Germany Finds Kismet, Custom Code In Google Car 237
theodp writes "While waiting for a hard disk of Wi-Fi data that Google says its Street View cars gathered by mistake, the Hamburg Information Commissioner's office performed tests on a Google Street View car in a controlled environment with simulated wireless networks and issued the following statement: 'For the Wi-Fi coverage in the Street View cars, both the free software Kismet, and a Google-specific program were used. The Google-specific program components are available only in machine-readable binary code, which makes it impossible to analyze the internal processing.' Interestingly, a 2008 academic paper — Drive-by Localization of Roadside WiFi Networks (PDF) — describes a similar setup, and its authors discuss how they 'modified Kismet, a popular wireless packet sniffer, to optionally capture all packets received on the raw virtual interface.' Computerworld reports that lawyers in a class-action suit have amended their complaint to link a Google patent app to Street View data sniffing."
Re:Is this how they can do wifi location detection (Score:3, Informative)
It is quite plausible to assume that Google, since they were already going to the expense of running the cars, figured that they could grab their own geolocation dataset for virtually no additional cost. However, their massive corporate wardrive episode is hardly the first of its kind, as Skyhook's products demonstrate.
Re:Something I've had a hard time understading... (Score:5, Informative)
Google location API. Doesn't matter if the network is secure or not.
"Hey I found AA:BB:CC:DD:EE at this location"
Person with iPod Touch or other device with wireless only sends to google: "Hey I see access points AA:BB:CC:DD:EE, AA:BB:CC:DD:FF and AA:BB:CC:DD:00" Google goes: "Yea, you're around here".
Go to google maps [google.com] with a new version of Firefox or Chrome. Click on the button that just has a circle in it. It'll ask for permission to send your location and should show you where you are on the map.
Re:So how can the computer do it then? (Score:2, Informative)
Yes, I know that. Hence the joke 01 (zero one), which is the big endian encoding of 2. However humor does not transmit well over the internet, apparently.
Re:Not really illegal, but wreaks of dishonesty (Score:1, Informative)
However, being a professional user of the Kismet application I would contend that using Kismet shows that all the data collection was far from "accidental".
I'm not sure how to parse your sentence. Doesn't Kismet capture all this date by default? I could easily see someone running Kismet for the ".networks" file and not even notice the ".dump" file. Kismet is a very good tool for what they are doing. Just because it does more than what they want doesn't make it a bad choice. They just should have edited the config file. Why waste resources logging data you don't want?
Re:Is this how they can do wifi location detection (Score:5, Informative)
A company named Skyhook Wireless is doing this. They are continuously driving trough whole continents with cars, mapping out wifi routers/stations/etc.
They are what gives the iPhones/iPods their navigation (they have to real GPS). They are behind Maps Booster which plugs right into the Symbian (Nokia & others) geolocation APIs. (I bought it for 3€, and while it is less exact than GPS here, it also works inside buildings. Plus it makes first-time GPS satellite locking much faster.)
I wonder how this is different from what Google does, though.
But I don’t have a problem with SSID logging anyway. I mean, people who rely on SSIDs for security, really are idiots anyway. It’s not worse than knowing an IP. I can’t see where privacy could be a concern here. And I’m extremely strict about my privacy rules.
I think it’s a good service. Hell, how could I not think that paying 3€ for someone to drive across every street on the continent is a good deal?
P.S.: No, I’m not affiliated. And I repeat: It’s not very exact here. I am lucky if I get 50m accuracy. While my A-GPS can get down to 3m. (Oh, and if anyone of you know a service that requires no further hardware, and can get down below 50 cm [ideally below 10cm], please contact me! :)
Re:So how can the computer do it then? (Score:3, Informative)
Huh? 01 in little or big endian encoding is the encoding for decimal 1, not 2. In either encoding, 2 is encoded as 10. We haven't had reverse-bit-order CPUs in decades. Endianness defines the order of bytes, not the order of bits within a byte.
In big endian notation, 1 can be encoded in a 16-bit value as 00000000 00000001, whereas in little endian notation, it would be encoded as 00000001 00000000. Big endian notation is the order that we naturally use for mathematics. Little endian only makes sense if you think that it is useful to be able to cast between pointers to integers of different length and get the right result if the value is small enough....
Maybe what's confusing you is that documentation uses different standards for numbering the bits; IIRC, IBM's documentation calls bit 0 the 2^0th bit, whereas Intel's documentation calls bit 0 (or maybe 1) the leftmost bit. (Or is it the other way around? I forget.) That's just a numbering convention for bitfield values, and has nothing to do with the way an actual multi-bit value is printed or stored.
Re:Something I've had a hard time understading... (Score:2, Informative)
Something I've had a hard time understanding through all this is WHY they thought it was a good idea to record SSIDs and other information while doing a street mapping.
Its called making a map. You travel around, and note features and details. SSIDs are a mapable feature. Knowing that SSID xyz is visible from 123 anystreet and from 125 anystreet, but fades out by the time you reach 127 anystreet helps you to define a location.
I don't understand what they were hoping to gain from this information?
As some others have mentioned previously, by correlating physical locations with visible SSIDs they gain the ability to provide maps and directions to people using devices with WiFi instead of GPS.
According to our research, 72.438% of people don't secure their wireless.
According to our research, (I'm assuming they got mac addresses too, right?) 83.4% of all wireless consumer routers in Germany are Linksys routers.
WTF does that have ANYTHING AT ALL to do with mapping streets?
It has nothing to do with anything... its just a summary of statistical observations.
Oh, and for the people getting all up in arms because "people are shouting this information freely and anyone can hear it"...that's patently FALSE. There's maybe 1% of the population that has the know-how or the desire to do that. It is NOT AT ALL event remotely the same as standing in the middle of the street yelling at someone where anyone can hear you. You have no choice but to over hear if you happen to be in the area. You do, however, have a choice in downloading packet-sniffing software and using it on someone's wireless network, unsecured or not.
Not exactly. Your router is broadcasting this information clearly to anyone with the capacity to hear it. It is not being broadcast at a frequency that the human ear can detect without assistance, but every single wireless device within range can hear it. Turn on your laptop, go to the configuration for the wireless network connection. See the part where it lists the SSIDs of wireless networks in range? There you go...
The concept of "someone's wireless network" is a bit of a misnomer. There are just a bunch of devices having conversations at the same time. Its a lot like being in a big reception hall talking to your friend while there are other people having conversations around you. What differentiates your conversation from someone else's conversation is simply what you choose to focus your attention on. You can hear them, they can hear you, you just choose to ignore the conversations that don't involve you. That's how wireless devices work. They typically ignore conversations that don't involve them... but they can still hear them going on.
Re:If I did what google did... (Score:3, Informative)
The question of whether passive reception of WLAN packets constitutes "unauthorized access" is legally not settled in the US. Actually, it really isn't legally settled in Germany either, but it is now being settled as part of this anti-Google hysteria.
From a practical point of you, nothing would happen to you because nobody would ever find out. People have been recording WLAN packets for years and nobody noticed or cared.
Re:So how can the computer do it then? (Score:3, Informative)
Little Endianess came about because mainframe designers wanted to extend their architecture to multiple bytes per word in a backwards compatible way. Intel copied the architecture for its 8088 CPU (in fact I think that the 4004 and 8008 might have been based on them too, at least at the instruction set level) and eventually also the 16 bit stuff.
IMHO x86 is the perfect example of an inferior product that came to dominate the market anyway. For 15+ years now CPUs have not executed x86 code directly but rather translated it to microcode which is more like those other, better architectures.