Note that the tech is there to do this with the cell radio -- no WiFi required. It's just a lot more expensive and hasn't been widely commercialized yet.
The gap that's left open here, as with many semi-anonymized tracking systems, is joining the data up with some other stream of data that identifies the person. Once cell phones become wallets, that should be easy enough for merchants to do. Just join up the purchase transaction data with the location data. Of course the obvious way to do this would be to simply provide an open-access WiFi spot that required a valid email to access. And don't forget that such publicly-accessible data as your WiFi radio ID is easily put on a database and traded. Over time, using several such matching systems, you could probably build up a 95%+ accurate tracking system of people with their identities attached.
Not trying to over-dramatize this story. No matter what your views of privacy and anonymity, to me it's fascinating from simply a technology standpoint to watch all the pieces slowly lining up. It's like watching a puzzle slowly being fitted together.
One great way to radio-fingerprint people is when they use a point-of-sale device like a credit card checkout or an ATM or a pay-at-the-pump gas station. Put a camera on it (if you don't have one already), and you get (1) a good picture of someone's face; (2) their name and maybe address; (3) a unique way to identify them (credit card number); and (4) a short list of their possible radio IDs. Within a few encounters, you can be 99.9% sure which radio IDs belong to them. Put this system in, oh, 7-11s, Shell gas stations, and pay ATMs, and pretty soon you'll have a match for a good chunk of the population. Plus of course it gets easier as you go along -- the more people you have affirmatively identified in a location, the easier it is to narrow down the rest.
The product is a subscription database that will show you a map of your surroundings with a mug shot for each person nearby. Click the picture and you can find out anything that can be learned from their name, address, magazine subscriptions, purchase history etc -- their politics, income, education, interests, relatives, etc. If you've managed to link their email yet, you can also get all their recent online activity ...
OK, maybe banks and gas companies aren't that evil, or at least would quickly be stopped. So let me ask this: what kind of radio-fingerprint database could someone build with a botnet? You control a webcam, a wireless card, and unencrypted access to the user's internet browsing. Where does that get you?
(Probably all of this is a bit silly, but it's fun to imagine what could be done with existing technology ...)
Oh man, I wish I had the patience for enterprise sales.
This would be absolutely terrific for attributing offline sales to online advertising, and for understanding how e-commerce behavior relates to in-store behavior.
The iPhone begs for wi-fi regularly (especially if you're looking at, like, maps, or downloading things), makes it easier to connect (popup captive portal dialog technology, Wispr) and makes it more tedious to turn off. Android phones make it easy to turn on and off (custom widgets on the home screen) but do not make it quite as easy to connect. Therefore you see a lot more iPhones hanging around on random free wifi than Android, in terms of installed-base percentage.
AT&T's early iPhone monopoly and the (in)ability of their network to handle the increase of traffic in those early days is probably a factor which contributed to this state of technology.
Not only that, but iPhones will automatically connect to any open ATT wireless nodes, they are configured that way when you go purchase a device from ATT.
My iPhone tells me to turn wifi on every time I use the maps app because it improves location accuracy. It may just be the first launch after turning off wifi, but it seems to remind me after every time I turn wifi off.
In addition, Navizon also has the ability to assign real
identifying information to a device, but it's a process
that could hardly occur without your knowledge.
When the user buys something, you have their name and credit card information and maybe an existing member/discount card. Connect to whatever dot is closest to the cash register. Maybe make it more of a Bayes weighted connection instead of a certain connection to handle edge cases like "spouse using other spouse's card", "member-card swap club", etc
Easy, effective, and transparent to you, the person being tracked. You're just buying something right?
You can track people in meatspace using cell phones the way you track them online using browser cookies. This just makes it affordable (especially compared to the cost of tracking via cell tower)
The thing is that they can track this over time ... so even if they registered all the dots in the area at the time, if they do this often enough a pattern will emerge where you are the only one with that specific radio ID that makes a certain purchase. So unless you can get your friends to come with you every single time they only need to get data from 3 visits or so...
For those that are interested in how this works: it's basically a feature of the 802.11 MAC. When a station STA1 transmits an RTS packet (request to send) to some other STA2, STA2 has to respond with a CTS (clear to send) packet (collision avoidance, hidden terminal problem). So basically if a detector knows that a mobile station exists with some MAC address, it can 'ping' it by sending RTS packets to it. It has to know a) the MAC address, which it can learn by overhearing probe request sent by the mobile station when its scanning for access points, and b) the channel the station is on. Of course, you can ping repeatedly on different channels or use multiple Wi-Fi transceivers.
Note that when the mobile station is associated with an access point that uses PSM (power saving mode) this does not work because the mobile station is in sleep mode 99% of the time and only wakes up periodically to catch a beacon packet from the access point.
By pinging the mobile station and measuring the received signal strength of the CTS response packet at various locations you can triangulate the location of the mobile station (or better yet, use fingerprinting, MLE).
I'm working on a hobby project to create a crowdsourced, "open data" alternative to proprietary geolocation services like Google or Skyhook. This would enable desktop applications (like freedesktop.org's GeoClue library) to geolocate (using a web API or by downloading data to use offline).
A possible player in this area is WiGLE (Wireless Geographic Logging Engine), a Wi-Fi "wardriving" website with a database of 60M Wi-Fi network's MAC addresses and lat/long positions. Unfortunately, they don't want to create a free service because they sell the database to undisclosed partners. Even though most of "their" data consists of 10 years of wardriving volunteers uploading their personal logs, WiGLE locks the community's data behind a crappy Java map application and doesn't make the crowdsourced data available for download or from a web API.
Yeah, those WiGLE guys are really not helpful. I drove around several weeks and mapped thousands of new APs for them. They didn't even answer my email regarding offline use.
How many people actually bother to turn their WiFi off? I don't know of any who do it manually (although I do have Juice Defender to do it for me, based on location).
I do. I believe it saves battery, and it's really quick. In Touchwiz, the WiFi/GPS/4G controls are built into the notification pulldown. I believe the same is true of cyanogenmod.
Having it automated might be better, but it's never bothered me enough to look into that.
It only saves battery if your wifi is continuously scanning and not actually getting on a network. Otherwise, wifi is preferable to using a mobile network for data traffic as far as battery life is concerned.
WiFi is a big battery hog on my phone. I can go three days on one charge without it, but if I connect up to my home network with WiFi I get less than two.
Are you running an app that's configured to perform a particularly data-intensive activity only on wifi? That's the only way I can reconcile your experience with ryandvm's comment (sibling to yours).
I run CyanogenMod, and have the pull-down. I agree that it saves battery. I probably wouldn't bother turning WiFi on and off manually though -- and my wife definitely wouldn't (and didn't, before I set up JD on her phone). That's why I like Juice Defender...
Absolutely. Oversimplified to the point of being false.
I'd have thought this would be fairly easy to do, you just need a sufficient amount of WiFi access points. Someone should add this DD-WRT or Tomato so it can be done with cheap/consumer routers easily.
And the cell company can track your (macro) location. And a store can track your visit if you do something like, oh, make a purchase - doubly so if it's with a loyalty card. With all due respect to privacy concerns, those are probably the bigger problems.
And online social-media/advertising tracking? Egads.
I believe some Android phones (at least, the Galaxy Nexus and Droid X) randomly select a new MAC address on reboot. Whether this is a bug or a feature depends on your point of view:
Pretty easy to do on Android if you have root. Would be cool to have an app that could regenerate a new random one periodically. Changing your IMEI on the other hand is more difficult, though reading that is more difficult to do.
"most of us leave wifi on by default"
I wonder if this is based on some real evidence. I don't see any reason to leave wifi on by default, and most phones i've owned don't enable it by default.
Good question. When I purchased my first smart phone 18 months ago, I was pretty compulsive about turning the wifi off if I was in a place where I couldn't use it. I figured it would save battery. I lamented how the phone (iphone 4) made it a little cumbersome to turn off the wifi (and bluetooth, also) and asked others what they did (maybe 5 people). They said they just left it on. Any lessening of battery life was outweighed by the convenience of getting out the phone and going through the menus every time you leave the house or office.
As of Gingerbread, the 'turn wifi on/off' button is in the top pull-down menu in Android (that was previously reserved mostly for notifications). It's as easy as swiping down and touching the button.
EDIT: After reading this[1], it's probably a Samsung-only thing. My wife's Samsung phone is my only experience w/ Gingerbread. That said, I think that this is an awesome addition based on my experience with Froyo.
It used to be possible to make shortcuts that had access to these settings [1] on standard (non-jailbroken) iPhones. Unfortunately the most recent iOS update removed the preference links that made it possible.
Really frustrating, as its very cumbersome to wade through those menus.
When people ask my why I jailbreak my phone, my verbal answer is that I like to be able to control what's running on my phone (and peek at what it is doing), and my convenience demo is showing how SBSetting lets me turn wireless off, change brightness, and/or airplane on in a 0.5 secs of swipe+click.
I think that when I actively manage my battery life, I get 7-8 more hours to the 4S' 40 hours between charges of my normal use. It doesn't sound like much, but for me it's the difference between having to remember to charge all the time, and doing it opportunistically.
When is the quaint notion of privacy going to die? I don't get it. Any privacy you have today is purely through obscurity. I decided a couple years ago to just go fully public, my Facebook is open, and I assume at some day in the future, every post I've ever made anywhere will eventually be linked directly to me through some kind of smart algorithm. The reality today is if you want it hidden, don't do it, or hope no one ever has a reason to care if you did it.
That's an incredibly naive and short sighted view to take. What if one day, some activity that you now openly partake in, is condemned or made illegal and all people who partake in it are rounded up?
That might sound paranoid but history is replete with examples of oppressive regimes who captured, tortured and/or killed people they deemed subversive, immoral or unwanted.
One recent example that's perhaps not a cliche is Uganda, where very oppressive anti-gay laws are being passed and people in power are agitating for the death sentence for homosexuals.
What if gay Ugandan people followed your example and lived their whole lives openly on the internet?
"Any privacy you have today is purely through obscurity."
That is, indeed, the definition of privacy. Good show.
"The reality today is if you want it hidden, don't do it, or hope no one ever has a reason to care if you did it."
Yes, because there is never a time when I might want to do something that others might not want me to. Say, stand up for my rights, for what's good, for what's unpopular.
Well, good luck with that. Time may prove you correct, but I am not willing to throw in the towel on the fight for privacy just yet. I hope there are more like me.
I guess I didn't make my point well enough. The point is it isn't an option, not because you want it hidden, but because you've already "lost". You can't keep it hidden anymore and you shouldn't live under the impression you can.
That's of course not true. Privacy is not binary. While most people have lost some privacy over the last years it's not a "all hope is lost, lets throw in the towel" situation. There are still many ways to safeguard one's privacy and it's important to still fight/agitate for that right.
Also, when you think in security, it is always a trade off. And you cannot make rational decisions if you do not have a threat model. Maybe government agencies and big corporations know your every step. But I find perturbing that you choose to expose yourself to the garden variety of scumbag in the street. "Look all these nice gadgets and appliances at my home, which by the way is going to be alone for 3 weeks". +1
Something that's not entirely clear to me from the article: is this how Google's new indoor maps stuff works? If so, can someone reconcile that what's described is a way for the infrastructure to track the handsets, that the handsets are still anonymous, and that the maps run on the handset (so unless I'm missing a link, the system must be passing data to the handset).
Google's new indoor maps stuff is implemented at the map layer. They don't have the infrastructure in place to track your wifi from a location's sensors and then communicate that back to the phone. It's just whatever physical-location technology is already built into your phone (typically some combination of GPS, cellular, and a list of what wifi access points are available), plus an indoor floorplan.
"Navizon's system can determine where you are, but not necessarily who you are, since all it sees is a Wi-Fi radio."
Maybe they can't find out WHO you are, but they can certainly find out where you live: wigle.net
Apple and Google may also have their own reverse SSID geolocation service, so there's really nothing stopping Navizon from finding out where you live.
Furthermore, they can use Kismet (or any other such tool) to find the SSIDs that your phone is searching for -- and if you, for example, enable WiFi at work AND at home -- they can also deduce where you work.
I find the service to be pretty creepy, personally.
Your phone doesn't usually broadcast an SSID. Your home router does. What you've linked to isn't the same thing as the article, unless you're carrying your router along with you everywhere.
Even if we believe that our data is anonymous in one way or another the reality is that there are teams everyday working on de-anonymizing data. If you look at dozens of posted articles online referencing the restructuring of anonymous data you will realize that what appears to be anonymous on the surface might not be.
I almost never have WiFi on with my current phone, it causes my battery to run dry at about 5pm. With my previous phone, the wifi was almost always on though, as the impact to battery life was minimal.
This would be great with an opt-in/synchronize step to help find your friends at huge conferences.
Edit: Also, I just realized that this could be fantastic for meeting up with someone (especially in NYC). You just pick some general area to meet up in and when the other (perpetually late) person shows up they'll know right where to find you. You could even mix in the google maps API and get an ETA for their arrival!
I built an almost identical system this past year as my EE capstone project. The accuracy of these systems is limited by environmental factors (large metal structural/aesthetic features of a building) which can be corrected to a certain extent, but it would still be trivial to avoid being tracked by using a directional antenna.
Doesn't the iPhone only look for wlan networks once you start using it? At least, this has been my experience in the past: after returning to my base station, when I unlock it (turn on the screen), it takes a few seconds until the network indicator changes to wlan.
If true, this issue is quite overrated, at least on Apple devices.
"Most of us leave Wi-Fi on by default, in part because our phones chastise us when we don't."
I enjoy having more than 8 or 9 hours of battery life, WiFi is carefully turned on and off. Heck my phone came with a giant WiFi toggle switch on the home screen.
One thing that's not clear: Must the target device be connected to a particular wi-fi network, or can devices even be tracked while wi-fi is on, but not connected (or connected to a different network)?
It's not the actual connection itself that matters. If your phone ever transmits a packet, it can be detected and associated with your phone's radio id.
How would one go about setting this up in their own house? Privacy concerns aside, I can think a some cool uses for this (more finely-grained location based reminders for instance).
Get a Windows Phone - it will ask every time it does everything if you want. It's "opt out" by default which is more than I can say for Android or iPhone.
Technically, you don't usually do wifi "triangulation". With triangulation, you measure direction - not something most wifi sensors and antennas are capable of. You'll use trilateration, which involves distance (you have a signal strength measurement) and turning that into circles.
The gap that's left open here, as with many semi-anonymized tracking systems, is joining the data up with some other stream of data that identifies the person. Once cell phones become wallets, that should be easy enough for merchants to do. Just join up the purchase transaction data with the location data. Of course the obvious way to do this would be to simply provide an open-access WiFi spot that required a valid email to access. And don't forget that such publicly-accessible data as your WiFi radio ID is easily put on a database and traded. Over time, using several such matching systems, you could probably build up a 95%+ accurate tracking system of people with their identities attached.
Not trying to over-dramatize this story. No matter what your views of privacy and anonymity, to me it's fascinating from simply a technology standpoint to watch all the pieces slowly lining up. It's like watching a puzzle slowly being fitted together.