XPost: alt.comp.os.windows-10, comp.mobile.android, misc.phone.mobile.iphone   
   From: marianjones@helpfulpeople.com   
      
   J. P. Gilliver wrote:   
   > Can you get any idea of what's in the database, or can you only check it   
   > for a specific given one? (I. e. does it accept wildcards or anything   
   > similar?)   
   >   
   > I ask as it'd be interesting to know if it _does_ contain any _nomap   
   > ones, but you can't find that out if you have to specify them exactly.   
   > (Though you could make up a few to try, but that wouldn't be conclusive   
   > unless you succeed.)   
      
   Hi John,   
      
   Thanks for asking as we can all work together on this privacy project.   
      
   It's worse than I thought. I checked the Apple database for my own BSSID of   
   an access point that has had "_nomap" on it for years, and it was in the   
   Apple database!. The real GPS location. It was horrid. I almost fainted.   
      
   I don't understand _how_ it got into Apple's database.   
   Nor how it _stayed_ in Apple's database.   
   But there's no doubt that it's there. With the GPS to 8 decimal digits!   
      
   To me, that's criminal.   
   But I can't believe that Apple is that horrifically bad. I just can't.   
      
   So there must be some kind of a mistake.   
   But what?   
      
   A BSSID is unique.   
      
   Just run this on your PC and it will give you the BSSID you connect to:   
    C:\> netsh wlan show networks mode=bssid   
      
   I wasn't going to check Google's database, but I just started writing the   
   scripts to check Google's database to see if it was only in Apple's   
   database. Anyone on the planet can query Apple's database.   
      
   But to query Google's database, I need to generate a Google Geolocation API   
   account which I haven't done (and which I wasn't planning on doing).   
      
   But I was shocked my hidden-broadcast AP BSSID with _nomap was in Apple's   
   database, so I might bite the bullet & create the Google API key after all.   
      
   Even so, if what I found out today is correct, Apple is liable for criminal   
   action, so I need to be very clear and doublecheck everything I tested.   
      
   If anyone has a BSSID that they feel they don't have to worry about   
   posting, I can see if it's in Apple's database right away, but I do   
   understand why people might not post it on Usenet.   
      
   If we could find an SSID of a local coffee shop or library, that might work   
   since it would only show us the location of that business on Google Maps.   
      
   I need to prove to all of you that the Apple/Google databases are horrid.   
      
   All we need to do that is a BSSID of an AP that isn't in your own home   
   (because I understand nobody wanting their own home to be geolocated).   
      
   But that's the whole point.   
      
   If it's that easy for anyone to look up where we live based only on our   
   BSSID, then there's something horrid going on, don't you think?   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)