XPost: alt.comp.os.windows-10, alt.internet.wireless, alt.comp.m   
   crosoft.windows   
   From: marianjones@helpfulpeople.com   
      
   Andy Burns wrote:   
   >> So what are you asking me to answer?   
   >   
   > For a named person, if you already know where they live, you know their   
   > location, if you don't know where the live, Apple's database doesn't   
   > help you find out.  Even if you find their router's BSSID, why do you   
   > ant to wait years until they move home, just so you can track where they   
   > move to?   
      
   Hi Andy,   
      
   Happy New Year!   
      
   Thanks for answering as I respect your acumen, as you've taught me a lot   
   over the years, which I appreciate and we've always worked together.   
      
   I think you agreed we know the name of every homeowner in the USA.   
   And we know the location of that home (if it's a single-family home).   
   That's not disputable.   
      
   What we can dispute is whether the accuracy of the BSSID identifies the   
   home, and we can dispute the percentage of people who take their router   
   with them when they move from one home to another home (e.g., I took mine).   
      
   We can dispute who is living in the home, and for multi-family dwellings,   
   we can dispute who the person is that is using that router at that time.   
      
   We can also dispute the significance of a router moving from one location   
   to another, although a large number of moves will be by the router owner.   
      
   We do know the brand of router, so we can exclude exchanged equipment.   
      
   If we are thoughtful, we can come up with a large list of vetted things we   
   know, and things we can reliably guess & things we will never know, right?   
      
   In "my" case, I took all my routers with me when I moved from home A to   
   home B, and most people I know have done the same, so it's very common.   
      
   >> a. Are you disputing I have the named owner of every home in the USA?   
   >   
   > Situation is a bit different here, there's the electoral roll which will   
   > list everyone's address, but many people opt to tick the "privacy" box   
   > so that isn't public information, there's also the land registry but   
   > homes which have not recently changed hands are not required to be   
   > registered, and you have to pay to see each record.   
      
   I won't dispute the UK system, nor any others, as it's not really the point   
   to narrow it down to an individual because it's already down to the home.   
      
   The fundamental main points, which all tie together, are   
    1. Apple does not respect their published opt-out mechanism   
    2. Hence, my BSSIDs are in Apple's WPS database even though I've opted out   
    3. My ownership of the home is a public record I can not make private.   
    4. Since I live in the home, that's me (and the members of my family).   
    5. Anyone can look up the location of my home in Apple's WPS   
    6. That means they can reverse search, if they felt like doing that.   
    7. Unlike Google's WPS, Apple's WPS has no controls whatsoever on lookup.   
    8. Unlike Google's WPS, Apple's WPS lookups give 400 nearby AP BSSIDs.   
    9. This makes it trivial to create a db of every AP in the world   
   10. And trivial to track the movements of every BSSID in the world   
   11. Which means they can reverse search by homeowner/home to BSSID movement   
   12. Which is exactly what the security researchers said was easily doable.   
      
   Combined with any other location-based database, they can easily track   
   almost anything they want to track that is tied to a homeowners movements.   
      
   >> b. Or are you disputing I have the BSSID of every home in the USA?   
   >   
   > I don't think you have it in such a cut-and-dried format, you've tied   
   > things together by implication.   
      
   Sure. That's exactly what all the security research in the world says.   
   So I'm saying what experts are saying - which is reasonable.   
      
   Only someone who lacks imagination can't think of ways to use a hammer.   
   This is a hammer. It's a very powerful hammer indeed.   
      
   Tie it with a nail and the bad guys can do a lot of mischief.   
   Which I tried to avoid by opting out of Apple's WPS database.   
      
   Circle back to Apple has no intention of following their own privacy rules.   
      
   If Apple respected their own privacy policy, I would not have as great a   
   case against Apple, where what Apple is doing is the antithesis of what   
   Apple loudly proclaims it does.   
      
   Remember, Google isn't doing this.   
   Neither was Mozilla.   
      
   Only Apple.   
      
   >   
   >> If your name was, oh, let's say Jeffrey Devin, and if you put that router   
   >> in the home that you own at 4306 Josey Circle, then I can track that AP   
   >> anywhere in the world if you then moved to another home, and took your   
   >> router with you. c. Are you disputing I can track the location of that   
   >> AP BSSID, Andy?   
   >   
   > But the BSSIDs are unique, people's names are not, how easy would it be   
   > for you to link to SSNs?   
      
   I do not have a database of SSNs, but I'm sure if I was a loan officer I'd   
   have it, right? Or a banker? Or a solar roof installer, or law enforcement.   
      
   Once you have the router ap in the home, you can track that router ap   
   around the world if someone bothers to take their router with them.   
      
   I do.   
   My routers, as you've seen, are ages old and I still have them at home.   
       
      
   Those are going to be turned on in Palo Alto on New Year's day.   
   In a month, we'll move them to Cupertino.   
      
   This is a simple test case which proves that anyone in the world   
   can track any access point in the world, no matter where it goes.   
      
   Again, if I could opt out, it wouldn't be so bad for privacy.   
   But Apple does not respect their own opt-out privacy policy.   
      
   >> Note that by tracking the BSSID and knowing the owner of every home in the   
   >> USA (since that's a public record), I could tie it to you "if" you're the   
   >> owner. If you only rented the home, then I'd need more data to tie it to   
   >> you.   
   >>   
   >> But in the USA, overwhelmingly, people own the home they live in.   
   >> So it's tied to the owner. Who, in this case, would be you.   
   >   
   > For anyone who runs their own business, the companies house data is   
   > another source of addresses,   
      
   There are lots of ways to tie metadata together where the key points are   
   really that Apple won't respect its privacy policy and Apple's WPS returns   
   for too much data (400 BSSID:GPS pairs in every query!) and has no   
   controls.   
      
   Remember, Google isn't doing that.   
   Neither was Mozilla.   
      
   I'm in constant email with Brian Krebs on this and with Dan Veditz   
   on the Mozilla Security Team, both of whom easily understand the issues.   
      
   But I couldn't get Erik Rye or David Levin to respond to my emails yet.   
      
   >> Would it not?   
   >   
      
   [continued in next message]   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)