XPost: alt.comp.os.windows-10, alt.comp.microsoft.windows, alt.c
mp.os.windows-11
From: marianjones@helpfulpeople.com
Marian wrote:
> In fact, I found my own SSID, which is set to be both hidden broadcast (so
> the broadcast packets only contain my BSSID) and opted out (with _nomap)
> in Apple's highly insecure public database available to anyone world wide.
>
> That's a legal, moral & ethical privacy flaw in the Apple WPS database.
I spoke to a VP at Apple who happens to be a neighbor who knows I am
credible, and I sent him the information so that he can pass it on to the
right people at Apple who can explain to my satisfaction what happened.
Some of the commands I provided to them, run on Windows, are the following
(which those of you on Windows can run right now to check your situation).
C:\> netsh wlan show all
C:\> netsh wlan show networks
C:\> setsh wlan show networks mode=ssid
C:\> netsh wlan show networks mode=bssid
C:\> python.exe apple_bssid_locator.py AA:BB:CC:11:22:33
For wavedigger, you can put your BSSID into the URI:
The only way I can even think of how I got into Apple's WPS database is
that there's a bug in the Apple software when hidden SSIDs are involved.
Note: Apple does not document their policy toward hidden SSIDs, but
Mozilla security personnel (whom I've been in contact with) have
documented that they do not "collect" any SSID that is hidden, in
addition to any non-hidden SSID that has _nomap" appended.
Mozilla Location Service
"Mozilla's client applications do not collect information
about WiFi access points whose SSID is hidden or ends with
the string '_nomap' (e.g. 'Simpson-family-wifi_nomap')."
But I've sent my query to the Apple VP so I expect a response from Apple.
My query shows that my exact location is clearly identified by Apple's WPS
database, so I believe this is a class-action-suit valid privacy flaw.
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
