Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.mobile.android > #143373 > unrolled thread
| Started by | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| First post | 2024-09-15 06:30 +0200 |
| Last post | 2024-09-30 16:54 +0200 |
| Articles | 18 on this page of 38 — 6 participants |
Back to article view | Back to comp.mobile.android
home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-15 06:30 +0200
Re: home screen icon to connect to wi-fi network VanguardLH <V@nguard.LH> - 2024-09-15 05:15 -0500
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-15 19:18 +0200
Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-18 08:52 +0200
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-18 17:40 +0200
Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-15 23:15 +0200
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-19 03:05 +0200
Re: home screen icon to connect to wi-fi network Andy Burns <usenet@andyburns.uk> - 2024-09-19 08:52 +0100
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-30 00:53 +0200
Re: home screen icon to connect to wi-fi network Andy Burns <usenet@andyburns.uk> - 2024-09-30 09:04 +0100
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-10-02 01:39 +0200
Re: home screen icon to connect to wi-fi network Andy Burns <usenet@andyburns.uk> - 2024-10-02 05:11 +0100
Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-19 10:06 +0200
Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-28 13:39 +0200
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-28 15:10 +0200
Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-28 21:55 +0200
Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-29 21:03 +0200
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-30 00:30 +0200
Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-30 09:00 +0200
Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-30 16:52 +0200
Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-28 21:55 +0200
Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-18 08:50 +0200
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-18 17:40 +0200
Re: home screen icon to connect to wi-fi network VanguardLH <V@nguard.LH> - 2024-09-18 14:07 -0500
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-19 02:59 +0200
Re: home screen icon to connect to wi-fi network VanguardLH <V@nguard.LH> - 2024-09-19 01:09 -0500
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-19 21:42 +0200
Re: home screen icon to connect to wi-fi network Chris <ithinkiam@gmail.com> - 2024-09-22 08:29 +0000
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-23 06:11 +0200
Re: home screen icon to connect to wi-fi network Chris <ithinkiam@gmail.com> - 2024-09-23 14:11 +0000
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-23 17:34 +0200
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-23 06:32 +0200
Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-28 13:40 +0200
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-28 15:17 +0200
Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-28 22:08 +0200
Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-29 21:06 +0200
Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-30 00:32 +0200
Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-30 16:54 +0200
Page 2 of 2 — ← Prev page 1 [2]
| From | "Carlos E.R." <robin_listas@es.invalid> |
|---|---|
| Date | 2024-09-28 21:55 +0200 |
| Message-ID | <vh3mskxvmm.ln2@Telcontar.valinor> |
| In reply to | #143531 |
On 2024-09-28 13:39, Arno Welzel wrote: > Enrico Papaloma, 2024-09-19 03:05: > > [...] >> Remember the home router is always set to not broadcast your BSSID/SSID >> pair, which is prudent not for security but for privacy reasons since then >> phones don't upload your unique BSSID/SSID pair to Internet databases. > > Why do you think, that the phone won't do this, when it is *connected* > to that SSID? > >> So two things are set which most people don't know why they'd set them. >> (1) The home router is set to NOT BROADCAST your unique BSSID/SSID pair. >> (2) The phone is set to NOT AUTO CONNECT to any known wi-fi access points. >> >> Those are set for privacy. >> Not for security. > > What has auto-connect to do with privacy if you are using your own WiFi > network? Because he hides his router SSID so that google doesn't map his WiFi to his house⁽¹⁾. That way autoconnect doesn't happen. His phone has to actively search for the home WiFi in order to connect to it. (1) The phones of passerbys detect the SSID of the WiFis they hear on the street, and google maps them. This is used so that a phone in the world can know where it is by identifying the SSIDs in the vicinity. And inside buildings, by identifying certain BT emitters. Some people consider this an invasion of their privacy. And others, like our friend, dislike that phones are passively listening and mapping locations and that people do not massively disable this feature. >> Most people don't understand the difference, but the end result is if you >> leave auto connect on the default setting, then your phone will constantly >> shout out your unique BSSID/SSID pair everywhere you go in the world. > > Do you have a source where one can learn more about this? > >> That allows anyone with even minimum skills to track your every movement. >> I don't want that. > > With even "minimum skills"? How? He is Arlen :-) He has mentioned those things many times, only interesting if you are similarly minded. Very impractical, contrary to what he says. Like the phone not connecting to the home router automatically and fast. -- Cheers, Carlos.
[toc] | [prev] | [next] | [standalone]
| From | Arno Welzel <usenet@arnowelzel.de> |
|---|---|
| Date | 2024-09-18 08:50 +0200 |
| Message-ID | <lkvbhnFftcdU1@mid.individual.net> |
| In reply to | #143373 |
Enrico Papaloma, 2024-09-15 06:30: > Instead of waiting for the phone to find the network and connect to it, How long to you have to wait? My phone usually connects within seconds if a known WiFi network is in reach. -- Arno Welzel https://arnowelzel.de
[toc] | [prev] | [next] | [standalone]
| From | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| Date | 2024-09-18 17:40 +0200 |
| Message-ID | <vces92$1m52$1@news.gegeweb.eu> |
| In reply to | #143382 |
On 9/18/2024 1:50 AM, Arno Welzel wrote: >> Instead of waiting for the phone to find the network and connect to it, > > How long to you have to wait? My phone usually connects within seconds > if a known WiFi network is in reach. How long is the wait? Forever. Actually the wait is "forever and ever" because I have the wi-fi auto-connect turned off for privacy reasons - as leaving auto-connect turned on shouts out your home BSSID every few seconds everywhere you go. While I'm not Hezbollah, hiding my cellphone and pager from the Israeli Mossad, it seems prudent to set up a cellphone to not ID you every moment. Alls a nefarious outfit has to do is sell their services to a company, say Macy's or Nordstrom or Target or whatever, and tell that store that they can uniquely track each customer's presence in every store, although they often already do that with bluetooth trackers (so my bluetooth is off too). I can easily make an Android homescreen shortcut to the activity named com.android.settings/com.android.settings.Settings$WifiSettingsActivity but what I really want to bring up is an activity to a specific access point BSSID/SSID pair such as "01:02:03:04:05:06/my-access-point-01". Given a known BSSID/SSID to my own home access points, if anyone figures out how to directly connect to them with a terminal command, let me know.
[toc] | [prev] | [next] | [standalone]
| From | VanguardLH <V@nguard.LH> |
|---|---|
| Date | 2024-09-18 14:07 -0500 |
| Message-ID | <jx54y9tyo6c6.dlg@v.nguard.lh> |
| In reply to | #143384 |
Enrico Papaloma <enrico@papaloma.net> wrote: > Arno Welzel wrote: > >> How long to you have to wait? My phone usually connects within seconds >> if a known WiFi network is in reach. > > How long is the wait? Forever. > > Actually the wait is "forever and ever" because I have the wi-fi > auto-connect turned off for privacy reasons - as leaving auto-connect > turned on shouts out your home BSSID every few seconds everywhere you go. You sure disabling auto-reconnect must be a global setting? I thought you could go into the properties of a connectoid to decide if you want that one to auto-reconnect, like the wifi hotspot in your home. https://www.youtube.com/watch?v=AEkwtEzYeAQ&t=12s Without the password, what good is the broadcasted BSSID? Anyone can drive by my house, but they're not getting in with the key. Yes, they could break in, just like anyone with physical access to your AP or wifi cable modem can alter its settings. If they have physical access, they're already inside. I can wear a company badge on my shirt that anyone can read, but that doesn't grant them access into the building by just knowing my name off the badge. You run open wifi hotspots to which anyone can connect without a password?
[toc] | [prev] | [next] | [standalone]
| From | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| Date | 2024-09-19 02:59 +0200 |
| Message-ID | <vcft1u$23qm$1@news.gegeweb.eu> |
| In reply to | #143386 |
On 9/18/2024 9:07 PM, VanguardLH wrote: >> Actually the wait is "forever and ever" because I have the wi-fi >> auto-connect turned off for privacy reasons - as leaving auto-connect >> turned on shouts out your home BSSID every few seconds everywhere you go. > > You sure disabling auto-reconnect must be a global setting? I never said it was a global setting. It's set per access point. > I thought > you could go into the properties of a connectoid to decide if you want > that one to auto-reconnect, like the wifi hotspot in your home. > > https://www.youtube.com/watch?v=AEkwtEzYeAQ&t=12s Absolutely. Each wi-fi access point has its own setting for autoconnect. But if you turn one off, you'll be turning them all off. It makes no sense to turn one off and leave the other turned on. That's like locking one door of your car but leaving the other unlocked. > Without the password, what good is the broadcasted BSSID? There are a hundred ways to answer that but the simplest is that the BSSID is like your Social Security Number. It's you. Only you. Nobody else. You. > Anyone can > drive by my house, but they're not getting in with the key. Again, there are a hundred ways to respond to that but the simplest way is for me to switch BSSID with your Social Security Number to make the point. When you're home, your router screams out your unique social security number and with that information, when you're home, you CONNECT to the AP. The problem doesn't happen when you're home. The problem happens ONLY when you're AWAY from home. When you're away from home, your PHONE screams out your unique social security number everywhere you go (it wants to connect to your router). Every 5 seconds your phone screams out your unique social security number. Do you really want EVERYONE who is around you to know your unique SSN? To stop that, you have to turn off auto-connect for each access point. (Replace "Social Security Number" with "BSSID" in the explanation above.) > Yes, they > could break in, just like anyone with physical access to your AP or wifi > cable modem can alter its settings. If they have physical access, > they're already inside. I can wear a company badge on my shirt that > anyone can read, but that doesn't grant them access into the building by > just knowing my name off the badge. > > You run open wifi hotspots to which anyone can connect without a > password? You don't seem to understand the problem doesn't happen at your home. It's a matter of being tracked uniquely everywhere you go away from home. I must stress that the problem happens when you are AWAY from home. But only if you do not turn off auto-connect. Which is why any sane person always turns off the wi-fi auto connect. If you have auto-connect turned on, then your phone is screaming out your unique BSSID everywhere you go, every few seconds, it screams it out again. That makes it trivial for bad actors to track your every movement. This is basic wi-fi stuff that you should already know (long ago). What I'm trying to do is make the non-auto-connect connection simpler. I want to do that by putting a shortcut on my home screen that will connect only to the given unique BSSID/SSID pair that is my own wi-fi access point.
[toc] | [prev] | [next] | [standalone]
| From | VanguardLH <V@nguard.LH> |
|---|---|
| Date | 2024-09-19 01:09 -0500 |
| Message-ID | <464sl25fw0ya.dlg@v.nguard.lh> |
| In reply to | #143391 |
Enrico Papaloma <enrico@papaloma.net> wrote: > VanguardLH wrote: > >> I thought you could go into the properties of a connectoid to decide >> if you want that one to auto-reconnect, like the wifi hotspot in >> your home. >> >> https://www.youtube.com/watch?v=AEkwtEzYeAQ&t=12s > > Absolutely. Each wi-fi access point has its own setting for autoconnect. > But if you turn one off, you'll be turning them all off. That's surprising, plus it means disabling auto-reconnect is a global action, not just on the connectiod being configured. >> Without the password, what good is the broadcasted BSSID? > > There are a hundred ways to answer that but the simplest is that the BSSID > is like your Social Security Number. It's you. Only you. Nobody else. You. And anyone can guess a sequence of numbers to construct a social security number. It really isn't that much of a secret. The BSSID is more like the house number on the outside of your house or on your mailbox: everyone knows what it is and where it is. So, your objection is not that your home router advertizes it is at your home, but a wifi hotspot you run on your phone identifies you're the owner of that hotspot. Why are you running a wifi hotspot (tethering) on your phone? The BSSID is the MAC address of the radio *to* which your phone is currently connected. BSSID is the unique identifier for a specific access point within a wireless network, and used to distinguish between multiple access points sharing the same SSID, and the SSID isn't yours, either. The BSSID is the 48-bit MAC address of the wireless AP or router used to make wifi connections. Are you toting around an wireless AP or router for which you are worried others will discover its BSSID? Every phone can ID your wireless AP or router, because of its SSID + BSSID. That is not the same as identifying your phone which is the purpose of IMEI in your phone to let carriers know you have permission via account status to use their service. For example, my desktop PC has wifi capability. Wifi is enabled; however, it is not connected to my wifi cable modem. As a result, the command: netsh wlan show interfaces | find “BSSID” doesn't find anything, because my desktop PC is not connected to any wifi hotspot. I could connect, but then obviates the point of not allowing auto reconnects to known hotspots, plus I prefer the CAT5 cable connection to use Ethernet. Do a test. Disconnect from all wifi hotspots. Use Ubuitities' WiFiman or olgor's WiFi Analyzer to look for a BSSID (which is presented as the MAC address of the hotspot to where your phone connected). You won't find one. Connect to a wifi hotspot, like your wifi cable modem. WiFiman will show the specs on the hotspot, like BSSID (as MAC address), SSID, IP address, netmask, signal strength, etc. Now disconnect from the hotspot. Yep, BSSID is gone, because you don't have a connect with the hotspot to which a BSSID was assigned. The BSSID does not follow around with your phone. It is the network interface (48-bit MAC address) of whatever wifi hotspot to which you are currently connected. At home, you'll see the BSSID of your wifi cable modem. At Starbucks, it will be the BSSID for your phone's connection to their wifi router. At the library, it will be their BSSID. When not connected to any hotspot, there's no BSSID for you to get. The BSSID doesn't track your phone. Your phone's IMEI tracks your phone. Call your local police to find out if they're using CALEA (Communications Assistance for Law Enforcement) or IMSI Catchers to track your phone or calls by using IMEI, or by mobile phone number, but that requires coercing a court to force a carrier to track your IMEI. Your carrier, upon proper request, helps the cops track your phone or calls. They also cooperate with lost phone location. https://www.fcc.gov/calea https://en.wikipedia.org/wiki/IMSI-catcher https://techreport.com/spy/spy-on-phone-with-imei/ No one cares about the BSSID of the hotspot to which you connect. The hotspot itself can record its own history on who connected to it. Take a look at: https://wigle.net/ https://play.google.com/store/search?q=wigle&c=apps Notice the BSSID is presented as a MAC address. It shows the SSID and BSSID, but of what? Your phone? Nope, of the hotspot your phone found when running their app on your phone. Their app and their maps show the hotspots you *discovered*, not where was your phone (although they may collect that info, too, but it's your choice). There are many crowdsourced database where users runs apps to record what hotspots they found (by SSID and BSSID), or where are the cell towers to which they connected to their carrier (e.g., OpenSignal). Your objection is the BSSID tracks your phone. Wrong. It is the MAC address of the hotspots to which you connected, and EVERYONE connecting to that same hotspot are getting the same SSID and BSSID from there. Anyone can generate a sequence of numbers hoping it matches my social security number. Yes, your wifi cable modem at home is broadcasting its SSID and BSSID, but so is that house number painted on the side of your home. It's up to you if you want to operate an open hotspot that anyone can use. Most users incorporate password to operate a closed or private hotspot. If they don't know the password, they aren't getting a wifi connection. In the connection request, and before the connection is permitted, yes, someone can get the BSSID of your home wifi router, but how does that relate to tracking your phone? Just because your wifi modem is sending its SSID + BSSID to any wifi device during a scan doesn't tell anyone that your phone is actually at home connected to that wifi router.
[toc] | [prev] | [next] | [standalone]
| From | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| Date | 2024-09-19 21:42 +0200 |
| Message-ID | <vchuro$8uj$1@news.gegeweb.eu> |
| In reply to | #143395 |
On 9/19/2024 8:09 AM, VanguardLH wrote: >> Absolutely. Each wi-fi access point has its own setting for autoconnect. >> But if you turn one off, you'll be turning them all off. > > That's surprising, plus it means disabling auto-reconnect is a global > action, not just on the connectiod being configured. You are correct the setting is NOT global (and I never said it was). I think you misunderstood because of the way I said it, for which I apologize. The setting is NOT global (as far as I'm aware). You set it for each home access point that you will be connecting to. However if you're going to set it for one access point, you would gain nothing if you don't also set it individually for every home access point. >>> Without the password, what good is the broadcasted BSSID? >> >> There are a hundred ways to answer that but the simplest is that the BSSID >> is like your Social Security Number. It's you. Only you. Nobody else. You. > > And anyone can guess a sequence of numbers to construct a social > security number. It really isn't that much of a secret. I can tell you do not understand because you think there is a lookup. There are many ways for me to explain it to you again, but since you don't know how networking works, I'm going to keep the explanation very simple. Suppose your phone shouted out the numbers corresponding to the MAC address of DE:AD:BE:EF:CA:FE, which is 64 65 61 64 62 65 65 66 63 61 66 65 0A in hex and which is 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 01100011 01100001 01100110 01100101 in binary, which is how computers think. Now suppose those 96 characters are unique to your home access point (which they are, in fact) so your phone is shouting out those 96 unique binary characters everywhere you go. If the local pawn shop wi-fi sees that unique sequence of 96 characters when you walk inside that store, and it sees the same unique sequence of 96 characters on Monday, Wednesday and Friday of next week, what's the chance that those 96 unique characters EXACTLY correspond to exactly you? 99.9%, right? Essentially, those 96 unique characters are you. Or, at least those 96 unique characters are anyone in your home. > The BSSID is > more like the house number on the outside of your house or on your > mailbox: everyone knows what it is and where it is. See above. It's 96 characters which are unique to you (well, unique to you and your wife and your kids - essentially anyone who lives in your home). Every time any person in your family visits the local drug apothecary, their wi-fi knows that you're back. Or that they're back. Close enough. Now High Ties Cannabis Store - Alexandria Ontario knows that you keep visiting them, and (see below) they know EXACTLY where you live too! You live at: 45.76604369976066 North, -74.56636474143123 West (This is just an example to make the point of what your BSSID tells them.) > So, your objection is not that your home router advertizes it is at your > home, but a wifi hotspot you run on your phone identifies you're the > owner of that hotspot. Why are you running a wifi hotspot (tethering) > on your phone? Again I don't think you understand networking because nobody talked about hotspots (which make the problem even worse - but let's not go there). Here we're talking about your own home router and your own phone connecting to the access points which your home router has (which have unique BSSIDs). > The BSSID is the MAC address of the radio *to* which your phone is > currently connected. BSSID is the unique identifier for a specific > access point within a wireless network, and used to distinguish between > multiple access points sharing the same SSID, and the SSID isn't yours, > either. The BSSID is the 48-bit MAC address of the wireless AP or > router used to make wifi connections. Are you toting around an wireless > AP or router for which you are worried others will discover its BSSID? This shows a little bit of comprehension where we both agree the BSSID is a 96-character unique-to-your-home-router number, where adding the non-unique SSID as part of the pairing just makes positive ID of you much easier. But the BSSID is unique enough without the SSID so we don't really need to even discuss the SSID. The SSID just makes things worse for identification. Note that there are butterfly hash tables of your BSSID/SSID/password on the network, which is how they crack WPA-2, but again, let's not go there. > Every phone can ID your wireless AP or router, because of its SSID + > BSSID. Wrong. If your router is not broadcasting your BSSID/SSID pair (again, the SSID doesn't matter because it's the BSSID that matters), then no phone can connect to it because that phone doesn't even see your BSSID/SSID pair. Well, again, we can go deeper and talk about wardriving but a "normal" phone used by a normal person can't see a BSSID/SSID pair unless your home router constantly broadcasts it (which, I agree - routers do by default). If the phone can't see the BSSID/SSID pair, then not only can it NOT connect to it (unless you enter the SSID/security/passphrase in manually yourself) but it can't upload your unique BSSID to the online databases. Again, I mean a "normal" phone because a WiGle-configured phone with WireShark or NetStumbler or other wardriving software can see it all. > That is not the same as identifying your phone which is the > purpose of IMEI in your phone to let carriers know you have permission > via account status to use their service. When you go to the local marijuana shop on Monday, if your home router was set up for privacy, then your phone broadcasted your unique BSSID of 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 01100011 01100001 01100110 01100101. Worse, if you have more than one home access point, your phone broadcast the unique 96-character BSSID of every one of your home access points. Then, if you go back to that drug shop on 25 Main St S, Alexandria, ON again on Wednesday, the same unique series of characters show up in their wi-fi logs of 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 01100011 01100001 01100110 01100101. Same thing happens on Friday, where 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 01100011 01100001 01100110 01100101 shows up again. That's you. 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 01100011 01100001 01100110 01100101 is you (or a member of your family). Not only is that you (or someone in your family), but they know where you live (because Google already put that in the online Google database). > For example, my desktop PC has wifi capability. Wifi is enabled; > however, it is not connected to my wifi cable modem. As a result, the > command: > > netsh wlan show interfaces | find "BSSID" > > doesn't find anything, because my desktop PC is not connected to any > wifi hotspot. I could connect, but then obviates the point of not > allowing auto reconnects to known hotspots, plus I prefer the CAT5 cable > connection to use Ethernet. If you had your home router set to NOT BROADCAST the BSSID of 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 01100011 01100001 01100110 01100101, then it would be shouting it out constantly. But your home access point is likely set up to not hide broadcast packets, so what's happening instead is your unique BSSID of 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 01100011 01100001 01100110 01100101 is being uploaded daily by everyone driving by your house to Internet databases, where they add your EXACT GPS location to that. Notice this important fact, which is probably more complexity than you can imagine but if I look up that unique BSSID in the Google online database, it tells me your exact GPS location. Now put that together with the fact that the same unique BSSID went to the https://www.highties.ca/alexandria/ drug shop on Monday, Wednesday and Friday, and I can tell you that YOU live at GPS location 45.76604369976066, -74.56636474143123 and YOU went to that drugshop those days (or someone in your family did). You have to realize, the BSSID now tells them everything they need to know. a. It points uniquely to you (or members of your family, close enough) b. And it points to exactly where you live (the exact GPS coordinates) > Do a test. Disconnect from all wifi hotspots. Use Ubuitities' WiFiman > or olgor's WiFi Analyzer to look for a BSSID (which is presented as the > MAC address of the hotspot to where your phone connected). You won't > find one. Connect to a wifi hotspot, like your wifi cable modem. > WiFiman will show the specs on the hotspot, like BSSID (as MAC address), > SSID, IP address, netmask, signal strength, etc. Now disconnect from > the hotspot. Yep, BSSID is gone, because you don't have a connect with > the hotspot to which a BSSID was assigned. > > The BSSID does not follow around with your phone. It is the network > interface (48-bit MAC address) of whatever wifi hotspot to which you are > currently connected. At home, you'll see the BSSID of your wifi cable > modem. At Starbucks, it will be the BSSID for your phone's connection > to their wifi router. At the library, it will be their BSSID. When not > connected to any hotspot, there's no BSSID for you to get. > > The BSSID doesn't track your phone. Your phone's IMEI tracks your > phone. Call your local police to find out if they're using CALEA > (Communications Assistance for Law Enforcement) or IMSI Catchers to > track your phone or calls by using IMEI, or by mobile phone number, but > that requires coercing a court to force a carrier to track your IMEI. > Your carrier, upon proper request, helps the cops track your phone or > calls. They also cooperate with lost phone location. > > https://www.fcc.gov/calea > https://en.wikipedia.org/wiki/IMSI-catcher > https://techreport.com/spy/spy-on-phone-with-imei/ > > No one cares about the BSSID of the hotspot to which you connect. Wrong. The BSSId is not only unique to you (or to members of your family), but it also tells anyone who knows how to look for it, where EXACTLY you live. > The > hotspot itself can record its own history on who connected to it. > > Take a look at: > > https://wigle.net/ > https://play.google.com/store/search?q=wigle&c=apps > > Notice the BSSID is presented as a MAC address. It shows the SSID and > BSSID, but of what? Your phone? Nope, of the hotspot your phone found > when running their app on your phone. Their app and their maps show the > hotspots you *discovered*, not where was your phone (although they may > collect that info, too, but it's your choice). > > There are many crowdsourced database where users runs apps to record > what hotspots they found (by SSID and BSSID), or where are the cell > towers to which they connected to their carrier (e.g., OpenSignal). > > Your objection is the BSSID tracks your phone. Wrong. It is the MAC > address of the hotspots to which you connected, and EVERYONE connecting > to that same hotspot are getting the same SSID and BSSID from there. > > Anyone can generate a sequence of numbers hoping it matches my social > security number. Yes, your wifi cable modem at home is broadcasting its > SSID and BSSID, but so is that house number painted on the side of your > home. It's up to you if you want to operate an open hotspot that anyone > can use. Most users incorporate password to operate a closed or private > hotspot. If they don't know the password, they aren't getting a wifi > connection. In the connection request, and before the connection is > permitted, yes, someone can get the BSSID of your home wifi router, but > how does that relate to tracking your phone? Just because your wifi > modem is sending its SSID + BSSID to any wifi device during a scan > doesn't tell anyone that your phone is actually at home connected to > that wifi router. I don't think I can teach you basic networking over the Internet so you're just going to have to look up what a phone needs to upload your BSSID and GPS (and a few other things) to the Google (and other) online databases. You also need to understand how networking works when the broadcast is not hidden (in which case your exactly location is uploaded to all these dbs). And you need to understand how that does not happen when the broadcast is hidden (which is similar, but not the same as adding "_nomap" to the SSID). You do NOT understand any of that, so you can't "lecture" me because I knew twenty years ago what you still do not know now about BSSID in networking. Do you want me to give you a reference, or can you look up on your own what happens when your BSSID is uploaded to Google/Wigle/Mozilla/etc databases? It means this: a. Your BSSID points uniquely to you (or members of your family) and b. Your BSSID points to exactly where you live (the exact GPS coordinates)! If you walk into my shop, I will not only know that you've been there before and when, but I will also know exactly where you live. But, as you said, unless I add other information (like credit card transactions at my drug store or camera identification), I won't know who you are. I just know every time you go anywhere and I know exactly where you live.
[toc] | [prev] | [next] | [standalone]
| From | Chris <ithinkiam@gmail.com> |
|---|---|
| Date | 2024-09-22 08:29 +0000 |
| Message-ID | <vcokge$253fe$1@dont-email.me> |
| In reply to | #143415 |
Enrico Papaloma <enrico@papaloma.net> wrote: > On 9/19/2024 8:09 AM, VanguardLH wrote: > >> That is not the same as identifying your phone which is the >> purpose of IMEI in your phone to let carriers know you have permission >> via account status to use their service. > > When you go to the local marijuana shop on Monday, if your home router was > set up for privacy, then your phone broadcasted your unique BSSID of > 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 > 01100011 01100001 01100110 01100101. > > Worse, if you have more than one home access point, your phone broadcast > the unique 96-character BSSID of every one of your home access points. Your phone will broadcast *all* WAPs that you've ever connected to (and not removed). There's no way for the shop - even if they cared - to identify which WAP is your home one. Even if they had a global database look-up of all BSSIDs and geographical addresses. With the exception of if you only ever connect to a single WAP which is your home.
[toc] | [prev] | [next] | [standalone]
| From | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| Date | 2024-09-23 06:11 +0200 |
| Message-ID | <vcqpq8$2ieh$1@news.gegeweb.eu> |
| In reply to | #143458 |
On 9/22/2024 8:29 AM, Chris wrote: >> Worse, if you have more than one home access point, your phone broadcast >> the unique 96-character BSSID of every one of your home access points. > > Your phone will broadcast *all* WAPs that you've ever connected to (and not > removed). There's no way for the shop - even if they cared - to identify > which WAP is your home one. Even if they had a global database look-up of > all BSSIDs and geographical addresses. With the exception of if you only > ever connect to a single WAP which is your home. These are all valid points, as networking isn't something we can guess at. Everything depends on how we set up our home router & how we set up our phone, where mine isn't likely set up like yours is set up - but that's because I know that every phone that passes by most houses is uploading its BSSID & GPS location (among other things) to Google's public database. That's how most people set up their home routers (by default). Note that upload to Google's servers by every phone passing most homes happens even if people append "_nomap" to the home router SSID (but let's not go there as that just adds another level of unintuitive complexity). The fact is most Android phones are set up, by default, to upload to Google's public databases every BSSID (with GPS location) that it sees. So we can safely assume your unique BSSID & GPS location is already easily accessible by any person who knows how to access that public database. And, we can just as safely assume that my unique BSSID is NOT in that db. Do we agree on that as a basic starting point. a. Your unique BSSID is in the public database as is your GPS location. b. Mine is not. That's just a basic starting point, but do we at least agree on that yet?
[toc] | [prev] | [next] | [standalone]
| From | Chris <ithinkiam@gmail.com> |
|---|---|
| Date | 2024-09-23 14:11 +0000 |
| Message-ID | <vcrsu4$2o5oa$1@dont-email.me> |
| In reply to | #143477 |
Enrico Papaloma <enrico@papaloma.net> wrote: > On 9/22/2024 8:29 AM, Chris wrote: >>> Worse, if you have more than one home access point, your phone broadcast >>> the unique 96-character BSSID of every one of your home access points. >> >> Your phone will broadcast *all* WAPs that you've ever connected to (and not >> removed). There's no way for the shop - even if they cared - to identify >> which WAP is your home one. Even if they had a global database look-up of >> all BSSIDs and geographical addresses. With the exception of if you only >> ever connect to a single WAP which is your home. > [snip] > So we can safely assume your unique BSSID & GPS location is already easily > accessible by any person who knows how to access that public database. And exactly who can access this "public" database? People can also see my house on google maps or see my address in the phone book. Certain officials can also get my name and address for official reasons, like electioneering. > And, we can just as safely assume that my unique BSSID is NOT in that db. Maybe, maybe not. How would you even know? Regardless, neither your house nor your address is secret information. > Do we agree on that as a basic starting point. > a. Your unique BSSID is in the public database as is your GPS location. > b. Mine is not. > > That's just a basic starting point, but do we at least agree on that yet? Possibly, but you've completely missed my point. Your BSSID doesn't intrinsically identify you and given any broadcast includes all WAPs it's impractical/impossible to identify your home (or mine) from a device's broadcast. At best, all someone can do is say that your device has been seen on this network before. They won't be able to say that this device belongs to Arlen who lives at 123 Acacia Avenue. A specialist with legal authority and a lot more information gathered from elsewhere *might*.
[toc] | [prev] | [next] | [standalone]
| From | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| Date | 2024-09-23 17:34 +0200 |
| Message-ID | <vcs1q6$13j$1@news.gegeweb.eu> |
| In reply to | #143486 |
On 9/23/2024 2:11 PM, Chris wrote: >> So we can safely assume your unique BSSID & GPS location is already easily >> accessible by any person who knows how to access that public database. > > And exactly who can access this "public" database? Everyone. Anywhere. Anytime. They know everywhere you go, even if you dig a tunnel and emerge on the other side of the border, your phone screams out your unique BSSID & exactly where you live if you leave the phone & router at the defaults. https://support.google.com/maps/answer/1725632 https://www.osintcurio.us/2019/01/15/tracking-all-the-wifi-things/ https://www.ieee-security.org/TC/SP2013/posters/Muhammad_Naveed.pdf Unfortunately, as much as I'd like to help you, it's too much for me to teach networking in a thread if you don't bother to look anything up 1st. https://developers.google.com/maps/documentation/geolocation/requests-geolocation Before you respond, may I ask you to just google what happened only a few months ago with the Apple database - where it found to be completely open. Tens, hundreds, and thousands of unique BSSID/GPS locations are handed out by the Apple database without anyone even needing any credentials at all. https://cybernews.com/privacy/apple-beams-wifi-location-data-privacy-risk/ https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide https://www.techzine.eu/blogs/security/122122/how-apples-location-api-gives-away-wi-fi-network-data-worldwide/ The Google database used to be wide open to everyone, and then they added a free tracking key, which is still wide open but you have to register first. https://usa.kaspersky.com/blog/wps-router-geolocation/30283/ https://www.cnet.com/news/privacy/researchers-probe-googles-geolocation-database/ https://dev.to/higordiego/discover-how-google-can-locate-your-residence-just-through-your-wi-fi-router-250m > People can also see my house on google maps or see my address in the phone > book. Certain officials can also get my name and address for official > reasons, like electioneering. As much as I'd like to teach you basic networking over the Internet, you have to look some things up before you make claims for me to then debunk. https://www.huffpost.com/entry/android-map-reveals-router-location_n_853214 https://www.techzine.eu/news/security/54130/malware-uses-wifi-bssid-to-identify-victims/ https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide >> And, we can just as safely assume that my unique BSSID is NOT in that db. > > Maybe, maybe not. How would you even know? Again, I'd love to teach you basic networking but my fee is $200 an hour. It's published how to access the public BSSID/GPS databases if you look. https://github.com/GONZOsint/geowifi There isn't anything I've explained which isn't all over the Internet since it's just basic networking that I'm trying to help you better understand. https://www.darkreading.com/cyber-risk/google-wardriving-how-engineering-trumped-privacy https://blog.ouseful.info/2016/01/27/looking-up-the-physical-location-of-your-wifi-router/ https://www.howtogeek.com/788837/your-wi-fi-info-is-in-google-and-microsofts-databases-should-you-care/ > Regardless, neither your house nor your address is secret information. I'm trying to help you understand that your phone screams out not only your unique BSSID but the GPS location of that home WAP, everywhere you go, even if you travel to Ankara hiding under an overcoat, umbrella and fedora. https://www.theguardian.com/technology/blog/2011/apr/25/google-router-map-exposed https://krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag/ https://blog.gl-inet.com/preventive-actions-to-safeguard-glinet-users-from-bssid-based-location-tracking/ >> Do we agree on that as a basic starting point. >> a. Your unique BSSID is in the public database as is your GPS location. >> b. Mine is not. >> >> That's just a basic starting point, but do we at least agree on that yet? > > Possibly, but you've completely missed my point. Your BSSID doesn't > intrinsically identify you and given any broadcast includes all WAPs it's > impractical/impossible to identify your home (or mine) from a device's > broadcast. As much as I'd like to continue to explain to you the very basics of networking, you need to click on a few links before saying such things. https://academic.oup.com/idpl/article/1/3/149/688705 https://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf https://epic.org/googles-location-data-policy-update-why-users-need-more-than-pinkie-promises-to-protect-their-most-sensitive-information/ > At best, all someone can do is say that your device has been seen on this > network before. They won't be able to say that this device belongs to Arlen > who lives at 123 Acacia Avenue. A specialist with legal authority and a lot > more information gathered from elsewhere *might*. I can't try any harder or more sincerely to explain to you how the basic networking works on the phone with your home WAP unique BSSID & location. Maybe you can read some of the cites on the net to get a bit of background? https://www.ieee-security.org/TC/SP2013/posters/Muhammad_Naveed.pdf https://businesslawtoday.org/2019/03/power-place-geolocation-tracking-privacy/ https://community.absolute.com/s/article/Update-Google-Maps-WiFi-Positioning-Database Of course, none of this happens if you change your phone & router defaults.
[toc] | [prev] | [next] | [standalone]
| From | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| Date | 2024-09-23 06:32 +0200 |
| Message-ID | <vcqr0o$2is1$1@news.gegeweb.eu> |
| In reply to | #143458 |
On 9/22/2024 8:29 AM, Chris wrote: >>> That is not the same as identifying your phone which is the >>> purpose of IMEI in your phone to let carriers know you have permission >>> via account status to use their service. >> >> When you go to the local marijuana shop on Monday, if your home router was >> set up for privacy, then your phone broadcasted your unique BSSID of >> 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110 >> 01100011 01100001 01100110 01100101. >> >> Worse, if you have more than one home access point, your phone broadcast >> the unique 96-character BSSID of every one of your home access points. > > Your phone will broadcast *all* WAPs that you've ever connected to (and not > removed). There's no way for the shop - even if they cared - to identify > which WAP is your home one. Even if they had a global database look-up of > all BSSIDs and geographical addresses. With the exception of if you only > ever connect to a single WAP which is your home. Again, you show an understanding of networking details which is very good. I just checked my phone by looking in Settings > Connections > (then long pressing on the existing Wi-Fi connection) > (then tapping the three dots at the top right of the screen) > Advanced Settings > Manage Networks > where that lists all recent wireless access points that I've connected to. There are a good dozen, but they all say "Auto reconnect turned off". Which means the unique BSSID is not broadcast the way my phone is set up. However, I'm well aware most people have every Wi-Fi access point they've ever connected to set up to automatically re-connect (if it's seen again). Which is the common (default) setup that you are trying to explain to me. That means most people do broadcast all wireless access point unique BSSIDs (let's ignore the non-unique SSID for now) everywhere they go, just as you said they would. But not me. Do we agree on that as a basic starting point. a. Your phone broadcasts the unique BSSIDs of every WAP you connected to. b. Mine does not. That's just a basic starting point, but do we at least agree on that yet?
[toc] | [prev] | [next] | [standalone]
| From | Arno Welzel <usenet@arnowelzel.de> |
|---|---|
| Date | 2024-09-28 13:40 +0200 |
| Message-ID | <llq88tFiecrU2@mid.individual.net> |
| In reply to | #143384 |
Enrico Papaloma, 2024-09-18 17:40: > On 9/18/2024 1:50 AM, Arno Welzel wrote: >>> Instead of waiting for the phone to find the network and connect to it, >> >> How long to you have to wait? My phone usually connects within seconds >> if a known WiFi network is in reach. > > How long is the wait? Forever. > > Actually the wait is "forever and ever" because I have the wi-fi > auto-connect turned off for privacy reasons - as leaving auto-connect > turned on shouts out your home BSSID every few seconds everywhere you go. Then live with the consequences. -- Arno Welzel https://arnowelzel.de
[toc] | [prev] | [next] | [standalone]
| From | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| Date | 2024-09-28 15:17 +0200 |
| Message-ID | <vd8vm2$13gi$1@news.gegeweb.eu> |
| In reply to | #143532 |
On 9/28/2024 1:40 PM, Arno Welzel wrote: > Then live with the consequences. You make it sound like efficiency is an evil thing for someone to desire. The consequences is it takes more than a single tap to connect to a hidden home WAP where the goal of this thread is to reduce that to a single tap. What I'm seeking is a shortcut that connects to any given access point. That shouldn't be hard to do - but I don't know how to do it. Do you?
[toc] | [prev] | [next] | [standalone]
| From | "Carlos E.R." <robin_listas@es.invalid> |
|---|---|
| Date | 2024-09-28 22:08 +0200 |
| Message-ID | <8a4mskxhep.ln2@Telcontar.valinor> |
| In reply to | #143536 |
On 2024-09-28 15:17, Enrico Papaloma wrote: > On 9/28/2024 1:40 PM, Arno Welzel wrote: >> Then live with the consequences. > > You make it sound like efficiency is an evil thing for someone to desire. > > The consequences is it takes more than a single tap to connect to a hidden > home WAP where the goal of this thread is to reduce that to a single tap. > > What I'm seeking is a shortcut that connects to any given access point. > > That shouldn't be hard to do - but I don't know how to do it. Do you? Nobody needs it, only you — because of your choices. You are of course welcomed to your choices, but they have consequences. :-) So, learn how to program for Android, and create yourself that application. It is the only thing you can do. Or convince some programmer to create it. I could suggest that there are personalization/customization apps. You tap the phone to a sticker on your door frame; the phone reads it by NFC (which you have to keep activated for this to work), and on sensing the "HOME" sticker it automatically customizes the phone. Anything should be possible, like powering up the WiFi radio and connecting to it. But you will not like having the NFC active full or most time. I also long ago mentioned to you an application, that worked well on Android 2, that would customize the phone depending on location. This app stopped working that well in later Android versions because user apps can not switch on/off the Wifi radio. Pity. -- Cheers, Carlos.
[toc] | [prev] | [next] | [standalone]
| From | Arno Welzel <usenet@arnowelzel.de> |
|---|---|
| Date | 2024-09-29 21:06 +0200 |
| Message-ID | <lltmq5F41jtU2@mid.individual.net> |
| In reply to | #143536 |
Enrico Papaloma, 2024-09-28 15:17: > On 9/28/2024 1:40 PM, Arno Welzel wrote: >> Then live with the consequences. > > You make it sound like efficiency is an evil thing for someone to desire. No, just inconvinient. Quote: "is there a way to make a home screen icon to quickly connect to a definite wi-fi network ap (without using the settings)?" No - there is not. You have to live with that. -- Arno Welzel https://arnowelzel.de
[toc] | [prev] | [next] | [standalone]
| From | Enrico Papaloma <enrico@papaloma.net> |
|---|---|
| Date | 2024-09-30 00:32 +0200 |
| Message-ID | <vdcki8$2tte$1@news.gegeweb.eu> |
| In reply to | #143542 |
On 9/29/2024 9:06 PM, Arno Welzel wrote: >> You make it sound like efficiency is an evil thing for someone to desire. > > No, just inconvinient. > > Quote: "is there a way to make a home screen icon to quickly connect to > a definite wi-fi network ap (without using the settings)?" > > No - there is not. You have to live with that. Most of this thread was explaining basic networking to people who refuse to google anything that they're unaware of - which is a waste of our time. To explain basic networking to people who refuse to google it, my fee is $200 per hour, but this thread wasn't intended to explain basic networking. There were two parts to the original question, one of which we found doesn't exist, but the other MUST exist - which is to figure out the commands that connect to a given known WAP, and bundle that up. I'm sure an app can be written to do that, since everything is hard coded, but I don't have the skills to write that app. Which is why I was hoping there would be an app to do it but there's not. That question left of how to bundle the commands into an app or shortcut needs someone with better networking skills than any of us possess. I'll ask over in some wifi networking forums if experts know the sequence of events that are required for Android to connect to a known WAP. Thank you all very much for all your time and help in answering this! You guys are great! I probably won't respond further unless it's about those commands as most of this thread was defending basic networking that I thought everyone knew. But thank you all for your assistance as you helped me hone the direction I must go to solve the problem - which is to find the sequence of commands.
[toc] | [prev] | [next] | [standalone]
| From | Arno Welzel <usenet@arnowelzel.de> |
|---|---|
| Date | 2024-09-30 16:54 +0200 |
| Message-ID | <llvsdkFe3aaU2@mid.individual.net> |
| In reply to | #143544 |
Enrico Papaloma, 2024-09-30 00:32: > On 9/29/2024 9:06 PM, Arno Welzel wrote: >>> You make it sound like efficiency is an evil thing for someone to desire. >> >> No, just inconvinient. >> >> Quote: "is there a way to make a home screen icon to quickly connect to >> a definite wi-fi network ap (without using the settings)?" >> >> No - there is not. You have to live with that. > > Most of this thread was explaining basic networking to people who refuse to > google anything that they're unaware of - which is a waste of our time. > > To explain basic networking to people who refuse to google it, my fee is > $200 per hour, but this thread wasn't intended to explain basic networking. Name the exact terms what to google for. [...] > I'll ask over in some wifi networking forums if experts know the sequence > of events that are required for Android to connect to a known WAP. Yes, do this. -- Arno Welzel https://arnowelzel.de
[toc] | [prev] | [standalone]
Page 2 of 2 — ← Prev page 1 [2]
Back to top | Article view | comp.mobile.android
csiph-web