Slashdot Mirror

← Back to Stories (view on slashdot.org)

Will London Monetize Wifi Tracking Data From Its Tube Passengers? (gizmodo.co.uk)

Posted by EditorDavid on from the down-the-Tube dept.

New questions are arising about how much privacy you'll have on London's underground trains. "For a month at the end of last year, Wi-fi signals were used to track passenger journeys across the network," writes Gizmodo. "The idea is that as we travel across the Tube network, Wi-fi beacons in stations would detect the unique ID -- the MAC address -- of our phones, tablets and other devices -- even if we're not connected to the Tube's wifi network." The only way to opt-out is to turn off your phone's Wi-Fi. An anonymous reader writes: London is struggling with the transport network capacity so the ability to learn commuters' travel patterns is compelling... Now it emerged that TfL, the operator of London Subway system, is planning to use the system to monetize passengers' data. TfL is also not ruling out sharing the data with third-parties in future.

More information shows that the privacy protection could not be as good as TfL maintains, with reversible hashing and options of giving data to law enforcement. A privacy engineering expert points out additional issues in pseudonymisation scheme and communication inconsistencies. Final deployment has been initially scheduled to start in end of 2017.
"Once the tools are in place, there will inevitably be a temptation to make use of them," warns Engadget, raising the possibility of the data's use for advertising -- or even the availability to law enforcement of location data for every passenger.

90 comments

  1. Randomize Wifi MAC ? by dam.capsule.org · · Score: 2

    With 48bits and the number of people connected at one point to a wifi AP, wouldn't it be possible to randomize the MAC address ? Even with a thousand connected people, which I think could never occur, the rate of collision would be less then 1 in a hundred billion. I think nowadays most chips allows changing the mac, but I'm not sure about wireless mobile chipsets.

    --
    What sig ?
    1. Re:Randomize Wifi MAC ? by greatpatton · · Score: 1

      Yes this is what most phone do (at least Iphone for Android not some much luck), they don't provide the real Mac address to network you don't connect to prevent this kind of attack (they randomise your mac address). The only way for it to works will be that you connect to a TFL owned network where your Mac will appear.That's why so many shops would like to give you free Internet access through wifi, that's the best way for them to track you. However it seems that recently a new attack has been published to de-anonymize at a low level. However if TFL was doing this kind of blurry practice (using known flow to de-anonymize people) I don't think that it will considered fair.

    2. Re:Randomize Wifi MAC ? by gl4ss · · Score: 1

      android has this option built in... basically any new android phones should have it unless operator or someone does something to disable it.

      if you're not using their wifi then though.. why keep it even on or connect to them or have it advertise it's existence.

      whats more weird about getting a fit about this is that uh dude, they already have data about where you got on and got off the tube.

      --
      world was created 5 seconds before this post as it is.
    3. Re:Randomize Wifi MAC ? by jargonburn · · Score: 3, Informative

      Unless things have changed since I last read up on this issue, there are two basic problems with using randomization of MAC addresses to defeat tracking:

      --Software Implementation--
      Lazy method of randomization. Sometimes as simple as incrementing the value of the MAC address by 1, repeatedly over time.
      There are other signatures transmitted besides the MAC address that make it trivial to identify most smartphones, especially given the previous point.

      --Hardware Implementation--
      Smartphone chipsets handle low-level control frames in a manner that is vulnerable to tracking. As in 100% success rate. IIRC, this will happen even if you have the WiFi off in software or are in Airplane Mode.


      Source

    4. Re:Randomize Wifi MAC ? by Anonymous Coward · · Score: 0

      https://www.theregister.co.uk/2017/03/10/mac_address_randomization/

      Note they said the majority of Android phones do not have it enabled.

    5. Re:Randomize Wifi MAC ? by AmiMoJo · · Score: 4, Interesting

      Why would the chipset handle wifi packets when the wifi receiver is turned off? And even if it did, with the transmitter turned off how would the tracker ever know that it did? There is no energy going to the transmitter, no energy radiated.

      Perhaps you are referring to some Apple devices where the off switch doesn't actually turn the wifi off, but most devices don't have that fault.

      There used to be an issue where devices would broadcast the SSIDs of networks they knew about. That was to handle networks that didn't broadcast an SSID themselves, but it's mostly been deprecated and was one of the reasons that MAC address randomization was introduced.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    6. Re:Randomize Wifi MAC ? by Anonymous Coward · · Score: 0

      This is just plain wrong!

      MAC randomization works for all newer version of IOS and Android. The search for mobile networks is performed using a RANDOM mac address which makes you untrackable from WiFI.
      If connected to a network, than your MAC is fixed and is the real mac of the chipset, thus you are trackable.
      There is no "lazy method of implementation", it is built in the OS for both Android and IOS (and documented).

      As in regards to airplane mode, I won't even start to talk about how you can be tracked using WiFi if you have your phone on airplane mode on the London tube.

    7. Re:Randomize Wifi MAC ? by Anonymous Coward · · Score: 0

      Perhaps re-randomize at train stops? The device sensors should be able to check when that happens.

      This way the info gathering can't distinguish whether you left the train and someone else boarded or you just changed MAC.

    8. Re:Randomize Wifi MAC ? by ArmoredDragon · · Score: 1

      MAC randomization works for all newer version of IOS and Android. The search for mobile networks is performed using a RANDOM mac address which makes you untrackable from WiFI.

      Some OEMs (especially Samsuck) deliberately disable wifi randomization because their proprietary chipsets (i.e. Exynos) don't support it. Samsuck in particular disables it even on compatible chipsets, to keep things more consistent across devices.

    9. Re:Randomize Wifi MAC ? by Anubis+IV · · Score: 1

      iPhones have been randomizing MAC addresses for several years now, specifically to defeat drive-by tracking efforts of this sort (though the examples people were giving back when the feature was introduced were restaurant franchises and the like using their free hotspots to recognize people driving by or stopping in on a daily basis). Once you actually connect to a network, it'll give that network your actual MAC address, but up to that point it simply delivers fake addresses.

      On the Android side of things, I'm sure there must be some utilities that allow this sort of thing, but I'm not aware of it being baked into the OS as it is with iOS.

    10. Re:Randomize Wifi MAC ? by JohnFen · · Score: 1

      I'm not sure about wireless mobile chipsets.

      I've yet to own a phone that I couldn't change the MAC address on.

    11. Re:Randomize Wifi MAC ? by JohnFen · · Score: 1

      I have my phone rerandomizes its MAC every hour. That's not really short enough for this use case, but then I disable my WiFi whenever I'm out in public anymore anyway. There's far too many trackers being deployed everywhere these days. It's safest just to turn the radio off unless its needed.

    12. Re:Randomize Wifi MAC ? by Anonymous Coward · · Score: 0

      If you want to spoof MAC tracking, do it systematically. Above ground, derive the mac address from current gps coordinates. Trackers will then see stationary people, always in the same location. Or - always the same ID entering at this station, some other ID entering at that other station - and so on.

      Or have the device listen for other devices. When some other mac address passes by - presumably on a meeting train - grab it for a while. Trackers will see people oscillating back and forth.

  2. Overcomplicating matters by andrewbaldwin · · Score: 5, Insightful

    I can sympathise with TfL's stated aims - knowing how many people go from place A to place B via route C at certain times of day is useful and can be socially beneficial if it helps train scheduling.

    But this can be done in a simpler way (albeit not in real time - but is that really necessary?).

    Many years ago I recall using the metro and local trains in Copenhagen when they were doing a survey. When you entered the station they gave you a paper slip with the station name and timeslot written on it; when you reached your end destination there was a bin to drop the paper slip into. That's it from the passenger viewpoint - minimal inconvenience and no linking to you as a person (and you could even opt out by keeping the paper slip if you were so minded).

    I'm guessing that at the end of the day they collected the slips at each station and could work out just how many people went on each journey within hour long blocks.

      I do recall thinking that a bar code or QR block would simplify the counting process.

    But that's not cool enough - it's too simple for today's management to consider (and it cannot be subverted or surveilled).

    Slightly off topic - doesn't everyone turn off the phone wifi & bluetooth when not in use? -- doing so seems [in my experience -YMMV] to extend the time between charges by quite a useful margin.

    1. Re:Overcomplicating matters by Anonymous Coward · · Score: 1, Insightful

      they have all of the information on how people are moving across the whole transportation network already - via the Oyster (contactless transport ) cards. So that's a BS aim of tracking.

    2. Re:Overcomplicating matters by oobayly · · Score: 5, Insightful

      The reason they did this was to track people's routes through the system - Oyster will only give the end points, not where they changed stations. The Gizmodo article explains that, if you bothered to read it...

      The Register did an article on this a few weeks ago and mentions that TFL did a good job anonymising the data:

      Fortunately, TfL did it right: they used ICO guidelines to protect users' privacy by grabbing and tracking MAC addresses and then depersonalized them using a salt which then discarded at the end of each day. That in effect makes it impossible to know what the original MAC address was.

    3. Re:Overcomplicating matters by Z00L00K · · Score: 1

      But they don't really know which way people want to go, they will just know the route they take that they think is the best for them.

      What you need is a bigger picture. Looking only at those that uses public transportation and not everyone gives a skewed view. You don't capture routes where there's a need only routes that are congested.

      Drop analyzing the flow in the pipes, look at the end points of people as a group. Clumping together travel routes for people based on where they are at fixed times as a group - like 05:00 (most likely at home), 10:00 (most likely arrived at work), 15:00 (starting to think about going home), 20:00 (most likely at home again). Build a map sectioned in hexagons, first large scale then smaller scale over the area you want to analyze and then use logaritmically scaled lines to see how movements are distributed. That will tell you which routes you should focus on to provide most efficient public transportation.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
    4. Re:Overcomplicating matters by michelcolman · · Score: 3, Informative

      Slightly off topic - doesn't everyone turn off the phone wifi & bluetooth when not in use?

      We do, but Apple just turns it on again when we travel to a new location or in any case at 5am.

      (unless we go out of our way to disable it in the system settings rather than through the more convenient control center which tricks us into thinking it's the same thing)

    5. Re:Overcomplicating matters by michelcolman · · Score: 2

      And then pretty soon they'll get some more great ideas, like: "are the people traveling on Wednesday the same ones as those traveling on Thursday?". So they'll stop discarding the salt and there goes your anonymity.

    6. Re:Overcomplicating matters by thegarbz · · Score: 1

      Many years ago I recall using the metro and local trains in Copenhagen when they were doing a survey.

      The entire article seems to be pointless. London's metro system is electronically gated. They can easily track how passengers are moving between stops using their Oyster cards.

      Slightly off topic - doesn't everyone turn off the phone wifi & bluetooth when not in use? -- doing so seems [in my experience -YMMV] to extend the time between charges by quite a useful margin.

      I haven't done this since the first generation of smartphones. Especially Bluetooth I find makes zero difference to my battery life, and WiFi makes only a marginal difference compared to e.g. being in a low coverage zone and having the LTE radio blasting at full power trying to get a signal. In many cases if you're in a low coverage area having wifi on (and thus not using mobile data) is actually beneficial to your battery life.

    7. Re:Overcomplicating matters by schleimkeim · · Score: 1

      doesn't everyone turn off the phone wifi & bluetooth when not in use? -- doing so seems [in my experience -YMMV] to extend the time between charges by quite a useful margin.

      You seem to forget that 99.9% of people who use technology, have no clue at all about technology.

    8. Re:Overcomplicating matters by Anonymous Coward · · Score: 0

      Yes, if I am not actively using WiFi or Bluetooth, it is turned off.
      I used to use WiFi at home until I got an email from my Telcom telling me that I'd used 25% of my data for the year. And... I had 25% of the year left to go, so now I don't bother turning off mobile data when I get home, I'd rather the phone use another ~10% of the data I'd paid for in advance and leave the rest of my internet's monthly download limit for streaming video, playing games and downloads, rather than a tiddly bit of phone usage.

      Bluetooth is turned on when I'm in my car AND I suspect I may receive or want to make a hands free phone call. Other than the car, the only other bluetooth device I own is my AV receiver in the lounge room, and I've used that functionality about twice since I bought it, since it's plugged into 3 other internet devices (a HTPC, Xbox and digital PVR) so there is no need to be connected to my phone when those other devices are so much better for anything I can think of. Any photos or videos taken by the phone are uploaded to the cloud and available to the HTPC at the least.

      My tv is not smart, again, there is no point in paying for features that appear to be non-upgradable when I've got better devices connected to my large (165cm) 4K tv that perform everything far better than a smart tv could do, from what I've read, seen and heard about. And those devices receive updates, automatically, unlike, it seems, a smart tv.

      WiFi? Bluetooth? Why waste your battery power on maintaining susceptibility to malware when you're not actually using them?

    9. Re:Overcomplicating matters by Richard_at_work · · Score: 1

      There are multiple ways to get from A to B once through the barriers, which means the actual routings taken aren't captured, just the duration and the entry and exit points.

      I can see why TfL want to do this. They do a lot of trickery with signage at peak times to force people flows between platforms etc for better crowd management etc (there are routes between certain platforms at certain underground stations where the "advertised" routes at peak take you on a 3 or 4 minute walk, when actually you can go a slightly different route and be at the other platform in a few seconds - TfL do this to avoid overcrowding on the second platform, by introducing a delay in connecting passengers).

    10. Re:Overcomplicating matters by stealth_finger · · Score: 1

      I can sympathise with TfL's stated aims - knowing how many people go from place A to place B via route C at certain times of day is useful and can be socially beneficial if it helps train scheduling.

      Surely they can, you know, look at the trains.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    11. Re:Overcomplicating matters by AmiMoJo · · Score: 4, Interesting

      Maybe not... https://blog.lukaszolejnik.com...

      Aside from TfL's apparent confusion of various technical terms, it looks likely that the salts could be recovered. MAC addresses are not random, they are assigned in blocks to manufacturers. Some devices do randomize them, but some don't and it appears that they use only one salt per day for every MAC address they hash.

      You can assume that there will be a large number of devices running wifi chipset X and not randomizing. That gives you a way to check a salt for validity, i.e. if when combined with known MAC addresses from the ranges allocated to that manufacturer it produces a hash in the TfL dataset. And you can further narrow this down by taking your own device with a known MAC address onto the tube during the test.

      It's probably fine... But their lack of technical clarity and secrecy about the scheme they used (for all we know the salts could have just been the date or something silly) isn't very encouraging. As a branch of government they should set the gold standard for this stuff.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    12. Re:Overcomplicating matters by Anonymous Coward · · Score: 0

      The reason they did this was to track people's routes through the system - Oyster will only give the end points, not where they changed stations. The Gizmodo article explains that, if you bothered to read it...

      The Register did an article on this a few weeks ago and mentions that TFL did a good job anonymising the data:

      However, the AC was correct and did reply to GP (andrewbaldwin) paper method. Thus, TFL does not need to use the paper method (for end point to end point) that Denmark used in the past.

    13. Re:Overcomplicating matters by Anonymous Coward · · Score: 0

      Slightly off topic - doesn't everyone turn off the phone wifi & bluetooth when not in use?

      We do, but Apple just turns it on again when we travel to a new location or in any case at 5am.

      (unless we go out of our way to disable it in the system settings rather than through the more convenient control center which tricks us into thinking it's the same thing)

      From the link you gave us, I am not sure you really understand what it said. Look at the bold text below.

      While Wi-Fi is disabled, auto-join for any nearby Wi-Fi networks will also be disabled until:

      * You turn on Wi-Fi in Control Center.

      * You connect to a Wi-Fi network in Settings > Wi-Fi.

      * You walk or drive to a new location.

      * It's 5 AM local time.

      * You restart your device.

      In other words, it is talking about "auto-join" feature, not the whole Wifi feature.

    14. Re:Overcomplicating matters by Anonymous Coward · · Score: 0

      is the system so badly designed that there are multiple routes for one given origin and destination? at given times? One would hope that knowing entry and exit points at specific times and knowing all train routes (including any delays) they would be able to extrapolate the routes being utilized. if they have the oyster card data then they shouldn't need the wifi mac data.

    15. Re:Overcomplicating matters by michelcolman · · Score: 1

      And just how do you think auto-join works if WiFi is disabled?

      There are quite a few articles about this issue, including here on slashdot. Both WiFi and BlueTooth are switched on again automatically even after you turned them "off" in the control center. You need to dig down into the settings to really disable them.

    16. Re: Overcomplicating matters by Anonymous Coward · · Score: 0

      And from a security perspective turning both off when possible is also sound

    17. Re:Overcomplicating matters by Wrath0fb0b · · Score: 1

      Actually, iOS already (since iOS 8) randomizes the MAC address used for scanning. So unless you are actually joined to TFL's AP (or they are intentionally trying to probe each phone with an RTS) the address changes periodically to a new unique value.

      Interestingly, this actually lets TFL get useful information about waiting times at various stations and who transfers where. They just can't track any individual reliably.

    18. Re:Overcomplicating matters by Anonymous Coward · · Score: 0

      Even with it only tracking end points, since they know the train schedules it aught to be pretty simple to deduce where train swaps were made. People are likely to take the shortest/quickest route from A to B, unless they are down right deranged and like to ride the train for extended periods of time for no purpose at all.

    19. Re:Overcomplicating matters by tlhIngan · · Score: 1

      I can sympathise with TfL's stated aims - knowing how many people go from place A to place B via route C at certain times of day is useful and can be socially beneficial if it helps train scheduling.

      But this can be done in a simpler way (albeit not in real time - but is that really necessary?).

      Many years ago I recall using the metro and local trains in Copenhagen when they were doing a survey. When you entered the station they gave you a paper slip with the station name and timeslot written on it; when you reached your end destination there was a bin to drop the paper slip into. That's it from the passenger viewpoint - minimal inconvenience and no linking to you as a person (and you could even opt out by keeping the paper slip if you were so minded).

      I'm guessing that at the end of the day they collected the slips at each station and could work out just how many people went on each journey within hour long blocks.

      There's a far simpler way to do it. You use the tickets the people use to travel!

      Every ticket is serial numbered internally and you pass it through the gate in order to pass, recording the station you started your trip. When you exit, you pass your ticket over the gate and it records that a ticket traveled from station A to station B.

      Unless your ticket is one of those monthly or multi-ride passes, and unless those require a name and address (some do, to allow stuff like auto-renewals so you don't have to use ticket machines to reload money onto it - you can reload them online or even have it reload automatically). it's pretty much anonymous, and you get volumes and trip origins and destinations.

      Our transportation authority did it, and while you can buy reloadable cards, they don't require you to register them (you can always reload them at the ticket machines - which will allow buying monthly and multi-trip passes too). That data is used to figure out trip lengths and where people join and leave the system. It's already used to adjust the number of gates that are fixed in one way only mode (the gates can let people in or let them out. Sometimes though the volume of people going one way is so great you need to force a gate to be for the opposite direction so people can still go the other way)

    20. Re:Overcomplicating matters by Anonymous Coward · · Score: 0

      There is NO "auto-joining" when I turn off wifi. But I'm on android, where they do what you want. Very useful too, I can save a lot of power (for day-long gps tracking/mapping) by turning off wifi & phone services. Flight mode saves power - the privacy is just a bonus.

    21. Re:Overcomplicating matters by Anduril1986 · · Score: 1

      Not necessarily. Once in the underground system you can freely move between the different lines at a given station. Plenty of people find the London underground confusing and take less than optimal routes through the system. Whether that is ideal or not isn't really relevant, the system is what is, and knowing if people are taking very long, circuitous routes through that system would be useful information.

  3. Where will the money go ? by Laxator2 · · Score: 1

    The price of the London tube passes has grown at rates well above the inflation rate for more than 10 years now.

    If some of the money made from WIFi tracking will go towards slowing down the price hikes, I would approve. But we all know that the fare prices will keep increasing faster than the inflation rate "as long as the market can bear it". Only when the passengers will all bike to work because they cannot afford the tube rides will the increases slow (or who knows, even stop)

    And the money made from _public_ transport will go into private pockets.

    1. Re:Where will the money go ? by Anonymous Coward · · Score: 0

      Hopefully it will reduce the subsidy the rest of the country pays into London's transport system so that it can be self-sustaining. Whatever increases there have been they've not been self-sufficient enough to ensure Londoners pay their way when it comes to transport, see here:

      https://www.ippr.org/news-and-...

      Londoners get £1940 spent on them per head of population, whereas places like Yorkshire only get £190 spent per head of population.

      So if you're in London I wouldn't complain too much about the cost or state of transport. You're living in luxury compared to the rest of the country - Yorkshire still has Diesel trains from 1979 that regularly break down and are significantly under capacity for example, yet costs more to use.

      If this money goes back into making London fund it's own transport rather than relying on subsidy then it'll be a good thing because Londoners aren't paying their way on transport.

    2. Re:Where will the money go ? by k2r · · Score: 1

      > Londoners get £1940 spent on them per head of population, whereas places like Yorkshire only get £190 spent per head of population.

      Thanks to Brexit this may change, soon.
      Inner London had a GDP/Capita of ~80K€, Yorkshire had a GDP/Capita of ~20K€ in 2013, so what could possibly go wrong?

      https://en.wikipedia.org/wiki/...

    3. Re:Where will the money go ? by Anonymous Coward · · Score: 0

      Trying to get on the Northern Line at King's Cross or Old Street, or Waterloo and City line, during rush hour tells you that the market can take higher prices. For all the whinging the UK regions make about investment in London, there cleary hasn't been enough. Do we need another disaster like the King's Cross fire to wake people up, which was also caused by underinestment in the infrastructure?

      This won't happen will it? Governments will continue to tax Londoners more heavily than anybody else, and continue transferring this to the regions.

    4. Re:Where will the money go ? by Anonymous Coward · · Score: 0

      Not at all biased! Do your numbers take in to account the number of users? And nevermind that overall Londoners help subsidise Yorkshire in general: https://www.theguardian.com/bu...

  4. Just turn wifi off when on the tube. by MartinG · · Score: 1

    Now that even supermarkets and other places are tracking customers via wifi as they walk around stores, it makes sense to have wireless turned off everywhere except where you need it on.

    Wifimatic or similar can do this for you. It can save your battery too.

    https://play.google.com/store/...

    (I have no connection to this app - I just use it and find it helpful)

    --
    -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
  5. Sigh by ledow · · Score: 3, Insightful

    Paranoia much?

    Pretty much if you're on a train (especially a Tube train) then you bought a ticket from A to B or - in London - you bought an Oyster card which records your every journey as you have to tap-in and tap-out.

    This is quite normal for any train/subway system. What information do you think they are going to glean from Wifi that they can't glean in this manner about travel patterns? Only what you give them, and only of little use (does it REALLY matter that the guy going from Embankment to Mile End did a DNS lookup for slashdot.org, and how on earth would you ever properly correlate that if he only quickly checks a website at stations he never alights at, and then turns Wifi off?).

    This is the "machine learning" rubbish all over again. Masses of data, lots of processing, no more insight into anything useful over and above monitoring ticket sales which you have to do anyway.

    1. Re:Sigh by MartinG · · Score: 1

      > This is quite normal for any train/subway system. What information do you think they are going to glean from Wifi that they can't glean in this manner about travel patterns?

      If there is no additional information to be gleaned, why would they bother installing all this wifi tracking stuff in the first place?

      (Also, they are not recording things like DNS lookups)

      --
      -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
    2. Re:Sigh by Calydor · · Score: 1

      They can reverse-engineer your MAC address, as mentioned in the summary, and continue to track you through the city into these supermarkets. Now they don't just know that you went on the train to get to downtown London, but that you did so specifically to go shopping at a furniture store.

      --
      -=This sig has nothing to do with my comment. Move along now=-
    3. Re: Sigh by Anonymous Coward · · Score: 0

      There are probably clauses in their contact that stops them selling the fare data.

    4. Re:Sigh by Anonymous Coward · · Score: 0

      They already know you're going from A to B. This also tells them that you took the route via C. That means they can improve the network so you can get from A to B faster.

      I don't see that hurting your privacy much more than them already knowing you're going from A to B. If they wanted to track you in particular the tube is covered with CCTV anyway, so they can track an individual easily. It's only really of value to them for working out overall bulk movements for capacity planning.

    5. Re:Sigh by Anonymous Coward · · Score: 0

      If there is no additional information to be gleaned, why would they bother installing all this wifi tracking stuff in the first place?

      (Also, they are not recording things like DNS lookups)

      You are living in the world of big data where mass data is collected regardless its purpose of use right now. The data could be used in the future in some ways and no one may not know right now. Adding the Wifi tracking is just something they can do for now and it doesn't hurt them much anyway. Utilizing data, which may prove to be very valuable, can come later.

    6. Re:Sigh by geekmux · · Score: 2

      Paranoia much?

      Pretty much if you're on a train (especially a Tube train) then you bought a ticket from A to B or - in London - you bought an Oyster card which records your every journey as you have to tap-in and tap-out.

      This is quite normal for any train/subway system. What information do you think they are going to glean from Wifi that they can't glean in this manner about travel patterns?

      Travel patterns are not the gold mine here. Browsing habits are.

      Gathering browsing habits of people who spend XX hours every week in the tube is worth more than you know. Putting ads in front of your eyes for that entire trip is valuable to a lot of companies, since they know you spend 95% of that time staring at a phone screen.

    7. Re:Sigh by Anonymous Coward · · Score: 0

      What information do you think they are going to glean from Wifi that they can't glean in this manner about travel patterns?

      If TfL didn't think it was valuable, they would not collect it.

    8. Re:Sigh by Malc · · Score: 1

      Oyster only tracks in and out points, and possibly some transit points if people use the pink card readers to show they avoided zone 1. It doesn't show exact route and where you dillied and dallied waiting for a bad connection (Overground trains at Wilsden Junction and Piccadilly Line trains at Turham Green, I'm looking at you).

    9. Re:Sigh by ledow · · Score: 2

      Are you seriously suggesting the TfL, the people IN CHARGE OF THE TUBE NETWORK, can't come up with a number for how busy stations are at certain times of the day, but think that Wifi numbers (which by far do not represent actual passenger numbers) will help them do that?

      Really? I mean, I knew they were incompetent, but that would just be staggering.

      The control rooms can see cameras of almost every platform on almost every Tube station. They show it off when they do those documentaries where they cry about how little their drivers earn compared to millionaires and Premier League football players.

      If you NEED to know the exact route every person took, to that level of detail, to know that Willesden Junction gets busy, then you really shouldn't be running a transport network. And, guess what. Those "bad connections"... yeah, that's when the train runs late which shows up on a big electronic sign on every station on the route. Gosh, I wonder how they could obtain that information....

  6. Multiple devices = multiple journeys? by Anonymous Coward · · Score: 0

    I wonder how they would account for someone having 2 phones and a tablet. Would they think this indicates more passengers?

    As often there are multiple possible routes that someone can take between stations there are advantages in learning the quickest as most used routes for capacity planning.

  7. Privacy + London + Tube ... by Qbertino · · Score: 1

    ... does not compute.

    Not really news.

    --
    We suffer more in our imagination than in reality. - Seneca
  8. It's not a matter if they will.. by Z80a · · Score: 1

    But if they will admit they're doing it or not.

  9. What good is the data? by mveloso · · Score: 2

    Really, once the data is anonymized it becomes useless to advertisers. So the fears here are pretty overblown.

    1. Re:What good is the data? by Anonymous Coward · · Score: 0

      Google "anonymises" data too.

    2. Re:What good is the data? by currently_awake · · Score: 2

      Your comment translates as: If they anonymize the data they can't make money selling it.

    3. Re:What good is the data? by Anonymous Coward · · Score: 0

      Can you feel good about yourself & our wonderful corporations, knowing that by your mere existence puts money and success on other peoples' tables?
      That just walking by someplace that sniffs your phone's location, apps that get into your contact lists, programs that read your communications... all that & more equates to you feeding an organization and/or business model that uses you. And with very, very little effort on their part.

      That is the epitome of predatory stalking, and as humans we're sensitive to that. Or should be...

    4. Re:What good is the data? by JohnFen · · Score: 1

      once the data is anonymized

      Never believe any claims that data is "anonymized". Even if they are making a best effort an anonymization, doing so in a manner that actually works and doesn't destroy that value that you're collecting the data for is an incredibly difficult task. I am unaware of anybody who has successfully done it yet.

  10. Law of Headlines by Anonymous Coward · · Score: 0

    Where is it when you need it most?

  11. Double Sigh by ShivasEye · · Score: 1

    Not sure which "they" you mean -
    TfL? they have no access to the wifi data outside of their physical infrastructure. If you are unclear about what that is then perhaps you might want to reflect on one of the names the system is known by, the underground. The wifi signals will not reach into retail premises unless they are within the station.
    You could of course be referring to the company that is contracted to provide the wifi service (is this still O2? I can't be bothered to look it up) but then it relies on the retail, or other premises, using the same provider.

    There is always the option that other people have mentioned. Turn off your wifi - properly. Aircraft mode and the power button are 2 options that spring to mind.
    In addition to this one can always take the position of someone I was speaking to yesterday - they have a basic phone, no mobile data, no wifi, no email, self contained calendar. Photos extracted by USB cable. Now in their case this is a deliberate step away from technology rather than trying to be anonymous but if you really want to be anonymous why carry something that relies on being consistently identifiable during operation by non-physical contact means?

  12. Huh? WiFi? by thegarbz · · Score: 2

    The London tube and public transport in general was an early adopter of electronic ticketing. What purpose could they have tracking passenger's via MAC address when they can already track them via Oyster card? What are they hoping to achieve via this? Evidence that people are walking down the tunnels?

    It would seem that if you know where a person gets on, gets off, and where your carriages are a simple bit of data analytics could get them the same information.

    1. Re:Huh? WiFi? by Richard_at_work · · Score: 2

      The London Underground is a mass of interconnecting lines, and you can literally enter into the system at 7am and exit at 7pm, having travelled the entire network without exiting the system once - the point of capturing this data is not to see where they get on and get off, its to see what routings they take between those points - that is a wealth of data TfL can use to improve the service.

    2. Re:Huh? WiFi? by shortscruffydave · · Score: 2

      For the same journey on the tube, there are often several different routes. One of my regular journeys could be traversed over three practical routes (plus countless stupidly long ones). My preferred option isn't actually the quickest - it's about 2 or 3 minutes slower than the obvious/optimum route - but I choose it because during the summer the trains on that particular line are cooler

    3. Re:Huh? WiFi? by thegarbz · · Score: 1

      The London Underground is a mass of interconnecting lines, and you can literally enter into the system at 7am and exit at 7pm

      Yes but would you. I mean if the purpose for this is improving the flow of commuters then you'd focus on the shortest time and scheduled path between any two stations. Consumers on average aren't stupid enough to want to spend any more time in the tube than absolutely necessary. Whether someone has fallen asleep on the line, or is going around in a circle really shouldn't matter for any of their scenarios.

    4. Re:Huh? WiFi? by radarskiy · · Score: 1

      The Oyster card only tells you which which entrance someone came in and which exit they went out. Using the WiFI MAC you can determine routes and train taken and follow walking routes through station.

      When there are multiple routes a passenger might take this information can be used to suggest less crowded options, shows station designers if they have inappropriately sized facilities for the spot demand, etc.

      Here is the reports on the kind of results they got: http://content.tfl.gov.uk/revi...

    5. Re:Huh? WiFi? by Obfuscant · · Score: 2

      I mean if the purpose for this is improving the flow of commuters then you'd focus on the shortest time and scheduled path between any two stations.

      But that might not be what the people are doing. At all.

      For example, during my recent vacation in Munich I would often enter the system at Marienplatz, ride to Karlzplatz Stachus or Hauptbahnhof, then ride back out to Isartor. For those who don't know the system, that's getting on in the center of the city, going west, then going back east. I did that almost every day. Now, Munich does not track riders by ticket because you don't need to show anyone or any machine a ticket. At most you stick a paper ticket in a timeclock that stamps the time on it. At best, you carry an IsarCard in your pocket that nobody ever sees except you. If they WERE tracking entry/exit, they'd have a very distorted picture of how I used the system.

      Now, on a practical level, suppose you measure actual riders and see that a large percentage of them ride line 1 from A to D through B and C, then change to line 2 for D to Z via C, B, etc. It's shorter to go AB-Z but they're going ABCDCB-Z. Why? Poor signage? Bad maps? Does the change at B require a long walk or is the escalator always broken? Or does the station at D have the only KFC on the route and people are stopping there?

      If you look only at entry/exit, you will gather none of that data and not know that you need to study a potential problem at B and/or C.

      Consumers on average aren't stupid enough to want to spend any more time in the tube than absolutely necessary.

      "On average" is not "peak demand".

      Whether someone has fallen asleep on the line, or is going around in a circle really shouldn't matter for any of their scenarios.

      Of course he does, because he is a physical object consuming a seat on a limited resource. WHY he's consuming it isn't measured, only that he IS, and unless they can identify that HE is the same person they won' t know there might be a problem that can be fixed and reduce delays for others.

      Another Munich example. Visitors fly into an airport well outside and then take the S1 or S8 in. If they monitor entry/exit they'll get a count of how many people enter and leave where they do. If they monitor the entire trip, they may find that a lot of people take the S1 all the way to HBf (Hauptbanhof) and then they take the U2 to Hasenbergl. But they could have changed at Feldmoching and had a much shorter trip. Why didn't they? Were the on-train announcements not clear enough, should everyone who buys an IsarCard at the airport be given an MVV map, or what?

      And suppose that visitor leaves by taking the S1 out to Freising, says WTF?, gets back on the S1 to Neufarhn, and then goes to the airport. If they count entry/exit, it is just another rider from city to airport. If they track the path, however, they find out that maybe the information that the S1 splits at Neufarhn and the front half goes to Freising instead of the airport isn't being presented well enough.

      You can get a lot of data from monitoring entry/exit, yes. You get a lot more by tracking individual pax, even if you don't know their name.

  13. Why not? by GeekWithAKnife · · Score: 1


    Facebook does it. All those tiny like buttons on every page you go to.

    Android helps improve your location tracking by combining wifi AND GPS through google maps...or anything with app rights on your phone.

    In fact so many different organisations do it without explicit consent by cross referencing data, why would it matter if the TfL does it as well?

    Here's the curious thing. Most tube passengers already use an oyster card. (some RFID-ed plastic to pay toll barriers) - so TfL already has movement and time and links to credit card data. In fact you can top-up your oyster card from your phone or online so it has a lot of identity data already.

    What then can they want with WiFi/MAC tracking? - seems the only thing left is the option to snoop on people even when they do not use oyster cards or NFC contact-less payments via phone/credit card.

    So when you pay for your kid they get to be tracked too! (because while only 8 they already have their own wifi enabled phone right?)

    That old woman that still uses paper tickets or only uses cash to top-up her oyster card, she won;t turn her wifi off when not using it. She didn't even know there was a "WiFi" thing. She'll get tracked as well.

    Keep digging along these lines...there's a lot of data they can get to this way...so they can get money from advertisers that will profile your MAC address because it's easy to know if you have a samsung or an apple. Are there more apple users in Knight's Bridge? -let's advertise out wireless apple headphones there!

    Who benefits from this? -certainly not consumers that are averse to ad spamming like it's a disease.

    Is it time to look at your phone and realise this is a personal tracking device. It tracks your location. Your buying habits. Your health. Your demographics. Your environment. Most of this data is not used to benefit you. -the problem is not TfL or anyone else exploiting the data (legally or not) it is us the consumers that have allowed these things to track everything about us. -wait til they cross reference your tinder profile with your facebook and your browsing habits to your amazon wish list.

    Not only do these things happen and have happened, you cannot delete the data. It will most likely be accessible to a determined curious person for decades.

    --
    A 'singular oddity' is an event that cannot be explained and only happens when you are alone.
  14. Re:It's customary for non Muslims to pay jizya by Anonymous Coward · · Score: 0

    While Americans are slaughtered by the dozen by their own, apparently

  15. Reminds me of a friend.. by Anonymous Coward · · Score: 0

    ... who was telling me something along the lines:

    "I buy a lot of diapers. So the store I buy from will collect this data, process it through a very complicated algorithm, correlate it with other data they have on me, and at the end they will get a very important piece of information: I have a child !"

    1. Re:Reminds me of a friend.. by Anne+Thwacks · · Score: 1
      Yes, but if you don't have one at home, then the implication is you have one outside, and quite possibly there is someone you would prefer does not know - some black hats like this kind of opportunity. Some data stores are not particularly secure.

      OTOH, you might be doing a favour for a neighbour, and get wrongly accused by the blackmailer - this could lead to a major opportunity for a crime drama - anyone have the number for Bellisarios?

      --
      Sent from my ASR33 using ASCII
    2. Re:Reminds me of a friend.. by gsslay · · Score: 1

      correlate it with other data they have on me

      This is the key thing that is getting glossed over. Yes, they know there's a child. But that's correlated with everything else bought. So know they know what age the child is, what prescription drugs are purchase by the household, what conditions the child may inherit, what the household's diet is like, what drinking habits are like, what life expectancy the child might have based on this. What is the likely academic achievement of the child based on the neighbourhood and the household income spent in store. How that compares to the child's peers in the school they are very likely to attend. What health insurance may cost the child in future.

      Still happy with the store to be that familiar with the child's diapers?

  16. corollary to Betteridge's Law of Headlines by Anonymous Coward · · Score: 0

    There needs to be a corollary to Betteridge:

    "If a headline asks, 'Will X monetize Y', the answer is always yes."

  17. Time to have virtual fences for the mobiles? by Anonymous Coward · · Score: 0

    How hard could it be? A-GPS should easily detect when I'm in an area where I don't have WiFii
    (at least I only have Wifi at home, at work and at friends. Aside from that, unless I'm using some app like maps there is little reason for the wifi to be enabled.

    1. Re:Time to have virtual fences for the mobiles? by JohnFen · · Score: 1

      This is pretty close to exactly what I do on Android. I use Tasker to accomplish this. My Tasker script samples the GPS periodically and when it sees it's not in an area I've defined as OK, it turns the WiFi off. Otherwise it turns it on.

      Tasker is awesome, by the way -- I use it for a ton of other things, too, such as: I have it read incoming text messages, and when it gets one that contains a specific code phrase, it grabs a GPS reading and takes a picture from both cameras. It then texts the GPS coordinates back and emails the coordinates and photos to my email address.

      Who needs Google to find your lost/stolen phone?

    2. Re:Time to have virtual fences for the mobiles? by Obfuscant · · Score: 1

      My Tasker script samples the GPS periodically and when it sees it's not in an area I've defined as OK, it turns the WiFi off. Otherwise it turns it on.

      So you've programmed your phone to track your location because you don't want to use WiFi where you don't want to use it? Sounds complicated, and you are left with trusting the permissions so apps won't track your location and report it back to Momma when they are able.

      Wouldn't it be much simpler to just leave the WiFi turned off unless you actually wanted to use it? Then you turn it on for as long as you want to use it, then turn it back off again. And when I say "turn it off", I don't mean use the iOS menu that disconnects you from the WiFi hotspot, I mean actually turn it off.

      That's how I manage my device's WiFi radio. Pretty simple. One button on, one button off. No GPS involved.

    3. Re:Time to have virtual fences for the mobiles? by Anonymous Coward · · Score: 0

      Smarter W-Fi Manager does exactly that.
      I've been using it since I got my phone.

    4. Re:Time to have virtual fences for the mobiles? by JohnFen · · Score: 1

      Sounds complicated

      It's not complicated at all -- it's actually one of the simpler things to do.

      Wouldn't it be much simpler to just leave the WiFi turned off unless you actually wanted to use it?

      That's what I do, only I automate the process.

    5. Re:Time to have virtual fences for the mobiles? by Obfuscant · · Score: 1

      That's what I do, only I automate the process.

      That's not what you said you were doing, and automating the process makes it more complicated.

    6. Re:Time to have virtual fences for the mobiles? by JohnFen · · Score: 1

      Sure it is.

      Before I automated it, my process was to manually turn WiFi on when needed. Which I still do when I'm out and about. There are a couple of places, though, where I always want it on, because it's always in use when I'm there -- that's the part I automated.

      The actual automation "script" itself is very simple -- it took about 5 minutes to create and test. Once created, it makes things even simpler as I don't have to manually turn the WiFi on those places where I want it on, and I don't have to remember to turn it off when I leave those places.

  18. Please... by bagofbeans · · Score: 1

    ...talk about how you can be tracked using WiFi if you have your phone on airplane mode on the London tube.

  19. Oyster by bagofbeans · · Score: 1

    Oyster doesn't identify the passenger who paid cash.

    1. Re:Oyster by Anonymous Coward · · Score: 0

      Oyster doesn't identify the passenger who paid cash.

      And how many of them compared to those who have Oyster cards? And the wifi tracking doesn't track those who don't have a phone that can be connected to a wifi. So how many of those compared to those who have one? And how many of those who carry more than 1 phone that can connect to a wifi compared to those who carry exactly 1? Do you get my point of why those who paid cash can be ignored.

    2. Re:Oyster by radarskiy · · Score: 1

      The data collection does not need to identify passengers, just distinguish them.

  20. cereal by Anonymous Coward · · Score: 0

    Privacy. In England. ahahahah hohoho heheeheeheehee hahaha hohohoo hehehehahaha

  21. Missing word by jrq · · Score: 1

    You missed the word at the beginning of the title of this article. That word is How.

    --
    My UID is prime!