Linked by Howard Fosdick on Mon 21st Nov 2011 07:48 UTC
Google Last June, CNET disclosed that Google collects and publishes the estimated locations of millions of phones, laptops, and other Wi-Fi devices. All without their owner's knowledge or permission. Google has finally announced how to exclude your home network from this database. Simply append "_nomap" to its name. Details over at CNET. Left unsaid is why the burden is placed on millions of individuals to opt-out, instead of on perpetrator Google.
Thread beginning with comment 497884
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[7]: Comment by clhodapp
by Alfman on Tue 22nd Nov 2011 01:38 UTC in reply to "RE[6]: Comment by clhodapp"
Alfman
Member since:
2011-01-28

Soulbender,

"I think it was Netgear but I'm not entirely sure. The reason for re-using them is that the address space allocated to a manufacturer is not infinite."

Well they haven't run out yet, any reuse right now would suggest administrative error. Although I'm certainly interesting in reading any sources saying that manufacturers are doing it deliberately.

"Perhaps but in all honesty I dont see the point in doing so. The scenarios in which knowing the MAC address is serious attack vector are rather limited."

I already said some people using self-configuring IPv6 are already leaking a MAC address. But conceptually I don't really care where they learn my mac address - it could be at a conference or school or rest stop, I still don't like the idea that they might then use a database to track where I go.

"For one, the MAC address in itself carries no useful information."

It doesn't have to be "useful information" to track you, it just has to be unique.

"Secondly, to make any use of it you need to break into it and in order to do that you need to know either it's IP address or be in the local vicinity of the access point....Google's information is redundant and not really useful for the purpose of cracking."

It's the tracking of personal equipment that concerns me much more than having my device hacked.

Reply Parent Score: 2

RE[8]: Comment by clhodapp
by Soulbender on Tue 22nd Nov 2011 02:10 in reply to "RE[7]: Comment by clhodapp"
Soulbender Member since:
2005-08-18

I already said some people using self-configuring IPv6 are already leaking a MAC address.


Yes, I agree this is a concern since it effectively relates the MAC address to an IP address. This does leak some information, such as the vendor of the network card and perhaps also the model.
I can't remember if that's the default behavior though or if you have to manually set it up like that. Probably differs between operating systems.

It's the tracking of personal equipment that concerns me much more than having my device hacked.


Ah well, I guess we have to agree to disagree. This doesn't bother me much in the grand scheme of things.

Reply Parent Score: 2

RE[9]: Comment by clhodapp
by Alfman on Tue 22nd Nov 2011 04:16 in reply to "RE[8]: Comment by clhodapp"
Alfman Member since:
2011-01-28

Soulbender,

"I can't remember if that's the default behavior though or if you have to manually set it up like that. Probably differs between operating systems."

Ubuntu right now auto configures network cards for IPv6 even when it's not detected. When I do ifconfig, I see my NIC's HW address at the end of the auto configured IPv6 address

Not that IPv6 works for me since my routers and ISP don't support it, but if they did I presume I'd be online using IPv6 without explicitly configuring anything else. I'm very afraid that they're just going to start NATing us behind IPv4 without giving us IPv6 and that will be the end of peer to peer connectivity.

I wish they'd also fix the 1500 byte MTU at the same time as IPv6 deployments, given how ISP/backbone routers are going to be upgraded anyway and IPv6 has twice the overhead as IPv4.


"Ah well, I guess we have to agree to disagree. This doesn't bother me much in the grand scheme of things."

Ok.

Reply Parent Score: 2