Slashdot Mirror
Austin Airport Tracks Cell Phones To Measure Security Line Wait
jfruh writes If you get into the TSA security line at Austin-Bergstrom International Airport, you'll see monitors telling you how long your wait will be — and if you have a phone with Wi-Fi enabled, you're helping the airport come up with that number. A system implemented by Cisco tracks the MAC addresses of phones searching for Wi-Fi networks and sees how long it takes those phones to traverse the line, giving a sense of how quickly things are moving. While this is useful information to have, the privacy implications are a bit unsettling.
Its not like they don't already know where you are when you are entering airport security.
Modern IOS versions randomize the MAC used for passive wifi scans. I'd imagine android is also doing the same.
Don't use the FREE effing wifi, if you don't like it. If you're not paying for the product, you are the product.
Turn off wi-fi. Done.
You can be tracked anywhere anytime you're using a communication radio. Deal with it.
"A plan fiendishly clever in its intricacies"- Homer Simpson
And, it's not like you can opt out .. unless you simply don't fly.
...if you have a phone with Wi-Fi enabled
You could always just, you know, turn off wifi on your phone.
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
I'm a huge privacy advocate... but how far are we going to go with this?
You're in a public place.
You're connecting to their network at various points.
They're using that info to figure out how long it takes for you to get through the line.
How is this any different than them using your check ins with your boarding pass?
"I just dumped the entire contents of my luggage in the middle of food court. I appreciate the offer to help me pick it up bu how dare you invade my privacy!"
While this is useful information to have, the privacy implications are a bit unsettling.
As best I can tell from the description, this sounds similar to what Disney and other themeparks use to track their wait times for rides, except the amusement parks occasionally hand out little RFID "things" to guests at the ride entrance and ask the guest to give it to the operator.
As far as I'm aware, any time you're polling for WiFi networks you're broadcasting your MAC; this just seems like a fairly benign way to get information about a process without getting actual data on an individual.
Granted, you can somewhat reliably tie together a MAC addy's travel path if you have the ability to see all the places that MAC has been, but that was true even without this particular software.
So, yeah, what is the concern about this software in particular? It seems like the complaint is more with how the scanning for networks works.
Sigh. Ok people, let me explain something ... if your cell phone is on, you are being tracked. You always have been. The cell towers have to communicate with your phone, and therefore you are always being tracked.
This particular instance of tracking (by noting with a MAC address enters/leaves an area) is no more invasive than what has been happening at the airport for decades with the cameras that are up at every airport everywhere. Tracking a MAC address doesn't indicate who you are or give them access to any information about you as an individual.
Furthermore, if you have your WiFi on, you are again always locatable. If you really think that someone someone being able to know that MAC 00:11:22:33:44:55:66 has left the building is an invasion of privacy, turn off your phone - or better yet don't have a cell phone, because you are being tracked and inspected in far more invasive ways than that if you have a cell phone.
Certainly I don't want them to know I have a cell phone, that would be an invasion of my privacy while I wait in line for my NAKED BODY SCAN, right after I hand them my government-issued ID. There are privacy invasions happening there, but they aren't wifi related.
A bit????
No, the privacy implications of this are downright creepy. Because the most unsettling thing is governments and corporations feel they have a right to this information.
And, it's not like you can opt out .. unless you simply don't fly.
And, then what does Cisco et al do with this information? Oh, right, sell it for profit.
Assholes.
They A) Already know you have a flight booked B) Already know where you are going. C) When you check in, they know you are there. If you want privacy of how long you are waiting in line. Don't broadcast your location over the air waves with a transmitter.
I don't want to do a sig now
You are dumb.
The manufacturer of your phone already knows your mac address. It has no value to anyone else beyond the first network hop. You like the author are an idiot who knows nothing about MAC addresses.
I disagree. Although i do think my phone should change its mac address regularly so that the tracking is at most session based. They know -a phone- was in line for 30 minutes. They don't know the phone is my phone. And when they see a phone a for 30 minutes next week they won't know its the -same phone-.
Also, just a heads up to those excited about Apple's ios mac randomization -- its proving to be not remotely as good as they led us to believe it would be. (It only sends out a random mac when a) not connected to a network, b) AND asleep.
Any time anything wakes up the phone it probes with its real mac. (So for example, if your on cellular data, and twitter or email or something gets a message to your phone, it wakes up and probes wifi with its real mac...) rendering the feature all but useless. Apparently the fake probes also include your recent SSID list too making them even more useless.
http://www.imore.com/closer-lo...
So... not worse than ios7 ... but not exactly useful either.
And on that note, does anyone recommend a good automatic mac randomizer for android?
Well, I fail to see how people taking note of information that you're basically shouting out loud to everyone around you can be considered creepy.
I mean, you phone is basically saying "Hi I'm John Smith the <48 bit MAC ID> and I'm looking for WiFi, anyone offering some?" over and over again.
So you're saying it's not right for someone to overhear it and write that down? "I just heard a John Smith out there".
You must be real fun at parties when people overhear your conversations.
No, the privacy implications of this are downright creepy. Because the most unsettling thing is governments and corporations feel they have a right to this information.
If you are in an airport your are IN PUBLIC. Your privacy rights are significantly reduced when you are in public. You have no legal expectation of privacy in public. There is nothing remotely creepy about this. In fact I actually think this is a fairly clever use of the technology which allows people to easily opt out if desired.
And, it's not like you can opt out .. unless you simply don't fly.
There is an incredibly easy solution. Turn off your Wifi. Tada! Problem solved. If you have Wifi turned on then you are quite literally broadcasting your presence to anyone who cares to listen. It's like shouting at the top of your lungs in the airport and then telling everyone you have no way to opt out. YOU are the one broadcasting. It is YOUR choice. If you don't want people to listen then turn off your radio.
MAC address randomization is currently being argued back and forth in IEEE 802.
It breaks many things. It might work randomizing between sessions on a simple LAN, but in the presence of the the 802.1 network features (bridges, vlans, STP, provider bridges etc. etc.) it simply breaks.
It doesn't sit well with the various authentication schemes that mix the MAC address into the security header and key derivation.
It doesn't sit will with MAC based routing entities that are not on the local segment.
People with a deep knowledge of 802 protocols are looking at this and it isn't simple or easy.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
Its literally no different than somebody watching the airport cameras and counting how many people go through security each hour. Who cares?
GCS/MU/P d- s:- a-- C++++$ UL++ P+ L++ E+ W++ N o K- w--- O M+ V- PS+++ PE Y+ PGP t+ 5- X R++ tv+ b++ DI++ D++ G+ e++ h-