May 2nd, 2010
|03:56 pm - Odd ideas about privacy|
I recently saw an article about people being upset about Google's data gathering. Specifically, of their gathering wifi signals.
last week many were shocked to learn that while the advertising giant's camera-equipped cars were zipping past our front doors, they were not just collecting panoramic photos. Wi-Fi antennas on the cars were hunting down wireless computer networks, and equipment inside was recording the networks' names, locations and the unique MAC address of the routers supporting them. From my PoV, this is exactly the same as if many people got upset because someone put up a website consisting of photographs of large, highly visible signs that individuals had put up in the front yards of their houses. From my PoV, not only is this recording entirely harmless, and in addition quite useful for purposes of navigation, and also potentially as a useful guide to unlocked wifi signals (which I don't think this database is being used for, but isn't a bad use). The entire concept of privacy is changing, and it's clear that most people do not fully understand what this means. I have no idea what concepts about privacy will look like in 20-30 years, but they'll definitely be quite different from the common assumptions many people make today.
The revelation has, not for the first time, prompted a wave of accusations that Google doesn't care about privacy anywhere near enough.
|Date:||May 2nd, 2010 11:20 pm (UTC)|| |
If I had a wifi I would not lock it so others could use it. Unless I misunderstand wifi (which is entirely possible) someone tapping into my wifi don't get to peek into my hard drive or read my e-mail. So what's the big fuss about?
There are two legitimate issues - if someone uses your bandwidth to download lots of stuff, then your own connection will be noticeably slower and can even slow to a crawl. Also, it's possible (but not easy) for someone to use an unlocked wifi signal (or a locked one they can hack) to gain access to computers on the network - this involves a fairly high degree of both skill and persistence, but it can be done.
However, this outcry is generated by neither of these events, it largely seems to come from the fact that many people have no clue that you can pick up their wifi signal driving by their house.
Well, wait, that's not all. Most ISPs require as part of the user agreement these days that you promise not to give away their internets to anybody and everybody. They're selling you access to the internet, and they'd like to sell it to your neighbors, not have you give them access to yours.
Second, anyone who can connect to your wifi can run a packet sniffer on it to read anything sent across it "in the clear", which includes almost all one's web browsing, and often includes web-based email (unless you have gmail set to HTTPS!), and typically includes email downloaded to or sent from clients like Outlook and Notes. (This is the same as on a cable modem connection, save that the risk is from any of your neighbors on the same cable loop, while with unsecured wifi, it's anyone who shows up and connects.)
Third, your open connection could be used in the commission of a crime. I mean, if I was going to commit a crime that needed to upload or download something to the internet (e.g. releasing a botnet virus, or publishing child porn, or distributing warez), I sure as heck wouldn't use the connection I pay for. Most institutionally run public access points require that users identify themselves somehow, or log connections to track their computers. One is more likely to get away with shenanigans if one finds an open wifi connection that some clueless homeowner has left, and isn't monitoring or logging.
Presumably, you don't want the last known dynamically assigned IP number of someone who, say, hacked into NORAD, to be that which was last yours. At the very least, you could wind up having a very stressful conversation with the local law enforcement. At worst, you could find yourself framed for a federal felony.
(OTOH, if you are committing crimes on your internet connection, you might want to leave an open wifi link as a sort of alibi. That way you could make a reasonable doubt defense play, arguing that it must have been some random other, more nefarious, person using your internet connection. Gee, I'm so sorry, Your Honor, I didn't realize what a big deal this wifi thingy is. Computers are so complicated, you know? I promise I'll use WEP from now on.)
From my PoV, this is exactly the same as if many people got upset because someone put up a website consisting of photographs of large, highly visible signs that individuals had put up in the front yards of their houses.
It isn't quite so benign. It is closer akin to someone collecting a database of what front doors have which kind of lock, and whether rattling the doorknob will let you in.
While I don't think Google is making this data directly accessible to the world at large, it still reads a lot like a big company is digitally casing the place.
Except that you can't collect that sort of info about locks simply by driving by someone's house with an exceedingly common and perfectly legal piece of equipment. Even if it's not recorded, wifi data is inherently public - recording it is merely a formality.
I think that a lot of people would have a problem with someone generating a comprehensive database of what political lawn signs people have put up in their yards.
Actually, I bet if a google street view image of your house had a political sign in it, google would fuzz it out or remove it if you requested.
Collecting wireless signals seems way less invasive, since it isn't even actually attached to addresses or people, just locations.
What is the difference between an address and a location?
I think that a lot of people would have a problem with someone generating a comprehensive database of what political lawn signs people have put up in their yards.Next best thing.
I don't know about on request, but they don't by default. Even when the sign is in your bedroom and happens to be visible only because you had your window open on the day when the Google car went by. which I find exceptionally creepy.
Odd ideas about privacy
I think its more that Google doesn't care enough about the illusion of privacy. It's common knowledge that one can access wireless networks in the area- in fact that's basic to the design of wireless modems. Google isn't doing anything that anyone with a laptop can't do.
The thing is though, users like to pretend that they have privacy through some gentleman's agreement or something.
|Date:||May 3rd, 2010 05:14 am (UTC)|| |
Re: Odd ideas about privacy
Agreed. I definitely care about actual privacy, but illusions of privacy seem at best pointless and at worst actively harmful (at least in the sense that many people don't expect information they put online to come back to haunt them).
Okay, first of all, let's call a spade a spade. This is mass, untargeted surveillance. If one person were going around collecting such data on one other person, we'd call it stalking.
There are places where that's already legally actionable, y'know?
So far, I don't think Google is open to a class-action lawsuit about it, but I'm no lawyer. I'd be interested in seeing the case brought forth.
The problem with this sort of thing is the notion that just because such information is possible to acquire, that it should be acquired and recorded. It's the difference between overhearing someone on the phone as you walk by their hour, and standing there with a recorder.
I don't want a future in which either I need to wear a burqa all the time or I might as well go naked, but the way we're going those seem to be the choices I'll have. So I'm glad people are getting up in arms about this. I'd rather the public nip this trend now than wait until we're all under constant surveillance and only then notice that it's a bad idea.
I bet I could disable wireless broadcast on my router and just plug in directly with a cable. Problem solved, and it's considerably more secure. Frankly, I'm too lazy to plug in another cable every time I start up my laptop.
This appears to me to be a very silly pretend "controversy" helpfully amplified by incompetent journalism.
In this particular case, the key phrase to notice is: "Wi-Fi antennas on the cars were hunting down wireless computer networks...." Um, no. Wrong. There was no "hunting down" at all.
Here's how this works: when you set up a wireless access point (or "WAP"), you can, if you like, configure it to broadcast its existence and its identification to all and sundry -- in effect, to shout, "Here I am! I'm a WAP! Wanna connect?" at the top of its tiny electronic lungs. Or, alternatively, you don't. (Personally, I don't; it's mildly inconvenient, but I don't see any reason to advertise my WAP to my neighbors.)
So, what exactly did Google do? Basically, each time a WAP which was configured to announce itself to the world shouted "Here I am! Wanna connect?" at their passing van, they made a note of where they were and what the WAP said its name was. No packet sniffing. No cracking weak encryption keys. Just keeping a list of information, every bit of which was deliberately broadcast in the clear to anyone who cared to receive it.
So the real question is: why didn't Paul Marks, the author of the New Scientist squib on this micro-fracas, bother to spell this out for his readers? Why do he and the the New Scientist prefer to mislead and confuse, rather than to inform and clarify?
I'll bet the same people outraged by these have their names and addresses not only posted outside their houses, but published in the phone book.