Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Wi-Fi Sniffing Lets Researchers Build Graph of Offline Social Networks

Unknown Lamer posted about a year ago | from the think-before-you-connect dept.

Wireless Networking 38

angry tapir writes "The probe requests emitted by a smartphone as it seeks a Wi-Fi network to connect reveal the device's manufacturer thanks to its MAC address. This can offer some information about a crowd of people by looking at the breakdown by device brand. However, because some OSes include a preferred network list (PNL) in their probes, it may be possible to use Wi-Fi sniffing to infer even more information about a group of people by looking for common SSIDs, and potentially mapping them to known network locations (PDF). A group of Italian researchers has been looking at ways to use the information in probe requests to analyze the social connections of crowds." The idea being that if you share preferred networks (especially ones only seen infrequently) you are more likely to be socially connected.

cancel ×

38 comments

Sorry! There are no comments related to the filter you selected.

McDonalds WiFi SSID (2, Funny)

EMG at MU (1194965) | about a year ago | (#44897157)

Let me guess, if you share that preferred network you might be part of the overweight social circle?

Do strip joints have WiFi? That would be another interesting social circle. Now you can know who in the office likes to kick back and watch the talent.

Re:McDonalds WiFi SSID (1)

davester666 (731373) | about a year ago | (#44899661)

...or is the talent...

Sniffing Wi-Fi? (0)

Anonymous Coward | about a year ago | (#44897235)

Didn't Google just take a whole lot of heat for 'sniffing Wi-Fi networks' without permission?

Re:Sniffing Wi-Fi? (1)

cheater512 (783349) | about a year ago | (#44899049)

Technically they stored captured data accidentally.
These guys aren't looking at transmitted data, just who is transmitting.

Re:Sniffing Wi-Fi? (-1)

Anonymous Coward | about a year ago | (#44901073)

Technically they stored captured data accidentally.

"Accidentally." Sure, just like how Ogle, MicroShaft, Facecrook, Crapple, et al. "accidentally" accepted reimbursement for their participation in PRISM at taxpayers' expense, all while "unaware" of PRISM's existence, let alone their own neck-deep malfeasant involvement in it. Yet you continue to buy that bullshit — or are you on their payroll(s)? If the former, I've got a bridge to sell you, and it's a steal — much like the practices of those aforementioned lying fucks.

Re:Sniffing Wi-Fi? (0)

Anonymous Coward | about a year ago | (#44902769)

Ogle, MicroShaft, Facecrook, Crapple

Don't post angry. It makes you look like a fool.

Yeah right (2)

Fnord666 (889225) | about a year ago | (#44897257)

Like anyone is using their real MAC address anyway.

Re:Yeah right (0)

Anonymous Coward | about a year ago | (#44898279)

Durr hurr, look at the big man with 666 in his name. Oh internet tough guy, how dare anyone think anything other than what you believe is the best.

Re:Yeah right (1)

X0563511 (793323) | about a year ago | (#44902359)

Newsflash: people still use the accounts they registered when they were teens or children.

Re:Yeah right (1)

Hadlock (143607) | about a year ago | (#44903487)

You can pry my AIM Screenname created in 1995 from my cold, cramped and carpal tunnel syndrome'd hands.

Illegal (3, Informative)

Solandri (704621) | about a year ago | (#44897283)

Didn't you get the memo? The courts think sniffing open wifi networks is a violation of wiretap laws [slashdot.org] .

Re:Illegal (1)

Lashat (1041424) | about a year ago | (#44897399)

They be Italian types...arrr.

Re:Illegal (1)

stenvar (2789879) | about a year ago | (#44897983)

But... but... I thought European privacy protections were supposed to be so strong. Wasn't that why Google was demonized in Europe so much for their (rather innocent) WiFi capture?

Re:Illegal (1)

semi-extrinsic (1997002) | about a year ago | (#44899827)

There's Europe, and then there's Europe. The southern countries, and Italy and Greece in particular, are much closer to the US in terms of low consumer rights, low median income and high unemployment than the northern countries are.

Re:Illegal (1)

stenvar (2789879) | about a year ago | (#44901347)

Here's one set of income data, but you can check plenty of others if you like:

http://www.oecdbetterlifeindex.org/topics/income/ [oecdbetterlifeindex.org]

Norway is doing quite well, of course, but Norway is a xenophobic oil- and resource-rich country of 5 million that stays out of the EU because it knows the EU would suck its wealth away in a heartbeat.

As for consumer rights, where do you think they came from? The Pope? Adorno (as if you'd know who that is)? The EU? Norwegian trolls like you? Find out some time.

Maybe you should go beyond your second rate public education and government sponsored nationalism and actually find out what's really going in the world. You'd be surprised.

Re:Illegal (1)

semi-extrinsic (1997002) | about a year ago | (#44902045)

If you read my original post, I said median income, not average. The average income in the US is 40% higher than the median income, in large part because the top 4% earn above $ 200,000 per year.

Re:Illegal (1)

stenvar (2789879) | about a year ago | (#44904295)

If you read my original post, I said median income, not average.

If you read my post, you'd see that I told you to go out and do some research before spouting the kind of nonsense that you did. I'm still telling you that; if you actually do, you'll find that your statements are ludicrous, median or mean.

in large part because the top 4% earn above $ 200,000 per year.

Yes, people like skilled software developers, biomedical researchers, entertainers, commercial artists, doctors, lawyers, professors, etc. make that kind of money. The US rewards success and contributions to the bottom line financially, which is probably why so many people choose to live here. A company like Apple makes $2M in revenue per employee, it stands to reason that at least a few thousand of their top employees should make more than $200k, and they do. Same for most other successful companies.

Norwegians, on the other hand, just seem to be making money from extractive industries, redistributing the revenue, and having a party: http://en.wikipedia.org/wiki/File:Norway_treemap.png [wikipedia.org]

And after years of studying, making sacrifices, and becoming a kick-ass software developer in Norway, you'll have to accept the fact that you'll probably still be no better off than your plumber.

Re:Illegal (1)

Anonymous Coward | about a year ago | (#44898521)

Typical for an American to think that the US == the world.

Re:Illegal (0)

Anonymous Coward | about a year ago | (#44899811)

Wiretap laws? Like that means anything to the american government!

Re:Illegal (1)

detritus. (46421) | about a year ago | (#44914661)

Irrespective of whether Google should be liable for legal damages, there's a big distinction between logging 802.11 proble requests with a source MAC address and actual content of communications between two entities. The issue for Google was specifically logging unencrypted data as it channel hopped and dumped the traffic into presumably pcap files. I think it's a question of the scope of what you're logging.

snoopin in places I didn't know I had places (3, Funny)

Iamthecheese (1264298) | about a year ago | (#44897303)

These scurvy snoops be too interested in things that don't concern them. Must I hide not only me mac, computer name, browser type, and personal information but local network addresses as well? I'm really tired o' puttin' up new curtains. Me treasure maps will be well hid no matter how I have to do it but I'm wanting to put me wooden leg up some CEO asses.

Re:snoopin in places I didn't know I had places (1)

djradon (105400) | about a year ago | (#44898375)

Arrr, ye must hide PDL, cookies, MAC addy, IP address, hostname, and browser fingerprint. In Soviet Russia 2022, everybody knows everybody's treasure.

Linksys or Netgear (0)

Anonymous Coward | about a year ago | (#44897417)

Time to rename my home access point to something common -- just put a password on it.

Re:Linksys or Netgear (1)

cheater512 (783349) | about a year ago | (#44899057)

Except that puts you in the dumbass social circle and get targeted ads for Honey Boo Boo and similar things.

Re:Linksys or Netgear (0)

Anonymous Coward | about a year ago | (#44901187)

Except that puts you in the dumbass social circle and get targeted ads for Honey Boo Boo and similar things.

Anyone who knowingly allows themselves to be targeted with corporate propaganda/vectored malware already is a "dumb-ass." Pointing out that there are different varieties of targeted dumb-asses is akin to rearranging the deckchairs on the Titanic.

I have no idea what the hell a "Honey Boo Boo" is, and it sounds uninteresting enough for me to avoid seeking out its meaning.

Re:Linksys or Netgear (1)

X0563511 (793323) | about a year ago | (#44902371)

I'm not sure I understand how a webserver is supposed to know what your SSID is, or even that you're using wifi.

I cleverly trick them into underestimating me... (0)

Anonymous Coward | about a year ago | (#44908217)

Yep, but unlike actual dumbasses, I won't see any of the ads.

Re:Linksys or Netgear (0)

Anonymous Coward | about a year ago | (#44901885)

You realize that if you're android phone is connecting to that access point, Google now has that password? Google stores all your wifi access passwords in the cloud.

Hah (2)

Richy_T (111409) | about a year ago | (#44897471)

This is why I keep my phone under my tinfoil hat.

my apartment (1)

slashmydots (2189826) | about a year ago | (#44897653)

There's one SSID called "secret government wifi" with inappropriate emoticons and such after it. While there is only one, I can tell you that in reality most of the other residents are douchebags too. So it's actually not that accurate of a method.

Turn off Wi-Fi automatically in Android (1)

MOSFET Explosion (2849381) | about a year ago | (#44897783)

There's a couple of apps for Android that can automatically turn on and off wifi depending on you're location. The one I ended up with was Llama [google.com] . It uses cell tower IDs to identify your areas (home, work, etc.) and then you select various actions that activate when entering or leaving those areas (such as turning on/off wifi, bluetooth, changing ringer volume, etc.)

Re:Turn off Wi-Fi automatically in Android (1)

semi-extrinsic (1997002) | about a year ago | (#44899837)

+1 for Llama. I use it to turn my phone to silent at work, and then the sound back on again when I leave work. Also, why do people leave their wifi on? I always do: unlock screen, turn on wifi, do whatever, turn off wifi, lock screen. Gets me almost 20% increase in battery life (Android 2.3).

Another example of data "leakage" (3, Insightful)

WuphonsReach (684551) | about a year ago | (#44898211)

Eh, the better question is "why does your computer leak data other then the MAC address"? Which is exactly what the PNL (preferred network list) is doing.

Sure, it might save battery life, but information leakage like that should be off by default.

Re:Another example of data "leakage" (3, Informative)

jrumney (197329) | about a year ago | (#44899193)

Because some people configure their access points to not broadcast the SSID in the misguided belief that they can add a layer of security by doing that, devices will actively try to connect to networks that they cannot see. So anyone anywhere can see your device periodically trying to connect to every network that it is configured to connect to automatically. This doesn't save battery life, if anything it uses more than sitting passively listening for known networks would, but the idiocy of hidden SSIDs is widespread enough that it is necessary for WiFi to just work for mobile devices.

Re:Another example of data "leakage" (2)

semi-extrinsic (1997002) | about a year ago | (#44900059)

According to this [taddong.com] , Android only broadcasts a partial PNL: it sorts network into those you added from the scanning list and those you have configured manually. It assumes that all SSIDs configured manually are hidden ones, for which it must broadcast the PNLs. So if you have never added a network manually on your Android phone, the PNL broadcast list is empty.

Re:Another example of data "leakage" (0)

Anonymous Coward | about a year ago | (#44901119)

So if you want to keep your SSID a secret (which of course you can't), Android helps you by broadcasting it all the time from any phone that was ever connected. Wonderful idea.

Re:Another example of data "leakage" (0)

Anonymous Coward | about a year ago | (#44902889)

Because some people configure their access points to not broadcast the SSID in the misguided belief that they can add a layer of security by doing that, devices will actively try to connect to networks that they cannot see. So anyone anywhere can see your device periodically trying to connect to every network that it is configured to connect to automatically. This doesn't save battery life, if anything it uses more than sitting passively listening for known networks would, but the idiocy of hidden SSIDs is widespread enough that it is necessary for WiFi to just work for mobile devices.

Hey, the current edition of the Windows 7 Configuration Guide (part of getting a MCP certification) lists this as a recommended security practice!

Re:Another example of data "leakage" (0)

Anonymous Coward | about a year ago | (#44901121)

thats how joogle makes its money, and stakes their claims to greatness.

parasitic "IT"

similar to the "monetization" of sms/text messages. upon introduction (in Japan), the technology people said "this is great, people can sent text-messages which piggyback on the voice-data-telephone network at a tiny fraction of the voice-data!" "It`s so small a fraction, its FREE!"
then came along the joogles.....

privacy violations, construing and misrepresenting data-strings and "trends" for their own (dubiously corporate) ends.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>