Report Finds Google Supervisors Knew About Wi-Fi Data Harvesting 197
bonch writes "According to the FCC report, Google's collection of Street View data was not the unauthorized act of a rogue engineer, as Google had portrayed it, but an authorized program known to supervisors and at least seven other engineers. The original proposal contradicts Google's claim that there was no intent to gather payload data: 'We are logging user traffic along with sufficient data to precisely triangulate their position at a given time, along with information about what they were doing.'"
Is there a source to the article? (Score:4, Informative)
Re:Is there a source to the article? (Score:5, Informative)
I downloaded it the other day. Its available on Scribd [scribd.com]. Its telling that this NYT hack fails to give the source link, and the more you read it the clearer it becomes that nobody really knew what Engineer Doe was up to, and even he didn't find any convincing use for the data.
Re: (Score:2)
Re: (Score:2)
With a 4.5MB pdf. All the blog/press/gov timeline in its full glory.
Re: (Score:2)
"Last month, Google acknowledged it had mistakenly collected data over public Wi-Fi networks in more than 30 countries."
http://www.huffingtonpost.com/2010/06/08/google-privacy-slammed-ov_n_604084.html [huffingtonpost.com]
http://money.cnn.com/2010/05/27/news/companies/google_privacy_fortune.fortune/index.htm [cnn.com]
I hate it when I'm right. (Score:2)
^^
What does it matter now? (Score:3)
Re: (Score:2)
Even leaving aside Obama's veto threat, the bill was voted against by 75% of the Democrats in the House. If it gets a similar percentage in the Senate, they can filibuster it without any GOP crossovers.
Your fatalism isn't doing anyone any good. Actually, that's not true, I'm sure the Republicans love it. When was the last time you called your congresscritters?
Re: (Score:2)
Why, I called them "Bastards" just this week. I call them something or other once a day and twice on Sunday.
By the time they read their mail, however, their lobbyist already got to them in person, and convinced them to vote the other way. And the vote happened.
I usually get a mail 4-6 weeks later explaining why their vote was the only option, in vagueries best left to poets and politicians.
Re: (Score:2)
Even leaving aside Obama's veto threat,
Obama threatened to veto the NDAA. It had the effect of calming the growing protest storm against the act. "No worries, Obama will save us. We can relax." When in fact his staff was negotiating the nastier more offensive version that he eventually signed.
Don't trust him. He falls somewhere between Reagan and Bush1 on the political spectrum and gets called a socialist for being so far to the left of the Republi-fascist party. Our country has gone mad.
"Ohhh, I love to dance a little side-step..." (Score:2)
Looks like Google is trying the old "Teflon Soft-shoe" in an attempt to avoid charges, fines, and other 'business costs' associated with such snooping.
Glad to see the Engineer they blamed didn't just roll over and play dead on this, or it would have been Quite Bad in the long run.
So, where does that leave "War-Drivers" who specifically snoop out WiFi?
Re: (Score:3)
in the UK at least, they're already criminals (section 1 of the Computer Misuse Act 1990 makes it an offence to gather any data howsoever if unauthorised).
Re:"Ohhh, I love to dance a little side-step..." (Score:5, Interesting)
in the UK at least, they're already criminals (section 1 of the Computer Misuse Act 1990 makes it an offence to gather any data howsoever if unauthorised).
So if I post a blog in the UK for everyone to see, but I don't explicitly authorize anyone to view it (the authorization is just implicit), then the Googlebot would be committing a crime by going through it and indexing it? Is that what you're saying?
Re: (Score:2)
So if I post a blog in the UK for everyone to see, but I don't explicitly authorize anyone to view it (the authorization is just implicit), then the Googlebot would be committing a crime by going through it and indexing it? Is that what you're saying?
Implicit authorisation = authorisation. No authorisation = no authorisation. Simple, isn't it? You have authorisation to read this post. You have no authorisation to record this post being sent wirelessly from my computer to my router, or being transmitted from my router to my ISP, and so on.
Re: (Score:3)
I read "EMF" and started humming "Unbelievable". Bastard.
Who the hell cares? (Score:5, Insightful)
Re: (Score:2)
Let's sum up the whole thing, "Google had not violated any laws". That's straight from the article and the FCC investigation report. Not one single law was broken, PERIOD. So how is this news? If the NYT really wants to do news about privacy rights why doesn't it put the bullshit CISPA on the front page instead of ignoring it.
To be fair, the report accuses Google of potentially violating the Wiretap Act, but because Engineer Doe won't incriminate him- or herself there is no way to prove it.
Re: (Score:2, Insightful)
What, exactly, is wrong with receiving public broadcasts? Yes, they're public, unencrypted broadcasts in a shared band.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
If you don't want your email and password to be harvested by anyone with a computer and a little bit of knowledge, then I suggest not putting your password out in plain text over an open wifi connection where it can be seen from the street, in public.
It's a bit like writing your password and email address in lemon juice on a sign in your front yard and then getting indignant when someone knows to read it when it's hot outside.
I don't know why people seem to be so paranoid that Google is some nefarious organ
Its Kismet. (Score:2, Insightful)
For those who don't know, the unmentioned program is Kismet [johnmeyer.net] So what if Google engineers knew about its capabilities to write pcap files? It's not an overwhelming amount of data for each Google car when compared to everything else it's collecting, and I wouldn't be surprised if it was simply left on, since I belive that's how kismet comes out of the box. The big point is Kismet also plots access point data in easily parsable formats along with signal strength, geographical coordinances, clients connected, o
Re: (Score:2)
It's not an overwhelming amount of data for each Google car when compared to everything else it's collecting, and I wouldn't be surprised if it was simply left on
If I were in charge of outfitting StreetView cars, I'd load them with everything I could possibly lay my hands on. It costs a lot of money to send a car on a route. So if the car is going it should capture everything that is capturable - as long as that is legal and hopefully ethical.
With this payload capture Google broke law in some countries
Re: (Score:2)
Yes. But, generally speaking, legality of such a thing is not a constant. As an example, it is illegal to walk up to a house at night and look into the window. However is it illegal to do the same using a powerful telescope, from a mile away? Is it illegal to do from 10 miles away? At what point does the viewing become legal? After all, the people inside the house brazenly "broadcast" their actions by means of light waves, a familiar defense of Google.
The law, as written, does not prohibit wardriving, an
Re: (Score:2)
Yes. But, generally speaking, legality of such a thing is not a constant. As an example, it is illegal to walk up to a house at night and look into the window. However is it illegal to do the same using a powerful telescope, from a mile away? Is it illegal to do from 10 miles away? At what point does the viewing become legal?
You're implying they intended to eavesdrop. If they stayed motionless in an area for the express purpose of collecting data on the ground with the intent to collect information, then y
The NYT didn't read the Fed report either... (Score:5, Insightful)
They spent a year and tens of thousands of dollars "investigating" Google and couldn't find any violations of the law, so the make a bogus claim that Google "didn't cooperate". Why should Google? What the Feds wanted was for Google to unilaterally admit to some crime.
Those who claim Google was "stealing data" have no clue as to how wifi's work and what it takes to collect data with a "Street View" van. Mostly they are victims of Apple's and Microsoft's anti-Google FUD campaign, since they both collect the same kinds of data.
Most wifis have a radius range of about 300 feet. Traveling at 25mph a van can pass through 600 feet in about 16 seconds. It takes several minutes to crack a WEP and even more for a WPA encrypted connection. The van won't have enough time to crack into secured access points. That leaves OPEN access points. How many packets could a van collect in 16 seconds for an 11Mb/S connection? About 10,600. A typical 1500 byte packet has a maximum of 842 bytes of payload, which would total to about 9 MB of data. That "data" will be HTML code, web page elements, LOTS of graphics and tons of trivia. It *might" contain pieces of someone's email. All from Joe and Sally Sixpack who don't have enough sense to, in affect, close their blinds when they undress for bed at night, or shout all of their telephone conversations, or leave their cars and houses unlocked and the windows down or open. So, what are folks to do when they pass by, plug their ears and close their eyes for 600 feet?
Besides, ESSIDs can and often do change without notice, so they mean nothing. MAC addresses would identify hardware and Google could connect a MAC to an IP address, but gathering that information is not illegal. Besides, names, telephone numbers and house addresses have been linked together in phone books for a100 years. I can record your license plate number and look up your name and address in our state auto registration database after paying a registration fee of $50. Ditto for your house records: year it was built, how many times it was sold and for how much, the amount of taxes you payed and what is due, even a floor plan.
IF you don't want someone eaves dropping in on your wifi traffic then use WPA and/or encrypt your email and connect only with https websites.
Re: (Score:2)
Real-world analogies are always suspect, but even if people are undressing with the curtains open, anyone who films them doing so does so at their legal peril in most ju
Re: (Score:2)
The law regarding recording telephone conversations is more variable, but most jurisdictions have a "so long as one party consents" law, which in this case wouldn't be met. It doesn't matter, in UK law at least, whether the recording is done on the electrical or the acoustic side of the proceedings, and I'd be surprised if other legislation draws that distinction: recording phone calls with a sucker mic on the receiver is just as illegal as doing it electrically.
This is the second time I've heard this abou
Re: (Score:2)
Except that Google was saying it was not private data at all.. in which case it would be perfectly okay to turn over the date...
They can't have it both ways.
Troubling (Score:2)
I don't think this specific event was really all that bad.
What's really troubling, though, is the attitude towards the users' data. And it's not a single "rogue" guy; he talked to other people, even asking a member of the Search team if it could be useful - why didn't he or she report it? Are they really that numb towards protecting people's privacy? Consented data mining is one thing, but this was wardriving!
I'm still a Google fan - they make a bunch of things that I really like - but I think this just str
Re: (Score:2)
What's really troubling, though, is the attitude towards the users' data.
The attitude towards people's data troubles me, too. The attitude that people should be entitled to any expectation of privacy for data they broadcast over the equivalent of a loudspeaker, for instance. If you have any intention of the data being private, broadcasting it to anyone listening within a block's radius is the last thing you'd be doing. And if you had to do it, you'd use encryption to insure anyone hearing it wouldn't be a
Re: (Score:2)
No.
I never said people should be entitled to any expectation of privacy for data they broadcast. What Google did was legal and should be legal.
But none of that excuses their attitude. We know people broadcast their data mostly because their ignorant about the system, and Google essentially took advantage of their ignorance, which is always a shitty thing to do regardless of whether you have the right to do it or not.
Should people protect their data? Yes. Are they to blame if it gets sniffed? Absolutely. But
Re: (Score:2)
I disagree with that analogy; the guy walking down the street can't help if he sees something, just like Google couldn't avoid having the packets processed by Kismet in memory. But saving them to disk and analyzing them is akin to that guy then writing the intimate things he saw to paper, shared it with friends and thought "can I profit from this?".
Re: (Score:2)
So Google employees are not people?
Re: (Score:2)
How is this, in any way, a strawman?
If you're scared about company employees having access to this data, you should be even more scared about people going freelance with a Kismet setup and collecting it for themselves.
"There are worse people in the world" is not an excuse. If someone steals $1000 from you, should you give them a free pass because there are people who steal $100k?
Besides, this particular situation is a red herring. I'm talking about the company attitude towards user data in general, of which this was just an example.
My home connections are wired, so I don't need to "fear" a guy with Kismet. But a huge percentage of the websites out there - including Slashdot - have some
Who honestly cares? (Score:2)
Was google harvesting unencrypted wifi traffic? Probably... so what? Who has unencrypted wifi? Even the local coffee shop that gives wifi away for free still encrypts their wifi. They just tell everyone the password.
The moral of the story is encrypt your wifi... also, zip up your fly before you go out in the morning... and bring an umbrella if it's raining.
You know... basic words to the wise... like don't go swimming in sewage. Did google spy on idiots? Probably. But who cares? What exactly are we trying to
Not the point (Score:3)
At least in Netherlands it wasn't quite "legal" (Score:3)
Mother, Can I Trust Google? (Score:2)
Wiretap Act (Score:3)
Consider the humble wiretap: telephone conversations are unencrypted communications over semi-public networks, and yet unsophisticated callers presume them to be private. So there is a body of law designed to protect the privacy of our phone calls.
Yes, the neighborhood utility guy could tap the lines and listen in. But no company or enforcement agency could do so on a large scale without causing a huge scandal.
As tech-minded people, we all know that what happens on unecrypted wi-fi (and plain-text internet connections) is subject to interception by war-drivers, ISPs, and government-operated listening posts. And so it's hard to have any sympathy for folks who used unencrypted wi-fi and got caught by Street View's packet capture. But that doesn't mean it should be legal for organizations or governments to listen in. Just because they can, doesn't mean they should.
From the report, we know that Google started doing this in 2008, which *is* pretty late in the game for unencrypted wi-fi. Nevertheless, there was a time (say 2003ish) when it was fashionable to have unencrypted wi-fi. Not only did this ease compatibility problems, it made it easy for friends, family, and other visitors to get online quickly. It was also seen as an altruistic way to give internet to the masses. This started changing in the middle of the decade, but for whatever reasons there were clearly still quite a few unencrypted networks for gslite to sniff in 2008-2010.
Re:Motto?? (Score:5, Informative)
1) Collaborated with the government to alert the government about potential "illegal" activities being conducted
Or
2) Made attempts to crack wi-fi encryption
Re:Motto?? (Score:5, Interesting)
Disclaimer: While I did work at Keyhole(what became GoogleEarth) for 1.75 years back in 2k3, and while my older brother is Google's VP-Engineering, Geo division, I have had no significant insider knowledge or discussions about this, or anything related to it, since I left that job. I also would probably be written off as a delusional paranoid schizophrenic by many, but I'll refrain from shilling half a dozen interesting tidbits about myself here. Anyway, my comment is this:
"This would be evil if Google:
1) Collaborated with the government to alert the government about potential "illegal" activities being conducted"
Now, I will mention that it is public knowledge that the CIA through it's venture capital investment arm 'In-Q-Tel' did more or less save Keyhole from going under during the hard times of 2003ish, a year or two before they were acquired by google.
I honestly can't see how people, even the author of the parent comment, can ignore that angle of the parent comment. Do you really, in any universe after the last decade, think the CIA wouldn't start scratching their heads regarding the possibilities of a dragnet of roving signals intelligence vehicles canvasing the nation, neigh, the world?? I mean, Really??. Do you really think that if they had done something illegal, or debatably unconstitutional on that scale, that they couldn't succeed in getting it brushed under the rug, under the cover that it was just a couple silly engineers stretching some bounds? Really? If so, enjoy your lack of paranoia. Ignorance is bliss.
-dmc
Re: (Score:2)
For example, if it is acceptable for your neighbor to look at unencrypted web traffic for research purposes (as in, not reading the contents of e-mails to gain something such as blackmail, financial gain, etc.) it should be acceptable for a corporation such as Google to do it so long as same procedures are applied (don't look through e-mails, don't degrade the network's per
Re: (Score:2)
The analogy of a peeping tom is more like a couple in a glass house made of one way mirrors and people looking, some taking pictures or videos, and some taking pictures or videos of an attraction next door. It is not like using a zoom lens or x-ray. Maybe the users did know they were in plain sight, maybe they didn't... but lets face it.. you have to be pretty ignorant with every device you use warning you insecure networks are insecure...
It is not illegal to listen to a radio scanner or even record... at l
Re: (Score:2)
Evil is a point of view.
- Lestat
Re: (Score:3)
Engineer John Doe: From my point of view, the FCC is evil.
Sergey Brin: Well then you are lost!
Re:What people figured all along (Score:5, Interesting)
It confirms no such thing. In fact the entire summary is out of touch with what was in the FCC report.
The entire thing is on line, you can read it for yourself. The FCC dropped the whole thing because there is no clear evidence that google violated any law.
GO READ THE FCC REPORT YOURSELF
instead of relying on a biased hack at the NYT to put their own spin on it.
There was never any intent do use this data, it was merely one engineer's pipe dream to do so.
And the fact that he MUCH LATER circulated memos that stated he was capturing freely available encrypted traffic to 7 people
does not mean they were actually aware of precisely what that meant.
Re:What people figured all along (Score:5, Interesting)
Full underacted text (other than the name of Engineer Doe, is available here [scribd.com].
It was clearly a tiny project that got little oversight, and less review. For the NYT to say it was "approved" is quite beyond the facts. Collecting wifi access point locations was approved. But Engineer Doe went off the reservation and did way more than that.
Re: (Score:2)
icebike, Tell us who you work for, and you represent, before you shit all over this thread any more!
Re: (Score:2)
It was clearly a tiny project that got little oversight, and less review.
Where does the "clearly" adverb come from? Why do you consider gathering unencrypted wifi traffic from the streets of half world a "tiny project"? Do you condone the fact that, as you are saying, Google treated a project with massive privacy implications with "little oversight, and less review"?
For the NYT to say it was "approved" is quite beyond the facts. Collecting wifi access point locations was approved. But Engineer Doe went off the reservation and did way more than that.
There's no proof that the plan has been approved? Who cares: there's proof that the plan has been executed, because Google did store payloads. And they lied the first time they were asked by the EU if they were doing
Re: (Score:2)
Full underacted text
I'll wait for the Shatner reading.
Re: (Score:2)
There is quite a difference between sending porn thru a hacked wifi (in reality probably a totally unsecured wifi) and listing to a couple seconds of unencrypted wifi traffic as you drive down the street.
You also have to remember that the FCC said there was no evidence that what Google did was illegal. So that pretty much puts the lie to your claim that Google got off because they were Google. They got off because it wasn't a violation of law. Hacking someones internet is a violation of law. So is theft
Re:What people figured all along (Score:5, Insightful)
Dude we know you're biased as shit. You submitted the article! Just give up and admit that you either have a clear bias or are paid by or affiliated with Microsoft, directly or indirectly.
However, the difference between Google and MS/Apple is that in MS/Apple's case it'd be a quiet settlement with no details.
With google, what happens? Straight up honesty. 100% un-redacted other than the user's names.
Re: (Score:3)
Bonch is an Apple shill and MS hater.
Re: (Score:2)
With google, what happens? Straight up honesty. 100% un-redacted other than the user's names.
Shouldn't/Isn't the FCC report publicly available even if Google doesn't release it? I mean, we can give props to Google if they link to it from their blog or otherwise increase the visibility of the report, but it seems to me that the FCC report should be public regardless of what the investigatee wants or does.
Re: (Score:2)
Hi Bonch!
Re: (Score:3)
I keep reading these accusations and assumptions and almost all of them seem to ignore that the open source software (Kismet?) that they used to grab data logs it all as a default, or at least that's what I've read. Is there even an option to strip the non identifying information out? (I'm actually asking, I don't know this package).
Re: (Score:3)
Yes, he could have set a flag and not gathered any payload, just beacons and mac addresses. But Engineer Doe decided not to do this.
Kismet does not capture packet payloads when the encrypted flag is set on. There is a switch to turn off all payload capture.
Further, any SSL sessions would be captured in their encrypted state even when the router was un-encrypted. Nothing was able to
be gleaned in that data either. No bank passwords.
That they got any email addresses or content is amazing. I suppose a lot
Re: (Score:2)
How'd that go again?...Do No Evil or something like that?
Re: (Score:2)
Biased hack at the NYT? How about the fact that it was submitted by Bonch, who has a clear bias against google? He's basically Florian Mueller with a different username.
there was clear evidence (Score:2)
Re: (Score:2)
Re: (Score:3, Insightful)
The amount of wrongful moderation towards bunch and anyone critical of Google in this story is quite astonishing. Actually, not just this story but in every story on Slashdot. I'm a big fan of Google's products, I use gmail and my Android phone every day (even develop for it), but even I think this is scary and completely unacceptable. Just because its Google it doesn't make it right. You shouldn't give them a free pass on privacy v
Re: (Score:3)
I think this is scary and completely unacceptable.
Why is it "completely unacceptable" to capture data that is being broadcast in the clear over public radio spectrum in a public space? If someone wants to protect their data, their router has the tools to do this, just as if you don't want people to see you standing in your house nude you close the damned curtains.
No, I'm not defending Google, I'm defending *everyone's* right to not be penalised for something that shouldn't be considered "unacceptable".
Re: (Score:2)
I think this is scary and completely unacceptable.
Why is it "completely unacceptable" to capture data that is being broadcast in the clear over public radio spectrum in a public space?
It's not that they captured some broadcast data, anyone can do that. It's that they systematically drove around and captured A LOT of broadcast data and correlated it to location information, with the intent that it could be mined for business purposes in the future.
It's the same reason why the health code is very strict for restaurants but not for personal kitchens. If I don't cook something correctly, I could make my family sick. But if a restaurant doesn't cook something correctly it could make hundreds
Re: (Score:3)
It's not that they captured some broadcast data, anyone can do that. It's that they systematically drove around and captured A LOT of broadcast data and correlated it to location information, with the intent that it could be mined for business purposes in the future.
"A lot" divided by the number of households they drove passed == practically nothing from each household. Given that they drive around in the middle of the day, the vast majority of wifi networks are going to be almost entirely idle, so they probably won't get anything from them other than the beacon. The beacon packet basically contains the SSIDs of the network (which they use to identify an access point for their wifi geolocation system), and contains no other useful data. Occasionally (probably every
Re: (Score:3)
I am using WLAN in the place I live. The same one that many other residents use. It is password protected, but once you login, everyone is still broadcasting their data to me also. Is it ok for me to sniff that data too?
Yes, why not? If you are sending data in the clear to untrusted networks you're a complete idiot. Presumably that wifi is either a LAN where all the clients are trusted (so everyone trusts you not to do bad things with their data), or it is an internet connection, which is inherently an insecure network so anything passing over it is liable to be intercepted (often legally required to be intercepted and logged by third parties in some jurisdictions).
In the same way, would it be ok for me to plug-in to your internet connection outside your house and sniff that data too?
Yes and no. The internet is an insecure public network,
Re: (Score:3)
Well, the report confirms what was in the summary and title of this story.
How so? Read the 3rd bullet point on page 22 of the report. [scribd.com]
"The record also shows that Google's supervision of the Wi-Fi data collection project was minimal. In October 2006, Engineer Doe shared the software code and a "design document" explaining his plans with other members of the Street View project. The design document identified "Privacy Considerations" and recommended review by counsel, but that never occurred. Indeed, it appears that no one at the Company carefully reviewed the substance of Engine
Re: (Score:2)
Re: (Score:2)
Do we need to start limiting which species get to post here???
Re: (Score:2)
Do you have any actual proof to cite, aside from the fact that the title of the article is 100% the opposite of what happened?
Re: (Score:2)
Nullifying this one example changes nothing. And how do you "prove" someone's evil, BTW? Trust Google at your own risk.
Re:There are rules, even unspoken (Score:5, Interesting)
If you're talking about using encryption rather than broadcasting everything you do to everyone on your block, I disagree. You can, and you should.
Sorry, this is really a non issue for me. Google went around and did the equivalent of listening while people shouted from their rooftops. If you don't want people knowing what you're saying, don't shout it from your rooftop. The same goes for spewing unencrypted traffic across your neighborhood.
Re:There are rules, even unspoken (Score:5, Insightful)
Consider what you're saying. It's like condoning someone who breaks
Wrong. There were no locks for them to break
and enters
Wrong. People were transmitting their information into the street, Google didn't have to enter anything
Want to try again with another analogy?
Re: (Score:3)
The wifi data was half-in, half-out of their private homes
No, it was out. The Google car never entered their property, and yet was able to capture that information in its entirety. It was wholly out of their home.
It was meant to be used by them, in their homes
They might have intended for it to only be in use in their home, but they never took the simple necessary technological measure to make it so (encrypting it) which is not a difficult thing to do with a home-use wi-fi router, even for a novice. It just requires them to read the manual.
and technology had to be specifically modified and sent out in order to intercept it
No, no it didn't. One of the details in this case is that Google basical
Re: (Score:2)
How easy it is to do depends very much on who you are. My problem with things like this is it actually encourages bad security. If we go around telling people that it's ok to just demand the world turn around when they do the digital equivalent of walking down the street naked, are they really better off than if we tell them "Hey, there's this check box you ca
Re: (Score:2)
How easy it is to do depends very much on who you are. My problem with things like this is it actually encourages bad security. If we go around telling people that it's ok to just demand the world turn around when they do the digital equivalent of walking down the street naked, are they really better off than if we tell them "Hey, there's this check box you can set on your router that makes it all but impossible for people to snoop on you. If you don't check it, ANYBODY who bothers to try will see everything you do."?
I can appreciate that. It's a very noble sentiment, and I feel it myself.
What I have to keep in check, though, is that a desire to shape public policy - even in this case for something like technological education - does not enable myself or anyone else to remake the law in ways that violates someone's rights. The desire to reshape society for what often started out as noble goals as you've described, is now often misused when politicians play on emotions to gain public support for further erosion and inr
Re: (Score:2)
Making sniffing of wifi illegal is a complete lack of understanding on how the technology works. It is unlicensed spectrum and any bit pattern your wireless device emits will be recieved by every reciever on the same band. At what level is "sniffing" sniffing?!
I suspect that this case will follow the same path as using a scanner to tape and record radio conversations... an act in itself which is not illegal.
Re: (Score:2)
No, it was half-in, half-out. By that I mean it was being used in their homes, and "leaked" out because that's what airwaves do. Which isn't typically a big deal, since one hardly expects people to be sitting outside trying to pick it up.
Yes. In other words, you need to consider more than just the most common case. You also need to consider edge cases, and the potential damage versus the likelihood versus the difficulty to mitigate. In this case, the edge case is likely - anyone with a laptop could do it, and have been known to (see wardriving), the damage is potentially severe - especially if you do stupid stuff like sending sensitive data in the clear over email, and the difficulty to mitigate is trivial.
There's nothing technologically complicated about using a handgun either, and using one could certainly save you from a violent mugging.
No. However, securing your router
Re: (Score:2)
No, it was half-in, half-out. By that I mean it was being used in their homes, and "leaked" out because that's what airwaves do. Which isn't typically a big deal, since one hardly expects people to be sitting outside trying to pick it up.
Yes. In other words, you need to consider more than just the most common case. You also need to consider edge cases, and the potential damage versus the likelihood versus the difficulty to mitigate. In this case, the edge case is likely - anyone with a laptop could do it, and have been known to (see wardriving), the damage is potentially severe - especially if you do stupid stuff like sending sensitive data in the clear over email, and the difficulty to mitigate is trivial.
No. You're discussing technological feasibility - and how complex it would be to implement, as well as risk-reward ratios. Which completely fails to address the matter in terms of rights in law. You do this several times throughout your response.
There's nothing technologically complicated about using a handgun either, and using one could certainly save you from a violent mugging.
No. However, securing your router doesn't inflict bodily harm on a human being, require special licensing, or open you to the possibility of charges arising from its use (yet). Are you sure you're not BadAnalogyGuy in drag? Having a gun is a complex piece of mitigation, involving training and licensing, and may not even be effective, as presence of a firearm might prevent, or it might provoke escalation. Better mitigation would simply be not to go to dangerous areas at night. Not foolproof, but it reduces the chances of occurrence down to the point where I've never been mugged in my life.
...such as here...
Whenever you leave your home, there is also a slight chance that it will rain no matter what the weather report says.
Which is why I keep an umbrella in the car.
You might get slammed by a car as you cross the street, therefore you should never leave the house without a pair of clean underwear on, in case you have an unanticipated ambulance ride to the hospital to worry about
And that's at a level of severity I really don't worry about. For various values of "clean" anyway.
And you might run into some tourists from Spain who don't speak English while you're out.
Again, level of severity is negligible. Why do I care if I can speak to the tourists or not?
Therefore, you should never leave the house without a loaded handgun, a large umbrella, a pair of clean underwear on, and a Spanish-to-English translation dictionary. Otherwise, it's your own damn fault.
Well, if you get caught in the rain without an umbrella, yes, it is your own damn fault. What do you want, the government to outlaw rain?
No. I'm demonstrating the impracticality of having a government refuse to acknowledge your rights, and leave you to fend for yourself in every eventuality.
My point, however, remains. Kismet does not come standard, you have to purposely install it - usually to sniff another person's otherwise-private network traffic.
Your threshold for "modification" seems to be unrealistically low - considering that would mean my grandma's computer with Open Office on it would be considered "specially modified technology".
If your grandmother can pick up my wifi data with Open Office, please do arrange a meeting with her for me.
Part of my point was that someone would have to modify the technology or use the software in order to pick up someone else's personal wifi data, thus legally establishing intent. If you demonstrate intent to nab someone's papers, or in this case wifi data, you've demonstrated an intent to violate their rights and act on it.
The other part had to do with the distinction between using hardware and software particularly for the purpose of packet sniffing, versus the feasibility of walking down the street and happening to look into an uncurtained window as in your example. And you appear to have ducked both parts of my point.
And a wireless router does not come standard either.
True, but irrelevant. We're not discussing how using wifi routers violates someone else's rights.
You have now dispensed with a free society's right to have open, unencrypted wifi hotspots in order to support an argument that anybody should be allowed to play Peeping Tom on someone else's data, just because they have the technological ability.
You already had.
False.
After all, you wouldn't connect to an open, unencrypted wi-fi hotspot if doing so was a criminal act (as you want to make it).
I said no such thing.
And no, wi-fi free, open wi-fi hotspots are perfectly viable under my model. You just do what any person with a clue does now, and don't transmit secure information over a wi-fi network you're willing for other people to use.
Another dodge. You maintain that in using open wifi routers, one has relinquished any right to expectations of privacy. And that is bunk.
If we tried the same argument with personal defense, society would become an arms race in which everyone had to pack an AK-47 and Kevlar before leaving the house, because any random schmuck could light them up on their way to work
Possibly because there's a distinction between a wi-fi network and an assault rifle. You may not have been aware of that, but I'd probably look into it before you go down to the range next time if I was you. It might save you looking a little silly.
Yet you neglect that the same argument would be absurd for either, which was my point.
You may as well argue that they're different shapes, or made of different materials, and that I'm a dunce for not noticing. At this point, you're visibly sabotaging the conversation.
Hopefully you now understand the point I'm trying to make there, and aren't just trying to avoid hearing it.
I knew the point you were making long before this post. It's a stupid point.
Then don't engage in pages of dialogue with me pretending to debate, when you aren't. Say my point is stupid, leave it at that, and I'll write off your argument as an invalid insult rather than the debate you tried to couch it as. That would have saved us both a lot of wasted time. Why do you come to Slashdot if not to debate, when ChatRoulette is more satisfying for what you're doing?
You have the right to your own data. You have the right to encrypt it. If someone tries to crack your encryption, the government should lock them up. If they break into your house to steal your unencrypted data, the government should lock them up.
If they read the data you broadcast in the clear
Yep. In your world, wifi signals must appear as visible hologrammatic channels of data flowing between computer and router and leaking out in a radius outside the building, where any innocent child wandering around outside. No malicious intent, no deliberate action required to pick up that data, they just slip over a banana peel because the owner didn't use additional encryption. And that doesn't work for me.
when you don't want them to, you're a moron. Sadly, that cannot be fixed by legislation.
Since you're not attempting to have a reasoned debate but dodge the discussion instead, I'm going to give it a miss myself. That way, at least we'll agree to something.
Re: (Score:2)
No. You're discussing technological feasibility - and how complex it would be to implement, as well as risk-reward ratios. Which completely fails to address the matter in terms of rights in law.
You're discussing "adding" a new right. That is, that people have the right to broadcast their information and demand that people not read it. This is not currently a right, as TFA states. You are looking to expand government protection into a new area. I'm providing reasons why that protection is unnecessary. Those reasons are technical, and risk related, as well as moral - that is, making individuals take responsibility for their own dissemination of their data.
If your grandmother can pick up my wifi data with Open Office, please do arrange a meeting with her for me
Hell, my grandma can do that with a base ins
Re: (Score:2)
At this point, you're visibly sabotaging the conversation.
No, I'm mocking you. I'm doing so in an attempt to dissuade you from making ridiculous and emotionality-laden comparisons to mass butchery any more.
You've done all three in this instance, and so you will only have dialogues with people who tolerate that. Ta.
Re: (Score:2)
And I'll only have dialogues with people who don't think that requiring people to secure their router is equivalent to allowing murder gangs to roam the streets unopposed. From we're I sit, it's all plus.
Re: (Score:3)
Oooh, let me try. It's like two people having sex in their street-facing bedroom without closing the curtains, and complaining when a passerby sees them.
Re: (Score:3)
You're right of course.
Sending out vans en masse to peoples' neighborhoods with equipment and software that's specifically designed to pluck wifi traffic out of the airwaves is no different from strolling down the sidewalk and happening to glance into someone's window. Why, just the other day I was on my way home, glanced over, and idly picked up several packets of someone's e-mail and a bit of their usenet traffic before I could think to look away. How silly of me.
Re: (Score:2)
If you had a laptop with you, you probably did.
Re: (Score:2)
Yes, when do we go after Microsoft for leaving that packet sniffing option on as a default installation option?
Re: (Score:2)
Why would we?
Re: (Score:2)
If you had a laptop with you, you probably did.
Your laptop will immediately discard any data from an unsecured and unencrypted network that it is not connected to.
Re: (Score:2)
If my eyes see two ugly people having sex, believe me, they're going to be discarding hell for leather too.
Re:There are rules, even unspoken (Score:5, Insightful)
No, that's not remotely what I'm saying, and your Matthew Shepard comparison is wildly off base.
If you have unencrypted WiFi, you are broadcasting, quite literally, whatever you're doing. All I'm saying is if you're out in public, people can take your picture. You might not like it, but they can. If you yell at your wife on the front porch or in the house if you're loud enough, the neighbors can hear you. I'm not saying you need to encrypt everything, or that you need a vault. I'm saying don't broadcast to the world if you don't want the world to hear you.
I'm very much pro-privacy, but if you want your privacy (as I do), you can't put the burden on the entire rest of the world to preserve it for you. We railed against the DMCA because it criminalized circumventing even useless protection measures, but somehow when they're OUR useless protection measures, it's different? No, it's not. What I'm saying is that if you don't want your papers and personal effects gone through, don't leave them lying in the street for people to pick up and read.
Re: (Score:2)
No, that's not remotely what I'm saying, and your Matthew Shepard comparison is wildly off base.
You're saying that the onus on people if they don't want others to take advantage of them is to hide all their vulnerable points. And I'm saying that's the sign of a lawless anarchy where people aren't presumed to have rights.
If you have unencrypted WiFi, you are broadcasting, quite literally, whatever you're doing. All I'm saying is if you're out in public, people can take your picture. You might not like it, but they can.
A very apt parallel. Under American Common Law, your likeness - as well as your signature - is your private property. People can no more snap you without your consent without being liable for violating your property rights than they can take an image of your signature and print it o
Re: (Score:3)
Cite, please. It's my understanding that if you're in public, people absolutely can take your picture and do not need your consent. If you're correct, I'd like an explanation how paparazzi aren't all in jail.
Re: (Score:2)
Cite, please. It's my understanding that if you're in public, people absolutely can take your picture and do not need your consent. If you're correct, I'd like an explanation how paparazzi aren't all in jail.
Common practice within the Union about a century ago; I came across it years ago in research and no longer have the historical reference, unfortunately. I did find cites just now, though. [uslegal.com]
As to the paparazzi, part of it would most likely be that the country's forgotten that by now, or that as public figures celebrities are presumed to be accessible in that regard. I'm honestly not sure how much of which. It would be kind of interesting for celebs to copyright their likeness in this day and age though, and then sue tabloids for distributing without permission.
Perhaps we're getting to the core of the issue. You're arguing from a base where law isn't actually law. I can't follow you there.
Yes and no. It's the venue of law the Constitution was written in, and the American variant of Common Law remains the law of the land [buildfreedom.com]. However, it is prevalently ignored today by the majority of citizens, who have not heard of it. Yet.
Yes, and infrared cameras that see through your walls. I suppose that's what muddies the waters. It comes down to the "reasonable person" test. IIRC, it's been decided (in court) that reasonable people do get protection from being spied on via IR cameras. I think it's reasonable to assume there's not a laser microphone pointed at your windows, too. I just don't feel that unencrypted wifi streaming out of your house deserves the same protection when it's trivial to encrypt it. I don't think we should have to IR shield our houses. I don't think we should have noise generators on our windows. I do think we should encrypt our wifi.
And there we disagree. Or rather, I don't think we should be considered to be obliged to encrypt our wifi in order to secure our right to privacy on it. But I do like how well you've summarized the matter.
No, it's a form of encoding. If you're going to claim that as encryption, I can as reasonably claim that this is a private conversation between me and you, and that anyone else reading it has violated my rights because I encrypted it in ASCII or Unicode, or whatever prior to uploading it. It's not MY fault everyone else's computer is capable of decrypting it.
Impressive! I honestly don't have a response to that one right now. I'll have to think about that one for a while. Thanks for the new (to me at least) point. Very refreshing to encounter.
Re: (Score:2)
No, it's a form of encoding. If you're going to claim that as encryption, I can as reasonably claim that this is a private conversation between me and you, and that anyone else reading it has violated my rights because I encrypted it in ASCII or Unicode, or whatever prior to uploading it. It's not MY fault everyone else's computer is capable of decrypting it.
I think the distinction there would probably have to be intent, and basis.
By intent, I mean that there's a difference between engaging in a forum discussion, and deliberately attempting to intercept someone's comm traffic via their wifi signals. That's a close enough approximation to the guaranteed Fourth Amendment right of citizens to be secure in their papers (whether those papers are in the home, out outside of it) for me to equate them. Others may interpret that differently.
When I say basis, I mean th
Re: (Score:2)
Re: (Score:2)
The distinction is pretty important, and so long as it's not used as an argument to diminish rights it makes quite a bit of sense.
I agree that in a case of accidental nonsentient monitoring that isn't accessed, it's pretty inconsequential.
The natural concern is of course intentional, systematic monitoring, sentient or otherwise, that is or can be accessed effectively. And carefully evaluating who collected that data in the first place, and whether their motives for so doing were even valid and fair, is jus
Re: (Score:2)
Re: (Score:2)
Wifi signals can be captured from space? That would be awesome for the guys on the ISS.
If they wanted to read Slashdot they could just hop on one of the undoubtedly tens of thousands of unencrypted wifis below them at any given moment.
Mind you I can't get a connection from the road let alone 1km away.