Linked by Howard Fosdick on Mon 21st Nov 2011 07:48 UTC
Google Last June, CNET disclosed that Google collects and publishes the estimated locations of millions of phones, laptops, and other Wi-Fi devices. All without their owner's knowledge or permission. Google has finally announced how to exclude your home network from this database. Simply append "_nomap" to its name. Details over at CNET. Left unsaid is why the burden is placed on millions of individuals to opt-out, instead of on perpetrator Google.
Permalink for comment 497880
To read all comments associated with this story, please click here.
RE[6]: Comment by clhodapp
by Soulbender on Tue 22nd Nov 2011 00:54 UTC in reply to "RE[5]: Comment by clhodapp"
Member since:

Can you say which manufacturer is reusing addresses and their reason for doing so?

I think it was Netgear but I'm not entirely sure. The reason for re-using them is that the address space allocated to a manufacturer is not infinite. Why not re-use the same MAC's on cards that you send to entirely different geographical regions? The chances of those cards would go to the same owner are rather slim.

But it seems to me that they could/should have avoided the use of unique static identifiers when it was being worked on.

Perhaps but in all honesty I dont see the point in doing so. The scenarios in which knowing the MAC address is serious attack vector are rather limited.
For one, the MAC address in itself carries no useful information. The most you can derive from it is the manufacturer and maybe the model. Secondly, to make any use of it you need to break into it and in order to do that you need to know either it's IP address or be in the local vicinity of the access point. Sure, you can locate access points this way but why bother when you can just walk around at random with equal, or better, results. Let's even go far as to say that you're targeting a specific person. Now, chances are you already know approximately where this person lives so you can just as easily, and more reliably, get the information by going there yourself. In fact, you would have to go there yourself sooner or later to get the IP address so you see,Google's information is redundant and not really useful for the purpose of cracking.

Now, if Google published the IP address of each access -point I would be worried.

Edited 2011-11-22 00:55 UTC

Reply Parent Score: 3