Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Germany Finds Kismet, Custom Code In Google Car

Soulskill posted more than 4 years ago | from the target-hotspot-comes-into-play-tapped dept.

Google 237

theodp writes "While waiting for a hard disk of Wi-Fi data that Google says its Street View cars gathered by mistake, the Hamburg Information Commissioner's office performed tests on a Google Street View car in a controlled environment with simulated wireless networks and issued the following statement: 'For the Wi-Fi coverage in the Street View cars, both the free software Kismet, and a Google-specific program were used. The Google-specific program components are available only in machine-readable binary code, which makes it impossible to analyze the internal processing.' Interestingly, a 2008 academic paper — Drive-by Localization of Roadside WiFi Networks (PDF) — describes a similar setup, and its authors discuss how they 'modified Kismet, a popular wireless packet sniffer, to optionally capture all packets received on the raw virtual interface.' Computerworld reports that lawyers in a class-action suit have amended their complaint to link a Google patent app to Street View data sniffing."

cancel ×

237 comments

Sorry! There are no comments related to the filter you selected.

So how can the computer do it then? (5, Insightful)

Dunbal (464142) | more than 4 years ago | (#32462424)

The Google-specific program components are available only in machine-readable binary code, which makes it impossible to analyze the internal processing.

      No. It makes it very difficult and tedious and impractical to analyze. It is not, however, impossible.

Re:So how can the computer do it then? (2, Funny)

ArbitraryDescriptor (1257752) | more than 4 years ago | (#32462498)

So does this make them the 1st or the 10nd type of person?

Re:So how can the computer do it then? (-1, Troll)

Anonymous Coward | more than 4 years ago | (#32462564)

So does this make them the 1st or the 10nd type of person?

Technically, that would be the "10th". It goes both ways. You could call it:

"tenth"

or

"one-zeroth" ... but I digress :D

Re:So how can the computer do it then? (2, Funny)

Dunbal (464142) | more than 4 years ago | (#32462594)

zero-one, please.... all you little endian people who count the wrong way around...

Re:So how can the computer do it then? (2, Interesting)

Anonymous Coward | more than 4 years ago | (#32462692)

Not to rain on your parade, but 01 is the little endian binary encoding of 2. Little endian means least significant byte (or in this case, bit) first, which is the 0.

Re:So how can the computer do it then? (1, Informative)

Dunbal (464142) | more than 4 years ago | (#32462776)

Yes, I know that. Hence the joke 01 (zero one), which is the big endian encoding of 2. However humor does not transmit well over the internet, apparently.

Re:So how can the computer do it then? (0)

Anonymous Coward | more than 4 years ago | (#32462904)

I guess I just don't get it then. :-)

Maybe you were going for a joke in the vein of "I do all my calculations in base 10", but I fail to see how 01 can ever be considered to be big endian encoding of the number 2, unless you claim to read text right to left. (I guess it works in Arabic though.)

Re:So how can the computer do it then? (0)

Anonymous Coward | more than 4 years ago | (#32463154)

Maybe you're just a fucking idiot.

Re:So how can the computer do it then? (1, Insightful)

Anonymous Coward | more than 4 years ago | (#32462980)

Hence the joke 01 (zero one), which is the big endian encoding of 2

No.

Binary 10 is the BIG ENDIAN (bitwise) encoding of decimal 2.

2 = 1*(2^1) + 0*(2^0) = most significant + least significant

Re:So how can the computer do it then? (0)

Anonymous Coward | more than 4 years ago | (#32462992)

no.... 01 is the LITTLE endian encoding of two

Re:So how can the computer do it then? (2, Informative)

dgatwood (11270) | more than 4 years ago | (#32463006)

Huh? 01 in little or big endian encoding is the encoding for decimal 1, not 2. In either encoding, 2 is encoded as 10. We haven't had reverse-bit-order CPUs in decades. Endianness defines the order of bytes, not the order of bits within a byte.

In big endian notation, 1 can be encoded in a 16-bit value as 00000000 00000001, whereas in little endian notation, it would be encoded as 00000001 00000000. Big endian notation is the order that we naturally use for mathematics. Little endian only makes sense if you think that it is useful to be able to cast between pointers to integers of different length and get the right result if the value is small enough....

Maybe what's confusing you is that documentation uses different standards for numbering the bits; IIRC, IBM's documentation calls bit 0 the 2^0th bit, whereas Intel's documentation calls bit 0 (or maybe 1) the leftmost bit. (Or is it the other way around? I forget.) That's just a numbering convention for bitfield values, and has nothing to do with the way an actual multi-bit value is printed or stored.

Re:So how can the computer do it then? (0)

Anonymous Coward | more than 4 years ago | (#32463166)

To simplify the above post: endianness determines the byte-ordering, not the bit-ordering.

Re:So how can the computer do it then? (1, Funny)

Anonymous Coward | more than 4 years ago | (#32463170)

way to kill the joke, now go and encode 132 on your hands. it's 00100 00100 in binary.

Re:So how can the computer do it then? (1)

amicusNYCL (1538833) | more than 4 years ago | (#32462724)

all you little endian people who count the wrong way around...

Do you write the current year as 0102?

Re:So how can the computer do it then? (1)

maxwell demon (590494) | more than 4 years ago | (#32462834)

No, as 01011011111.

Re:So how can the computer do it then? (0)

Anonymous Coward | more than 4 years ago | (#32462914)

That notation is so hard to read. I was born in MCMLXXIX, and that's they way I like it.

Re:So how can the computer do it then? (1)

ElKry (1544795) | more than 4 years ago | (#32462892)

0201, more like it.

Re:So how can the computer do it then? (-1)

Anonymous Coward | more than 4 years ago | (#32462972)

Endian refers to BYTES, not the order of the bits in each byte. If you're going to be anal, at least know what the F you're talking about.

Re:So how can the computer do it then? (1)

ArbitraryDescriptor (1257752) | more than 4 years ago | (#32462664)

I was pretty torn which way to go there, I settled on English decimal pronunciation (Second/2nd/10nd) because it made "tenth" all the more confusing:
Tenth/10th/1010th/12th/Ath (Twelfth... Eighth? What are you saying?)

Re:So how can the computer do it then? (1)

Phizzle (1109923) | more than 4 years ago | (#32462688)

Umm, you must be new here... That was Binary, so nd :P

Re:So how can the computer do it then? (0)

Anonymous Coward | more than 4 years ago | (#32462818)

No... you're an idiot.

It's still the "10th" item whether it's binary or decimal... they just represent different quantities being in different number systems.

Re:So how can the computer do it then? (0)

Anonymous Coward | more than 4 years ago | (#32463016)

Apparently there are 10 type of people in /. Those who can read binary and those who can't.

Re:So how can the computer do it then? (1)

0100010001010011 (652467) | more than 4 years ago | (#32462574)

As long as you know what machine it was written for. Maybe google has their own custom chip to do all this processing.

Joking aside, I've done assembly decoding. It's definitely not easy but it is possible.

Re:So how can the computer do it then? (0)

Anonymous Coward | more than 4 years ago | (#32462656)

Damn, it's a shame Germany doesn't have one of these [wikipedia.org] to hold the inevitable trials in. Then we could all sit back and see history repeat itself all over again.

For the naive among us, allow me to assure you this is nothing more than a smokescreen for the government to get the data and use it against its citizens. Furthermore, judging from my last trip to the old continent, the last thing Europeans need to be worried about is Google checking in on them, as their governments have that very much on lock.

Re:So how can the computer do it then? (2, Funny)

Monkeedude1212 (1560403) | more than 4 years ago | (#32462660)

That is so 1.

Re:So how can the computer do it then? (1)

Mr. Freeman (933986) | more than 4 years ago | (#32462934)

We can debate semantics all day. "very tedious and impractical" is effectively the same things as impossible.

Re:So how can the computer do it then? (1)

Lord Byron II (671689) | more than 4 years ago | (#32462942)

Actually, from the summary, it seems the big question is whether the Google code is something unique or just a modified version of Kismet and if that's the case, a quick analysis of the binary should provide some insight.

Re:So how can the computer do it then? (1)

Michael Kristopeit (1751814) | more than 4 years ago | (#32463060)

The Google-specific program components are available only in machine-readable binary code, which makes it impossible to analyze the internal processing.

No. It makes it [...] impractical to analyze.

No. if the software is to be understood, analyzing it is the only practical thing to do. there are many debugging tools available to analyze and step through machine code... generally they are used by pirate groups to reverse engineer and remove DRM. functional methods and variables are reconstructed and visualized... it wouldn't take too long to get a general idea of what is going on, and zero in on the code that is run right after a new wireless connection is detected.

"impossible" is so wrong that i expect the person who said it to fall on their sword.

Inaccurate (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#32462426)

"The Google-specific program components are available only in machine-readable binary code, which makes it impossible to analyze the internal processing"

Not sure when that became impossible..

Oh and FP.

Re:Inaccurate (2, Insightful)

Lunix Nutcase (1092239) | more than 4 years ago | (#32462536)

This is a posting by theodp. He found a simple RESTful web API to be too complicated. You actually thought he would be able to understand binary?

Re:Inaccurate (3, Insightful)

schon (31600) | more than 4 years ago | (#32462672)

He found a simple RESTful web API to be too complicated. You actually thought he would be able to understand binary?

And it was a Google RESTful API, as this is a Google binary... so obviously Google would have created it to be so complicated, only Google staffers could understand it!

And the mention of the paper on wireless sniffing? What the fuck does that have to do with Google? Did they sponsor it? No. Did their employees write it? No. Did their employees participate in it? No. But he mentions it just because it re-inforces the conclusion he wants you to draw.

Glenn Beck would be so proud!

So.. when do we call out this idiot as an MS shill?

Re:Inaccurate (1)

amicusNYCL (1538833) | more than 4 years ago | (#32462762)

So.. when do we call out this idiot as an MS shill?

I'm pretty sure an MS shill isn't going to complain about a lack of source code.

Re:Inaccurate (1)

dave562 (969951) | more than 4 years ago | (#32462816)

I believe that the paper was mentioned in reference to Google's patent application.

Re:Inaccurate (1, Insightful)

Anonymous Coward | more than 4 years ago | (#32463350)

I believe that the paper was mentioned in reference to Google's patent application.

And again... why, except to intimate that Google is capturing and storing traffic?

Google's patent app doesn't make any mention of the paper or its authors, and doesn't mention decoding/storage of payload data. So why mention it, other than to try to smear Google?

WTF (3, Interesting)

BitZtream (692029) | more than 4 years ago | (#32462456)

You can be sued for listening to signals bombarding you without your consent?

Heres an idea ... don't want people to hear your private conversations? STOP SHOUTING IT SO EVERYONE WITHIN 300m or more can hear you!

Whats next? They'll charge people with treason and throw them into the oven because someone over heard them standing in the middle of Berlin screaming state secrets?

Re:WTF (3, Interesting)

Hatta (162192) | more than 4 years ago | (#32462514)

You can be sued for listening to signals bombarding you without your consent?

Old news [securityfocus.com]

Wow brainy argument! (2, Insightful)

Anonymous Coward | more than 4 years ago | (#32462584)

Try intercepting someone's cell phone signals - with your dumb argument, you should be able to listen to them too and not get sued. Ditto with so many governmental wireless traffic. Hell, you cant even photograph someone on the street, esp. cops - see yesterdays posts, without their permission, and you are ok with one entity picking up every signal in every neighbourhood ???

Common man - use some brains before you just type some crap !

Re:Wow brainy argument! (4, Interesting)

Hatta (162192) | more than 4 years ago | (#32462652)

Try intercepting someone's cell phone signals - with your dumb argument, you should be able to listen to them too and not get sued.

You should, absolutely. Just as if you were overhearing a walkie talkie. If you don't want it heard by the public, don't broadcast it. If you need to broadcast it, encrypt it.

Re:Wow brainy argument! (0, Offtopic)

dunkelfalke (91624) | more than 4 years ago | (#32462800)

And by the same logic, if you don't want to be mugged on the street you should stay at home.

Re:Wow brainy argument! (0)

Anonymous Coward | more than 4 years ago | (#32463036)

It's more of a "if you don't want to have your money taken, stop running around town and throwing wads of cash at people".
In some cases, it's like you kicked down the door of your neighbor's house and blasted them with a leaf blower full of cash and then called the police when they started picking it up and putting it in their wallet.

Re:Wow brainy argument! (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#32462854)

Authoritarian government around the world are nodding in agreement.

Re:Wow brainy argument! (2, Insightful)

poetmatt (793785) | more than 4 years ago | (#32462734)

it's one thing to intercept, it's another to decode.

Neither are impossible, and both are hard to prove unless someone admits it or is caught in the act.

As was noted, this is broadcasted unencrypted information they obtained. Anyone else could have. Going after google is just going after the easy target.

Re:Wow brainy argument! (1)

Mr. Freeman (933986) | more than 4 years ago | (#32463062)

You CAN photograph people, even cops. The cops abused their authority and made shit up to say that you can't. They were wrong.

Re:WTF (0)

Anonymous Coward | more than 4 years ago | (#32462646)

Sure got Godwin up in here

Re:WTF (1)

amicusNYCL (1538833) | more than 4 years ago | (#32462790)

Heres an idea ... don't want people to hear your private conversations? STOP SHOUTING IT SO EVERYONE WITHIN 300m or more can hear you!

Tell that to the cable, satellite TV, and cell phone industries.

Re:WTF (2, Insightful)

Lunix Nutcase (1092239) | more than 4 years ago | (#32462902)

I know! What next? People whining because their government is installing cameras all over their towns? I mean if you don't want to be filmed everywhere you're going by a Big Brother government JUST STOP GOING IN PUBLIC!!

If I did what google did... (5, Interesting)

morphotomy (1655417) | more than 4 years ago | (#32462526)

If I did what google did I could be charged with unauthorized access to a system. Why is there no criminal trial here?

Re:If I did what google did... (3, Insightful)

Lunix Nutcase (1092239) | more than 4 years ago | (#32462560)

Because you're not a multinational corporation with $20+ billion in revenue and a whole division of lawyers?

Re:If I did what google did... (1)

Elektroschock (659467) | more than 4 years ago | (#32463182)

Well, someone who was recorded illegally just has to file a criminal complaint. And against a German criminal investigation helps no revenue and a whole division of lawyers.

1. File Complaint
2. ???
3. Google done

That is the good old German state attorney divisions [youtube.com] .

Re:If I did what google did... (0)

Anonymous Coward | more than 4 years ago | (#32462728)

If I did what google did I could be charged with unauthorized access to a system. Why is there no criminal trial here?

You can collect all the data google did passively meaning you don't have to connect or access the AP

Re:If I did what google did... (0)

Anonymous Coward | more than 4 years ago | (#32462730)

If you did what google did, nobody would care. Really. Heck, you can walk around with a camera all you want and take snapshots of everything you feel like... licenseplates, folks dressing, whatever you like. If google does it, it's suddenly "uh, oh, google is taking pictures of things in public! uh oh, they're overhearing conversations... uh, oh, they're also capturing what's on the radio in public!---lets form a class and sue'em for a ton of money!''

Re:If I did what google did... (1)

ukyoCE (106879) | more than 4 years ago | (#32463140)

Um, there IS a trial/inquest here. Why do you think Germany is looking at this information? And isn't the US House looking into it as well?

So as silly as it is, yes there is a trial. And yes, it is equally ridiculous when individuals are criminalized for doing the same thing.

Re:If I did what google did... (0)

Anonymous Coward | more than 4 years ago | (#32463284)

You cerainly could be charged with that, or _anything_ else for that matter. The charge of "unauthorized access to a system" is close enough that it would probably even make it past a grand jury. But chances are, having no legal staff, you'd try to cut a plea bargain, because you can't fight it. So the prosecutor would win -- regardless of the merits of the charge. (Although, technically, there'd not be a criminal trial per se, because you'd bargain before the trial.)

On the other hand, since Google DIDN'T FRAKKING ASSOCIATE, it's very doubtful that the prosecutor [i]should[/i] win that case (because it's not access), and somewhat doubtful that they [i]would[/i] win it if fought hard. Since Google has a competent legal team, the prosecutor would have to spend a boatload of money on that gamble. Guess what -- when they're up against someone who can defend themselves, they're a lot more careful about potentially bogus criminal charges.

Tsk tsk (4, Interesting)

stevegee58 (1179505) | more than 4 years ago | (#32462550)

They're not being evil now, are they?

Now we can find out once and for all ... (2, Funny)

tomhudson (43916) | more than 4 years ago | (#32462944)

They're not being evil now, are they?

It depends - the government should disassemble the code and see if the evil bit is set.

Is this how they can do wifi location detection? (4, Interesting)

jeffmeden (135043) | more than 4 years ago | (#32462566)

I know a little bit about IP geolocation, but when I got an iPod touch and fired it up for the first time on my home network I was *stunned* to see that it pinpointed my location to within one or two houses when using the Google Maps app despite having no GPS and no other identifiable information entered into the device. Maybe they are using this data to drive geolocation based on SSID instead of IP? Can anyone explain how else IP geolocation can be so accurate?

Re:Is this how they can do wifi location detection (1)

RSCruiser (968696) | more than 4 years ago | (#32462634)

They were using both SSID and MAC addresses [computerworld.com] collected from street view to enhance their location services.

Re:Is this how they can do wifi location detection (1)

JoeMerchant (803320) | more than 4 years ago | (#32462798)

They were using both SSID and MAC addresses [computerworld.com] collected from street view to enhance their location services.

So, when I gave my old WiFi router to a friend on the other side of town, it messed with their accuracy a bit then? I think they've driven by my house about once in the past 4 years as far as I can tell from the StreetView photos.

Re:Is this how they can do wifi location detection (2, Interesting)

ttldkns (737309) | more than 4 years ago | (#32463218)

I'm not sure how google does it but the iPod uses skyhook wireless location services. If you read the blurb from their website they tell you about how they use clustering to self heal their location network in between readings, which don't need to happen very often.

I've moved house a few times and taken my routers with me and i've watched the iPod maps app switch between the old location and the new one for a few days depending on how many other networks it can see. After a few days, though, the system has "healed" itself and consistently finds the correct location.

Re:Is this how they can do wifi location detection (1)

dotgain (630123) | more than 4 years ago | (#32463338)

Interesting. In New Zealand I haven't got it to work at all - not even in the cities. Pretty sure it failed me in Brisbane, Australia as well.

Re:Is this how they can do wifi location detection (1)

nerdtalker (1541099) | more than 4 years ago | (#32463394)

There's a ton of misunderstanding here about what's going on. The quick answer is that yes, you degrade it if you're the only BSSID in the area (or the majority, eg bringing two BSSIDs into an area with only one).

First off, Google is trying to build out its own WiFi augmented location services so they don't rely on SkyHook's (currently larger and more robust) offering. Keep in mind, the iPhone/iPad/iPod Touch OSes are the major SkyHook clients, and recently Motorola announced they were ditching Google's smalller/less reliable location service for this very reason on their own Android devices.

Both implementations are dynamic and self-repairing. That means that if a client reports back that one BSSID isn't in the locale as two other BSSIDs it knows -are-, SkyHook/Google will immediately know that something has changed. If the majority of BSSIDs match a given location, but another has changed or appeared, it'll eventually be incorporated with time and if clients continue to report consensus. If a client comes in with GPS and WiFi is turned on, it's given priority and reports back to SkyHook the current visible BSSIDs for updating their database with the GPS data as well. Obviously, because the client has a GPS fix, it'll be given a higher weight and update that database pretty quickly.
The cool part here is that mobile devices are building out the location services data each time they use it - it's in fact evolving, healing, and getting better. Fire up Maps on any of the major platforms, and you're helping Google and SkyHook both.

I recently experimented with this myself. I moved from one location to another across town, and brought along my two wireless APs (one of them dual band N, so a total of 3 BSSIDs) and fired up location services in my new location. On the iPhone and Android clients, the initial quick fix showed me in the old location. Trying with locate me on google maps also showed me at the old location. Then cellular data came in and showed me roughly across town where I was. Then GPS got a fix, and put me very close to my real location indoors. This is how it's supposed to work. At this point, the device reports back the BSSIDs visible with the GPS fix to whatever service is in use.

I tested over the course of a few days and noticed that the iPhone client had updated the SkyHook database within a day and was now identifying - from WiFi - that I was in the right place. You can test that with an iPad (no 3G, just WiFi) or iPod Touch with location services. The Android client has taken about a week which is more surprising. You can immediately see where (based on WiFi) the google database puts you by going to maps.google.com and clicking the location button.

Both SkyHook and Google likely use a similar architecture - it's essentially two big companies wardriving and finally doing some math armed with signal strength and GPSes. Except now *everyone* is wardriving on their smartphones, and they don't really realize it.

Re:Is this how they can do wifi location detection (2, Informative)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#32462674)

To the best of my knowledge, Apple's wi-fi based geolocation is based on Skyhook's offering in the area. [skyhookwireless.com]

It is quite plausible to assume that Google, since they were already going to the expense of running the cars, figured that they could grab their own geolocation dataset for virtually no additional cost. However, their massive corporate wardrive episode is hardly the first of its kind, as Skyhook's products demonstrate.

Re:Is this how they can do wifi location detection (1)

bpsbr_ernie (1121681) | more than 4 years ago | (#32463196)

Yup, sounds very similar... Is Skyhook next on the list to be bullied?

To pinpoint location, the Core Engine uses a massive reference network comprised of the known locations of over 100 million Wi-Fi access points and cellular towers. To develop this database, Skyhook has deployed drivers to survey every single street, highway, and alley in tens of thousands of cities and towns worldwide, scanning for Wi-Fi access points and cell towers plotting their precise geographic locations. Skyhook's extensive coverage area includes most major metro areas in North America, Europe, Asia, and Australia.

http://www.skyhookwireless.com/howitworks/coverage.php [skyhookwireless.com]

Re:Is this how they can do wifi location detection (4, Informative)

Hurricane78 (562437) | more than 4 years ago | (#32462882)

A company named Skyhook Wireless is doing this. They are continuously driving trough whole continents with cars, mapping out wifi routers/stations/etc.
They are what gives the iPhones/iPods their navigation (they have to real GPS). They are behind Maps Booster which plugs right into the Symbian (Nokia & others) geolocation APIs. (I bought it for 3€, and while it is less exact than GPS here, it also works inside buildings. Plus it makes first-time GPS satellite locking much faster.)

I wonder how this is different from what Google does, though.

But I don’t have a problem with SSID logging anyway. I mean, people who rely on SSIDs for security, really are idiots anyway. It’s not worse than knowing an IP. I can’t see where privacy could be a concern here. And I’m extremely strict about my privacy rules.
I think it’s a good service. Hell, how could I not think that paying 3€ for someone to drive across every street on the continent is a good deal?

P.S.: No, I’m not affiliated. And I repeat: It’s not very exact here. I am lucky if I get 50m accuracy. While my A-GPS can get down to 3m. (Oh, and if anyone of you know a service that requires no further hardware, and can get down below 50 cm [ideally below 10cm], please contact me! :)

Re:Is this how they can do wifi location detection (1)

radish (98371) | more than 4 years ago | (#32463134)

The original iPhone didn't have GPS, all the more recent models do have.

Re:Is this how they can do wifi location detection (0)

Anonymous Coward | more than 4 years ago | (#32463014)

It is, done by SSID, and not just your's. It uses 3 (or more) and then triangulates (assuming signal strength is inversely proportional to distance) by using an epic db on the google servers, with probable GPS locations of wifi access points - collected (I think) from street view cars, and possibly Android phones if you opt in??? There are free databases available on the net if you are trying to implement a similar system.

There are worse intercepts besides a few wifi pkts (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32462568)

I still dont understand why the German government has is knickers in a twist over all of this. ISP's look at the traffic moving through them. Some even route a copy to be anylized by a cluster of pcs like with the NSA trunk intercept at AT&T in San Francisco. Whats a few packets (given that the car sampling the wifi is moving) really add up to? Wouldnt all the back to base monitoring, etc in various applications be a bit more of a concern?

Re:There are worse intercepts besides a few wifi p (5, Funny)

Hatta (162192) | more than 4 years ago | (#32462626)

Yeah seriously. Why does the German government have to be such a bunch of Naz... oh, I see.

Re:There are worse intercepts besides a few wifi p (1)

robot256 (1635039) | more than 4 years ago | (#32462676)

Wouldnt all the back to base monitoring, etc in various applications be a bit more of a concern?

Of course not! It's only a problem when someone other than the government is doing the monitoring, because then it's not in the name of "national security".

Re:There are worse intercepts besides a few wifi p (1)

Lunix Nutcase (1092239) | more than 4 years ago | (#32462874)

Actually it's funny because the same people who would whine about the government doing nothing different than Google are flailing about because people are equally bothered by Google doing it.

Re:There are worse intercepts besides a few wifi p (0)

Anonymous Coward | more than 4 years ago | (#32463152)

I can vote in a new government every few years. I cannot vote out a giant corporation.

PR of C-politicians (1)

AffidavitDonda (1736752) | more than 4 years ago | (#32462932)

If you are a politician in the second or third row, the main thing you want is media attention. Nobody ever looks at those politicians who are responsible for such boring things as data security. So if a large company as Google is recording data of us poor, innocent citizens (...add: too stupid to activate encryption...) then that's their chance. Especially since people here in Germany are a bit touchy about their private data. Mainly those of us, of course, who for the first time in their life hear, that a wireless lan is in fact... wireless... Who knows, that noname guy responsible for this may make it into the higher ranks for the next elections? Would you miss such an opportunity?

Something I've had a hard time understading... (2, Interesting)

Em Emalb (452530) | more than 4 years ago | (#32462580)

Something I've had a hard time understanding through all this is WHY they thought it was a good idea to record SSIDs and other information while doing a street mapping.

I don't understand what they were hoping to gain from this information?

According to our research, 72.438% of people don't secure their wireless.

According to our research, (I'm assuming they got mac addresses too, right?) 83.4% of all wireless consumer routers in Germany are Linksys routers.

WTF does that have ANYTHING AT ALL to do with mapping streets?

Oh, and for the people getting all up in arms because "people are shouting this information freely and anyone can hear it"...that's patently FALSE. There's maybe 1% of the population that has the know-how or the desire to do that. It is NOT AT ALL event remotely the same as standing in the middle of the street yelling at someone where anyone can hear you. You have no choice but to over hear if you happen to be in the area. You do, however, have a choice in downloading packet-sniffing software and using it on someone's wireless network, unsecured or not.

Re:Something I've had a hard time understading... (0)

Anonymous Coward | more than 4 years ago | (#32462636)

Ignoring legality and what-not, I think a Google Maps overlay showing public Wi-Fi access and signal strength would be quite useful.

Re:Something I've had a hard time understading... (4, Informative)

0100010001010011 (652467) | more than 4 years ago | (#32462722)

Google location API. Doesn't matter if the network is secure or not.

"Hey I found AA:BB:CC:DD:EE at this location"

Person with iPod Touch or other device with wireless only sends to google: "Hey I see access points AA:BB:CC:DD:EE, AA:BB:CC:DD:FF and AA:BB:CC:DD:00" Google goes: "Yea, you're around here".

Go to google maps [google.com] with a new version of Firefox or Chrome. Click on the button that just has a circle in it. It'll ask for permission to send your location and should show you where you are on the map.

Re:Something I've had a hard time understading... (1)

Em Emalb (452530) | more than 4 years ago | (#32462886)

Thanks for the information. I didn't realize they were tying that into google maps. It does make sense from that approach.

Interesting that they ask you for your permission to send your location data to them....but I don't remember reading anything where they said they were going to harvest SSIDs and mac addresses during the initial street mapping.

(I'm not saying that's a bad thing, just not something that people were made aware of...to my knowledge. Not that the people who have unsecured wireless routers probably would have changed anything)

I better learn the turc language (1)

aepervius (535155) | more than 4 years ago | (#32462998)

I have jsut been instantly shifted 2000+ km east and south in turkey. Methink this ip location things isn't maybe quite that ready for prime time.

Re:Something I've had a hard time understading... (2, Insightful)

fuzzyfuzzyfungus (1223518) | more than 4 years ago | (#32462826)

I have no idea what use snippets of unencrypted data from unsecured networks would be. There just isn't much there that isn't either blatantly illegal and/or terrible PR that you can't learn just by having one of the world's larger Ad networks.

SSIDs, though, make a lot more sense. Wi-fi APs, while by no means completely static, provide an incredibly dense network of individually identifiable radio transmitter nodes. If your receiver knows its location(via GPS fix from a good GPS unit), and knows what APs are nearby(ideally with directional antennas), you can turn that into a database that devices with no GPS can use for rough location detection by means of any 802.11a/b/g/n card(or, as is frequently the case with cellphones, devices with ghastly GPS antennas and/or chipsets can use nearby APs to assist their GPS). Skyhook Wireless already has such a database(among other customers, Apple contracted with them to give their non-GPS iDevices some degree of location ability), I don't know if other outfits do as well. Since Google was already going to the expense of having GPS and camera equipped cars drive all over everywhere, it seems quite logical to throw a few wi-fi antennas on the cars and get an AP geolocation database for minimal additional cost.

Re:Something I've had a hard time understading... (1)

Em Emalb (452530) | more than 4 years ago | (#32463010)

I have no idea what use snippets of unencrypted data from unsecured networks would be. There just isn't much there that isn't either blatantly illegal and/or terrible PR that you can't learn just by having one of the world's larger Ad networks.

I agree with you, I would imagine most of the data they picked up was of the syn/ack variety. But..with the technology that is available now, Open Source most of it even, you can get the SSIDs and mac addresses WITHOUT snooping any data at all.

I don't get the reasons for the software they used.

Also, for the record, this doesn't affect me personally, as when they mapped my street I didn't live there and I secure my wireless :-) But thanks for the response.

Re:Something I've had a hard time understading... (1)

Hatta (162192) | more than 4 years ago | (#32462878)

Collecting data on the location of open networks can allow google to pinpoint your location based on what SSIDs are around you. It also will allow you to plan a trip such that an open network is available along the way. Two valid and useful applications of this data.

Oh, and for the people getting all up in arms because "people are shouting this information freely and anyone can hear it"...that's patently FALSE. There's maybe 1% of the population that has the know-how or the desire to do that.

If you don't know how to operate your equipment properly, maybe you shouldn't be using it. If you do, don't be surprised when it doesn't behave as you expect.

What you describe would amount to a blanket prohibition on open networks, since there's no way to tell the difference between an intentionally open network and an unintentionally open network. Some people choose to run open networks and they need to be free to run them. Since it's so trivial to close your network, it only makes sense to assume that those who have not done so intend for it to be open.

Imagine if the rest of the internet worked this way. Currently, if you can connect to a webserver and get a response then it's reasonable to assume you have permission to use that web server. Similarly, if you can connect to an AP and get an IP, then it's reasonable to assume that you have permission to do so. If you had to assume that you were not allowed to use a service without specific permission, even if there are no access controls implemented, then the internet would simply not work.

Re:Something I've had a hard time understading... (2, Interesting)

Em Emalb (452530) | more than 4 years ago | (#32463288)

If you don't know how to operate your equipment properly, maybe you shouldn't be using it. If you do, don't be surprised when it doesn't behave as you expect.

I personally DO know how to operate my equipment properly. I am not up in arms over this because it affects me personally, but because people who don't know any better.

As I said in an earlier post, my wifi is secured and hidden. Does that mean someone couldn't sniff the traffic coming from it and decrypt it? Of course not. Would it make it harder to do? Sure.

In your analogy, you're saying that if you connect to a web server and get a response, it's reasonable to assume you have permission to use that web server. Sure. But what if you do port scans and find an obscure port "reserved" for something other than http or https traffic and connect that way? Are you headed down a slippery slope there or is it just fine, even if the owner of the web server didn't intend for you to connect to that port?

(I'm just asking, I really don't have a horse in this race.)

Re:Something I've had a hard time understading... (1)

Monkeedude1212 (1560403) | more than 4 years ago | (#32462996)

Something I've had a hard time understanding through all this is WHY they thought it was a good idea to record SSIDs and other information while doing a street mapping.

Than you are a fool who doesn't know how these things work and why anyone would do anything.

WTF does that have ANYTHING AT ALL to do with mapping streets?

Essentially, providing street view (the car's original purpose) has nothing to do with mapping streets either. The maps were already there. They've been there for a while. Going around and taking a snapshot every 3 houses doesn't help the map be a map any better. I don't understand why you are having problems understanding that what they were doing has little to nothing to do with the map part of the map.

Street view helps those people who navigate by landmarks. Google Maps helps people who navigate by Compass. SSID recording helps people who navigate by GPS.

Essentially, recording the SSID's and MAC addresses allows them to build in a GPS system that works on the client side to determine where it is more accurately.

Oh, and for the people getting all up in arms because "people are shouting this information freely and anyone can hear it"...that's patently FALSE. There's maybe 1% of the population that has the know-how or the desire to do that

No, its not. There's maybe 99.9% of people who know to stand and shout. I'd say of people who set up home routers, 99% of them also know how to leave it unsecured. Thus, its the same thing. Not having the knowledge of how something works is not an excuse - it is not a defense nor should it be used for an attack. Try the "I didn't know how a gun worked" excuse in court. Ignorance is not bliss. If you bought a home router, you're expected to RTFFM and follow the steps. If you fail to secure your wireless, (because every router now-a-days includes instructions how), that is your own damn fault and it is like shouting in the streets.

I don't know if logging SSID's nearby, and find the mac address of unsecured ones counts as "Packet-sniffing" - because I can do that without any software than the default windows home setup.

Re:Something I've had a hard time understading... (1)

Em Emalb (452530) | more than 4 years ago | (#32463068)

Than you are a fool who doesn't know how these things work and why anyone would do anything.

It's THEN, not than. Be careful when calling someone a fool when your spelling is inaccurate.

Also, your analogy towards the end of your post is flawed and since you have the internet manners of a raving asshole, I won't bother to refute your asinine argument. Enjoy your weekend.

Re:Something I've had a hard time understading... (1)

ElectricTurtle (1171201) | more than 4 years ago | (#32463078)

Each person is responsible for they way that they use, configure, or fail to maintain equipment that is in there domain and control. Ignorance is no excuse.

If I take a backhoe and cut a water/sewer/phone/fiber line in my yard, the utility company is not going to say 'oh, that's ok, you just didn't know how to use the equipment...' Fuck no, they are going to hold me liable, and any court challenge will go their way.

In addition to liability for actions there is also liability for the failure to act. If I rent a car for a long period of time and fail to perform basic maintenance like oil changes to the point where the engine is damaged, guess who's on the hook?

Ignorance does not excuse liability. If I operate a machine that I don't know how to use, I don't get a free pass if things don't turn out the way I want.

Machines under somebody's domain and control can be considered their agents. If I set up an FTP server and it accepts ftp as the login and ftp as the password, then I would have a hard time prosecuting anybody for unauthorized access when it is common knowledge to many who use FTP that such a login is considered a publicly accessible FTP server.

I am not a lawyer, nor is the above legal advice.

Re:Something I've had a hard time understading... (2, Insightful)

Em Emalb (452530) | more than 4 years ago | (#32463304)

How is not securing your wireless indicative of not being able to "operate" machinery properly?

If I leave my front door open and you steal from me, that doesn't mean you're not a thief does it?

Re:Something I've had a hard time understading... (2, Informative)

Anonymous Coward | more than 4 years ago | (#32463258)

Something I've had a hard time understanding through all this is WHY they thought it was a good idea to record SSIDs and other information while doing a street mapping.

Its called making a map. You travel around, and note features and details. SSIDs are a mapable feature. Knowing that SSID xyz is visible from 123 anystreet and from 125 anystreet, but fades out by the time you reach 127 anystreet helps you to define a location.

I don't understand what they were hoping to gain from this information?

As some others have mentioned previously, by correlating physical locations with visible SSIDs they gain the ability to provide maps and directions to people using devices with WiFi instead of GPS.

According to our research, 72.438% of people don't secure their wireless.

According to our research, (I'm assuming they got mac addresses too, right?) 83.4% of all wireless consumer routers in Germany are Linksys routers.

WTF does that have ANYTHING AT ALL to do with mapping streets?

It has nothing to do with anything... its just a summary of statistical observations.

Oh, and for the people getting all up in arms because "people are shouting this information freely and anyone can hear it"...that's patently FALSE. There's maybe 1% of the population that has the know-how or the desire to do that. It is NOT AT ALL event remotely the same as standing in the middle of the street yelling at someone where anyone can hear you. You have no choice but to over hear if you happen to be in the area. You do, however, have a choice in downloading packet-sniffing software and using it on someone's wireless network, unsecured or not.

Not exactly. Your router is broadcasting this information clearly to anyone with the capacity to hear it. It is not being broadcast at a frequency that the human ear can detect without assistance, but every single wireless device within range can hear it. Turn on your laptop, go to the configuration for the wireless network connection. See the part where it lists the SSIDs of wireless networks in range? There you go...

The concept of "someone's wireless network" is a bit of a misnomer. There are just a bunch of devices having conversations at the same time. Its a lot like being in a big reception hall talking to your friend while there are other people having conversations around you. What differentiates your conversation from someone else's conversation is simply what you choose to focus your attention on. You can hear them, they can hear you, you just choose to ignore the conversations that don't involve you. That's how wireless devices work. They typically ignore conversations that don't involve them... but they can still hear them going on.

Re:Something I've had a hard time understading... (0)

Anonymous Coward | more than 4 years ago | (#32463270)

Something I've had a hard time understanding through all this is WHY they thought it was a good idea to record SSIDs and other information while doing a street mapping.

Because Google is working on a technique to geo-locate based on what wireless APs are in view. By having a mapt of their locations and estimated signal strength, a mobile unit can roughly triangular its position. Quite possibly, it will eventually be used to have google ads based on your current location. For example, a Starbucks ad if appear to be inside of a Starbucks shop.

Not really illegal, but wreaks of dishonesty (5, Insightful)

DontLickJesus (1141027) | more than 4 years ago | (#32462604)

There isn't anything inherently illegal about what they did, unfortunately. Encrypt your networks folks. However, being a professional user of the Kismet application I would contend that using Kismet shows that all the data collection was far from "accidental".

Re:Not really illegal, but wreaks of dishonesty (0)

Anonymous Coward | more than 4 years ago | (#32462740)

Reeks, as in smells, of dishonesty. Not wreaks, as in causes.

Re:Not really illegal, but wreaks of dishonesty (2, Insightful)

DeadCatX2 (950953) | more than 4 years ago | (#32462780)

I dunno...maybe if it was aircrack or even wireshark, I would be worried, but I don't see the big deal about Kismet. After all, they were looking for SSIDs/MACs.

I still don't see the big deal about this. If someone photographed you standing in front of your living room window, would you scream "invasion of privacy!!!!!!111eleven" or would you just close the blinds?

Even better analogy...if someone aimed a camcorder out of their window and drove past while aiming it around and saw you for a couple of seconds through your window, would you scream "invasion of privacy"?

Re:Not really illegal, but wreaks of dishonesty (1)

DontLickJesus (1141027) | more than 4 years ago | (#32462844)

Well, the problem is that Kismet actually DOES log traffic by default, at least in my experience with the BackTrack suite.

Re:Not really illegal, but wreaks of dishonesty (1, Informative)

Anonymous Coward | more than 4 years ago | (#32462848)

However, being a professional user of the Kismet application I would contend that using Kismet shows that all the data collection was far from "accidental".

I'm not sure how to parse your sentence. Doesn't Kismet capture all this date by default? I could easily see someone running Kismet for the ".networks" file and not even notice the ".dump" file. Kismet is a very good tool for what they are doing. Just because it does more than what they want doesn't make it a bad choice. They just should have edited the config file. Why waste resources logging data you don't want?

Re:Not really illegal, but wreaks of dishonesty (2, Interesting)

Mr. Freeman (933986) | more than 4 years ago | (#32463104)

What do you mean "unfortunately". It's almost as though you think that having a law against it will stop EVERYONE from intercepting your data. You DO realize that criminals will still analyze your data, right?

And no, using kismet does not show that the data collection was intentional. There are many uses for any network monitoring tool, even those tools that CAN capture lots and lots of data.

Re:Not really illegal, but wreaks of dishonesty (2, Insightful)

ElectricTurtle (1171201) | more than 4 years ago | (#32463188)

I agree. Google looks really a lot worse in my eyes not because they picked up some packets, but because they lied about their intent to pick up some packets. It's very Clintonesque. I could care less if Billy C. got some action from an intern, but it was the lying about it that made it heinous.

If you're caught, just admit it. Looking bad in the eyes of some dumb luddites is not worse than looking like a sleazy liar to absolutely everybody.

Re:Not really illegal, but wreaks of dishonesty (1)

DontLickJesus (1141027) | more than 4 years ago | (#32463226)

Thank you this describes my opinion much more succinctly.

Google Denies It, Looks for Scapegoat (4, Interesting)

eldavojohn (898314) | more than 4 years ago | (#32462812)

For what it's worth Google claims that patent is totally unrelated [computerworld.com] and they're also trying to find someone they can pin this on so their multinational company doesn't take any of the heat. Remember, it's just one engineer behind this and once we find Scapegoaty McSeverancePackage this can all be put behind us and you can rest assured that Google is back to Do No Evil status. Ha.

Re:Google Denies It, Looks for Scapegoat (0)

Anonymous Coward | more than 4 years ago | (#32463120)

I volunteer for the job! For we are Legion.

Germany Finds Kismet, Custom Code In Google Car (0)

uofitorn (804157) | more than 4 years ago | (#32462960)

And my car has four Goodyear tires and a couple gallons of Shell gasoline in it. So what?

Kismet (3, Funny)

Itninja (937614) | more than 4 years ago | (#32463072)

I guess it was just destiny for this to happen.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?