×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Describes Wi-Fi Sniffing In Pending Patent

timothy posted more than 3 years ago | from the and-in-the-alternative-yer-honor dept.

Google 134

theodp writes "After mistakenly saying that it did not collect Wi-Fi payload data, Google had to reverse itself, saying, 'it's now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) Wi-Fi networks.' OK, mistakes happen. But, as Seinfeld might ask, then what's the deal with the pending Google patent that describes capturing wireless data packets by operating a device — which 'may be placed in a vehicle' — in a 'sniffer' or 'monitor' mode and analyzing them on a server? Guess belated kudos are owed to the savvy Slashdot commenter who speculated back in January that the patent-pending technology might be useful inside a Google Street View vehicle. Google faces inquiries into its Wi-Fi packet sniffing practices by German and US authorities."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

134 comments

xmmm (-1, Offtopic)

trelamenos (915558) | more than 3 years ago | (#32387966)

first post! :D can anyone explain me what google is up to?? cause i am seeing a lot like these posts recently....

Re:xmmm (5, Informative)

Daengbo (523424) | more than 3 years ago | (#32388258)

There is no reading comprehension in the world, apparently. This patent is about what Google claims it was trying to do -- recording SSID and MAC information for location purposes. It has nothing to do with the "mistaken" data packets (sent unencrypted over the air). How the submitter connected the two, I don't know. I suspect lack of coffee and excess Google hate.

Re:xmmm (1)

Hognoxious (631665) | more than 3 years ago | (#32388410)

How the submitter connected the two, I don't know.

He's scaremongering, like he does 99% of the time.

The other 1% he just gets it totally wrong.

Re:xmmm (1)

sjdude (470014) | more than 3 years ago | (#32388934)

excess Google hate

Will it be OK for us to hate Google once they've proven absolutely and undeniably that they are are evil? Or is it OK to start sometime before then? IMHO, a "Surgeon General's warning" ought to placed on everything Google does.

Re:xmmm (0, Flamebait)

Daengbo (523424) | more than 3 years ago | (#32389200)

Hate Google. I don't care. Just make sure your hate doesn't lower your reading comprehension score to zero and you start sounding like Twitter [slashdot.org]. mkay?

Wardriving? (4, Interesting)

Anonymous Coward | more than 3 years ago | (#32387982)

A patent?

Isn't that exactly the same thing which wardrivers have been doing since WiFi existed?

Re:Wardriving? (3, Insightful)

gilesjuk (604902) | more than 3 years ago | (#32388120)

Why patent it? is that to stop other people doing the same?

Honestly, Google, Microsoft, IBM, Apple and co, put them on a big ship and sink it. They don't want to compete, they want to lock up very generic ideas and stop everyone else from using them.

Re:Wardriving? (1)

Apple Acolyte (517892) | more than 3 years ago | (#32389084)

Yeah, because Apple has never brought to market any worthwhile technology [apple-history.com] on its own.

Re:Wardriving? (0)

Anonymous Coward | more than 3 years ago | (#32389264)

And?
Google has brought innovation, Microsoft has, IBM, countless others too.
Don't just single out Apple.

But all of them are hurting innovation simply due to their size and the broken patent system that they all abuse.

Re:Wardriving? (1)

PolygamousRanchKid (1290638) | more than 3 years ago | (#32388148)

Isn't that exactly the same thing which wardrivers have been doing since WiFi existed?

Yeah, but the wardrivers didn't patent it.

Cop Car: "Hey buddy, pull over! You are wardriving and thus infringing on a patent owned by the Google corporation!"

Re:Wardriving? (1)

LingNoi (1066278) | more than 3 years ago | (#32388518)

Yes it is, and sadly even though everyone on Slashdot realises this there doesn't seem to be a way for us to tell the patent office about the prior art.

Re:Wardriving? (0)

Anonymous Coward | more than 3 years ago | (#32389198)

Because Corporations like Google own the U.S. Government

Mr Hyde? (3, Insightful)

symes (835608) | more than 3 years ago | (#32388028)

It seems there's one bit of Google that really wants to sniff packets and another side, probably PR, that doesn't want the bad press. At the end of the day they're now just another multinational corporation with potential markets rather than individual customers.

Re:Mr Hyde? (0)

Anonymous Coward | more than 3 years ago | (#32388074)

No shit, Sherlock.

Re:Mr Hyde? (1)

vrmlguy (120854) | more than 3 years ago | (#32388116)

Maybe I'm stupid, but it looks like apples and oranges to me. Google was/is collecting packets to capture the *header* information; this data allows them to deduce other people's locations. Google was also, in some cases, also collecting *payload* data, which is (a) accidental, and (b) pretty useless (please give me any example of how to use this nefariously). Germany is pretty upset about it, probably because they want to establish a precedent that people shouldn't do this rather than any belief that actual harm was done.

Re:Mr Hyde? (0, Troll)

postbigbang (761081) | more than 3 years ago | (#32388144)

Capturing and doing various tricks to strip headers, reassemble payloads, and otherwise dither with wired and wireless packets in fixed and non-stationary ways has been done since before Sergi Brin was out of diapers. I'm guessing that prior art eats their expensive lunch.

Of course, the not-invented-here syndrome coupled to over-paid internal IP attorneys will argue contrarily.

Re:Mr Hyde? (3, Insightful)

AHuxley (892839) | more than 3 years ago | (#32388404)

"harm was done" is a slope many parts of the world do not want to slide down.
They have strict laws to make sure you do not record people on cameras, voice calls and now data.
What google did was intercept communications not intended for them and keep the fragments they sucked up.
They did this around the world, long term and had to set the tech up to do it and keep the data collection going.
When caught by the press they tried to fake their way out with a local admission and then where forced to tell more of the truth only when exposed further.
Google missed a request from the German gov to show what data they collected and how it was stored ect.
That kind of throws "accidental" and "pretty useless" out.
"Accidental" would be a beta test car in one city, data dump found, turned off and local permission to wifi map requested.
As for what it is used for, who knows what google sells in bulk beta form to its customers about its consumers (end losers).
How many external eyes got to scan city maps with MAC, IP and plain text data for keywords?
From spam to ip misuse to police raids to state task forces and COINTELPRO 2.0 dreams?
The state sends out spyware/p2p hunt, finds an open MAC and wants to sneak and peak based on googles "bulk" data.
Wrong family, wrong time, right MAC.

Re:Mr Hyde? (1)

theshowmecanuck (703852) | more than 3 years ago | (#32388856)

So are you saying patents shouldn't be granted if the research it is based on is actually an illegal activity (given that you said war driving is illegal in some countries)?

BTW, I think if this is not covered by prior art (the practice of war driving), it is for sure an obvious extension of it.

Re:Mr Hyde? (1)

Mindcontrolled (1388007) | more than 3 years ago | (#32389738)

At least around here (Germany) patents actually can't be granted if they are based on illegal activities - as long as there is no legal use. It's a rarely invoked clause, though, given that basically nothing is purely illegal.

Re:Mr Hyde? (0)

Anonymous Coward | more than 3 years ago | (#32389700)

Just think of it as Doubleclick dba Google and the picture is clear.

Every would be accidental acquisition of some sort of user data simply isn't accidental at all. Don't be fooled by any explanations since such explanations will always have an element of omission or deception. Don't ever think data requested to be deleted was ever truly deleted, it's just suppressed from immediate use but likely still stored somewhere on a server or backup tapes for future use at some point.

Everyone has to decide for themselves if they want to keep supporting Doubleclick via the Google branded products.

Re:Mr Hyde? (2, Insightful)

LordLimecat (1103839) | more than 3 years ago | (#32390248)

They did this around the world, long term and had to set the tech up to do it and keep the data collection going.

Perhaps its silly of me to ask, but is this speculation, or fact that can be sourced?

Google missed a request from the German gov to show what data they collected and how it was stored ect.

My understanding from every article ive seen on the topic is that, whilst complying with the German authorities, they discovered the issue, promptly announced it, and complied with requests to delete the data. Can you provide a link that shows otherwise?

How many external eyes got to scan city maps with MAC, IP and plain text data for keywords?

Is this like that whole "did glenn beck rape and murder children in 1990" thing, where you can ask questions based in fantasy to imply wrongdoing? Do you have any evidence that anyone other than a computer actually saw the payload data?

The state sends out spyware/p2p hunt, finds an open MAC

What the hell is an open MAC? A rooted Apple computer?

Why was your post rated insightful? One can see by references to "Open MACs", "P2P hunts", and the implication that IP addresses are personally identifying / private that you have no idea what the hell youre talking about. Half of your post is directly refuted by every article we've had on this topic since it came to light.

Re:Mr Hyde? (2, Interesting)

TheRaven64 (641858) | more than 3 years ago | (#32388644)

pretty useless (please give me any example of how to use this nefariously)

If the payload happened to contain a Google search request, or an HTTP request to a site that sues Google Analytics, then they can correlate this with the other information that they have and go from a cookie (which tells you the things the user has ever searched for) to a specific computer (MAC address) and even to a specific house number. The same if the packet was sent to Google's DNS servers.

Re:Mr Hyde? (1)

theArtificial (613980) | more than 3 years ago | (#32390576)

If the payload happened to contain a Google search request, or an HTTP request to a site that sues Google Analytics

I had no idea HTTP requests could sue! Think of the possibilities!


*I'm sure you probably ment uses

Re:Mr Hyde? (2, Informative)

LordLimecat (1103839) | more than 3 years ago | (#32390200)

Did you miss the part where everyone already knew they were sniffing packets to determine location, and that was never being denied? The issue has always been whether payload data was being recorded. See here: http://googleblog.blogspot.com/2010/05/wifi-data-collection-update.html [blogspot.com]

Im sorry if I come off as a google apologist, defending them all the time, but my goodness people just seem to want to ignore fact and the actual articles, so they can wildly speculate about what awful things google is doing. My understanding was that Slashdot, as a site for geek news, would be some kind of bastion of reason and intellect. Clearly, I must be new here.

Wifi Sniffing is an old term (1)

jsse (254124) | more than 3 years ago | (#32388030)

It's now termed as Wardriving [wikipedia.org]

Re:Wifi Sniffing is an old term (3, Interesting)

Anonymous Coward | more than 3 years ago | (#32388256)

Wifi Sniffing and wardriving are two overlapping but different concepts. Sniffing is passively capturing wireless LAN traffic, i.e. a very broad term. Wardriving is when a mobile receiver passively captures a specific subset of WLAN traffic, namely the beacon frames, for the purpose of finding and listing but not accessing wireless LANs. What Google supposedly wanted to do was wardriving. What Google actually did was Wifi sniffing.

What website is this again? (4, Insightful)

Anonymous Coward | more than 3 years ago | (#32388080)

I am totally unconcerned with Google or anyone else collecting this kind of data. If you don't want anyone to know about your access point then stop broadcasting for hundreds of feet over public property. If you don't want me to decrypt your satellite feeds to get free TV then stop broadcasting it into my receiver on my property.

Re:What website is this again? (5, Insightful)

Anonymous Coward | more than 3 years ago | (#32388138)

I am totally unconcerned with Google or anyone else collecting this kind of data. If you don't want anyone to know about your access point then stop broadcasting for hundreds of feet over public property. If you don't want me to decrypt your satellite feeds to get free TV then stop broadcasting it into my receiver on my property.

I don't mind that people see me when I go out on the street.

But at the same time, I don't want Google or any other company to film me, and digitally store every trip I make.

But following your line of thought, I should reason that if I don't want Google to film me in my own street, then I shouldn't go outside.

Re:What website is this again? (-1, Troll)

ukyoCE (106879) | more than 3 years ago | (#32388264)

But following your line of thought, I should reason that if I don't want Google to film me in my own street, then I shouldn't go outside.

No. By follow his line of thought, you should reason that if you go outside yelling "free money" and throwing dollar bills on the ground, that people will follow you and pick them up.

Don't publicly advertise a service if you don't want it open to the public. Duh.

Re:What website is this again? (2, Insightful)

FuckingNickName (1362625) | more than 3 years ago | (#32388666)

You do realise that sending an SSID over the airwaves is not an implicit offer to "the public" that you "advertise a service", yes?

I mean, if I put a sign in front of my house giving the name of my house, am I telling you that you can come in and use it at your whim?

Re:What website is this again? (2, Informative)

ZosX (517789) | more than 3 years ago | (#32388758)

No. Not strictly broadcasting an SSID, but open, unencrypted networks are much more of a grey area. Did someone leave the AP open so they could share? Is it a businesses AP for their customers and anyone else that might be able to get it? Consider that just about every new ap out there has encryption enabled by default. Obviously someone had to open up the AP, or they are running an ancient 802.11b device. Anymore open APs are pretty much the exception the the norm. I say if its open, you might as well try to get a signal if you can. I love my G1 for that since an AP is generally a lot faster than the 1mbit, 500ms latency 3g connection.

Re:What website is this again? (1, Insightful)

Anonymous Coward | more than 3 years ago | (#32389600)

Unencrypted networks are not a grey area. You're just making them out to be since it fits your immoral and illegal behaviour.
1) The majority of new APs do not have encryption enabled by default
2) If you are unsure of its reason for being open, assume the safest option, not the one that just happens to suit you
3) The AP is broadcasting its open status, not the owner. Last I checked, electronic devices do not have the legal right to grant permission to their connection

This isn't ethical rocket science, just another example of the free culture "Generation Me" retards.

Re:What website is this again? (1)

mlts (1038732) | more than 3 years ago | (#32390392)

One thing I discovered is that some mainstream brands of wireless APs are *still* defaulting to wireless enabled, completely open. They could at least print some random diceware-esque code (so the words are easy to remember, but the WPA key is of a decent length) on the bottom of the machine (or even better, hot-stamp it into the plastic so the printing doesn't rub off.)

I also have seen devices grab a firmware upgrade without anyone knowing, reset to a default config, and since the LAN is so standard, nobody notices that the WPA settings dropped because all the machines ended up just connecting openly when the WPA2 preshared key didn't work.

My take: Grey area as the AC said. Mainly because an open wireless connection could be looked at as an invitation for anyone to hop on, as in a coffee shop (so permission is implicit), or it can be looked at as a personal connection because the router defaulted that way (so permission needs to be explicit like entering a house.) Most likely this would get settled in the courts how the side with the deepest pockets wants it settled, likely where the open wireless owner is responsible for everything and anything that goes through their device.

Re:What website is this again? (2, Insightful)

jabbathewocket (1601791) | more than 3 years ago | (#32390416)

That logic is precisely the definition of slippery slope... if tommorrow it is announced that a brand new version of wifi needs to be installed to prevent "breaches in security" does that mean that everyone who does not spend $$ to update immediately is deserving of being considered (legally at any rate) having "opened their network on purpose for any and all to use in any way they see fit" ?

There are *alot* of ancient B devices, not to mention a huge number of newer G devices that simply do not interact properly (or at all) given the not always overlapping security choices.. IE Device A can use X version of G security, device B can use X Y Z and device C can only use Z type. but all support "open"

Does that mean that because this combination of devices only works properly with open security (and requires broadcasting SSID) that these networks are LEGALLY fair game for any and all to do whatever they please with?

Ultimately it comes down to "just because you can do it, does that make it morally and legally the right thing to do? I would say that historically the legal allowance of behavior hinges far less on the "is it possible" and more on the "is it the right thing to do"

As far as Google vs "others" is concerned.. its again about slippery slopes.. allowing Google to capture supposedly "unidentifiable information to determine location" is a great way to open the door for others to do things that perhaps we do not as a society want them to do.. the "do no evil" mantra that Google tries to portray around itself.. should extend to not opening the door to evil, even if they are not doing the evil themselves (which is open to debate in many ways but that is a subject for another post.

Re:What website is this again? (0)

Anonymous Coward | more than 3 years ago | (#32388342)

Photographs are an entirely different topic that has its own array of considerations. A reasonable expectation of privacy does not extend to any place in public view or on public property. For street view as it exists now you can't really claim that you had a reasonable expectation of privacy when the photographs were taken from a vehicle on public streets of you in public places.

If it came to the point that cameras owned by a single entity were everywhere, and were able to track an individual from the moment they left a private location until they again entered a private location, then you might be able to make the case that the ubiquity of coverage was itself a violation of your privacy. That has not happened yet.

Re:What website is this again? (4, Funny)

morgan_greywolf (835522) | more than 3 years ago | (#32388154)

I am totally unconcerned with Google or anyone else collecting this kind of data. If you don't want anyone to know about your access point then stop broadcasting for hundreds of feet over public property.

In addition, start using WPA, stop broadcasting your SSID, etc.

Personally, I do use WPA, but I still broadcast my SSID, which is currently set to 'hacker' and for some reason the neighbors say they don't want to mess with that wireless network. ;)

Re:What website is this again? (1, Insightful)

Anonymous Coward | more than 3 years ago | (#32388500)

Meanwhile, I have 4 seperate Linksys WRT54G-TM units sporting directional antennae in the attic along each of the outside walls in my house. Each broadcasts the SSID and makes NO use of encryption. When the most sensitive site I could possibly log in to without requiring https is going to sell my strawberry harvest datum to its sales 'partners' anyway? It seems to me that security should be starting a little further from home.

In addition to good will toward and from my neighbors, I receive plausible deniability and the 'occasional' monetary donation from anonymous philanthropists (One cannot resell internet access via my current provider).

In all honesty, other than a little bandwidth (which I control from my edge router), what advantage do I have in keeping other people out?

  • My private shares are password protected and the non-password protected shares aren't intended to be private.
  • Any sacrosanct websites already have encryption in the form of SSL (https)
  • My internal network stuffs are properly hardened and firewalled from both the Internet zone as well as the wireless zone. It's seriously not much more work to have 2 zones setup proper than one (You do have your network properly secured from the WORLDWIDE internet, don't you?).
  • My neighbors know where to throw a few bucks when they need minor repair, etc.

Oh, and the neighbors listen when I tell them to Stay Off My Lawn. ...
Profit?

Re:What website is this again? (0)

Anonymous Coward | more than 3 years ago | (#32389930)

what advantage do I have in keeping other people out?

Well, you're neighbors could, for example, use your connection to download The Hurt Locker [slashdot.org] or other unwatchable crap, or to download kiddy porn [getlazy.net] (SFW). You'd be the one to get sued and arrested...

Re:What website is this again? (0)

Anonymous Coward | more than 3 years ago | (#32390208)

FYI: You can not not broadcast the SSID. Turning off SSID broadcasts only removes them from the beacon frames. The beacon frames themselves and the SSID string in all other management frames can not be turned off. The SSID and more importantly the MAC addresses of all participating devices are clear text information even if your network is WPA(2) encrypted.

Re:What website is this again? (1)

LordLimecat (1103839) | more than 3 years ago | (#32390270)

Its been said a thousand times before...
Turning off broadcasting is absolutely pointless if you use WPA. Any tool that will allow you to crack WPA or mess with the AP will also uncover the AP almost instantly if there is ANY activity, and your laptop will periodically announce to the world that it knows that SSID.

Re:What website is this again? (1)

FuckingNickName (1362625) | more than 3 years ago | (#32388648)

if you would kindly give me your address, cowardly Anonymous Coward, I shall be following you around and recording you for the next six months of your life whenever you are on public property, also recording you in your home as far as those light/infrared/etc waves are being broadcast out to public property. I shall be putting out all this information on the Internet.

If you don't want anyone to know about your life, lock yourself up in your home in a Faraday cage.

Re:What website is this again? (1)

ThreeGigs (239452) | more than 3 years ago | (#32389230)

His name is Brad Pitt.
And you'll have to fight the other 20 people doing the same thing.

See? Already happening. Already commonplace. Completely accepted and even encouraged by society. I'm thinking your attempt at shock and awe and putting themselves in other shoes, etc., etc. has failed because you're simply quoting S.O.P. for celebrities. _They_ know the rules.. the _real_ rules of privacy. Public is public, and privacy can never be assumed.

Re:What website is this again? (0)

Anonymous Coward | more than 3 years ago | (#32389590)

Well, that strawman was quickly and predictably erected - and it sounds even sillier all typed out.

Brad Pitt chooses a profession in which success is defined by public familiarity. Yet still Brad Pitt has large private grounds, 24-hour bodyguards and expensive lawyers to limit what he believes to be intrusions on his privacy. Do you?

While we're at it, why have a nation of laws when the richest 20 men on the planet could afford their own army? They know the real rules of living: survival of the fittest, and protection never assumed.

No free lunch (1)

westlake (615356) | more than 3 years ago | (#32390166)

If you don't want me to decrypt your satellite feeds to get free TV then stop broadcasting it into my receiver on my property.

This argument becomes tiresome.

It was settled - legally - in the earliest days of radio, on the perfectly intelligible grounds that leeches undermined the funding of subscription services which might not otherwise be viable.

You were never entitled to freely tap into the water, power, sewer, and phone lines which might cross your property.

The carrier wave of the satellite broadcast falls on your property as freely as a sunbeam, a snowflake or a hailstone.

But to extract the content - capture and decrypt the signal - you have to mount a dish.

Install - and modify - a receiver.

To any other eyes than your own, it's a tap.

Nigger logic! (-1, Troll)

Anonymous Coward | more than 3 years ago | (#32388108)

Evolution gave up on niggers eons ago when it became apparent that niggers were a waste of time. Since then niggers have been stuck in time as a sub-human species, chosen for extinction by natural selection. Niggers have injected themselves into countries and societies around the world where they do not belong and are not wanted. For niggers, this is the only way they can survive, by demanding gibs muh dat everywhere they go and never contributing to that support or that society. For humans, natural selection can’t wipe niggers from the face of the Earth fast enough.

Niggers like to claim they have made important additions to society wherever they have gone. But humans don’t count quadrupled numbers of murder, rape, robbery, and all violent crime as valuable additions. Welcome to nigger logic.

When humans seek to decrease crime there are a few ways to go about it. Decrease the number of niggers in an area, and crime will decrease massively across the board. This is proven with DOJ statistics. The cities in the U.S. with the lowest crime are cities with the lowest number of niggers. Legally carrying a concealed weapon has helped to lower crime rates too even in cities with high percentages of niggers. Shanequa or Tyrell don’t want to git done kilt an sheeit while takin’ whitey’s wallet, gnomesayin?

In Detroit, nigger ground zero, they look at things a bit differently. Instead of learning from whitey and helping natural selection along by getting rid of themselves, niggers think banning TV news crews will prevent crime. Since niggers always blame anything other than themselves, and Detroit is more nigger fuxated than South Africa, the mayor has no choice than to blame TV crews and their cameras. Because a nigger mayor blaming niggers would make no sense at all. Nigger logic must be applied.

http://deadniggerstorage.org/ [deadniggerstorage.org]

Terrible summary, yellow journalism at its finest (4, Informative)

ukyoCE (106879) | more than 3 years ago | (#32388164)

operating a device — which 'may be placed in a vehicle' — in a 'sniffer' or 'monitor' mode and analyzing them on a server?

As scary as the poster tries to make this sound, this is how you listen for public access points. This post is a scare-mongering dupe.

Yellow journalism is getting to be awfully common here on Slashdot. For instance this troll of a story which just so happens to be from the same author:

http://developers.slashdot.org/article.pl?sid=10/05/21/1427245 [slashdot.org]

WTF? (2, Interesting)

Arimus (198136) | more than 3 years ago | (#32388198)

Hm, my netbook + car charger + linux + aircrack-ng does just that.
My archos media player can do likewise.

How can you patent this crap?

Re:WTF? (2, Informative)

jibjibjib (889679) | more than 3 years ago | (#32388362)

Because (as a little bit of common sense or a minute of reading the article would tell you) the patent is longer and more detailed than the Slashdot summary and actually describes a specific non-trivial innovation.

Stop infringing on Google's patent now! (0)

Anonymous Coward | more than 3 years ago | (#32389562)

Or face multi-billion dollar lawsuits and jailtime, thief!!

Really bad PR for Google (0)

Anonymous Coward | more than 3 years ago | (#32388200)

This is really bad PR for Google, but seriously, people should just get over it already. What's the big fuss anyways!? Unencrypted, unsecured WiFi and you bitch when someone sniffs it? This is no different than talking out loud on a commuter train and then kicking up a fuss that someone was listening. Idiots should feel lucky that it was Google doing the sniffing, and pray that someone with less benign intentions wasn't. Now if Google were actually doing something, like mining very specific data out of the sampled packets, then we a bit more of a problem (but still something that the WiFi owners should have prevented through encryption), but so far I don't seem to see anyone suggesting that this was done.

Re:Really bad PR for Google (1)

erroneus (253617) | more than 3 years ago | (#32388324)

There are some people who perceive an unlocked door as an "open door." This is simply not the case. A closed door needn't be locked to send the message that privacy may be desired. An open window is not an invitation for people to stare in from the outside, let alone climb into someone's home.

The point is, that even if it's not "locked down" and may even appear to be open, behaving this way in a residential area is tantamount to trespassing. The front door of a home may or may not be locked, but the act of testing to see if a door is locked or unlocked may be considered a crime. Actually entering a private residence after finding the door to be unlocked, whether by mistake or otherwise, is still an act of trespassing.

Doing all of this wirelessly certainly adds more physical distance in the act committed, but it doesn't change what it is.

An open access point in a business is often and mostly perceived as "free service." An open access point in a residence is not. I find it hard to understand why others may not see the difference.

Re:Really bad PR for Google (1)

Ash-Fox (726320) | more than 3 years ago | (#32388390)

So, what you're saying is, these people are tresspassing on Google's property by broadcasting data into Google's streetview trucks?

I can't see this comment of your making sense any other way, since system wasn't being interactive with the networks (ie: talking to them) to get the data, they were just recieving unencrypted broadcasted data.

Re:Really bad PR for Google (0)

Anonymous Coward | more than 3 years ago | (#32388408)

What part about talking out loud on the train did you not understand? This is not about walking into a unlocked residence, which is an entirely absurd analogy. It is about overhearing a conversation made in a way that shouldn't have had any expectation of privacy in the first place. To that point, you may not want me to stare into your house, but if you're sitting there butt naked with the curtains open, you'd be out of your mind to expect any sort of privacy. In many countries, you wouldn't be able to complain if I took a photo of you either. You probably WOULD be able to sue me if I published it though, which is exactly my point.

As far as non-secured business WiFi being a service, and residential WiFi not being perceived as a "free service", that is merely your cultural understanding, and far from being a universal truth.

And the "physical distance" of the technological barrier.... well, if I were speaking Greek and you were standing around, that would probably be an equivalently technical distance. You probably wouldn't understand what the hell I was saying. But why on earth should I have expectations that not even the Greek would understand me? Answer: I shouldn't. Plain-text un-encrypted data over public air waves are no different than conversations on the train. There is no security, and there sure is no expectation of privacy. Don't like it? Then just don't do it!

Re:Really bad PR for Google (1)

erroneus (253617) | more than 3 years ago | (#32390358)

"Weak encryption" was the excuse for DeCSS's being broken and yet we all agree that it was an eventuality that any encryption would have been broken eventually and, in fact, if it were stronger, it would have made the prize all the more enticing. "Unencrypted data" is therefore an open invitation?

As I said in my piss poor analogy, just because someone has an open window, it is not an invitation for anyone to look in!!! This "expectation of privacy" stance is nonsense as regardless of the technical merits behind the discussion, technical merits have no influence over the perception of the general public. We have email that is all but completely unencrypted and yet we would all be pretty upset to find that some government agency or even a commercial entity would examine our email to use against us or for their own purposes.

There is not only an expectation of privacy, there is an expectation that people will not do things that the rest of the world finds questionable. And if you REALLY think your position is valid, I can only believe that everything you have is encrypted and that everything you do is hidden and that you are not vulnerable to anything. I'm fairly certain that is not the case. But if it were and I were to find a weakness or an oversight on your part, would it be fair to exploit your lack of knowledge or understanding of technology to my gain and your detriment and then tell you that you invited me to do it?

Re:Really bad PR for Google (1)

AHuxley (892839) | more than 3 years ago | (#32388428)

What's the big fuss anyways!
The legal idea of a man in the middle attack with nation wide premeditated long term personal for profit data retention.

Re:Really bad PR for Google (0)

Anonymous Coward | more than 3 years ago | (#32388580)

The legal idea of a man in the middle attack with nation wide premeditated long term personal for profit data retention.

Except that it isn't much of an attack if it was unencrypted, raw data from an unsecured location being spewed over publicly accessible air waves now, is it. Besides, just because Google has a patent pending on gathering said data, doesn't mean that it was intentional this time, or that they were using it for "long term personal for-profit data retention" as you put it. Could they? Yeah, sure. But that doesn't mean they did.

This entire whooplah should REALLY have had the headline: "WiFi equipment manufacturers STILL selling routers with no security as factory shipping default."

But the unwashed masses go in an uproar over Google doing something evil. The same unwashed masses got a nice cozy feeling knowing that warrantless wire taps by the government were used to keep the terarists from getting their dirty hands on nucular weapons, too, so perhaps I should be the one buying a hint here...

Re:Really bad PR for Google (1)

rkww (675767) | more than 3 years ago | (#32389606)

It's illegal [mi5.gov.uk] in the UK

Re:Really bad PR for Google (0)

Anonymous Coward | more than 3 years ago | (#32390070)

Interesting, so James Bonde now enforces eaves droppers?

But all snug remarks aside, I really actually do find that interesting. In Japan, it is quite different. If a signal goes over airwaves, there are no laws against interception. As a matter of fact, there are laws to the contrary. You can encrypt it, but you can't sue a person for decrypting it. The police use a digitally encrypted radio system, because it isn't illegal to intercept that either.

There are, however, laws against using this information obtained from communications un-intended for yourself, for any purpose whatsoever. Interestingly, it's the eavesdropping law, that has been in place before the existence of public radio broadcasts. In Japan, if someone on the train talks about something, say for the purpose of this post that they talk about an imminent IPO of sorts, and you act upon that information and buy certain stock, you're in trouble. Same with intercepted radio waves. But if you don't use it for some purpose, you are free to listen all you want. But the line is drawn at radio waves. If you need to use physical means to eavesdrop, say, planting a bug on a landline phone, you're in deep shit. So in that sense, in Japan, if there is a reasonable assumption of privacy, which means a physical means beyond that of a paper wall, you're protected. If it isn't a physical means, you better think hard about the security measures you've put in place before divulging important secrets. Now that all mobile phones are digital, and I'm not an 18 year old I haven't bothered, but back in the day and age when analog mobile phones were the norm, I'd use a scanner to listen in all the time. Just plain old fun. One time I caught a guy having telephone sex. Amusing. ;-)

Oh come on, this is ridiculous. (2, Insightful)

ZorbaTHut (126196) | more than 3 years ago | (#32388204)

The patent is for capturing the metadata and analyzing it. Guess what the Google van was supposed to do? That's right: capture the metadata, and analyze it. Nobody's disputing that, nobody ever has disputed that.

The accidental part is that it turns out they were capturing more than metadata. The patent doesn't talk about doing that, there's no evidence Google ever intended to do that, and it's difficult to determine what they could possibly gain from it anyway.

So, here, let's improve the headline.

"Google Has Pending Patent For Exactly The Process They Tried To Implement, But Slightly Screwed Up"

SHOCKING!

Re:Oh come on, this is ridiculous. (1)

shentino (1139071) | more than 3 years ago | (#32388278)

What's interesting is that gubbermints are wanting to get their grubby paws on the data that Google accidentally pilfered, probably as a means of doing an end run around the 4th amendment and/or similiar laws in other countries.

Missing the point? (1)

pj81381 (1703646) | more than 3 years ago | (#32388206)

The patent, titled "Wireless network-based location approximation", describes packet analysis for determining location, which nobody denies was being done intentionally by Google, and says nothing of using payload data. This was what sparked the current wave of privacy inquiries anyway, as well as the incorrect comment that they weren't capturing payload data.

Google is full of it (2, Interesting)

ugen (93902) | more than 3 years ago | (#32388210)

I think the original "by mistake" explanation they gave is a load of cr%p. How is it even possible to "collect WiFi information by mistake"? You have to install appropriate hardware and software, run it and then place the results to some sort of a database. Basic though it may be, someone had to do this, do this on all Google street view vehicles and keep it running. We are talking an effort of multiple people. There is absolutely nothing about it that's a mistake.
Now that they've been caught - they are resorting to bold faced lies.

Didn't have much trust in Google until now, but this has gone beyond anything acceptable.

Re:Google is full of it (1)

maxume (22995) | more than 3 years ago | (#32388246)

They aren't denying that the intentionally drove around and monitored for wireless access points and then logged information about the access points.

The part they say is a mistake is that they stored the payload from some of the packets that they captured. The payload might contain some interesting unencrypted data, but the chances of that are pretty slim. There really isn't much a business could use the information for.

Re:Google is full of it (1)

AHuxley (892839) | more than 3 years ago | (#32388538)

Depends on the business your in.
Recall how Tor was used to gain a few email pw of embassies in 1997?
Somebody put much effort and company cash into fitting many of the google data collection vehicles.
Supporting the wifi data collection long term on a wide scale is not 'free'.
Someone saw value in the packets longterm.
Or random workers to set up world wide spontaneous packet sniffing in Googles name and with company cash.

Re:Google is full of it (1)

maxume (22995) | more than 3 years ago | (#32388604)

Seriously? The vehicles were in a given location for a few minutes. They might have captured a few hundred kilobytes from a given router. The kilobytes are as likely to be some banal story about some skanky celebrity as they are to be anything else, and there is at least some chance that any private information is encrypted.

They absolutely were packet sniffing, but it's just retarded to insist that it is somehow useful information surveillance, they simply didn't capture enough data and there are too many easier ways, they were packet sniffing in order to build a location service.

Re:Google is full of it (2, Informative)

shentino (1139071) | more than 3 years ago | (#32388282)

They can make mistakes on what part of the packet they sniffed.

A more accurate analogy would be going fishing for tuna and accidentally catching a dolphin.

Re:Google is full of it (3, Informative)

bk2204 (310841) | more than 3 years ago | (#32388734)

The difference here is that they actually intercepted data by mistake. If you use Kismet [kismetwireless.net] (probably the best wireless sniffing tool for Linux), you can set it to not save data packets, only beacon packets (which really have all the data that Google needs), but by default, it saves everything, including any data packets it sees (encrypted or unencrypted).

It depends on what you're doing what packets you want. If you're trying to break WEP, you only care about encrypted data packets; if you're just doing innocent wardriving, you only want the beacons.

Re:Google is full of it (1)

khchung (462899) | more than 3 years ago | (#32389294)

The difference here is that they actually intercepted data by mistake.

Do you work for Google and personally know everyone involved in collecting the data? If not, it is quite a big leap of faith to make that assertion.

If you use Kismet (probably the best wireless sniffing tool for Linux), you can set it to not save data packets, only beacon packets (which really have all the data that Google needs), but by default, it saves everything, including any data packets it sees (encrypted or unencrypted).

And are we also to believe that nobody noticed how fast the disks are filling up (geez, wouldn't you think they made an estimate on how much disk they need before the project started?), and everybody up and down the data processing chain did NOT notice the extra bulk of data when they analyze them? ("Gee! I expected only 200M per day, but I run through 2G of data for the day but still only got 200M worth of results? Wouldn't we speed up the process if we collect less junk? Let's see what's the junk data are...")

It might be easy to swallow if it happened in the government or the people involved are minimum wage joe sixpacks. This happening in a company that specializes in mining and correlating huge amounts of data, which is also famously for hiring only the brightest, smartest and creative employees, it take a lot of faith to believe this can be an "accident".

Re:Google is full of it (0)

Anonymous Coward | more than 3 years ago | (#32389436)

And are we also to believe that nobody noticed how fast the disks are filling up (geez, wouldn't you think they made an estimate on how much disk they need before the project started?), and everybody up and down the data processing chain did NOT notice the extra bulk of data when they analyze them? ("Gee! I expected only 200M per day, but I run through 2G of data for the day but still only got 200M worth of results? Wouldn't we speed up the process if we collect less junk? Let's see what's the junk data are...")

It might be easy to swallow if it happened in the government or the people involved are minimum wage joe sixpacks. This happening in a company that specializes in mining and correlating huge amounts of data, which is also famously for hiring only the brightest, smartest and creative employees, it take a lot of faith to believe this can be an "accident".

except that the wifi data is a drop in the bucket compared to the camera data... When they are collecting 10-100GB of image data, the variance in JPEG compression size of that data is probably more than all the WIFI data that they might have collected.

Re:Google is full of it (0)

Anonymous Coward | more than 3 years ago | (#32388860)

This has been discussed many, many times on SlashDot already. If you don't understand how it could have happened, you don't want to understand:

1. Google was trying to collect certain meta-data from wireless networks to help locate phone without GPS (which is what the patent was for).
2. To do this, it logged some information for further analysis.
3. Erring on the side of (a) not having to regather all information from scratch, and (b) simplicity, some Google programmer just logged pretty much everything the vans were seeing without thinking about what else was in this data.
4. While looking through this data in preparation for the German audit, someone realized "Oh Shit, there is data in here we shouldn't have."

Whether you believe this happened or not, I don't know. But if you think this CAN'T happen, you have no idea what it means to be a software developer and have no business commenting on this story.

Misleading summary? (3, Insightful)

chrb (1083577) | more than 3 years ago | (#32388254)

But, as Seinfeld might ask, then what's the deal with the pending Google patent that describes capturing wireless data packets

The deal is that the patent describes capturing and analysing wireless data packets to extract the IP adress alongside GPS coordinates in order to enhance Google's IP geolocation accuracy. The "mistake" that they owned up to is actually dumping and storing all packets, not just the external IP address. Those are two different things.

Re:Misleading summary? (1)

virtualonliner (1278494) | more than 3 years ago | (#32390642)

But, as Seinfeld might ask, then what's the deal with the pending Google patent that describes capturing wireless data packets

The deal is that the patent describes capturing and analysing wireless data packets to extract the IP adress alongside GPS coordinates in order to enhance Google's IP geolocation accuracy. The "mistake" that they owned up to is actually dumping and storing all packets, not just the external IP address. Those are two different things.

In fact, when the story broke out about wi-fi, I suspected it as much. They are sinifing all the IP packaets! To those who say, if you don't want it sniffed, then encypt it or it's on public property and everyone can sniff it or whatever, lets face it, not everyone has the ability to do that. And even if it's not encrypted, does not mean everyone has a right to read it. It's supposed to be my traffic. It's akin to llistening to my wireless calls by capturing wireless traffic that is supposed to be meant for me!

By the way, crying foul when someone captures your unencrypted data is not like getting watched by someone when you stand naked in your window. There is a difference. The watching someone naked bit does not require effort on the part of you eyes. It just happens naturally when you are just wondering around (unintentionally). On the other hand, Google actively drove around the country, intentionally to capture data. It's shady to say the least. And EVIL.

wardriving (1)

phrostie (121428) | more than 3 years ago | (#32388300)

i realize that it may not be their intent to patent wardriving, but wouldn't that be covered by this?

haha (0)

Anonymous Coward | more than 3 years ago | (#32388312)

hello mister egg, meet mister face.

I would classify this as 'EVIL' wouldn't you? (1)

ControlsGeek (156589) | more than 3 years ago | (#32388386)

Google is redefining the word Evil as we speak. Someone like Kevin Mitnick would be serving time if they were caught doing this.

Re:I would classify this as 'EVIL' wouldn't you? (0)

Anonymous Coward | more than 3 years ago | (#32388670)

Do no evil, then go public

Re:I would classify this as 'EVIL' wouldn't you? (0)

Anonymous Coward | more than 3 years ago | (#32388886)

"Do no evil" != "Don't be evil"

No. No, I would't. Not at all. (2, Insightful)

JSBiff (87824) | more than 3 years ago | (#32389042)

They were sniffing OPEN, unencrypted networks. I don't think anyone should go to jail or even be sued for that. If you don't want people accessing your traffic, encrypt it. I mean, I could see the argument that if you used *any* kind of encryption, even WEP (which we all know is easily broken), then you have a reasonable expectation of privacy, and if someone cracks the encryption, then they should be legally liable. But really, if you don't take any measures at all to protect your wireless network, then you have no expectation of privacy.

It's fair game for all the world, as far as I'm concerned. I don't see anything evil about that. That's like hooking your telephone speakerphone output up to a big-ass stereo, turning the volume way up, opening your windows, then complaining when passersby on the street hear your conversation.

Re:No. No, I would't. Not at all. (1, Insightful)

Anonymous Coward | more than 3 years ago | (#32389206)

No, this is like using a long range mic to pick up private conversations.

Yes, if they want to have a "private" conversation, they should have it inside a sound proof room, just like Google cheerleaders like you insist everyone should use encryption to avoid this. Try telling that to grandma.

Re:No. No, I would't. Not at all. (0)

Anonymous Coward | more than 3 years ago | (#32389920)

If you don't want someone to steal your stuff lock it up!

Okay, yes you have something of a point in that common sense tells us to gaurd our things against theft. However, just because something that isn't yours is easy to steal doesn't make it right or legal.

Sorry, but you and everyone else that using this kind of argument are way of base for what you're trying to prove with it.

Germany's govt should do what's right.... (1)

yargnad (1456405) | more than 3 years ago | (#32389236)

and use Google's data to prosecute the owners of these networks since it's illegal to leave your WiFi unsecured in Germany. STATE POWER!!!!

The lawsuits miss the point (1)

Pablo Escobar (1822184) | more than 3 years ago | (#32389764)

As I pointed out this morning here - http://theamericandictator.com/content.php/133-Google-has-created-a-virtual-GPS-on-YOUR-laptop-desktop-computer-cellphone.-Really [theamericandictator.com]! Google isn't collecting wifi info without a reason. It is collecting the data because it is using it create an unbeatable virtual GPS on every wifi equipped device - laptop - netbook - desktop - cellphone - etc. etc. And THAT data, delivered to google realtime, is also made available through an open API, to everyone. The social implications of having your physical location monitored, reatlime, all the time, is chilling.

a patent on evil. hmmm. business, take note. (1)

swschrad (312009) | more than 3 years ago | (#32389892)

if you are going to be evil, you will have to buy a license from Google.

Lesser of two evils? (0)

Anonymous Coward | more than 3 years ago | (#32390164)

For one, if its an unsecured network. Then.......its unsecured. Der! Anybody and everybody can sniff whatever they want from whoever they want. Big Deal. Second, if someone is sniffing my packets then I would rather have google do it than someone else who probably has more malicious reasons than custom adds on my next browser search. There are organizations out there collecting massive amount of information from secured networks and everybody doesn't care as much. Why? Because we know who google is and can find them. So lets charge them with a load of crap because we are frustrated that these "professional" tech people cant find the real threat. HEY EVERYBODY LOOK WHAT GOOGLE IS DOING!! Nevermind that I cant stop my company from being hacked.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...