How Cartographers For the US Military Inadvertently Created a House of Horrors in South Africa

Kashmir Hill, reporting at Gizmodo: The visitors started coming in 2013. The first one who came and refused to leave until he was let inside was a private investigator named Roderick. He was looking for an abducted girl, and he was convinced she was in the house. John S. and his mother Ann live in the house, which is in Pretoria, the administrative capital of South Africa and next to Johannesburg. They had not abducted anyone, so they called the police and asked for an officer to come over. Roderick and the officer went through the home room by room, looking into cupboards and under beds for the missing girl. Roderick claimed to have used a "professional" tracking device "that could not be wrong," but the girl wasn't there. This was not an unusual occurrence. John, 39, and Ann, 73, were accustomed to strangers turning up at their door accusing them of crimes; the visitors would usually pull up maps on their smartphones that pointed at John and Ann's backyard as a hotbed of criminal activity.

[...] The outline of this story might sound familiar to you if you've heard about this home in Atlanta, or read about this farm in Kansas, and it is, in fact, similar: John and Ann, too, are victims of bad digital mapping. There is a crucial difference though: This time it happened on a global scale, and the U.S. government played a key role. [...] Technologist Dhruv Mehrotra crawled MaxMind's free database for me and plotted the locations that showed up most frequently. Unfortunately, John and Ann's house must have just missed MaxMind's cut-off for remediation. Theirs was the 104th most popular location in the database, with over a million IP addresses mapped to it.

Disable SSID on your routers

[Dan+East]

According to TFA, this was caused by stolen devices being in areas without a cell signal, and falling back on WiFi access point geolocation. Further, the area in question has very few access points, so phones can potentially pick up these residential access points from thousands of feet away. Then they are geolocated to the exact position of the access point.

A solution is to disable SSID on your home router(s) so that these data-grabbing sniffers won't see it and try to geolocate off of it.

Re:Disable SSID on your routers

[Thelasko]

According to TFA, this was caused by stolen devices being in areas without a cell signal, and falling back on WiFi access point geolocation.

You read the wrong article. That's the case for the home in Atlanta.

TFA is actually the result of someone at the NGA deciding this guy's house was the geographical center of Pretoria. As is the case with the farm in Nebraska, any unknown location in Pretoria defaults to the geographical center. They emailed the NGA (who would have thought?) and the issue has been corrected. The default location is now Church Square in the NGA database.

Re:Disable SSID on your routers

[tlhIngan]

According to TFA, this was caused by stolen devices being in areas without a cell signal, and falling back on WiFi access point geolocation. Further, the area in question has very few access points, so phones can potentially pick up these residential access points from thousands of feet away. Then they are geolocated to the exact position of the access point.

A solution is to disable SSID on your home router(s) so that these data-grabbing sniffers won't see it and try to geolocate off of it.

No, this was the result of bad IP geolocation information. Basically the guy's house happened to be where they said "South Africa" was because that's the best area they could get for an IP.

Anyhow, WiFi geolocation (more accurate than GPS, actually) doesn't care about SSID. It only uses MAC addresses that are transmitted in the beacon packets. All any device has to do is switch channels and listen to capture the AP MAC addresses and signal strength. Send that information to Google and you'll get back a pretty good location. Same goes for cell towers - the modem will scan for available cell towers, note their IDs (this includes all cell towers in all bands it can receive, including ones that you don't have service for) and do the same thing.

The problem is the devices last pinged some tracker from an IP and that was last that device was heard of, and that IP had only country level resolution.

(The US database of countries contains latitudes and longitudes that are often returned when you look up a country to get a specific location, and a lot of these IP geolocation companies use it without realizing the radius of uncertainty is "country" and not "city block").

Actual summary

[psnyder]

Many mapping systems give specific latitude and longitude coordinates and an accuracy radius for an IP address. When the accuracy radius is inaccurately large (like searching for a city, or a country) the coordinates arrow points in the middle, which can be someone's house. Someone using location services (like "Find My Lost Phone", and even police) often get these coordinates without understanding the accuracy sucks.

This particular case in South Africa happened because of a mapping service created by "National Geospatial-Intelligence Agency", which is part of the US Dept of Defense.

I'm not sure why useful information like this wasn't in the summary, but... I guess it made me read the article, so the jokes on me.

My favorite quote was from a guy that lives in this house. Right after the article says, "a team of police commandos stormed the property, pointing a huge gun through the door at Ann, who was sitting on the couch in her living room eating dinner", a few sentences later he says, "The Apple customers seem to be the worst."

Re:Why has no one sued MaxMind into bankruptcy?

[SlaveToTheGrind]

The CEO actually didn't know what to do about IP addresses that couldn't be located more precisely than "the USA"? I can do that one instantly. Tell the user that the IP address can't be located more precisely than "the USA".

If you read the fine article, that's exactly what they did:

But computer systems don’t deal well with abstract concepts like “city,” “state,” and “country,” so MaxMind offers up a specific latitude and longitude for every IP address in its databases (including its free, widely-used, open-source database). Along with the IP address and its coordinates is another entry called the “accuracy radius.”

The accuracy radius does what you might expect. It says how accurate the coordinates are; it indicates the 5-mile, or 100-mile, or 3,000-mile area included with “a point” on a map. Unfortunately, it is ignored by many geo-mapping sites such as IPlocation.net, which gets its data from IPInfo and EurekAPI, two more IP geolocation databases that use MaxMind as a source.

The issue is users / other services ignoring the accuracy radius. The question from the CEO was about the best approach to try to dumb down the system for people who were not using the information as intended/provided.

Re:So, in sum

[cascadingstylesheet]

1. Cartographers for a U.S. intelligence agency published coordinates for the center of the populated area of Pretoria, South Africa. 2. An IP location service provided those coordinates, along with an uncertainty radius, for Pretoria IP addresses. 3. Other IP location services threw away the uncertainty radius. 4. South African government officials, bounty hunters, etc. used the IP location services that threw away the uncertainty radius. 5. The U.S. intelligence agency changed the coordinates to the center of the town square after being apprised of the issue.

That seems like fairly thin gruel for Slashdot's "U.S. sux" article du jour.

But ... but ... how could we feel superior to our fellow men if we couldn't bash the US today?

"Post apartheid South Africa is a house of horrors in general" is not the headline that anyone wants, but it would be the accurate one.

Company claims 50Km accuracy half the time

[raymorris]

The company claims that about half the time, it is accurate to within 50 Km.
https://www.maxmind.com/en/geo...

Re:Why has no one sued MaxMind into bankruptcy?

[mejustme]

Is the database populated with falsely precise coordinates?

No. The locations are the center of a circle. The size of the radius -- which is yet another field in the database -- then determines the precision. But some users (some web sites, some apps, etc) look at the center of the circle, place a pin at that location, and then forget to indicate that the radius is hundreds or thousands of km.

Here is an example from the MaxMind database when I look up a Google address, 65.44.217.6:

{ "city" : { "names" : { "en" : "Fresno" } },
      "continent" : { "code" : "NA", "names" : { "en" : "North America" } },
      "country" : { "iso_code" : "US", "names" : { "en" : "United States" } },
      "location" : { "accuracy_radius" : 200,
                                      "latitude" : 36.6055,
                                      "longitude" : -119.752,
                                      "time_zone" : "America/Los_Angeles" },
      "postal" : { "code" : "93725" },
      "subdivisions" : [ { "iso_code" : "CA", "names" : { "en" : "California" } } ]
}

Note the "accuracy_radius" field, which is in km. But if you ignore that field and only look at latitude and longitude, you have a single pin on a map, incorrectly making it look like an IP address maps to a specific house or business, while it should map to a large circle with a 200 km (124 miles) radius.