back to article Mozilla goes where Google fears to tread with geolocation service

A few years back Google got into fearful trouble by recording the location of WiFi transceivers without asking for their owners' permission. Lots of public outrage later, regulators pulled out their biggest and pointiest sticks and the Chocolate Factory destroyed the data. What then to make of the newly-revealed Mozilla …

COMMENTS

This topic is closed for new posts.
  1. frank ly
    Big Brother

    I don't understand this bit.

    " ... as the combination of IP address and time of service usage can uniquely identify users."

    I'm puzzled as to how this would work or give any additional risk to my privacy. Website operators already know that live in Mytown in England and use VM as an ISP, but that's as far as it goes, I think. When I'm away from home, they know I'm somebody who uses the O2 network but they don't know that I'm the same one who lives in Mytown, unless I don't clear my cookies.

    Can anyone propose a 'scenario' that explains the additional risk to my privacy; one that doesn't involve VM or O2 giving out information about me. (I assume they don't do that for anyone except the police and security services.)

    1. Anonymous Coward
      Anonymous Coward

      Re: I don't understand this bit.

      WiFi location data and temporal data associated with an IP address can combine to give a place and time fix for a specific individual. If they know your location (to within 30m or so, which is my guess) and which ISP you are using they can take an educated guess at who you are. It will be more precise the smaller your ISP is (because fewer people will be using that range of addresses in that area). So if you're an AA customer your privacy will be more at risk via this process than if you are on VM in a cabled up area.

    2. Mike Bell

      Re: I don't understand this bit.

      Be careful out there.

      Crafty websites can often identify users even if you have cookies turned off. IIRC, El Reg had an article about this a few years ago. Checking for browser capabilities, plug-ins, screen resolution, fonts, timezone etc. can often fingerprint a particular browser instance.

  2. Anonymous Coward
    Anonymous Coward

    _nomap

    What happens with "alternative geolocation company inc" says to opt out of their system i must "_nogeomap".

    I only have 1 ssid per wifi so to dodge one slurper, i risk another.

    How about I set up a constantly changing SSID and a rotating frequency.

    My wifi is for me to use the internet at home, only me, not my neighbours or their dogs and i don't give a f*ck if some idiot wants more accurate GPS on the main road near my house.

    Yes, crumpy and unhelpful, but that is most IT folk? and besides we've been burned before by google saying "we wont do anything bad"..... I currently turn my wifi off when i go out.

    1. Anonymous Coward
      Anonymous Coward

      Re: _nomap

      If you're serious about making life difficult for the likes of Mozilla to use your WiFi system to assist others in finding themselves then you will need to do more than change your SSID. Your router's MAC address is also used to identify the network (to distinguish between APs with the same SSID) so you'll need to figure out a way to do that too, and then work out a way to refresh all your WiFi clients to access the "new"network.

      Or you could be a bit more public spirited.

      1. Anonymous Coward
        Anonymous Coward

        Re: _nomap @AC 08:08

        "Or you could be a bit more public spirited."

        And be in breach of your ISP contract, depending on who you're with.

    2. Greg J Preece

      Re: _nomap

      Stop broadcasting an SSID altogether and configure your devices manually?

    3. Anonymous Coward
      Anonymous Coward

      Re: _nomap

      How about I set up a constantly changing SSID and a rotating frequency.

      How about a privacy violating system that is opt IN instead of "if you don't tell us you don't like it, or if you're not technically competent, we'll screw you over"? As far as I know, most privacy laws globally now acknowledge the fact that if you allow a company to make privacy implied and opt-out means you'll find the grossest violations justified by a clause in 6 point light grey point on white at the end of T&Cs, covered by an ad.

      It is my WiFi access point, it is my data (yes, even just the SSID). For those that say that's not private because you're broadcasting: I have your SSID, I know where you live. Even when you move.

  3. ratfox
    WTF?

    Wait a minute

    "Google got into fearful trouble by recording the location of WiFi transceivers without asking for their owners' permission"

    No. Google got in trouble for recording the data that was going through the WiFi networks. Recording the location of the WiFi networks has not been a problem at all, as far as I can tell…

  4. Tromos
    FAIL

    nomap suffix can't be implemented on all routers

    I use a Cisco EA4500 router. One feature of this beastie is a guest access facility that gives the guest internet access but keeps them off my network. The SSID of the guest network is whatever SSID I choose with an automatic suffix of "-guest". Unless "nomap" is allowed as an embedded string, I have no way to opt out.

    What about all those with BT home hubs blasting out 3 SSIDs? Can all 3 be easily changed to give all these people their opt-out rights?

    1. Anonymous Coward
      Anonymous Coward

      Re: nomap suffix can't be implemented on all routers

      Just turn off the guest feature? You can do that on the BT boxes as well.

      If you have a guest access feature then do you really worry about people working out their location from your WiFi box?

  5. Gotno iShit Wantno iShit

    Opt out required.

    Here we go again. I have to do something, change my SSID, in order to opt out. Why not have a _map suffix if you want to opt in?

  6. Robert Grant

    Howabout this

    If I WANT you to use my wifi for your purposes, I'll end my SSID with _map. That sounds better, no?

    1. Random IT Stuff

      Re: Howabout this

      If you don't want people to be able to find your wifi, why are you broadcasting an SSID in the first place?

      1. Charles 9

        Re: Howabout this

        Because my phone uses the AP whenever I'm home, and without the broadcast, it can't tell that I'm home (and polling would chew up the battery time), and since it comes and goes, having to switch the network each time is a PITA. So yes, some of us DO have to broadcast to signal transient devices (that doesn't mean I don't take other precautions; I use a spec-limit password and have turned off the WPS PIN).

  7. Blacklight
    Big Brother

    I could be (read: probably am) wrong but...

    ...I wouldn't be looking at SSIDs, precisely *because* they change.

    The BSSID (MAC) however is highly unlikely to change (unless the owner has/is tweaking their router firmware) - and thus if you show up on BSSID/SSID pair 1 one day, but change the SSID the next, you'll still likely have the same BSSID. And given that a BSSID is visible regardless of the SSID visibility, it's going to be "visible".

    You could use something like DD-WRT and script a router reboot and MAC change every day, which doesn't affect your SSID and thus need client reconfiguration, but that may be a teensy bit extreme!

    1. Splodger
      Unhappy

      Re: I could be (read: probably am) wrong but...

      Sigh. Anyone able to recommend a cheap, decent WRT-able home router potentially available from Fleabay?

      1. brooxta

        Re: I could be (read: probably am) wrong but...

        DD-WRT, Open-WRT and Tomato all list supported hardware which you can check out before you start bidding. Recent-ish Buffalo routers tend to work well with DD-WRT. The Cisco E1000, E2000, E34000 range are generally supported by DD-WRT too and are available at reasonable-ish prices.

  8. Sebastian A

    Think they're making it hard to opt out?

    OF COURSE they are. The more people opt out the less value the data has. They don't want to give you the choice but they have to, but they can damn well make it a pain in the arse to do.

This topic is closed for new posts.

Other stories you might like