Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Londoners Tracked By Advertising Firm's Trash Cans

timothy posted about a year ago | from the time-for-spoofing dept.

Advertising 189

schwit1 asks "How can I automatically have my wi-fi turn off when I leave the house unless I specifically turn it back on?" and provides this excerpt from Wired to illustrate why that would be useful: "Hundreds of thousands of pedestrians walking past 12 locations unknowingly had the unique MAC address of their smartphones recorded by Renew London. Data including the "movement, type, direction, and speed of unique devices" was recorded from smartphones that had their Wi-Fi on. First reported by Quartz, the data gathering appears to be a Minority Report-esque proof-of-concept project, demonstrating the possibility for targeted personal advertising. 'It provides an unparalleled insight into the past behavior of unique devices — entry/exit points, dwell times, places of work, places of interest, and affinity to other devices — and should provide a compelling reach data base for predictive analytics (likely places to eat, drink, personal habits etc.),' reads a blog post on the company's site. In tests running between 21-24 May and 2-9 June, over 4 million events were captured, with over 530,000 unique devices captured. Further testing is taking place at sites including Liverpool Street Station." (The name sounds a bit like a government project, but Renew London is actually an advertising / marketing firm.)

cancel ×

189 comments

Sorry! There are no comments related to the filter you selected.

Cell phones must stop broadcasting MAC addresses (5, Insightful)

LordNimon (85072) | about a year ago | (#44537047)

The 802.11 protocol does not require cell phones to broadcast their MAC addresses. Phones do it so that they can discover nearby networks faster, but it is completely optional.

There needs to be an update to iOS and Android that gives users the option to disable this feature (I can't remember the official name). Users should understand that it will take longer to find access points, but in exchange, they get vastly increased privacy.

Re:Cell phones must stop broadcasting MAC addresse (0)

Anonymous Coward | about a year ago | (#44537079)

Standard configuration is for access points to broadcast beacons 10 times per second. I doubt that sending probe requests would make detection any faster. The real reason why probe requests are sent is that idiots turn off SSID broadcasting, and that leaves the phone no choice: Either send probe requests all the time or don't find the home network when you're in range.

Re:Cell phones must stop broadcasting MAC addresse (4, Informative)

girlintraining (1395911) | about a year ago | (#44537097)

The 802.11 protocol does not require cell phones to broadcast their MAC addresses. Phones do it so that they can discover nearby networks faster, but it is completely optional.

Except, of course, that it does. In order to associate to an access point, you have to send your MAC address. It's sortof how packet-switched networks operate: It needs a source and destination. What you're talking about is a Probe request, a special type of packet when a station needs to obtain information from another station. This other station is typically an AP, but not necessarily.

Any connection made over wifi needs to broadcast a probe frame, and these are by definition unencrypted. Any station on the same channel can see them. Thus the only way to prevent broadcasting your MAC address is to disable wifi entirely. It is in no way "optional" for connecting to another wifi network, and many cell phone users want this functionality because auto-connecting to unsecured wifi allows for data transmission without incurring fees from their provider. The iPhone, for example, can receive OTA updates via open wifi, as can Android.

They aren't doing it solely to "discover nearby networks faster"; It actually saves the user money.

Re: Cell phones must stop broadcasting MAC address (5, Informative)

dnadoc (3013299) | about a year ago | (#44537251)

What he meant was "The 802.11 protocol does not require cell phones to broadcast their MAC addresses when disconnected from an AP" Sure you need to send the MAC address to connect - he knows that. You don't need to send anything if you don't want to connect. It's not hard to write an app that turns off wifi outside of particular physical area. That addresses the concern they're talking about. They don't care about background data usage on the phone when they're not using it.

Re: Cell phones must stop broadcasting MAC address (4, Informative)

LordNimon (85072) | about a year ago | (#44537547)

Thank you for understand exactly what I was trying to say. However, it's not necessary to disable wifi completely. Instead, the phone should just not send any probe requests, and it should not automatically connect to an insecure network that it has never seen before.

Re: Cell phones must stop broadcasting MAC addres (0)

Anonymous Coward | about a year ago | (#44537605)

True dat! A "listen only" mode would be great.

Re: Cell phones must stop broadcasting MAC address (4, Insightful)

sjames (1099) | about a year ago | (#44537765)

It doesn't even have to go that far if you don't want. Just passively listen for known APs and only connect to those. Then add something friendly like a "look for WiFi" button to send out a probe when the user actively wants to connect to something and no known APs are broadcasting beacons.

Re:Cell phones must stop broadcasting MAC addresse (4, Insightful)

Solandri (704621) | about a year ago | (#44537291)

and many cell phone users want this functionality because auto-connecting to unsecured wifi allows for data transmission without incurring fees from their provider.

Saying people want to auto-connect to unsecured wifi networks is like saying people want to be able to drive at 150 mph. Yeah everyone would like to do it, but they realize it's such a stupid thing to do that almost nobody willingly does so. A random unsecured wifi net in a public area is the perfect setup for a man-in-the-middle attack to harvest your email and bank login and passwords. At a minimum, automatically connecting to them should be disabled by default on all devices, and preferably there should be no way to enable such a "feature".

If you want to connect to an unsecured wifi network, you should have to make a conscious decision and take a deliberate action to do it. Auto-connecting to them is colossally stupid. So there is no need for your phone to be automatically scanning wifi nets in a manner which exposes its MAC address. If you find yourself in a random location and would like to manually connect to an open wifi net which you feel you can trust, then the phone should give up its MAC address.

If a probe request to identify nearby wifi nets requires a MAC address, that's a deficiency in the wifi handshaking standard IMHO. The phone should generate a random one just for that probe request to bypass that deficiency.

Re:Cell phones must stop broadcasting MAC addresse (2, Insightful)

girlintraining (1395911) | about a year ago | (#44537407)

Saying people want to auto-connect to unsecured wifi networks is like saying people want to be able to drive at 150 mph. Yeah everyone would like to do it, but they realize it's such a stupid thing to do that almost nobody willingly does so.

Driving at 150 MPH is legal in many areas. The Autobahn, Montana during the day... And it's not stupid. As well, they're going considerably faster than 150 MPH with their phones; They're going at 670,616,629 mph.

A random unsecured wifi net in a public area is the perfect setup for a man-in-the-middle attack to harvest your email and bank login and passwords.

Find me a bank or online retailer that allows financial accounting data to be submitted over insecure connections instead of SSL. I can wait.

Auto-connecting to them is colossally stupid.

So is carrying a cell phone in public, according to some. People don't have to use military-grade encryption to browse wikipedia; There's plenty of things that open wifi is good for, even if it can be monitored. And if you're that worried about it, download Tor for Android (Orbit) or the iPhone and proxy everything through that.

Plenty of people want to make internet available to the general public for free; You know, that whole "Share and share alike" thing that we learned as kindergarners and then promptly forgot as adults as we all adopted the "what's mine is mine and what's yours is negotiable" stance.

If a probe request to identify nearby wifi nets requires a MAC address, that's a deficiency in the wifi handshaking
standard IMHO.

I think I'll stick with what the IEEE working group came up with, which included Cisco Systems, Microsoft, Hewlett Packard, and dozens of independent network engineers over your "humble opinion", thanks. But if you can figure out a way to transfer data over a packet-based network without a source and destination in the header, I am quite certain the IEEE would give you a free membership and plane rides and hotel rooms for all their meetings to explain your new protocol.

Re:Cell phones must stop broadcasting MAC addresse (3, Insightful)

girlintraining (1395911) | about a year ago | (#44537867)

I love how ignorant slashmods keep marking this as 'troll' while others who actually understand networking keep marking it informative. Sadly, the technical proficiency of people on this site continues to track lower month over month since the Dice takeover.

Now people who suggest that the people who designed the internet might have known what they are doing are moderated down while the paranoid tin foil hat crowd gets modded up for suggesting that changing the protocol is a simple handwave and people with decades of experience in this sort of thing are incompetent...

Re: Cell phones must stop broadcasting MAC address (0)

Anonymous Coward | about a year ago | (#44537905)

No protocols have to be changed, and none of your posts are informative (at least not on this article). It's so simple and obvious that you don't have to broadcast to listen.

Re: Cell phones must stop broadcasting MAC address (2)

girlintraining (1395911) | about a year ago | (#44537943)

No protocols have to be changed, and none of your posts are informative (at least not on this article). It's so simple and obvious that you don't have to broadcast to listen.

Amazingly though, in order to find out if the network can actually route to the internet, which is what the station is trying to find out... you have to associate to the AP. As well, many people disable SSID broadcasting, necessitating probes to determine if that network is actually present.

It's so simple and obvious!

Re: Cell phones must stop broadcasting MAC addres (0)

Anonymous Coward | about a year ago | (#44538079)

"You have to associate to the AP" - maybe you do. Nobody else here wants to.

Re:Cell phones must stop broadcasting MAC addresse (0)

Anonymous Coward | about a year ago | (#44538295)

I often hate reading your posts because you have a very obnoxious manner of expressing yourself, but at least you know what you're talking about often enough. I have to agree with you about the quality of the posts, though. They've always been going downhill, but I've just attributed that to a "get off my lawn" effect where young'uns are pontificating about stuff that's new to them but already understood by everyone else.

But the rate of decrease in quality has really increased lately. Also, the posts that are modded up are increasingly factually incorrect or incredibly naive. Something weird is definitely going on here. Frankly, I'm on the verge of bailing entirely. The average post here now shows about the same intelligence and informed worldview as the average YouTube comment.

-- A low UID user away from their computer at the moment.

Re:Cell phones must stop broadcasting MAC addresse (4, Insightful)

Arker (91948) | about a year ago | (#44538517)

You're both right, a little at least. It's perfectly safe to connect to whatever random wifi you run across and use it in the sense it's intended, in the case that you are absolutely certain anything important is actually being encrypted at the application layer where it should be.

For most people, in the real world, they have no idea. Application programmers seem to do a really lousy job of it (as in usually dont even try) so it's certainly not safe to assume. Probably smarter in many cases simply to set your phone to only connect to networks you program it specifically to connect to. And encrypt them, so they cannot be trivially spoofed.

IF they are actually broadcasting their MAC when NOT attempting to connect to a network, that would be a bug to stomp. But I am pretty sure that part was just GPs ignorance.

And, btw, you SHOULD use encryption to browse wikipedia. You should, in fact, use HTTPS Everywhere [eff.org] and attempt to encrypt every single piece of data that is sent out, redundantly. This is because if you only encrypt things that you are worried about being seen, the encryption is suspicious in and of itself, and anyone investigating you for any reason (even just 'because your traffic passed our sniffer') is going to at least see exactly the data they are looking for, they will see the endpoints even if they cannot break the encryption. That 'meta data' may be more valuable than the encrypted message itself.

So if you want digital privacy, dont just encrypt important documents. Encrypt every single thing you can, and encourage others to do the same. An internet where only super-sekrit documents are sent encrypted is a fertile environment for snoops. One where the amount of traffic that is encrypted at the application level already nears 100% may be the only way to regain the privacy that we have lost in the digital era - and it certainly cannot hurt.

Re:Cell phones must stop broadcasting MAC addresse (-1)

Anonymous Coward | about a year ago | (#44537519)

Germany here, and what are you talking about?

No, it doesn't require somebody to be stupid to be able to drive 250 km/h. Just training and the ability to know one's limits well enough to know that on the Autobahn, there are enough cases where you can do that.

You know, if you do it every day, you get used to being good at something pretty quickly.
Just because you can't handle it because your society assumes so much that everyone is a retard, that everyone actually becomes one in the first place, doesn't mean you're all actually retarded and unable to do it.

Give yourselves some credit, guys! Not because you can do it right now. But because only then can you ever get to a point where you can.

Re:Cell phones must stop broadcasting MAC addresse (4, Insightful)

Anonymous Coward | about a year ago | (#44537617)

Germany here. You have to be stupid to drive 250 km/h on a public road. Take your toys to a racetrack, not the autobahn. Sorry for your small penis.

Re:Cell phones must stop broadcasting MAC addresse (2)

Teun (17872) | about a year ago | (#44538345)

Rubbish, although those speeds are, even in Germany, not common they are an everyday event.

Obviously risk increases with speed but this can and is mitigated by preparations like other travellers expecting it and the driver, the car and road being fit for purpose.

Re:Cell phones must stop broadcasting MAC addresse (5, Interesting)

Anonymous Coward | about a year ago | (#44537353)

The 802.11 protocol does not require cell phones to broadcast their MAC addresses. Phones do it so that they can discover nearby networks faster, but it is completely optional.

Except, of course, that it does. In order to associate to an access point, you have to send your MAC address. [...]

To discover a nearby access point 802.11 only requires that you listen for the broadcast.
To connect to it, yes, you need to exchange MAC addresses - but this is only required if you actually want to connect to the AP.

The GP is correct, actively throwing your MAC address around to networks you have no desire to connect to is not required by the protocol and should be disabled by default.

Now, if your phone wants to go whoring around with every open AP just to save on wireless data transfer, that's a different problem...
Probably also something that should be disabled by default.

Re:Cell phones must stop broadcasting MAC addresse (1)

Anonymous Coward | about a year ago | (#44537455)

I'm not sure the parent understands 802.11. The parent contains numerous glaring technical errors, half-truths and inaccuracies, but I admit the use of jargon does make it *sound* impressive.

A WIFI client technically only needs to passively listen for beacon frames, usually emitted with a 100ms interval (save for collisions, which might delay a beacon frame a bit), to find access points. It doesn't have to send probe requests to know if the default network (or any other network) is within range.

So yes, probing is most definitely used to "discover nearby networks faster", about an average of 100ms faster.

http://www.wi-fiplanet.com/tutorials/print.php/1492071

Re:Cell phones must stop broadcasting MAC addresse (1)

PPH (736903) | about a year ago | (#44537553)

The 802.11 protocol does not require cell phones to broadcast their MAC addresses. Phones do it so that they can discover nearby networks faster, but it is completely optional.

Except, of course, that it does. In order to associate to an access point, you have to send your MAC address. It's sort of how packet-switched networks operate: It needs a source and destination. What you're talking about is a Probe request, a special type of packet when a station needs to obtain information from another station. This other station is typically an AP, but not necessarily

Discover != Associate.

Your cell phone (or any WiFi client) can listen for and enumerate available networks. The MAC address does not need to be sent until a connection is to be made. If your phone is set to automatically connect to any passing network, that's an entirely different can of worms. And smart trash cans are the least of your worries.

Re:Cell phones must stop broadcasting MAC addresse (0)

Anonymous Coward | about a year ago | (#44538279)

Discover != Associate.

So how does your phone 'discover' your (or any other that you connect to) network if you aren't broadcasting your SSID?

Re:Cell phones must stop broadcasting MAC addresse (0)

citizenr (871508) | about a year ago | (#44537499)

There needs to be an update to iOS and Android that gives users the option to disable this feature

You must be joking, Android 4.3 update already disables "disable wifi" button = you CANT disable wifi

Re:Cell phones must stop broadcasting MAC addresse (1)

Anonymous Coward | about a year ago | (#44537561)

No it doesn't, I have 4.3 on both my phone and tablet. I am still able to disable wifi on both devices.

Re:Cell phones must stop broadcasting MAC addresse (0)

Anonymous Coward | about a year ago | (#44538163)

4.3 added an option to scan for wifi networks when wifi is off to use for location (it uses less power than GPS). You can enable/disable this behaviour in the advanced wifi options, and I just checked my Nexus 7 running 4.3 and this option hadn't been automatically enabled with the update.

Re:Cell phones must stop broadcasting MAC addresse (4, Insightful)

slick7 (1703596) | about a year ago | (#44537517)

Most people "need" less access to the internet and start paying attention to reality.

Llama or Tasker (4, Informative)

The MAZZTer (911996) | about a year ago | (#44537053)

Former is free and can do what you need, latter costs a few bucks but is apparently far more versatile.

This is for Android, of course.

Re:Llama or Tasker (2)

plover (150551) | about a year ago | (#44537385)

Don't forget to shut off Bluetooth as well. It's already used for tracking purposes. [postoaktraffic.com]

Re:Llama or Tasker (1)

gl4ss (559668) | about a year ago | (#44537575)

already? it's the oldest.

bluespam was all the rage like 10 years ago.

Re:Llama or Tasker (2)

Teun (17872) | about a year ago | (#44538371)

Around 2008 we've seen an article on /. about some guys in The Netherlands experimenting with Bluetooth tracking between several spots in the city of Apeldoorn.
Following the link in this article it becomes clear there even was a somewhat world-wide effort:
http://www.mapsmaniac.com/2008/07/tracking-bluetooth-devices-on-google.html [mapsmaniac.com]

Starting your comment in the subject bar (2)

DFurno2003 (739807) | about a year ago | (#44538223)

really fucks up the syntax and readability of your sentences.

Cell phones (5, Insightful)

girlintraining (1395911) | about a year ago | (#44537059)

If you're carrying a cell phone around, you might as well surrender any idea that your movements are not being tracked by 3rd parties without your knowledge or consent. Retailers like Target are installing ANPR systems in surveillance cameras, their wifi routers are already watching for probe attempts from cell phones as a way of monitoring where you are in the store (how long did you spend in the women's section? Where on the floor did you stop to look at advertising?) and modules are also installed to track cell phone transmissions and ESNs to uniquely identify customers at checkout (you use a credit card, and now your ESN is linked to your name)...

Trash cans are watching you. Buses are equipped with similar sensors. If you are carrying a cell phone, someone, somewhere, knows exactly where you are and is going to sell this information. You are not carrying a cell phone these days: You're carrying a tracking beacon with two-way communication capability.

Re:Cell phones (0)

Anonymous Coward | about a year ago | (#44537401)

You are very optimistic about the actual precision of this whole thing...

Re:Cell phones (4, Interesting)

clonehappy (655530) | about a year ago | (#44537509)

Here are a few simple rules I follow to try and mitigate the amount of my data that third-parties can get their hands on, at least as far as mobile devices are concerned:

1. Turn Wi-Fi on only when you're around trusted (or at least known) APs. This would be at work, home, friends houses, etc. Out in public, that's why I pay for an LTE connection, no worries about Starbucks or Target's Wi-Fi doing anything nefarious. Keep Wi-Fi off unless you actually plan on using it.

2. Turn Bluetooth on only when you plan on using it. For me, this is when I'm using my headset at work, which is rare as I would rather use my desk phone, or when I'm streaming music to my car radio or home audio system. Otherwise, I try to keep it off.

3. When I don't need push email, data is turned off altogether. Yep, a really smart dumbphone until I need it to be an actual internet connected smartphone. This means that real-time tracking data is at least only stored until the next time I connect.

4. What you say about tracking transmission on licensed cellular bands, if true, I guess turn the damn thing off when you don't need it is as good as solution as any, but now you're defeating the purpose of having a mobile device at all. As far as Target tracking ESNs and anything going across licensed cellular bands, here in the States at least, it runs afoul of numerous laws and FCC regulations, and I hope that if they are doing this (I really have a "citation needed" in my head on that one) that they find out really quick why they shouldn't be.

I realize how ridiculous it sounds to be turning connections on and off all the time, but that's only until I think about how ridiculous it is that every device is trying to grab my MAC addresses and make a profile on me. I also realize that governments and service providers are going to know, at the very least, where I am at all times based on which cell site I'm connected to, at least until when (or if) the time comes that we can get stronger privacy legislation passed and actually taken seriously. But just because the 3-letter agencies and cellular providers know, doesn't mean every questionable app I've ever installed and every trash bin I pass by also needs to know.

Long story short, only use what you need, when you need it, and never trust third party apps or infrastructure unless you have a good reason to, which is almost never as far as I'm concerned.

Re: Cell phones (2, Interesting)

Anonymous Coward | about a year ago | (#44537687)

I find it simpler to change my MAC address twice a week. I don't care if they track something that they can never associate with me.

Re:Cell phones (2)

mrbester (200927) | about a year ago | (#44537873)

I turn all data services off when I'm not using my phone as well, but I do it to extend the battery life.

Re:Cell phones (2)

houghi (78078) | about a year ago | (#44538157)

I realize how ridiculous it sounds to be turning connections on and off all the time

I do so all the time. Turning on and off Blue-tooth, Wifi, 3G and even my GPS is something I do by pressing one icon for each.
If nothing else, it is to save energy.

Or you can turn on Airplane mode. Also just a 1x1 widget away on my Android.

Being not reachable once in a while is nice. People can leave a message or send an SMS and I will reply when I am good and ready. My friends do the same, so no issues there.

Re:Cell phones (3, Insightful)

digitallife (805599) | about a year ago | (#44537631)

This is nothing new, except for the specific technologies involved. Stores have been doing similar things for as long as they have existed. For example, years ago Walmart was identifying what demographics specific customers belonged to based on the way they walked on the store cameras, and Target [forbes.com] was doing it based on their purchasing habits.

You simply cannot avoid being tracked in our modern world, and you have to go to a lot of effort to even minimize it. For the longest time I did not have a Facebook account, until I realized that Facebook already has a large entry in the database for me based on other people tagging my name and email and following me around with their huge tracking network embedded in half of all websites.

Check out the new Slashdot iPad app [apple.com]

Re:Cell phones (1)

Molochi (555357) | about a year ago | (#44537633)

ESNs do seem like a better way to establish marketing data and to serve Minority Report style targeted ads (or criminal suspect tracking) than MAC addresses.

Re:Cell phones (0)

Anonymous Coward | about a year ago | (#44537739)

I still think we should push to replace the various words we have for the devices (cell phones, mobile phones, cells, mobiles, mobile devices, handset, etc.) with one simple word: 'tracker'.

You can argue for that term on non-tinfoil-hat sounding grounds: it keeps track of information for you.

But, that term also denotes the fact that they are used to track your movements.

Presumably all it should take is for the gadget journalists to start using the term; it's sensible enough that it should be able to catch on in the general public.

Re: Cell phones (0)

Anonymous Coward | about a year ago | (#44538003)

Well then the laws on that should be changed. Or are you a defeatist about everything?

government project/advertising/marketing (1, Insightful)

fustakrakich (1673220) | about a year ago | (#44537073)

What's the difference? Can you opt out of any of it? Not having a cell phone or Facebook is grounds for suspicion..

Re:government project/advertising/marketing (0)

Anonymous Coward | about a year ago | (#44537163)

lol not having facebook is grounds for suspicion

that's fucking brilliant

some people just dont like signing over rights to there life to an american corporation that's pretty suspicious isnt it

Re:government project/advertising/marketing (0)

Anonymous Coward | about a year ago | (#44537423)

Not to mention that if Google was the one doing this, the government would be all over them. Again.

Re:government project/advertising/marketing (1)

Anonymous Coward | about a year ago | (#44538347)

some people just dont like signing over rights to there life to an american corporation

this is the sort of idiotic extrapolation that proves that this site has gone from geeky hackers and nerds to paranoid spastics and lawyers. companies have been collecting and collating data for decades and the conspiracy theorist nutjobs like you are still banging on about how this is so bad and somehow this means facebook owns your life.

Disinformation ? (2, Insightful)

Anonymous Coward | about a year ago | (#44537085)

Isnt there something like aircracks airbase that could be run nearby that would make this data useless? Something that just spits out mac addresses at random for the system to pickup?

Re:Disinformation ? (0)

Anonymous Coward | about a year ago | (#44537607)

Your Wi-fi MAC address isn't the only thing the phone is broadcasting - its talking to the cell tower network, potentially Bluetooth and potentially RFID.

If course you can turn all of this off, and there is probably some limited utility in a geofenced "turn certain radios off" function, with manual opt back in, however, cell phones will likely still be connected to the cellular network ( otherwise they are kind of useless, and we can't all have our own personal bat signals).

The same kind of spectrum analysis technology that detects MAC addresses from Wi-fi and BT also can track your cell phone transmittions - at least for broad traffic analysis purposes ( ie transmitter with ID X is close by, and is transmitting or not ), have come down dramatically in cost over the last 10-20 years - stuff that used to be a million dollar rig is now a few thousand dollars.

Its completely passive, and doesn't connect to the wi-fi or cellular networks, it just listens to the freuquencies and knows what protocols are in use.

Note that a network of sensors like this could also track your phones by their RFID interfaces, but that would require the tracking devices to transmit, whereas the kind of monitoring they are doing at the moment is passive. Yes, that RFID enabled phone really is a tag to track you with ;)

If you don't want to be tracked - airplane mode or turn it off. Its that simple.

The geofenced Wi-fi/bluetooth off approach will have some practical effect at the moment, but the cost of passive equipment to track you on cellular has come down dramatically over the last few years.

If you run around spoofing Wifi/BT/RFID data, they'll just be encouraged to move to cellular tracking faster, and spoofing that is a moderate to serious criminal offence in most countries.

possible new app (1)

roc97007 (608802) | about a year ago | (#44537093)

> "How can I automatically have my wi-fi turn off when I leave the house unless I specifically turn it back on?"

At first I couldn't think of a solution. It's really a matter of remembering to do it yourself. ...and then I remembered, cells with wifi also have gps... Why couldn't there be an app that will only turn on wifi when gps coordinates closely match a list? Possible GUI -- bring up app, touch "allow wifi from here". Coordinates are memorized, and wifi is turned on only X number of feet from that location. (Also "disallow wifi from here", "edit list" and "delete all entries" would be good features. Oooh, also add "test wifi" with "remember this location?")

"I'd buy that for a dollar".

Re:possible new app (1)

girlintraining (1395911) | about a year ago | (#44537117)

"I'd buy that for a dollar".

Sure, only one problem: GPS doesn't work well indoors and sucks battery like it's going out of style.

Re:possible new app (1)

maliqua (1316471) | about a year ago | (#44537169)

sometimes it works, if the apps smart enough it would turn wifi on when you get to your yard or entrance perhaps, have an option to enable wifi when gps is unavailable if you want.

there are solutions

i dont find gps to be much of a battery issue, but i'm one of those guys that remembers to charge his phone every night when he goes to bed

Re:possible new app (1)

93 Escort Wagon (326346) | about a year ago | (#44537267)

I haven't seen GPS sucking my battery down particularly fast with either an old iPhone 3GS or an iPhone 5. Wifi seems to be a bigger drain (especially on the 3GS).

But back to the problem at hand - at first look it seems to be easy, but the devil is in the details. It seems like manually turning it off would be the best option, since he's going to have to resort to that at least some of the time unless he's never, ever using wifi away from his home. If he's turned wifi on, he probably wants it to stay on - at least while he's in a particular locale; but defining that locale might be tricky, depending on circumstances (e.g. at a friend's house versus a game shop that's right next to one of the "bad" wifi spots). And he can't rely on inactivity unless he doesn't use data while out and about, although I suppose inactivity detection could serve as a fallback trigger.

Re:possible new app (1)

maliqua (1316471) | about a year ago | (#44537421)

The simplest way would be if connection is lost to the access point you manually enabled it resorts back to gps and default behaviors

Re:possible new app (1)

paedobear (808689) | about a year ago | (#44537145)

AirPatrol have some tech that sort of does what you want, but it's very much enterprise orientated.

Re:possible new app (0)

Anonymous Coward | about a year ago | (#44537637)

Well Air Patrol is a tracking solution - it monitors all Bluetooth, Wi-fi, RFID and Cellular frequencies with an array of networked spectrum analysers, and tracks objects in 2D or 3D, depending on how the array has been set up, as well an monitoring what is talking to what.

At the back end, it has an API where say, your MDM server can query or be notified and then fire off actions/commands to change the state of mobile devices it is managing.

Geofencing some/all of the radios will counter the kind of simple MAC tracking Renew London is doing, but they themselves could switch to using Air Patrol or similar products, and track you via your cellular radio, rather than Wi-fi or Bluetooth.

I wouldn't be surprised if shopping malls and sports stadiums were being pitched on facial recognition software for their CCTV systems to do exactly the same kind of thing. The difference here is that in most countries you are required to be informed you may be under video surveillance on a premises. There's merit in saying Renew London needs to do the same thing if they want to continue down this path.

If you are carrying around something that transmits all the time, you can be tracked, end of story. If you don't want to be passively tracked, airplane mode or turning the phone off work great.

Tasker can do this on Android automatically, and on iOS you can set location based reminders that at least remind you to go dark.

Re: possible new app (0)

Anonymous Coward | about a year ago | (#44537185)

There are apps that do this.. has been since i first got my original galaxy S. I used it to turn my phone on vibrate when i was near the school i went to and turn it back up when i was 100' from the school. I cant remember the name of it for the life of me but its out there as im sure many other apps that do the same thing are

Re:possible new app (1)

nogginthenog (582552) | about a year ago | (#44537189)

Llama [google.com] for Android can do this. By default it uses cell towers to track your location.

Re: possible new app (2, Informative)

Anonymous Coward | about a year ago | (#44537309)

I use Tasker for this. My profile is set up so that when I'm paired with any of the cell towers near my house it will enable WiFi and try to connect to my home network. Tasker costs $3 and setting up this sort of config shouldn't take more than an hour.

The app also has a billion other uses. When I'm at work my phone will automatically be silenced, and when I plug in headphones my music player opens and my volume is set properly.

Re:possible new app (0)

Anonymous Coward | about a year ago | (#44537325)

Better, why not have an App that checks a list of WiFi Routers and rejects any attempt from those not on the list?

Wouldn't this a good idea on ANY portable device, including computers? Mine works that way!

Re:possible new app (0)

Anonymous Coward | about a year ago | (#44537435)

You forgot to mention that you also need a few charged batteries with you, for phones with removable batteries.
Maybe for iPhone you could put a portable charger or two in your backpack.

Wouldn't it be easier to just have an app turn off wifi as soon as your home network is no longer detected ?

Re:possible new app (1)

mrbester (200927) | about a year ago | (#44537891)

JuiceDefender (Android) has done this for years. Plus it extends battery life.

Re: possible new app (0)

Anonymous Coward | about a year ago | (#44537903)

Tasker on Android will let you do what you need only better. It will turn the wifi on and off based on exactly which cell towers are visible.

So... (2)

jamstar7 (694492) | about a year ago | (#44537101)

How ARE those Dockers working out for you?

Don't malls in the US track cell phones already? (0)

Anonymous Coward | about a year ago | (#44537105)

Never heard of dumpsters doing it though.

Re:Don't malls in the US track cell phones already (0)

Anonymous Coward | about a year ago | (#44537253)

doesnt everything in the us track everything?

Kill them. (-1)

Anonymous Coward | about a year ago | (#44537115)

These "Renew London" assholes need to be taken out, put up against a wall, and shot dead. Enough with the tracking of people.

What Oscar the Grouch does when he is bored. (0)

Anonymous Coward | about a year ago | (#44537133)

Haha....Living in the can so long I guess he needed a new  hobby. :)

Tasker (2)

technomom (444378) | about a year ago | (#44537165)

If you have Android, Tasker works great for this sort of thing. Simply set it up to trigger a profile based on your GPS location.

Re:Tasker (0)

Anonymous Coward | about a year ago | (#44537205)

Correct me if I'm wrong, but doesn't Tasker also allow setting profiles by cell tower ID currently connected to, so it doesn't need to have GPS turned on all the time?

Wasn't actually testing for targeted ads (0)

Anonymous Coward | about a year ago | (#44537211)

This was going to be used as proximity detection for a new line of laughing toasters.

Re:Wasn't actually testing for targeted ads (2, Funny)

Anonymous Coward | about a year ago | (#44537313)

Talkie Toaster: I have a third question; a sensible question. A question that will tax your new IQ to its very limits and stretch the sinews of your intellect to bursting point.

Holly: This is going to be about waffles, isn't it?

Talkie Toaster: Certainly not. And I resent the implication that I am a one-dimensional, bread-obsessed, electrical appliance.

Holly: I apologize Toaster. What is your question?

Talkie Toaster: OK, here is my question: Given that God is infinite, and the universe is also infinite, would you like a toasted teacake?

Captcha: appetite

Except for... (1)

platypusfriend (1956218) | about a year ago | (#44537249)

Renew London is actually an advertising / marketing firm

...sponsored via a joint NSA+GCHQ project.

MAGNET TIME! civil disobedience ftw! (1)

mrchew1982 (2569335) | about a year ago | (#44537255)

How about we just fry the damn things with an electro magnet? "what, destruction of private property? i was simply disposing of my magnet! besides, said private property was abandoned in a public place!"

Re:MAGNET TIME! civil disobedience ftw! (4, Insightful)

SuricouRaven (1897204) | about a year ago | (#44537281)

If you want to screw with them, do it the legal way.
1. Get netbook.
2. Harvest the MAC addresses of phones nearby as you travel.
3. Broadcast the usual queries, but spoofing the harvested MACs and ESSID lists.

Thus their marketting database is swiftly polluted and becomes much less valuable.

Re:MAGNET TIME! civil disobedience ftw! (3, Informative)

girlintraining (1395911) | about a year ago | (#44537483)

Thus their marketting database is swiftly polluted and becomes much less valuable.

Cache poisoning is hardly a new thing... the problem is very few people have the money or resources to do it along with the technical expertise and desire. Since so few people do it, this would accomplish next to nothing; In just a few days, several million entries were gathered from these devices. You travelling around might hit .01% of the available contact points. Now, if I could clone a thousand of you and randomly space them about in the target area, maybe it'd be enough to render the data integrity suspect. But I highly doubt that there's a thousand people willing to buy netbooks and engage in such activity in any given geographically bound area that size. I doubt there's even 20 people in these neighborhoods that have the technical expertise to understand and impliment such a tactic.

Smart cow problem (0)

Anonymous Coward | about a year ago | (#44538541)

1. Make OSS for this purpose
2. Release into wild
3. ???
4. No advertising profit

A clever person could even put it into some free apps....

Alternative option. (1)

SuricouRaven (1897204) | about a year ago | (#44537293)

How about an app that changes the MAC to something new and random every time the interface has been disconnected longer than three minutes?

Re:Alternative option. (1)

exomondo (1725132) | about a year ago | (#44538397)

How about an app that changes the MAC to something new and random every time the interface has been disconnected longer than three minutes?

MAC address filtering would be great fun then.

nfc tags (2)

A Pressbutton (252219) | about a year ago | (#44537341)

one in wallet / car to turn wifi off
one by front door / hall table to wifi on

Re:nfc tags (0)

Anonymous Coward | about a year ago | (#44537473)

This looks a little naive to me.

Tasker (1)

goldcd (587052) | about a year ago | (#44537345)

Is excellent for scripting actions (although you need to root really).
e.g. in this case you could define geographic areas (your home, your office etc) where WiFi is turned on, and get it to turn off in all other areas.

Re: Tasker (0)

Anonymous Coward | about a year ago | (#44537387)

If you have root, you can also use one of the several MAC spoofing apps.

Legit uses? (3, Informative)

aggles (775392) | about a year ago | (#44537379)

Several airports in Europe are using the same non-associating probe technique to figure out if enough security lines are open. By knowing the time from pre to post security location of a MAC address, they can tell how well traffic is flowing. Since people beyond security, on average, spend several Euros per minute, it is better for the airport to minimize the security delay. Good for passengers too.

MAC address market (1)

QuietLagoon (813062) | about a year ago | (#44537383)

At some point, if there does not exist already, there will be a market for MAC addresses and information that is linked to them.

.
Marketeers like Acxiom [acxiom.com] and SurveySampling [surveysampling.com] are probably lusting after the ability to link a MAC address to a social media account, or a person's demographics.

Re:MAC address market (0)

Anonymous Coward | about a year ago | (#44537555)

Except there won't, because MAC addresses are trivial to spoof. If you really wanted to you could change it to something random every 10 minutes.

Re:MAC address market (1)

exomondo (1725132) | about a year ago | (#44538427)

At some point, if there does not exist already, there will be a market for MAC addresses and information that is linked to them.

Why? What are you going to do with a MAC address and a bunch of tracking data? Are you going to assume that MAC address represents a person?

Solution? (3, Interesting)

Alsee (515537) | about a year ago | (#44537479)

The Globally-Unique MAC addresses seem to be a pretty blatant security and tracking problem. I've been increasingly wondering why we don't simply start randomizing the MAC address every time the device is turned on, or perhaps even randomizing it for each new connection.

Yes, in principle this could result in a random address collision between two devices. However MACs are 48 bits... this means you'd need to have over 16 million devices simultaneously connected to the same access point before there's a substantial chance of two of them randomly colliding. I'd call that a rather pretty negligible trade off to obtain some privacy and security. And if one device does detect a MAC collision it could simply re-randomize.

As for additional "security risks" of randomizing MAC addresses, not really. It's already trivially easy for someone to deliberately fake your MAC address on their own device. So no new threat there. If anything, I think randomizing (and regularly re-randomizing) the MAC address would be a security benefit. If someone does deliberately fake your MAC address, the target lock is neutralized when your device re-randomizes.

-

Re:Solution? (1)

Anonymous Coward | about a year ago | (#44537603)

Not randomizing MAC addresses is a security benefit. A smart network keeps track of MAC addresses and has a known whitelist of specific computers. If those are desktop computers, their locations are also know. A hacker can spoof a MAC address, but when a user tries to access the network and gets a duplicate MAC error, the network admin will know someone is hacking their network. Also if the connection from a known MAC is from an unexpected location, that should raise flags as well. A desktop being moved across the building is a flag and a MAC connecting from location A then location B which is a mile away in under ?? minutes is another warning.

It all depends on your point of view. Are you trying to keep a network secure or prevent tracking? You can't do both. But tracking for profit and not security can be made illegal.

Re:Solution? (0)

Anonymous Coward | about a year ago | (#44537907)

As you pointed out, MAC addresses are not secure. I don't work in IT, but I would expect any admin to ignore messages of duplicate MAC errors unless they were managing a small group of computers. MAC addresses weren't designed to be used for security. For that you use RADIUS or something similar.

Re:Solution? (0)

Anonymous Coward | about a year ago | (#44538073)

Security comes from authentication, not mac addresses.

Full DEFAULT strong anonymity over public networks with ways to authenticate IS security.

The internet is bound to become fully anonymous and i laugh at your MAC whitelist protected network.

Smash them (-1)

Anonymous Coward | about a year ago | (#44537549)

Smash those trash cans, set them on fire, run over them by car. It has to be destroyed.

Same goes for the people installing or advocating them.

Same goes for governments allowing them.

Same goes for the people who can't even see the fucking problem with those.

Re:Smash them (-1)

Anonymous Coward | about a year ago | (#44538009)

Slaves are downvoting, because that's what slaves do.

Slaves argue about the possible benefits from such monitoring when we are already on an open full scale war to keep our brains unviolated, because that's what slaves do.

Slaves don't form a global militia to purge the world from their masters because they need masters.

In the end, slaves are slaves because they don't know better.

Hopefully Darwin was right and slaves will just suffocate in their own feces.

Re:Smash them (0)

Anonymous Coward | about a year ago | (#44538463)

Yeah but you won't do any of that, spreading a little dissent just makes you feel as though you are less the subservient slave than you actually are. When you have a mental capacity as low as yours such tricks work very well.

di3k (-1)

Anonymous Coward | about a year ago | (#44537817)

*BSD is dying Yet that supports MOST. LOOK AT THE is dying and its

Stop me if I'm being too pedantic, but... (1)

wonkey_monkey (2592601) | about a year ago | (#44537859)

Data including the "movement, type, direction, and speed of unique devices" was recorded from smartphones that had their Wi-Fi on.

All of that was recorded from the phone? Or was it actually only the MAC which was recorded at multiple points and times, which allows the rest to be inferred?

Easy SOLUTION (1)

Sir Holo (531007) | about a year ago | (#44537953)

If you have an iPhone, you can prevent these "rogue" Wi-Fi points from sniffing you by changing a simple setting.

Look in "Settings/Wi-Fi/Ask to Join Networks" and just switch it on. Done.

Androids and others probably have something similar.

Re:Easy SOLUTION (1)

Overzeetop (214511) | about a year ago | (#44538455)

I presume you meant switch it off, so it doesn't ask to join new networks. Do you know for certain if actually stops looking entirely, or just doesn't ask? I automatically have it off 'cause it's a pain in the ass when you're driving around and wifi invitations start popping up all the time.

I always leave my Wi-Fi off (1)

Chris Mattern (191822) | about a year ago | (#44538203)

Drains the battery anyways. Turn it on when I want and need it, turn it off again when I'm done.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>