Slashdot Mirror
Free Municipal Wi-Fi May Be the Next Front In the War Against Privacy (theintercept.com)
TuballoyThunder writes: According to The Intercept, it appears that the LinkNYC free Wi-Fi might be designed to track users. This and other concerns were raised during a 2015 discussion on Slashdot. While many people are comfortable in trading their privacy for ostensibly free services, it is disheartening when municipalities collaborate with business to make it happen. "In May of this year, Charles Meyers, an undergraduate at New York City College of Technology, came across folders in LinkNYC's public library on GitHub, a platform for managing files and software, that appear to raise further questions about location tracking and the platform's protection of its users' data," reports The Intercept. "Meyers made copies of the codebases in question -- 'LinkNYC Mobile Observation' and 'RxLocation' -- and shared both folders with The Intercept."
Meyers says the "LinkNYC Mobile Observation" code collects the user's longitude and latitude, browser type, OS, device type, device identifiers, and full URL clickstreams (including data and time) and "aggregates this information into a database," the report says. Meyer's believes the company is interested in tracking the location of Wi-Fi users in real time. "If such code were run on a mobile app or kiosk, he said, the company would be able to make advertisements available in real time based on where and who someone was, and that this would constitute a potential violation of the company's privacy policy," reports The Intercept.
Following the revelations, LinkNYC said the code was never intended to be released and was part of a longer-term R&D process. "In this instance, David Mitchell, Intersection's CTO, told the Intercept in an email. "Intersection was prototyping and testing some ideas internally, using employee data only, and mistakenly made source code public on Github. This code is not in use on the LinkNYC network." [Intersection is the "key player" in CityBridge, "a chameleon-like consortium of private companies" that New York City contracted to turn the city's payphone booth network into Wi-Fi-enabled kiosks.]
Meyers says the "LinkNYC Mobile Observation" code collects the user's longitude and latitude, browser type, OS, device type, device identifiers, and full URL clickstreams (including data and time) and "aggregates this information into a database," the report says. Meyer's believes the company is interested in tracking the location of Wi-Fi users in real time. "If such code were run on a mobile app or kiosk, he said, the company would be able to make advertisements available in real time based on where and who someone was, and that this would constitute a potential violation of the company's privacy policy," reports The Intercept.
Following the revelations, LinkNYC said the code was never intended to be released and was part of a longer-term R&D process. "In this instance, David Mitchell, Intersection's CTO, told the Intercept in an email. "Intersection was prototyping and testing some ideas internally, using employee data only, and mistakenly made source code public on Github. This code is not in use on the LinkNYC network." [Intersection is the "key player" in CityBridge, "a chameleon-like consortium of private companies" that New York City contracted to turn the city's payphone booth network into Wi-Fi-enabled kiosks.]
the question has never been if your privacy is invaded. the question is only who do you prefer to invade your privacy
This code is not in use on the LinkNYC network.
But, in the future, it could be, or, even in the present, similar code could be. There is no free lunch. Everything, in the domain of things regarding which private information has value, is offered as a trade-off between convenience and privacy. That equation means that privacy is the inverse of convenience. That has ramifications far beyond free wifi. Encrypt everything.
... I'll bore the tits off 'em.
IF YOU LIKE SAXOPHONE
Wasn't it called Watch_Dogs? The entire city it was set in (Chicago, I think) was all connected by a giant city owned Wi-Fi network that everyone connected to.
Well being that was only a computer game I'm sure there's no way that it could ever be abused by an authoritarian city government... like one that already has a pretty piss poor track record of respecting people's rights. https://en.wikipedia.org/wiki/...
Research project . . . yeah right.
Get people to sign conditions of use now - then change the underlying infrastructure to abuse the users who have already signed. They already agreed right.
If people even read facebooks terms before Cambridge Analytica, they probably never envisaged the data being used that way. Even fully informed they would have signed, because they could not imagine the future abuses.
They got caught this time - so this might not progress, not in it's current form.
Privacy should not be about complying with the letter of the law, but the intent. Present the issue before a jury of ordinary people - and if they think the behavior was unreasonable - then big fines.
Straight to extremes. No wonder people are in a frenzy over everything. Permanent outrage, one of the cornerstones of any successful civilization.
to figure out which ISP funded this story? And I'd much rather have my info in the hands of my democratically elected government than a mega corporation that I have zero say in unless I'm a top shareholder.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
"we aren't using THAT code for our service. our 'r&d' came up with something even 'better' and more 'effective', and we're using that instead. and no, you can't have that code."
Captive portal evasion with a vpn?
Believe it.
those corporate entities won't just stay home eating cookies. They'll form power structures of their own that are just like governments but without all that pesky "democracy" stuff to get in the way of profits and whatever little project strikes the CEO's fancy (Jeff Bezos is spending his $260 million/day on space travel, which would be peachy if I wasn't paying tax dollars to feed his underpaid/overworked staff)
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
What do you expect out of this leftist, third world, hell hole?
NYC is really an icon of corruption, mismanagement, and failed ideologies.
There is no more "war on privacy".
There WAS such a war, but it is over now. The privacy advocates lost. The teeming Facebook multitudes who use gmail, run every tracking javascript shoveled onto their machine, and cheerfully run calculator apps which scrape their address books and forward to IP's in China won.
There is no more privacy. You lost. Sorry.
Use a random MAC address and create a script that passes a random email address to the captive authentication portal. LinkNYC doesn't check validity of email addresses used in their authentication portal, so you can use any random gibberish ending in a TLD. No valid account or info needed.
Intersection was formed by the acquisition of Control Group and Titan by a group of investors led by Sidewalk Labs. Sidewalk Labs is owned by... Alphabet. The CTO is Craig Nevill-Manning a former Google employee (and the CEO is Dan Doctoroff... a buddy of Michael Bloomberg who was in his administration and served as CEO of Bloomberg until Bloomberg took back the reigns).
The whole thing is a Google project setup not to look like a Google project.
My business offers the public 100% free, untracked wi-fi. I think it's my moral obligation to offer a relatively untraceable public Internet connection.
I don't respond to AC's.
Of course free wifi networks have been set up to track you. Iâ(TM)ve seen it demoed.
Why not go to a WiFi spot and use their WiFi. Is the band wave yours to begin with? Is the "free WiFi" a MetroPCS? I saw the other day an ad for Spectrum Cell Usage. I heard though, that WiFi has to be an added cost within the Spectrum Call Lobby. Take this one: "I'm sorry sir, but your area does not cover WiFi." Try that in a house and you don't have service. The cell ads say it is the Nation's Largest Most Reliable Network. WTH?
You couldn't pay me enough to move to that Orwellian nightmare of a cuntry. SAD.
I am usually loath to spout off about future trends. Basically because it's so easy to get one thing wrong which causes the whole to be shot down.
But keep this in mind for the next decade or so, and when you see things turn out like this, remember you read it somewhere.
I see like never before in my lifetime or the recent past a concerted effort to push the world in a certain direction it would not be going otherwise. I fear that the end result of this is to create a world population that is grey and identityless and is simply a good source of taxes and labor, similar to how a flock of sheep is a good source of wool, and can be moved, sold, bred, and culled at the whim of the owner.
Tech being developed like ubiquitous surveillance, mammoth data centers, and application of AI, is starting to make the treating of the human population of Earth like large herds of chattel feasible.
All the different trends you've been seeing developing since 9/11 play into it: muslims against the west, China vs USA, religion vs secularism, feminists against males, the absolutely vileness that political debate has stooped to in the US and Europe (and elsewhere), forced immigration to and assimilation in Europe, racial division like never before, economic trends, rise of supernational governing bodies and regional blocks, change of politics to become more autocratic, the erosion of private ownership, free speech, and privacy itself. The ironic twist is that most of us stand one one side or the other on at least one of these issues, feeling extremely righteous and virtuous about it, having no compunction even wishing for, or calling for the death of, opposing sides.
Most will probably hail the new overlords that will put an end to this emerging chaos by application of autocratic force. But you or the next generation will probably be told what work to do and how much, what to be entertained by, where to live, what to wear, whom to breed with and how much, what language to speak, what to worship, when to die, etc. And take heart, it won't be that dystopic, most will even like it...
As a software engineer, I would very much like to review the actual code for myself, rather than just have to trust Meyers' word for it.
Is it hosted anywhere for everybody to see?
My understanding is that it's a library for Android app developers or an app that would need to be installed on the device.
Is it being used in any app in the wild? Does it hold any actual value for somebody who would want to spy on people or is it just some intern's proof-of-concept toy project?
should we take their word for it and believe them, there isn't really a way to find out.
when in doubt, it's always better to presume the worst.
On a long enough timeline, the survival rate for everyone drops to zero.
Anyone that cares can use a VPN and probably should be using a VPN anyway. There are VPNs selling subscriptions for less than a dollar a month.
Just get a VPN and move on.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
As they say, with millions of laws to choose from, anyone can be made a criminal if need be. Today, it's easier than ever. Instead of following you around, waiting for you to fall into the trap, all they have to do is call up Spybook, Google, or your municipal ISP.
This may never happen to you. But you can be damn sure it will happen to others.
It might be possible to use a VPN like OpenVPN to thwart this tracking but I'll bet the LinkNYC folks that about people doing it and probably block high port numbers or some other shady shit.
Comcast's wifi tracks you too.
Along with half the wifi points you use. Because why not? Data sells.
Is there no way to jack with the MAC address when connecting to WiFi?
It may be embedded in the hardware somehow, but it has to go through software to connect to the wifi.
THAT is a hack I'd pay money for...a new MAC address every time a phone connects to WiFi
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
Use a VPN and tunnel through the spying.
On top of that each LinkNYC has multiple video cameras that are located front left and right of the keypad, now go fuck you self LinkNYC.
Just Sunday afternoon, I took my children to a certain large Houston-area mall. I have T-Mobile and usually get fantastic LTE coverage everywhere. Got in the mall, took a video of my son dancing in one of the stores and went to send it to my wife. LTE slow, slow, slow. The mall makes great pains to let you know they have FREE Wi-Fi. This "free" wi-fi tracks the living daylights out of users, let's the mall know what stores you visited. They get your IMEI number, MAC address, you name it. Not to mention the insidious ads.
I didn't connect, as I knew this already, but it's one reason I went with T-Mobile for the unlimited data. Needless to say, I don't connect to any AP unless it's my home AP. Not even at work. Being a former pen tester gone back to sysadmin, I'm well aware of how the game is played. I usually have Wi-Fi, Bluetooth, etc., disabled unless I'm home. I also pay for my own email that I control. Too much is at stake these days to not be cautious.
....you are the product