SSID networks to any 802.11 radios that happen to be listening (thus enabling a sufficiently widespread network of APs to track your position).
  The heuristic is simple. If the network's ESSID shows up in the scanned list (which only happens if it's not in fact hidden-SSID) and you attempt to connect from the list, then fill in encryption values, etc., it's classified as non-hidden. If, however, you select "Add network..." (or whatever it's called in your particular version of android) and manually enter the ESSID as well as other parameters, it gets flagged as a hidden-SSID.
  The reason this is broken: Say you just got a new Android tablet, and already have SSID and encryption parameters for some networks (belonging to parents, acquaintances, or anywhere else you might visit and use the wifi) saved on your old phone/MID/laptop. You might very reasonably attempt to define these networks on your tablet while sitting at home, with none of the networks in sight... so you choose "Add network", and add one, repeat until they're all in there. The result, stupidly enough, is that Android decides those networks are all hidden-ssid, and thus goes around querying them everywhere you go. Worst, unless you habitually fire up kismet and have a look at what your tablet is sending you'll never know it, because Android is apparently designed by disciples of the GNOME crew who've internalized the "options are the enemy" philosophy.
  The right answer, of course, is to have a "Non-standards-conforming hidden-SSID network" checkbox in the settings, which defaults to checked when adding a network manually, so that people like me can uncheck it when deliberately configuring a standards-conforming network from out of sight. The slightly-less-right, but user-friendlier, option would be having that checkbox only appear when editing an already-defined network (not when defining a new one), to prevent morons accidentally unchecking it when defining a hidden-SSID network. The WRONG answer is to make it a secret property whose value is set when the network is first defined, is unsettable thereafter, and is entirely unreadable from the UI, but changes how things work behind the scenes.
  (The user-unfriendly answer is to not support hidden-SSID networks at all, since they're a stupid idea that no knowledgeable and sane person would configure that way, and the best way to make the less-knowledgable clean up their act (can't do much for the insane) is to make their shiny new phone fail to connect until they fix their AP configuration. (One hopes that within a few weeks, googling "why won't Android connect to my wifi" will direct the unfortunate to an invective-laden screed explaining just how dumb hidden-SSID is, and how you can and should turn it off with step-by-step directions for the most common routers' configuration pages.) While I have a certain attraction to the LARTiness of this, I'm not really BOFH enough to seriously recommend it...)
SPD by some+old+guy · 2013-11-09 01:50 · Score: 3, Insightful

Stasi Police Dragnet.
Coming soon to a fully-integrated nationwide real time tracking, private records collection, and surveillance system near you.
To fight drug abuse, arrest paedophiles, stop terrorists, and...right?

--
Scruting the inscrutable for over 50 years.
1. Re:SPD by EmagGeek · 2013-11-09 02:00 · Score: 2
  
  What do you mean, "coming soon?"
  It's here today, and has been here for quite a while.
2. Re:SPD by Opportunist · 2013-11-09 02:04 · Score: 2
  
  No and. We had to remove "money laundering" from the Infocalypse list.
  I mean, think, who has still money left to launder, hmm?
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
How long before by Anonymous Coward · 2013-11-09 01:54 · Score: 5, Insightful

How long before we see something like this:
Cops show up at "suspects" work or home
Cops: "Sir, your MAC address was at the scene of the crime/terrorist attack yesterday. How do you explain that."
Suspect: "I have no idea."
Cops: "Sir, you need to come with us."
Neighbors or work associates: "WTF?! We were right next to the guy and he's a TERRORIST!"
And in the meantime, the criminals will just leave their electronic devices at home. - at least the smart ones. The terrorists will have none.
Badge + gun == grunt.
All this sophisticated tracking technology will only further destroy our freedoms.
1. Re:How long before by houstonbofh · 2013-11-09 02:22 · Score: 2
  
  '..And in the meantime, the criminals will just leave their electronic devices at home. - at least the smart ones. The terrorists will have none..'
  already being found in a public place without a mobile phone is regarded as suspicious behaviour in certain quarters..
  But a dead battery is perfectly normal...
Why should we care... by Chris+Mattern · 2013-11-09 02:03 · Score: 3, Insightful

...what some policeman's mother has to say?
Random Mac Address Applet by nurb432 · 2013-11-09 02:41 · Score: 2

So, we just need a applet that every so often will generate a random new mac address for your device. Sure, if its in the middle of the day you lose connection for a moment, but is that really that big of a deal on a phone/tablet?
Of course i have been saying for years that eventually you will have to register your mac address(es) of all your devices at time of purchase and it will become a crime to spoof. Along with being handed out your assigned block of ipv6, again for tracking reasons.

--
---- Booth was a patriot ----
1. Re:Random Mac Address Applet by SuricouRaven · 2013-11-09 02:44 · Score: 2
  
  It's impossible on a phone/tablet unless you hack it first. Rooting android isn't too difficult, but it's still an undesireable situation when the only way to avoid government tracking is is via technological skill.
2. Re:Random Mac Address Applet by mikael · 2013-11-09 03:24 · Score: 3, Informative
  
  You used to have to do that back in the early days of home Internet around the mid 1990's. Just to register for a SLIP/PPP dial-up connection with a static IP address and hostname required proof of identity, your name, address, contact details, and you'd get this deed of ownership of the hostname.
  In France they actually require ID and a copy of your passport just to get a SIM card.
  
  --
  Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
3. Re:Random Mac Address Applet by nurb432 · 2013-11-09 03:27 · Score: 2
  
  Just to get static address I never had to do that back in the old days. ( well nothing beyond what you would do in order to have any telecom service.. as someone has to pay the bill remember ) Not saying you didn't, but not everyone had to.
  
  --
  ---- Booth was a patriot ----
We should, but won't. by Impy+the+Impiuos+Imp · 2013-11-09 02:52 · Score: 2

I can see a time coming, not so far from now, where all this is used as a quasi-radar system to track people, feeding into the machine that already tracks by face and license plate recognition.
Perhaps now is the time for constitutional amendment. Let's outlaw mind-reading machines, which are on the horizon, while we're at it. As in supra-4th Amendment, "Neither Congress nor any State shall (something flowery about invading a mind's operation to determine thoughts.)"

--
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Re: the smart ones by Anonymous Coward · 2013-11-09 03:31 · Score: 3, Insightful

No, they will spoof honest citizens mac addresses.
There are no "honest citizens". State authorities ascribe to the doctrine of original sin. Your existence is a crime. There may be mitigating circumstances, but it lies in the hand of law enforcement how much leeway they are willing to give you. Pray, and believe them to know what's good for you with all your heart, or you'll be damned.
Re:Avoidance by ATMAvatar · 2013-11-09 03:38 · Score: 2

That's only part of the equation. You can still be tracked by the pings your phone sends to local cell towers. If you are concerned about tracking, you may as well leave the phone at home. The alternatives - setting the phone to airplane mode, powering it off, or removing its battery effectively render it useless for most things anyways.

--
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
Re:Meaning by ampmouse · 2013-11-09 09:10 · Score: 4, Interesting

Eh, I wouldn't be so sure about that. This was the front page story of The Stranger print edition, which is a fairly popular weekly newspaper in Seattle. I had no connection with The Stranger story, but I'm one of the obscure bloggers investigating the wireless mesh. I made my first request to the Seattle Police Department in February 2013. Yes, a full 10 months ago. I didn't ask them to answer any questions, I just asked for the records. I made the following request:

Pursuant to RCW Ch. 42.56 (Public Records Act), I hereby request the following records: The maps, purchase orders, maintenance contracts, technical specifications, usage policies, access procedures, data retention policies, installation instructions, device configurations, interconnect details, and other public records requests for the wireless mesh network installed in the second half of 2012.
Obviously these are all things they should have right? I've been fighting with the police department for months, and the best I've gotten is a picture of a crumpled up printout of a low resolution map of the system. You'd think there would be source files for that picture right?

There is clearly a coverup going on here, but the police aren't going to talk about it. So I went to the IT and Finance people. Well, I got back quite a few interesting records from them! For example, this project included $9795.19 RADIUS server. On what planet does a RADIUS server cost that much? It turns out to be a $1000 dell server running FreeRADIUS. Even that is overkill.

Another interesting feature, is the camera aspect you brought up. There are already 36 high-res pan tilt zoom cameras on this network, and there is enough bandwidth for them to add over 1600 more. In addition, they significantly overpaid for the cameras by not properly following their own bidding process rules.

There are real problems with this project and most of them are not related to surveillance. Even when it is just a small blogger investigating, it is the Seattle Police Department's responsibility under Washington state law to turn over copies of records requested. Hopefully The Stranger article will bring enough attention to this problem to encourage the Police department to do the right thing, obey the law, and release the records to anyone who asks for them.