Linked by Howard Fosdick on Mon 21st Nov 2011 07:48 UTC
Google Last June, CNET disclosed that Google collects and publishes the estimated locations of millions of phones, laptops, and other Wi-Fi devices. All without their owner's knowledge or permission. Google has finally announced how to exclude your home network from this database. Simply append "_nomap" to its name. Details over at CNET. Left unsaid is why the burden is placed on millions of individuals to opt-out, instead of on perpetrator Google.
Thread beginning with comment 497768
To read all comments associated with this story, please click here.
UltraZelda64
Member since:
2006-12-05

The one that I've used for years, and add "_nomap" to the end of it, just so Google will not advertise my router? What the f--k, seriously? First of all, I didn't even know Google was advertising my router; and secondly, why the f--k is it doing it without my knowledge anyway? Does Google pay my Internet bill? The electricity to keep it running? Do they own my router? Come on, this is ridiculous. All of a sudden, I'm no longer quite so thrilled about my new phone. This is f--king bullshit.

Google, quit advertising networks that doing belong to you and forcing people to add nonsense to the name of the wireless network connection names. Stay out of my f--king business and my other personally-owned devices.

I've noticed Google has been doing some questionable things lately, but this is truly a new low for them.

Edited 2011-11-21 09:05 UTC

Reply Score: 6

Thom_Holwerda Member since:
2005-06-29

They're not advertising your router - at least, not more so than the phonebook is advertising your address. You broadcast your SSID in much the same way you broadcast your house number. Should people who walk by your house cover their eyes so they don't see your house number? Should people with wifi on their phones who walk by turn wifi off because otherwise they'll pick up your SSID?

I'm not saying you don't have a right to keep it from Google - because you do - but I don't think it is unreasonable to expect some action on your part to keep it as such, the same way it takes action on your part to get a secret phone number (my landline is level 3 or 4 secret). My SSID is not broadcast at all - an even better solution.

Reply Parent Score: 5

benali72 Member since:
2008-05-03

Router defaults are always set to Broadcast SSID. You can not expect the typical user to know that they have to set this OFF or rename their network to avoid Google's prying eyes.

And what about Google's tracking and publication of the location of Wi-Fi-enabled devices, including PCs, iPhones, iPads, and Android phones?

I think UZ64's outrage is justified.

Reply Parent Score: 1

UltraZelda64 Member since:
2006-12-05

They're not advertising your router - at least, not more so than the phonebook is advertising your address. You broadcast your SSID in much the same way you broadcast your house number. Should people who walk by your house cover their eyes so they don't see your house number? Should people with wifi on their phones who walk by turn wifi off because otherwise they'll pick up your SSID?

I'm not saying you don't have a right to keep it from Google - because you do - but I don't think it is unreasonable to expect some action on your part to keep it as such, the same way it takes action on your part to get a secret phone number (my landline is level 3 or 4 secret). My SSID is not broadcast at all - an even better solution.

I don't mind if people in close proximity to where I live can see my wireless connection; it's locked with a long WPA passphrase containing both capital and lower case letters and numbers anyway, and I seriously doubt that anyone within a five-mile radious would know the first thing about breaking into a computer network. Plus, they would have to stay within the router's range to stay connected if they did try to crack into it; they couldn't just do it while driving down the street. That handful of local people on their cell phones walking down the street, who can just as easily see my house address as you pointed out? Well, let them see my SSID; it's highly unlikely they would even try to breach a "locked" access point, and if they did they would give up fast.

The benefits of broadcasting the SSID outweigh the disadvantages here, or so I thought, with it much easier for my friends to find the network and then give me the device to enter the password. It also allows automatic detection and connection when in range. In fact, someone who lives nearby who tries to break into my house would likely be caught by law enforcement much quicker and easier than a traveler from, say, Maine. But I'm not talking about the neighborhood--I'm talking about the whole god damn Internet here.

The problem is, Google is actively PUTTING MY ROUTER'S SSID AND WHEREABOUTS ON THE INTERNET, WITHOUT MY PERMISSION. In other words, *anyone* who wants to can pinpoint it if they really wanted to and try cracking. The whole god damn Internet has free access. And I have to add some stupid "_nomap" bullshit to my own custom SSID just to make it stop? Fuck that. Someone traveling to my state from the other side of the country? No problem, just check Google to see that I have a router set up at this address. Add this new widespread public data a traveling cracker with a GPS for even easier locating of geographical locations and you've got some serious potential for problems. Google is making it easy for a traveling cracker to breach into people's home networks and computer systems. How the hell do you have no problem with this?

I don't mind my SSID being broadcasted locally. You know, as in the relatively short range that Wi-Fi covers; maybe a couple hundred feet, max. This is how it's supposed to work... or so I thought. What I do mind is it being fucking posted, along with its nearly-precise geographical location, on the fucking Internet. It's really fucking pathetic that I have to do this, but I have just disabled broadcasting on my router (running Tomato firmware 1.28). Until now, I have never felt the need to. Oh well--as long as I have an Android phone nearby, broadcasting will now be disabled. That's one hell of a crooked move, Google.

What's nice [sarcasm] about this is that even though my Android phone "knows" about my home router (SSID, passphrase) to automatically connect, it will no longer connect to it to use high-speed Internet access. Yay, Google. Motherfuckers. Now my problem is, trying to get Android to connect to this now non-broadcasting network; since the phone doesn't "see" it it uses the slow cellular network, and I see no screen that will allow me to manually enter the SSID and connect.

And by the way--about your phone book example: I don't have a landline telephone, but I sure as hell don't give my cell phone number out like candy during trick-or-treat either. Very few people know it, and I intend to keep it that way. And you know, some people actually pay extra to NOT have their phone/address posted publicly in the phone book. You know, unlisted. Some people do actually care about privacy and security.

Reply Parent Score: 4

Alfman Member since:
2011-01-28

UZ64,

The whole ordeal where they were collecting private wifi traffic seems to be rather worse in my opinion.

http://arstechnica.com/tech-policy/news/2010/05/google-says-wifi-da...

Do you suppose people have a right to delete their mac addresses from the database once they see that google put them up?

The database is kind of eerie. If a cracker gets into your system, they might look up your router's mac and then search for it in google's db. This adds a whole new element to computer security threats.

Also, certain IPv6 addressing schemes include the mac address in one's personal IPv6 address. If this ever becomes popular, it would make IPv6->geolocation trivial (assuming google's cars are making their rounds frequently enough).

Edit:

I forgot to add a link:

http://superuser.com/questions/243669/how-to-avoid-exposing-my-mac-...

Edited 2011-11-21 09:38 UTC

Reply Parent Score: 3

Soulbender Member since:
2005-08-18

If a cracker gets into your system, they might look up your router's mac and then search for it in google's db. This adds a whole new element to computer security threats.


Eh, not really. For one, if a cracker has gotten in to your system you have bigger problems than your MAC address being loosely tied to a physical location (that may, or may not, be correct).
Secondly, in order for the MAC address information to be remotely useful to the attacker he'll have first actually break into your system to even get your MAC address. Unless of course he's in your immediate area in which case he can figure this out all by himself without the assistance of Google.
To everyone else all they'll know is that there is an accesspoint named X that MAC address Y has used at some point in time. There's no way to actually relate that MAC address or BSSID to your person.

The dangers of this thing is a bit overstated. It's not like rogue hackers somewhere will magically gain control of your life and threaten world peace by knowing your BSSID and MAC.
We can probably expect this scenario to show up in a cheesy and technically incorrect Hollywood movie any time soon. It will probably star Lorenza Lamas.

Reply Parent Score: 3

vrwarp Member since:
2010-11-11

Could you propose a better opt-in/opt-out mechanism?

If it were opt-in, what would stop me from opting-in all the networks around where I live?

If it were opt-out, what would stop me from opting-out all the networks around where I live?

While the solution is a kind of clunky, it is the easiest way to guarantee that the owner of the router does *not* want their network being used to provide geolocation.

Of course, you could argue that it should be _map as an opt-in instead of _nomap as an opt-out, but then the service would be dead on arrival.

Reply Parent Score: 1

phoenix Member since:
2005-07-11

The solution is simple: don't publish the database on the public Internet.

Reply Parent Score: 2