My Location the Next Google Privacy Controversy? 167
theodp writes "While Google boasts one of its Privacy Principles is making the collection of personal information transparent, even techies are left guessing about what's going on behind the scenes of certain products. The American Dictator points out that Google's Wi-Fi collection efforts don't stop with its Street View cars, offering up this explanation of Google's My Location: 'When you allow Google to "know your location," what you are really agreeing to is to send to Google's computers your Wi-Fi environment — not only the name of the Wi-Fi hotspot you are logged into, but also the names and signal strengths of every Wi-Fi hotspot around you. In other words, the same things that those Google Street View cars were sucking up as they drove by your house.' So, will changes in privacy attitude prompt changes in Latitude?"
Pfew! (Score:2, Funny)
This make me glad I never use he internet, ever.
Not unusual (Score:5, Insightful)
Re:Not unusual (Score:5, Interesting)
Re:Not unusual (Score:5, Funny)
Careful, that'll put you right onto a motorway, where you'll get hit by a car, and it'll be Google's fault
Re:Not unusual (Score:5, Interesting)
Re: (Score:3, Informative)
Skyhook wireless [skyhookwireless.com] is one major one. It's what the iPod Touch and original iPhone used. It's what Snow Leopard / Location services uses.
You do get a popup asking if you want to enable it.
Re: (Score:2)
which nobody makes any fuss about whatsoever.
Don't write us off that fast!
Re: (Score:2)
Not to mention its trivially easy to switch off location services on Android - no clue about other smart phones.
Re:Not unusual (Score:4, Interesting)
just because SOME don't collect the data, doesn't mean ALL won't.
Re: (Score:2)
The LG Xenon has a file in the system folders that stores every single text you send and recieve. It was found by a guy who was trying to figure out how to mod the phone and is described on the LG Xenon forums.
Your cell phone carrier and the manufacturer of the phone you use know a whole lot more than you can possibly imagine.
http://www.lg-xenon.com/lg-xenon-modifications/accessing-filesystem-using-bluetooth-and-obex/ [lg-xenon.com]
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
That's just wrong.
I have one of the first big commercial phones, which featured a GPS reciever (Nokia N95), and I can testify that it works without a network of any kind. It's fully capable of handling the GPS without a carrier.
However, you can opt-in to use A-GPS, which use cell towers and what not to locate.
Re: (Score:2)
That is correct. I have used GPS on an Android phone on a plane at 40,000 feet in Airplane mode (although that doesn't even matter at that altitude). I got amazingly accurate location, heading, and speed from the GPS receiver and software.
Re: (Score:2)
That depends (Score:2)
If its a corrupt company and the phone doesn't actually have a real GPS (only training wheel GPS) then it can't. But if you have (perhaps one of the few?) phones who do have a real GPS they can find your position without connection (or even sim cards in them)
Holy shit! (Score:5, Funny)
You mean that in order to use a service that uses your Wifi surroundings to determine your location, you have to send the service data about your Wifi surroundings? Holy shit!
Next, you'll tell me you have to send your private, personal *search terms* to Google to get search results - the horror!
Re: (Score:3, Insightful)
Wait, you mean those words I type into the text field actually GO somewhere?
I thought Google worked like something out of Harry Potter.
Re: (Score:2)
Woah, dude. I just heard that even if you use Google's encrypted search service, they still know what your searching for!!!!!!
That's like, not encrypted at all then! I want my searches to be secret from Google! This is false advertising.
Re: (Score:2)
Seriously. Another worthless post trying to scare-monger about Google from the author theodp. Why is Slashdot posting this crap on the front page?
Re: (Score:2)
I mean, I already have the internet on my computer,...
"internet"??
I thought there was more than one?
Privacy (Score:2, Funny)
That information is all being broadcast. (Score:5, Insightful)
That makes it public. Google is merely asking you to forward some public information to them. You may, if you wish, decline.
Re:That information is all being broadcast. (Score:5, Insightful)
Not to mention the summary is a troll. What google did wrong with its earlier program was actually capture unencrypted packets. These location services (google is not the only one) simply create a database of wifi names and correlate them to GPS. I don't see the problem here. If you dont want me to write down your hotspot's ssid then I suggest you stop broadcasting it.
Re: (Score:2)
These location services (google is not the only one) simply create a database of wifi names and correlate them to GPS. I don't see the problem here. If you dont want me to write down your hotspot's ssid then I suggest you stop broadcasting it.
Not quite. Skyhook provides the same service for Apple, and they work by correlating MAC addresses [skyhookwireless.com] of APs with location.
Re:That information is all being broadcast. (Score:4, Insightful)
Eh, I honestly don't know about that. It's happening in public, but does that make it public in a narrow sense?
Imagine you're chatting with a friend while you're walking down the street. Is it OK if anybody records your conversation (perhaps even without your knowledge and/or approval), stores it indefinitely, and does - well - basically anything they want with it? Is it OK if it's being sold or otherwise passed on? Is it OK if private companies do this? Your employer? The government?
I'm not sure where the line should be drawn, but "it's happening in public, therefore anything and everything is automatically fair game" strikes me as overly simplistic.
Re: (Score:3, Insightful)
Imagine you're chatting with a friend while you're walking down the street. Is it OK if anybody records your conversation (perhaps even without your knowledge and/or approval), stores it indefinitely, and does - well - basically anything they want with it? Is it OK if it's being sold or otherwise passed on? Is it OK if private companies do this? Your employer? The government?
yes, actually whatever you do in public is in the public domain.
don't like people knowing your SSID? don't broadcast it. don't like people knowing your get sloppy drunk every day after work? do it in the privacy of your own home.
Re:That information is all being broadcast. (Score:5, Insightful)
Not quite. While the SSID's are public information, the signal strength relative to me isn't. That's something you have to be me to know or at least be standing next to me. I hardly call that public information.
It's broadcast, it's measurable by just about anyone, you don't have to be on private property or in a private building to detect it. I'd say that information is public.
Re: (Score:2)
Re: (Score:2)
You can now. If you don't like it, secure your AP.
Re: (Score:2)
Re: (Score:2)
If you broadcast ANYTHING it is not the receivers fault for listening to that transmission.
Re:That information is all being broadcast. (Score:4, Insightful)
>While the SSID's are public information, the signal strength relative to me isn't. That's something you have to be me to know or at least be standing next to me. I hardly call that public information.
What? The signal strength of your SSID broadcast is as public as anything. If my ability to see your SSID and how strong it is offends you so much, please unplug your WAP.
Re: (Score:2)
It's astonishing how people don't understand radio (Score:5, Interesting)
People go to great pains to send a hundred mW throughout the air as far as it'll go, and are surprised when it does just that?
I'm on a volunteer ambulance squad; being a nerd I made a python script to scrape our crappy eDispatch provider's website for our dispatches and assemble them on a nice website. There was a big fight over password protecting this... despite the fact that we are going to great pains and expense to pump the very same information at about 50W. I ended up throwing a trivial password on it, until everybody forgot.
Point is, people don't seem to understand the 'broad' part of 'broadcast', and get annoyed that they don't have full control of the signals they emanate past their walls.
Re: (Score:3, Insightful)
Re:It's astonishing how people don't understand ra (Score:4, Funny)
I completely agree, it's surprising how many people think that when they send something to EVERYONE, that they have no ability to tell EVERYONE that "that was a secret. don't tell anybody, K?"
Interestingly, that seems to be DirecTV's business model.
Re:It's astonishing how people don't understand ra (Score:4, Insightful)
How many people have scanners these days?
How many people have the Internet?
Now do you understand why there might be concern about putting the dispatches in a central location on the Internet?
There are a lot of idiots out there, and they can really waste your time. That really is the biggest pitfall of open information, imo.
Re: (Score:2, Insightful)
How many people have scanners these days?
How many people have the Internet?
Now do you understand why there might be concern about putting the dispatches in a central location on the Internet
I have got to study my logical fallacies again. I can tell that this is one, but not which one it is.
Put in simple English, however, it might go something like this: Scanners are cheap, especially the ones which can only handle a couple of frequencies, which is all you need to monitor dispatches. In fact, I have not only regularly seen them on Craigslist for $10, but I occasionally see them on Freecycle for nothing. Anyone who is motivated to scan these dispatches, therefore, can do so. You could panhandle
Re: (Score:2)
Point is, people don't seem to understand the 'broad' part of 'broadcast'
Or the 'cast' part.
OP is confused... (Score:5, Informative)
The recent privacy controversy was never about Google detecting and recording the names, unique IDs, and signal strength of local WiFi hotspots -- It was about Google mistakenly recording traffic, including unencrypted information that anyone could easily utilise.
In addition to that, there are only four ways to locate someone connected to the Internet:
- GeoIP which can perhaps pin you down to a city, perhaps even a town,
- WiFi triangulation which can pin you down to within a few metres
- Latency triangulation which is frankly uncompletely unworkable on something as complex as the internet
- IP->Postal Address Mapping (Read: ISP's database)
Obviously only two of these are workable for someone like Google and GoeIP is completely inaccurate. No ISP is going to give Google access to their address database.
Re:OP is confused... (Score:4, Insightful)
No ISP is going to give Google access to their address database.
No residential ISP. Commercial guys usually fill out the WHOIS form when they assign addresses. Otherwise ARIN gets agitated and may or may not give you more IP space when you ask for it. (Response will read something like: You want another /18? WTF? whois claims your most recent /18 is only 1% utilized?)
Re: (Score:2)
He's clearly very angry at Google, if you've paid attention to some of his other submissions. He just doesn't have a solid grasp of the facts, and no matter how many times it gets explained to him that he doesn't understand the situation, he just submits another stupid anti-Google story and for some reason, it gets posted by Slashdot.
http://yro.slashdot.org/story/10/05/29/0818219/Google-Describes-Wi-Fi-Sniffing-In-Pending-Patent [slashdot.org]
That's the previous, but not the only other, one. His summary in that one star
Re: (Score:2)
Really Google seems to have understood it was illegal in Germany to intercept and store data that was not intended for Google but gave it a go anyway.
They tried to sneak under the fog of emerging digital complexity and get all they could while they could.
They only mentioned the Germany and Ireland early on until the press exposed their non photo activities to more regulators around the world.
Then you had the long lis
Re: (Score:2)
Any company can review their internal policies at any time, "discovered" seems a little late with the skill set and global reach of google.
Google collected data not legal for them, kept it, had govs sniffing around and "discovered" good PR to try and stop the story before it got too much tract
Re: (Score:2)
Apple or MS show what an OS firm can fail at when doing mobile or game consoles. Bad encryption, data loss, no code reviews ect.
This is Googles core activity, and google prides its self in not hiring MS or Apple quality workers at the mid and low end.
Google already does this - sort of (Score:2)
Re: (Score:3, Insightful)
> ...I am concerned about them capturing packet data.
Then don't broadcast it.
Re: (Score:2, Insightful)
You've said that half a dozen times or so.
There really is a fundamental difference between traditional surveillance and cheap, mass technological data collection (At a minimum, cost!). It makes sense to acknowledge that difference in our laws, rather that just spitting on people when they don't understand how pervasive the monitoring is, or what the full implications of their actions may be.
Re: (Score:2)
There really is a fundamental difference between traditional surveillance and cheap, mass technological data collection (At a minimum, cost!). It makes sense to acknowledge that difference in our laws, rather that just spitting on people when they don't understand how pervasive the monitoring is, or what the full implications of their actions may be.
There really is a fundamental difference between writing something on a piece of paper and putting it in a drawer, or narrowly unicasting it to another host via a wire with minimal RF radiation, and mass broadcasting the data (At a mininum, those who are trivially able to receive your message!). It makes sense to acknowledge that difference in your personal data policy, rather than just spitting on people when they receive the data that you have broadcast.
Why is it that people are capable of understanding t
Re: (Score:2)
I'll bite.
Because the general public does not understand the underlying technology that makes computer networks work, and so may not understand the difference between connecting two computers by wire or by radio. Thus, it should be reasonable to expect them to not automatically equate the latter to broadcasting using CB radio.
-dZ.
Re: (Score:2)
Because the general public does not understand the underlying technology that makes computer networks work, and so may not understand the difference between connecting two computers by wire or by radio. Thus, it should be reasonable to expect them to not automatically equate the latter to broadcasting using CB radio.
The general public doesn't understand the underlying technology behind a can opener, but it doesn't prevent them from using one to open cans. Further, they really don't understand the principles behind a POTS telephone, let alone a walkie-talkie, but that doesn't prevent them from using either, or from understanding that the walkie-talkie broadcasts their message in all directions. To not extend this logic to communications between computers is irrational at best, as there is nothing counterintuitive to gra
Re: (Score:2)
I'm sure that the users of telephone systems were as bewildered by the communications networks at the turn of the 19th century as users are today by computer networks. Over 100 years of the technology permeating our society in many facets has allowed the technology to be demystified, and its concerns to be understood. Computer networks--specifically, end-to-end user communications such Wi-Fi networks--are fairly new.
You can be sure that the common man will not understand, say, the privacy implications of
Re: (Score:2)
Then they shouldn't be using it, or they should be using the internet to learn about how this all works. The public does understand the idea of a password though, and so if you don't need a password (www.foxnews.com) anyone can get to it, but posting as you requires a password.
To head off an argument I can see coming, Microwaves work by exciting water molecules, causing them to vibrate and warm up, causing my food to warm up. No water, no warming in a conventional microwave. Also mayonnaise is an emulsion
Re: (Score:2)
No water, no warming in a conventional microwave.
Actually, that is not true. Microwaves interact with almost anything with mass, which is why line of sight is so important in microwave transmission, and why rain affects cellphone communications.
Re: (Score:2)
I agree, people should be better educated. I disagree with the premise that such understanding is obvious to begin with.
-dZ.
Re:Google already does this - sort of (Score:4, Interesting)
If you have Google Maps on your phone (iPhone excluded), and you have wifi enabled, it will give you your 'wifi location'. That means google already knows about where the wif access points are?
Actually iPhone OS devices use wifi location too and have for quite some time. If your iPhone can't get a GPS fix, or if you have an original GPS-less iPhone, or if you have an iPod or wifi iPad, it will fall back on cell towers or wifi to determine your location. This functionality is built into the OS and works with any app that uses the location APIs.
You can't specifically enable/disable wifi location on iPhone, it's just another tool that may be used if location services are enabled but GPS is not available.
Re: (Score:3, Informative)
Re: (Score:2)
You're right, iPhone OS is different in that it doesn't use Google for its wifi data. Thanks for clarifying that!
On a related note: In my limited testing I found that wifi triangulation worked surprisingly well on a wifi-only iPad – provided that I was in a reasonably well-populated area of course.
Re: (Score:2)
You can disable wifi location, but only by disabling wifi altogether. AFAIK, you can't disable wifi location-finding while keeping wifi on.
Note that if you have wifi off, the iPhone/iWhatever will use the nearest cell tower as your "base" when showing maps, before it gets a fix from the GPS. Maybe someone should sue those cell phone companies for making their towers broadcast their location...
Re: (Score:2)
You answered yourself. The topic is Google aggregating this data, not SkyHook.
I don't understand either side of this (Score:2)
I don't understand how Google tracking wifi networks is bad for me.
And I don't understand why Google wants that information in the first place. How does knowing my SSID help them?
Re: (Score:3, Funny)
And I don't understand why Google wants that information in the first place.
Maybe they think its hilarious to run "SELECT COUNT(*) FROM WIFI_GEOLOCATION_TABLE WHERE SSID='Linksys'"
Re: (Score:2)
And now that you mention it, here's Wigle.net's map of linksys SSIDs [wigle.net].
Re:I don't understand either side of this (Score:4, Insightful)
They, or someone with access to their data, might abuse the information. If Google were a small, local company, doing this sort of thing for a single locale, it would not be so terrible -- but they are a huge, international operation, tying information together from all over the world, and using that information to determine more details about a person than that person agreed to reveal. There is a very high potential for abuse, and this is one of those situations where once the abuse starts, it will already be too late.
Re: (Score:2)
Really? Please describe the nature of this potential.
Re: (Score:2)
One day someone uploads to the press about a local issue.
Local interests fear more exposure and get the origin of the leak.
They have the MAC, IP. Trace the MAC as the unit was paid for by credit card ("cop" makes a few calls) and get the local surveillance tapes.
No warrant, much less paper work needed and they have Googles GeoAds v3.1 wifi coupon and banner software to light up all MACS in their city.
A known face is noted, no more l
Re: (Score:2)
And I don't understand why Google wants that information in the first place. How does knowing my SSID help them?
Unique combinations of SSID and MAC (neither of which is unique on its own but which can reasonably be expected to be unique when combined except where someone has deliberately made it otherwise) can be associated with GPS locations when mapped by devices which possess GPS and then used to find the locations of devices which do not, later, and therefore used to perform geolocation of GPS-less devices. Now, go forth and write your article, and be sure to either give me credit or substantially alter my text.
Re: (Score:2)
How does knowing my SSID help them?
well, they don't care that it's yours per se. they map your SSID to an approximate address. that goes into a database. now when someone else's phone sees that same network, voila, they know approximately where that person is. you get GPS-like abilities on a device with no GPS hardware.
Re: (Score:2)
They want law reform to scan networks that are not theirs.
Long term they want to sell ads on your phone/idevice as you walk, ride, drive down a street.
Pass a cafe, get a free coupon for an extra coffee sent to you ect.
Sounds so yummy, sci fi and benign.
Many new wifi modems have the MAC on the box. Pay with a credit card and that MAC is linked to you over the life of the product.
With lax new digital privacy laws for public and private information someone can b
Stupid Google fanboys (Score:2)
Always bragging about how Android does this, how Android does that.
Well, the iPhone was doing this *first*! Put that in your I/O socket and smoke it.
Re: (Score:2)
You'd think it'd go after those with tender juicy wifi who aren't sharing.
"Deathbot senses encrypted wifi - switching to password acquisition mode - spoon enabled."
Information management (Score:2)
I've managed my personal information for a long time, being careful what's public and what's not. For example, I make no secret about my home phone number. My home address, on the other hand, is strictly confidential, and only a handful of people know it.
If you type my name in to a search engine you will find me, as well as lots of other people with the same name as me. You will find what I want you to know about me. There is information about me that is not on the Internet (one biggie in particular), and
Outright lies as summaries (Score:2)
Good jeorb editors.
This is complete BS. First of all, Latitude makes it exactly clear what they are doing, this is how the iPod Touch does location (btw, anyone else get really annoyed when people call it the iTouch, or is that just me?), along
nothing to guess about (Score:2)
You don't have to guess what Google does because they do the same thing everybody else does.
Skyhook and lots of other companies have WLAN geolocation databases. Lots of phone apps use such databases and services, including iPhone and Nokia.
EyeFi and other cameras determine your location from visible WiFi APs and encode it in your images. They probably transmit your locations to your server. When you upload your images to Flickr, Picasa, or your own web site, you transmit that information along.
HTML5 has
Why do you keep posting Theodp's submissions? (Score:2)
This is the not the first time he has submitted biased garbage masquerading as fact in his own personal crusade against Google and for some reason someone keeps approving his ridiculous submissions. For gods sake, can we start out discussions out with real questions instead of "So why do hate America, Google?"
Let's take a look at some of the other crap he's submitted and has subsequently been posted:
Here we have: Are Googlers too smart for their own good?
http://developers.slashdot.org/story/10/05/21/142724 [slashdot.org]
Re: (Score:2)
The press and govs then did their jobs. Googles later notes on collecting payload data where very limited.
Note the reaction to the German govs request to see the data too.
Googlers too smart for their own good would be one car, one city ect. Google seems to have had a more global "Accident "and kept details for as long as it could.
Re: (Score:2)
I believe you're mistaken on the time-line.
Ireland was smart and simply asked Google to delete the data that was collected from Ireland. This was done. This was done after they made the announcement that they had accidentally collected the data. The only reason they ONLY deleted Ireland's data and not all the other data at the same time was because other governments had indicated they would view such actions as destroying evidence.
Now the German government puts Google in an impossible position by asking
Re: (Score:2)
Re: (Score:2)
I just hope the rental company doesn't know I'm having to drive a kilometer over their daily limit each time, (I drive it in reverse for one KM on the way back!)
500m should be enough.
Re: (Score:2, Interesting)
I think many of the people screaming loudest about the street view data collection never understood that Google was intentionally and unapologetically logging the SSIDs.
Re: (Score:2)
> I say yes...The buggers!
They ask permission, you give permission, and they do what you gave them permission to do. What an outrage!
Re: (Score:2)
Re: (Score:3, Insightful)
I'm in the US, but today Google shows my location as a town in Norway. Last week it said I was in Malaysia. Every so often it puts me in my actual office location. I'm guessing my corporate proxy has something to do with the confusion, since I'm not using wifi on my laptop.
Yeah, IP-based location is very poor, often choosing the wrong city. Wifi can vary from bad to good, but it's often reasonably accurate (e.g. to a few blocks).
I once had wifi location tell me that I was hundreds of miles away - I was at an exhibition, and I assume that the wifi access points were used at different exhibition and conference halls throughout the country.
Re: (Score:2)
What surprises me is when Google shows me 20 miles out at sea... I'm close to the beach... but definitely on dry land.
Other than that, it seems to be very reliable, as in down to 30' accuracy.
Re: (Score:2)
Couldn't we have an ESSID and BSSID swap day when we all trade our router configuration details with someone else elsewhere on the planet. Then anyone trying to use their services near my house would be told they were in alaska.
Re: (Score:2)
Couldn't we have an ESSID and BSSID swap day when we all trade our router configuration details with someone else elsewhere on the planet. Then anyone trying to use their services near my house would be told they were in alaska.
Unfortunately I'm pretty sure its based on MAC address not ESSID/BSSID, but then you can just use a decent AP that lets you annually assign a MAC address instead. You can probably use it to make yourself the foursquare mayor of your (least?) favourite cafe by using the mac address of their hotspot on your home AP.
Re: (Score:2)
No, fuck with their data. If people can change their AP's MAC, they should change it to DEADBEEFF00D or something similar, and let Google's system cope with all the duplicates.
Hell, when war driving was the geek's pass time of choice, there were plenty of websites publicising AP details. Just create a script to modify your AP's MAC and SSID at regular intervals to be the same as a random one that is already out there, and to modify your PC's wireless config (to automate re-connecting to this "new" AP).
If en
Re: (Score:2)
It would not be impossible for Google to determine that it was my house that the wifi data corresponds to, particularly if I use some other Google service. That means that I only really have Google's promise to "do no evil," and a hope that nobody else manages to gain access to Google's data -- that situation makes me a bit nervous.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
How does your friend using from your house give them that information as opposed to the van outside? Albeit it might be slightly more accurate with lat/long than outside but its unlikely to help with the floor (ie altitude)
Re: (Score:2)
Friend comes to my house. Friend uses Google location service. Now Google has the information about my wireless network, even though I did not give it to them.
If you are worried about broadcasting information that you would prefer to keep private, perhaps you could consider not broadcasting such information.
I've heard good reports about some networking technique that doesn't use radios. It may be relatively new, but you can find the equipment in stores.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Google also has the funding to sort, index and could sell data to unknown gov and private interests.
This is the start of 'bad' things and some people really want this 'trail run' exposed in daylight rather than the dark places Google operates in.
Google took the view that data collection and storage was not legal, but as other firms had done mapped wifi too, why not just grab everything in one pass.
After the pres
Re: (Score:2)
Some have the serial number, MAC ect as a barcode for easy scanning in the factory.
Pay with a credit card and that MAC is yours for the life the product in suburbia.
How easy is it to convert a MAC to an address?
Tell the manufactures local rep that its for a vital life saving case they are building
Re: (Score:2)
Yeah, I'm pretty sure it uses MAC addresses. After all, they are unique and do not change, unlike SSID's. It's the same system Skyhook uses, if you want to Google them I'm sure they have a FAQ explaining it.
Re: (Score:2)
Re: (Score:2)
Data interception and storage unknown to the people involved usually needs a warrant or bureaucratic 'ok' in most parts of the world.