Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.mobile.android > #143373 > unrolled thread

home screen icon to connect to wi-fi network

Started byEnrico Papaloma <enrico@papaloma.net>
First post2024-09-15 06:30 +0200
Last post2024-09-30 16:54 +0200
Articles 18 on this page of 38 — 6 participants

Back to article view | Back to comp.mobile.android


Contents

  home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-15 06:30 +0200
    Re: home screen icon to connect to wi-fi network VanguardLH <V@nguard.LH> - 2024-09-15 05:15 -0500
      Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-15 19:18 +0200
        Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-18 08:52 +0200
          Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-18 17:40 +0200
    Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-15 23:15 +0200
      Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-19 03:05 +0200
        Re: home screen icon to connect to wi-fi network Andy Burns <usenet@andyburns.uk> - 2024-09-19 08:52 +0100
          Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-30 00:53 +0200
            Re: home screen icon to connect to wi-fi network Andy Burns <usenet@andyburns.uk> - 2024-09-30 09:04 +0100
              Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-10-02 01:39 +0200
                Re: home screen icon to connect to wi-fi network Andy Burns <usenet@andyburns.uk> - 2024-10-02 05:11 +0100
        Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-19 10:06 +0200
        Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-28 13:39 +0200
          Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-28 15:10 +0200
            Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-28 21:55 +0200
            Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-29 21:03 +0200
              Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-30 00:30 +0200
                Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-30 09:00 +0200
                Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-30 16:52 +0200
          Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-28 21:55 +0200
    Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-18 08:50 +0200
      Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-18 17:40 +0200
        Re: home screen icon to connect to wi-fi network VanguardLH <V@nguard.LH> - 2024-09-18 14:07 -0500
          Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-19 02:59 +0200
            Re: home screen icon to connect to wi-fi network VanguardLH <V@nguard.LH> - 2024-09-19 01:09 -0500
              Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-19 21:42 +0200
                Re: home screen icon to connect to wi-fi network Chris <ithinkiam@gmail.com> - 2024-09-22 08:29 +0000
                  Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-23 06:11 +0200
                    Re: home screen icon to connect to wi-fi network Chris <ithinkiam@gmail.com> - 2024-09-23 14:11 +0000
                      Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-23 17:34 +0200
                  Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-23 06:32 +0200
        Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-28 13:40 +0200
          Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-28 15:17 +0200
            Re: home screen icon to connect to wi-fi network "Carlos E.R." <robin_listas@es.invalid> - 2024-09-28 22:08 +0200
            Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-29 21:06 +0200
              Re: home screen icon to connect to wi-fi network Enrico Papaloma <enrico@papaloma.net> - 2024-09-30 00:32 +0200
                Re: home screen icon to connect to wi-fi network Arno Welzel <usenet@arnowelzel.de> - 2024-09-30 16:54 +0200

Page 2 of 2 — ← Prev page 1 [2]


#143537

From"Carlos E.R." <robin_listas@es.invalid>
Date2024-09-28 21:55 +0200
Message-ID<vh3mskxvmm.ln2@Telcontar.valinor>
In reply to#143531
On 2024-09-28 13:39, Arno Welzel wrote:
> Enrico Papaloma, 2024-09-19 03:05:
> 
> [...]
>> Remember the home router is always set to not broadcast your BSSID/SSID
>> pair, which is prudent not for security but for privacy reasons since then
>> phones don't upload your unique BSSID/SSID pair to Internet databases.
> 
> Why do you think, that the phone won't do this, when it is *connected*
> to that SSID?
> 
>> So two things are set which most people don't know why they'd set them.
>> (1) The home router is set to NOT BROADCAST your unique BSSID/SSID pair.
>> (2) The phone is set to NOT AUTO CONNECT to any known wi-fi access points.
>>
>> Those are set for privacy.
>> Not for security.
> 
> What has auto-connect to do with privacy if you are using your own WiFi
> network?

Because he hides his router SSID so that google doesn't map his WiFi to 
his house⁽¹⁾. That way autoconnect doesn't happen. His phone has to 
actively search for the home WiFi in order to connect to it.


(1) The phones of passerbys detect the SSID of the WiFis they hear on 
the street, and google maps them. This is used so that a phone in the 
world can know where it is by identifying the SSIDs in the vicinity. And 
inside buildings, by identifying certain BT emitters. Some people 
consider this an invasion of their privacy. And others, like our friend, 
dislike that phones are passively listening and mapping locations and 
that people do not massively disable this feature.

>> Most people don't understand the difference, but the end result is if you
>> leave auto connect on the default setting, then your phone will constantly
>> shout out your unique BSSID/SSID pair everywhere you go in the world.
> 
> Do you have a source where one can learn more about this?
> 
>> That allows anyone with even minimum skills to track your every movement.
>> I don't want that.
> 
> With even "minimum skills"? How?

He is Arlen :-)

He has mentioned those things many times, only interesting if you are 
similarly minded. Very impractical, contrary to what he says. Like the 
phone not connecting to the home router automatically and fast.


-- 
Cheers, Carlos.

[toc] | [prev] | [next] | [standalone]


#143382

FromArno Welzel <usenet@arnowelzel.de>
Date2024-09-18 08:50 +0200
Message-ID<lkvbhnFftcdU1@mid.individual.net>
In reply to#143373
Enrico Papaloma, 2024-09-15 06:30:

> Instead of waiting for the phone to find the network and connect to it,

How long to you have to wait? My phone usually connects within seconds
if a known WiFi network is in reach.


-- 
Arno Welzel
https://arnowelzel.de

[toc] | [prev] | [next] | [standalone]


#143384

FromEnrico Papaloma <enrico@papaloma.net>
Date2024-09-18 17:40 +0200
Message-ID<vces92$1m52$1@news.gegeweb.eu>
In reply to#143382
On 9/18/2024 1:50 AM, Arno Welzel wrote:
>> Instead of waiting for the phone to find the network and connect to it,
> 
> How long to you have to wait? My phone usually connects within seconds
> if a known WiFi network is in reach.

How long is the wait? Forever. 

Actually the wait is "forever and ever" because I have the wi-fi
auto-connect turned off for privacy reasons - as leaving auto-connect
turned on shouts out your home BSSID every few seconds everywhere you go.

While I'm not Hezbollah, hiding my cellphone and pager from the Israeli
Mossad, it seems prudent to set up a cellphone to not ID you every moment.

Alls a nefarious outfit has to do is sell their services to a company, say
Macy's or Nordstrom or Target or whatever, and tell that store that they
can uniquely track each customer's presence in every store, although they
often already do that with bluetooth trackers (so my bluetooth is off too).

I can easily make an Android homescreen shortcut to the activity named 
com.android.settings/com.android.settings.Settings$WifiSettingsActivity
but what I really want to bring up is an activity to a specific access
point BSSID/SSID pair such as "01:02:03:04:05:06/my-access-point-01".

Given a known BSSID/SSID to my own home access points, if anyone figures
out how to directly connect to them with a terminal command, let me know.

[toc] | [prev] | [next] | [standalone]


#143386

FromVanguardLH <V@nguard.LH>
Date2024-09-18 14:07 -0500
Message-ID<jx54y9tyo6c6.dlg@v.nguard.lh>
In reply to#143384
Enrico Papaloma <enrico@papaloma.net> wrote:

> Arno Welzel wrote:
> 
>> How long to you have to wait? My phone usually connects within seconds
>> if a known WiFi network is in reach.
> 
> How long is the wait? Forever. 
> 
> Actually the wait is "forever and ever" because I have the wi-fi
> auto-connect turned off for privacy reasons - as leaving auto-connect
> turned on shouts out your home BSSID every few seconds everywhere you go.

You sure disabling auto-reconnect must be a global setting?  I thought
you could go into the properties of a connectoid to decide if you want
that one to auto-reconnect, like the wifi hotspot in your home.

https://www.youtube.com/watch?v=AEkwtEzYeAQ&t=12s

Without the password, what good is the broadcasted BSSID?  Anyone can
drive by my house, but they're not getting in with the key.  Yes, they
could break in, just like anyone with physical access to your AP or wifi
cable modem can alter its settings.  If they have physical access,
they're already inside.  I can wear a company badge on my shirt that
anyone can read, but that doesn't grant them access into the building by
just knowing my name off the badge.

You run open wifi hotspots to which anyone can connect without a
password?

[toc] | [prev] | [next] | [standalone]


#143391

FromEnrico Papaloma <enrico@papaloma.net>
Date2024-09-19 02:59 +0200
Message-ID<vcft1u$23qm$1@news.gegeweb.eu>
In reply to#143386
On 9/18/2024 9:07 PM, VanguardLH wrote:
>> Actually the wait is "forever and ever" because I have the wi-fi
>> auto-connect turned off for privacy reasons - as leaving auto-connect
>> turned on shouts out your home BSSID every few seconds everywhere you go.
> 
> You sure disabling auto-reconnect must be a global setting?

I never said it was a global setting. It's set per access point.

>  I thought
> you could go into the properties of a connectoid to decide if you want
> that one to auto-reconnect, like the wifi hotspot in your home.
> 
> https://www.youtube.com/watch?v=AEkwtEzYeAQ&t=12s

Absolutely. Each wi-fi access point has its own setting for autoconnect.
But if you turn one off, you'll be turning them all off. 

It makes no sense to turn one off and leave the other turned on.
That's like locking one door of your car but leaving the other unlocked.

> Without the password, what good is the broadcasted BSSID? 

There are a hundred ways to answer that but the simplest is that the BSSID
is like your Social Security Number. It's you. Only you. Nobody else. You.

> Anyone can
> drive by my house, but they're not getting in with the key.

Again, there are a hundred ways to respond to that but the simplest way is
for me to switch BSSID with your Social Security Number to make the point.

When you're home, your router screams out your unique social security
number and with that information, when you're home, you CONNECT to the AP.

The problem doesn't happen when you're home. 
The problem happens ONLY when you're AWAY from home.

When you're away from home, your PHONE screams out your unique social
security number everywhere you go (it wants to connect to your router).

Every 5 seconds your phone screams out your unique social security number. 
Do you really want EVERYONE who is around you to know your unique SSN?

To stop that, you have to turn off auto-connect for each access point.
(Replace "Social Security Number" with "BSSID" in the explanation above.)

>  Yes, they
> could break in, just like anyone with physical access to your AP or wifi
> cable modem can alter its settings.  If they have physical access,
> they're already inside.  I can wear a company badge on my shirt that
> anyone can read, but that doesn't grant them access into the building by
> just knowing my name off the badge.
> 
> You run open wifi hotspots to which anyone can connect without a
> password?

You don't seem to understand the problem doesn't happen at your home.
It's a matter of being tracked uniquely everywhere you go away from home.

I must stress that the problem happens when you are AWAY from home.
But only if you do not turn off auto-connect.

Which is why any sane person always turns off the wi-fi auto connect.

If you have auto-connect turned on, then your phone is screaming out your
unique BSSID everywhere you go, every few seconds, it screams it out again.

That makes it trivial for bad actors to track your every movement.
This is basic wi-fi stuff that you should already know (long ago).

What I'm trying to do is make the non-auto-connect connection simpler.

I want to do that by putting a shortcut on my home screen that will connect
only to the given unique BSSID/SSID pair that is my own wi-fi access point.

[toc] | [prev] | [next] | [standalone]


#143395

FromVanguardLH <V@nguard.LH>
Date2024-09-19 01:09 -0500
Message-ID<464sl25fw0ya.dlg@v.nguard.lh>
In reply to#143391
Enrico Papaloma <enrico@papaloma.net> wrote:

> VanguardLH wrote:
>
>> I thought you could go into the properties of a connectoid to decide
>> if you want that one to auto-reconnect, like the wifi hotspot in
>> your home.
>> 
>> https://www.youtube.com/watch?v=AEkwtEzYeAQ&t=12s
> 
> Absolutely. Each wi-fi access point has its own setting for autoconnect.
> But if you turn one off, you'll be turning them all off. 

That's surprising, plus it means disabling auto-reconnect is a global
action, not just on the connectiod being configured.

>> Without the password, what good is the broadcasted BSSID? 
> 
> There are a hundred ways to answer that but the simplest is that the BSSID
> is like your Social Security Number. It's you. Only you. Nobody else. You.

And anyone can guess a sequence of numbers to construct a social
security number.  It really isn't that much of a secret.  The BSSID is
more like the house number on the outside of your house or on your
mailbox: everyone knows what it is and where it is.

So, your objection is not that your home router advertizes it is at your
home, but a wifi hotspot you run on your phone identifies you're the
owner of that hotspot.  Why are you running a wifi hotspot (tethering)
on your phone?  

The BSSID is the MAC address of the radio *to* which your phone is
currently connected.  BSSID is the unique identifier for a specific
access point within a wireless network, and used to distinguish between
multiple access points sharing the same SSID, and the SSID isn't yours,
either.  The BSSID is the 48-bit MAC address of the wireless AP or
router used to make wifi connections.  Are you toting around an wireless
AP or router for which you are worried others will discover its BSSID?

Every phone can ID your wireless AP or router, because of its SSID +
BSSID.  That is not the same as identifying your phone which is the
purpose of IMEI in your phone to let carriers know you have permission
via account status to use their service.

For example, my desktop PC has wifi capability.  Wifi is enabled;
however, it is not connected to my wifi cable modem.  As a result, the
command:

netsh wlan show interfaces | find “BSSID”

doesn't find anything, because my desktop PC is not connected to any
wifi hotspot.  I could connect, but then obviates the point of not
allowing auto reconnects to known hotspots, plus I prefer the CAT5 cable
connection to use Ethernet.

Do a test.  Disconnect from all wifi hotspots.  Use Ubuitities' WiFiman
or olgor's WiFi Analyzer to look for a BSSID (which is presented as the
MAC address of the hotspot to where your phone connected).  You won't
find one.  Connect to a wifi hotspot, like your wifi cable modem.
WiFiman will show the specs on the hotspot, like BSSID (as MAC address),
SSID, IP address, netmask, signal strength, etc.  Now disconnect from
the hotspot.  Yep, BSSID is gone, because you don't have a connect with
the hotspot to which a BSSID was assigned.

The BSSID does not follow around with your phone. It is the network
interface (48-bit MAC address) of whatever wifi hotspot to which you are
currently connected.  At home, you'll see the BSSID of your wifi cable
modem.  At Starbucks, it will be the BSSID for your phone's connection
to their wifi router.  At the library, it will be their BSSID.  When not
connected to any hotspot, there's no BSSID for you to get.

The BSSID doesn't track your phone.  Your phone's IMEI tracks your
phone.  Call your local police to find out if they're using CALEA
(Communications Assistance for Law Enforcement) or IMSI Catchers to
track your phone or calls by using IMEI, or by mobile phone number, but
that requires coercing a court to force a carrier to track your IMEI.
Your carrier, upon proper request, helps the cops track your phone or
calls.   They also cooperate with lost phone location.

https://www.fcc.gov/calea
https://en.wikipedia.org/wiki/IMSI-catcher
https://techreport.com/spy/spy-on-phone-with-imei/

No one cares about the BSSID of the hotspot to which you connect.  The
hotspot itself can record its own history on who connected to it.

Take a look at:

https://wigle.net/
https://play.google.com/store/search?q=wigle&c=apps

Notice the BSSID is presented as a MAC address.  It shows the SSID and
BSSID, but of what?  Your phone?  Nope, of the hotspot your phone found
when running their app on your phone.  Their app and their maps show the
hotspots you *discovered*, not where was your phone (although they may
collect that info, too, but it's your choice).

There are many crowdsourced database where users runs apps to record
what hotspots they found (by SSID and BSSID), or where are the cell
towers to which they connected to their carrier (e.g., OpenSignal).

Your objection is the BSSID tracks your phone.  Wrong.  It is the MAC
address of the hotspots to which you connected, and EVERYONE connecting
to that same hotspot are getting the same SSID and BSSID from there.

Anyone can generate a sequence of numbers hoping it matches my social
security number.  Yes, your wifi cable modem at home is broadcasting its
SSID and BSSID, but so is that house number painted on the side of your
home.  It's up to you if you want to operate an open hotspot that anyone
can use.  Most users incorporate password to operate a closed or private
hotspot.  If they don't know the password, they aren't getting a wifi
connection.  In the connection request, and before the connection is
permitted, yes, someone can get the BSSID of your home wifi router, but
how does that relate to tracking your phone?  Just because your wifi
modem is sending its SSID + BSSID to any wifi device during a scan
doesn't tell anyone that your phone is actually at home connected to
that wifi router.

[toc] | [prev] | [next] | [standalone]


#143415

FromEnrico Papaloma <enrico@papaloma.net>
Date2024-09-19 21:42 +0200
Message-ID<vchuro$8uj$1@news.gegeweb.eu>
In reply to#143395
On 9/19/2024 8:09 AM, VanguardLH wrote:
>> Absolutely. Each wi-fi access point has its own setting for autoconnect.
>> But if you turn one off, you'll be turning them all off. 
> 
> That's surprising, plus it means disabling auto-reconnect is a global
> action, not just on the connectiod being configured.

You are correct the setting is NOT global (and I never said it was).

I think you misunderstood because of the way I said it, for which I
apologize. The setting is NOT global (as far as I'm aware).

You set it for each home access point that you will be connecting to.

However if you're going to set it for one access point, you would gain
nothing if you don't also set it individually for every home access point.
 
>>> Without the password, what good is the broadcasted BSSID? 
>> 
>> There are a hundred ways to answer that but the simplest is that the BSSID
>> is like your Social Security Number. It's you. Only you. Nobody else. You.
> 
> And anyone can guess a sequence of numbers to construct a social
> security number.  It really isn't that much of a secret. 

I can tell you do not understand because you think there is a lookup.

There are many ways for me to explain it to you again, but since you don't
know how networking works, I'm going to keep the explanation very simple.

Suppose your phone shouted out the numbers corresponding to the MAC address
of DE:AD:BE:EF:CA:FE, which is 64 65 61 64 62 65 65 66 63 61 66 65 0A in
hex and which is 01100100 01100101 01100001 01100100 01100010 01100101
01100101 01100110 01100011 01100001 01100110 01100101 in binary, which is
how computers think.

Now suppose those 96 characters are unique to your home access point (which
they are, in fact) so your phone is shouting out those 96 unique binary
characters everywhere you go.

If the local pawn shop wi-fi sees that unique sequence of 96 characters
when you walk inside that store, and it sees the same unique sequence of 96
characters on Monday, Wednesday and Friday of next week, what's the chance
that those 96 unique characters EXACTLY correspond to exactly you?

99.9%, right?

Essentially, those 96 unique characters are you.
Or, at least those 96 unique characters are anyone in your home.

> The BSSID is
> more like the house number on the outside of your house or on your
> mailbox: everyone knows what it is and where it is.

See above. It's 96 characters which are unique to you (well, unique to you
and your wife and your kids - essentially anyone who lives in your home).

Every time any person in your family visits the local drug apothecary,
their wi-fi knows that you're back. Or that they're back. Close enough.

Now High Ties Cannabis Store - Alexandria Ontario knows that you keep
visiting them, and (see below) they know EXACTLY where you live too!

You live at: 45.76604369976066 North, -74.56636474143123 West
(This is just an example to make the point of what your BSSID tells them.)

> So, your objection is not that your home router advertizes it is at your
> home, but a wifi hotspot you run on your phone identifies you're the
> owner of that hotspot.  Why are you running a wifi hotspot (tethering)
> on your phone?  

Again I don't think you understand networking because nobody talked about
hotspots (which make the problem even worse - but let's not go there).

Here we're talking about your own home router and your own phone connecting
to the access points which your home router has (which have unique BSSIDs).

> The BSSID is the MAC address of the radio *to* which your phone is
> currently connected.  BSSID is the unique identifier for a specific
> access point within a wireless network, and used to distinguish between
> multiple access points sharing the same SSID, and the SSID isn't yours,
> either.  The BSSID is the 48-bit MAC address of the wireless AP or
> router used to make wifi connections.  Are you toting around an wireless
> AP or router for which you are worried others will discover its BSSID?

This shows a little bit of comprehension where we both agree the BSSID is a
96-character unique-to-your-home-router number, where adding the non-unique
SSID as part of the pairing just makes positive ID of you much easier.

But the BSSID is unique enough without the SSID so we don't really need to
even discuss the SSID. The SSID just makes things worse for identification.

Note that there are butterfly hash tables of your BSSID/SSID/password on
the network, which is how they crack WPA-2, but again, let's not go there.

> Every phone can ID your wireless AP or router, because of its SSID +
> BSSID. 

Wrong. If your router is not broadcasting your BSSID/SSID pair (again, the
SSID doesn't matter because it's the BSSID that matters), then no phone can
connect to it because that phone doesn't even see your BSSID/SSID pair.

Well, again, we can go deeper and talk about wardriving but a "normal"
phone used by a normal person can't see a BSSID/SSID pair unless your home
router constantly broadcasts it (which, I agree - routers do by default).

If the phone can't see the BSSID/SSID pair, then not only can it NOT
connect to it (unless you enter the SSID/security/passphrase in manually
yourself) but it can't upload your unique BSSID to the online databases.

Again, I mean a "normal" phone because a WiGle-configured phone with
WireShark or NetStumbler or other wardriving software can see it all.

> That is not the same as identifying your phone which is the
> purpose of IMEI in your phone to let carriers know you have permission
> via account status to use their service.

When you go to the local marijuana shop on Monday, if your home router was
set up for privacy, then your phone broadcasted your unique BSSID of
01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110
01100011 01100001 01100110 01100101.

Worse, if you have more than one home access point, your phone broadcast
the unique 96-character BSSID of every one of your home access points.

Then, if you go back to that drug shop on 25 Main St S, Alexandria, ON
again on Wednesday, the same unique series of characters show up in their
wi-fi logs of 01100100 01100101 01100001 01100100 01100010 01100101
01100101 01100110 01100011 01100001 01100110 01100101.

Same thing happens on Friday, where 01100100 01100101 01100001 01100100
01100010 01100101 01100101 01100110 01100011 01100001 01100110 01100101
shows up again.

That's you.

01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110
01100011 01100001 01100110 01100101 is you (or a member of your family).

Not only is that you (or someone in your family), but they know where you
live (because Google already put that in the online Google database).

> For example, my desktop PC has wifi capability.  Wifi is enabled;
> however, it is not connected to my wifi cable modem.  As a result, the
> command:
> 
> netsh wlan show interfaces | find "BSSID"
> 
> doesn't find anything, because my desktop PC is not connected to any
> wifi hotspot.  I could connect, but then obviates the point of not
> allowing auto reconnects to known hotspots, plus I prefer the CAT5 cable
> connection to use Ethernet.

If you had your home router set to NOT BROADCAST the BSSID of 01100100
01100101 01100001 01100100 01100010 01100101 01100101 01100110 01100011
01100001 01100110 01100101, then it would be shouting it out constantly.

But your home access point is likely set up to not hide broadcast packets,
so what's happening instead is your unique BSSID of 01100100 01100101
01100001 01100100 01100010 01100101 01100101 01100110 01100011 01100001
01100110 01100101 is being uploaded daily by everyone driving by your house
to Internet databases, where they add your EXACT GPS location to that.

Notice this important fact, which is probably more complexity than you can
imagine but if I look up that unique BSSID in the Google online database,
it tells me your exact GPS location.

Now put that together with the fact that the same unique BSSID went to the
https://www.highties.ca/alexandria/ drug shop on Monday, Wednesday and
Friday, and I can tell you that YOU live at GPS location 45.76604369976066,
-74.56636474143123 and YOU went to that drugshop those days (or someone in
your family did).

You have to realize, the BSSID now tells them everything they need to know.
a. It points uniquely to you (or members of your family, close enough)
b. And it points to exactly where you live (the exact GPS coordinates)

> Do a test.  Disconnect from all wifi hotspots.  Use Ubuitities' WiFiman
> or olgor's WiFi Analyzer to look for a BSSID (which is presented as the
> MAC address of the hotspot to where your phone connected).  You won't
> find one.  Connect to a wifi hotspot, like your wifi cable modem.
> WiFiman will show the specs on the hotspot, like BSSID (as MAC address),
> SSID, IP address, netmask, signal strength, etc.  Now disconnect from
> the hotspot.  Yep, BSSID is gone, because you don't have a connect with
> the hotspot to which a BSSID was assigned.
> 
> The BSSID does not follow around with your phone. It is the network
> interface (48-bit MAC address) of whatever wifi hotspot to which you are
> currently connected.  At home, you'll see the BSSID of your wifi cable
> modem.  At Starbucks, it will be the BSSID for your phone's connection
> to their wifi router.  At the library, it will be their BSSID.  When not
> connected to any hotspot, there's no BSSID for you to get.
> 
> The BSSID doesn't track your phone.  Your phone's IMEI tracks your
> phone.  Call your local police to find out if they're using CALEA
> (Communications Assistance for Law Enforcement) or IMSI Catchers to
> track your phone or calls by using IMEI, or by mobile phone number, but
> that requires coercing a court to force a carrier to track your IMEI.
> Your carrier, upon proper request, helps the cops track your phone or
> calls.   They also cooperate with lost phone location.
> 
> https://www.fcc.gov/calea
> https://en.wikipedia.org/wiki/IMSI-catcher
> https://techreport.com/spy/spy-on-phone-with-imei/
> 
> No one cares about the BSSID of the hotspot to which you connect. 

Wrong.

The BSSId is not only unique to you (or to members of your family), but it
also tells anyone who knows how to look for it, where EXACTLY you live.


> The
> hotspot itself can record its own history on who connected to it.
> 
> Take a look at:
> 
> https://wigle.net/
> https://play.google.com/store/search?q=wigle&c=apps
> 
> Notice the BSSID is presented as a MAC address.  It shows the SSID and
> BSSID, but of what?  Your phone?  Nope, of the hotspot your phone found
> when running their app on your phone.  Their app and their maps show the
> hotspots you *discovered*, not where was your phone (although they may
> collect that info, too, but it's your choice).
> 
> There are many crowdsourced database where users runs apps to record
> what hotspots they found (by SSID and BSSID), or where are the cell
> towers to which they connected to their carrier (e.g., OpenSignal).
> 
> Your objection is the BSSID tracks your phone.  Wrong.  It is the MAC
> address of the hotspots to which you connected, and EVERYONE connecting
> to that same hotspot are getting the same SSID and BSSID from there.
> 
> Anyone can generate a sequence of numbers hoping it matches my social
> security number.  Yes, your wifi cable modem at home is broadcasting its
> SSID and BSSID, but so is that house number painted on the side of your
> home.  It's up to you if you want to operate an open hotspot that anyone
> can use.  Most users incorporate password to operate a closed or private
> hotspot.  If they don't know the password, they aren't getting a wifi
> connection.  In the connection request, and before the connection is
> permitted, yes, someone can get the BSSID of your home wifi router, but
> how does that relate to tracking your phone?  Just because your wifi
> modem is sending its SSID + BSSID to any wifi device during a scan
> doesn't tell anyone that your phone is actually at home connected to
> that wifi router.

I don't think I can teach you basic networking over the Internet so you're
just going to have to look up what a phone needs to upload your BSSID and
GPS (and a few other things) to the Google (and other) online databases.

You also need to understand how networking works when the broadcast is not
hidden (in which case your exactly location is uploaded to all these dbs).

And you need to understand how that does not happen when the broadcast is
hidden (which is similar, but not the same as adding "_nomap" to the SSID).

You do NOT understand any of that, so you can't "lecture" me because I knew
twenty years ago what you still do not know now about BSSID in networking.

Do you want me to give you a reference, or can you look up on your own what
happens when your BSSID is uploaded to Google/Wigle/Mozilla/etc databases?

It means this:
a. Your BSSID points uniquely to you (or members of your family) and
b. Your BSSID points to exactly where you live (the exact GPS coordinates)!

If you walk into my shop, I will not only know that you've been there
before and when, but I will also know exactly where you live.

But, as you said, unless I add other information (like credit card
transactions at my drug store or camera identification), I won't know who
you are.

I just know every time you go anywhere and I know exactly where you live.

[toc] | [prev] | [next] | [standalone]


#143458

FromChris <ithinkiam@gmail.com>
Date2024-09-22 08:29 +0000
Message-ID<vcokge$253fe$1@dont-email.me>
In reply to#143415
Enrico Papaloma <enrico@papaloma.net> wrote:
> On 9/19/2024 8:09 AM, VanguardLH wrote:
> 
>> That is not the same as identifying your phone which is the
>> purpose of IMEI in your phone to let carriers know you have permission
>> via account status to use their service.
> 
> When you go to the local marijuana shop on Monday, if your home router was
> set up for privacy, then your phone broadcasted your unique BSSID of
> 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110
> 01100011 01100001 01100110 01100101.
> 
> Worse, if you have more than one home access point, your phone broadcast
> the unique 96-character BSSID of every one of your home access points.

Your phone will broadcast *all* WAPs that you've ever connected to (and not
removed). There's no way for the shop - even if they cared - to identify
which WAP is your home one. Even if they had a global database look-up of
all BSSIDs and geographical addresses. With the exception of if you only
ever connect to a single WAP which is your home. 

[toc] | [prev] | [next] | [standalone]


#143477

FromEnrico Papaloma <enrico@papaloma.net>
Date2024-09-23 06:11 +0200
Message-ID<vcqpq8$2ieh$1@news.gegeweb.eu>
In reply to#143458
On 9/22/2024 8:29 AM, Chris wrote:
>> Worse, if you have more than one home access point, your phone broadcast
>> the unique 96-character BSSID of every one of your home access points.
> 
> Your phone will broadcast *all* WAPs that you've ever connected to (and not
> removed). There's no way for the shop - even if they cared - to identify
> which WAP is your home one. Even if they had a global database look-up of
> all BSSIDs and geographical addresses. With the exception of if you only
> ever connect to a single WAP which is your home.

These are all valid points, as networking isn't something we can guess at.

Everything depends on how we set up our home router & how we set up our
phone, where mine isn't likely set up like yours is set up - but that's
because I know that every phone that passes by most houses is uploading its
BSSID & GPS location (among other things) to Google's public database.

That's how most people set up their home routers (by default).

Note that upload to Google's servers by every phone passing most homes
happens even if people append "_nomap" to the home router SSID (but let's
not go there as that just adds another level of unintuitive complexity).

The fact is most Android phones are set up, by default, to upload to
Google's public databases every BSSID (with GPS location) that it sees.

So we can safely assume your unique BSSID & GPS location is already easily
accessible by any person who knows how to access that public database.

And, we can just as safely assume that my unique BSSID is NOT in that db.

Do we agree on that as a basic starting point.
a. Your unique BSSID is in the public database as is your GPS location.
b. Mine is not.

That's just a basic starting point, but do we at least agree on that yet?

[toc] | [prev] | [next] | [standalone]


#143486

FromChris <ithinkiam@gmail.com>
Date2024-09-23 14:11 +0000
Message-ID<vcrsu4$2o5oa$1@dont-email.me>
In reply to#143477
Enrico Papaloma <enrico@papaloma.net> wrote:
> On 9/22/2024 8:29 AM, Chris wrote:
>>> Worse, if you have more than one home access point, your phone broadcast
>>> the unique 96-character BSSID of every one of your home access points.
>> 
>> Your phone will broadcast *all* WAPs that you've ever connected to (and not
>> removed). There's no way for the shop - even if they cared - to identify
>> which WAP is your home one. Even if they had a global database look-up of
>> all BSSIDs and geographical addresses. With the exception of if you only
>> ever connect to a single WAP which is your home.
> 

[snip]

> So we can safely assume your unique BSSID & GPS location is already easily
> accessible by any person who knows how to access that public database.

And exactly who can access this "public" database?

People can also see my house on google maps or see my address in the phone
book. Certain officials can also get my name and address for official
reasons, like electioneering. 

> And, we can just as safely assume that my unique BSSID is NOT in that db.

Maybe, maybe not. How would you even know?

Regardless, neither your house nor your address is secret information. 

> Do we agree on that as a basic starting point.
> a. Your unique BSSID is in the public database as is your GPS location.
> b. Mine is not.
> 
> That's just a basic starting point, but do we at least agree on that yet?

Possibly, but you've completely missed my point. Your BSSID doesn't
intrinsically identify you and given any broadcast includes all WAPs it's
impractical/impossible to identify your home (or mine) from a device's
broadcast. 

At best, all someone can do is say that your device has been seen on this
network before. They won't be able to say that this device belongs to Arlen
who lives at 123 Acacia Avenue. A specialist with legal authority and a lot
more information gathered from elsewhere *might*. 


[toc] | [prev] | [next] | [standalone]


#143488

FromEnrico Papaloma <enrico@papaloma.net>
Date2024-09-23 17:34 +0200
Message-ID<vcs1q6$13j$1@news.gegeweb.eu>
In reply to#143486
On 9/23/2024 2:11 PM, Chris wrote:
>> So we can safely assume your unique BSSID & GPS location is already easily
>> accessible by any person who knows how to access that public database.
> 
> And exactly who can access this "public" database?

Everyone. Anywhere. Anytime. 

They know everywhere you go, even if you dig a tunnel and emerge on the
other side of the border, your phone screams out your unique BSSID &
exactly where you live if you leave the phone & router at the defaults.

https://support.google.com/maps/answer/1725632
https://www.osintcurio.us/2019/01/15/tracking-all-the-wifi-things/
https://www.ieee-security.org/TC/SP2013/posters/Muhammad_Naveed.pdf

Unfortunately, as much as I'd like to help you, it's too much for me to
teach networking in a thread if you don't bother to look anything up 1st.
https://developers.google.com/maps/documentation/geolocation/requests-geolocation

Before you respond, may I ask you to just google what happened only a few
months ago with the Apple database - where it found to be completely open.

Tens, hundreds, and thousands of unique BSSID/GPS locations are handed out
by the Apple database without anyone even needing any credentials at all.

https://cybernews.com/privacy/apple-beams-wifi-location-data-privacy-risk/
https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide
https://www.techzine.eu/blogs/security/122122/how-apples-location-api-gives-away-wi-fi-network-data-worldwide/

The Google database used to be wide open to everyone, and then they added a
free tracking key, which is still wide open but you have to register first.

https://usa.kaspersky.com/blog/wps-router-geolocation/30283/
https://www.cnet.com/news/privacy/researchers-probe-googles-geolocation-database/
https://dev.to/higordiego/discover-how-google-can-locate-your-residence-just-through-your-wi-fi-router-250m
 
> People can also see my house on google maps or see my address in the phone
> book. Certain officials can also get my name and address for official
> reasons, like electioneering. 

As much as I'd like to teach you basic networking over the Internet, you
have to look some things up before you make claims for me to then debunk.

https://www.huffpost.com/entry/android-map-reveals-router-location_n_853214
https://www.techzine.eu/news/security/54130/malware-uses-wifi-bssid-to-identify-victims/
https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide

>> And, we can just as safely assume that my unique BSSID is NOT in that db.
> 
> Maybe, maybe not. How would you even know?

Again, I'd love to teach you basic networking but my fee is $200 an hour.

It's published how to access the public BSSID/GPS databases if you look.
https://github.com/GONZOsint/geowifi

There isn't anything I've explained which isn't all over the Internet since
it's just basic networking that I'm trying to help you better understand.

https://www.darkreading.com/cyber-risk/google-wardriving-how-engineering-trumped-privacy
https://blog.ouseful.info/2016/01/27/looking-up-the-physical-location-of-your-wifi-router/
https://www.howtogeek.com/788837/your-wi-fi-info-is-in-google-and-microsofts-databases-should-you-care/

> Regardless, neither your house nor your address is secret information. 

I'm trying to help you understand that your phone screams out not only your
unique BSSID but the GPS location of that home WAP, everywhere you go, even
if you travel to Ankara hiding under an overcoat, umbrella and fedora.

https://www.theguardian.com/technology/blog/2011/apr/25/google-router-map-exposed
https://krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag/
https://blog.gl-inet.com/preventive-actions-to-safeguard-glinet-users-from-bssid-based-location-tracking/

>> Do we agree on that as a basic starting point.
>> a. Your unique BSSID is in the public database as is your GPS location.
>> b. Mine is not.
>> 
>> That's just a basic starting point, but do we at least agree on that yet?
> 
> Possibly, but you've completely missed my point. Your BSSID doesn't
> intrinsically identify you and given any broadcast includes all WAPs it's
> impractical/impossible to identify your home (or mine) from a device's
> broadcast. 

As much as I'd like to continue to explain to you the very basics of
networking, you need to click on a few links before saying such things.

https://academic.oup.com/idpl/article/1/3/149/688705
https://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf
https://epic.org/googles-location-data-policy-update-why-users-need-more-than-pinkie-promises-to-protect-their-most-sensitive-information/

> At best, all someone can do is say that your device has been seen on this
> network before. They won't be able to say that this device belongs to Arlen
> who lives at 123 Acacia Avenue. A specialist with legal authority and a lot
> more information gathered from elsewhere *might*.

I can't try any harder or more sincerely to explain to you how the basic
networking works on the phone with your home WAP unique BSSID & location.

Maybe you can read some of the cites on the net to get a bit of background?

https://www.ieee-security.org/TC/SP2013/posters/Muhammad_Naveed.pdf
https://businesslawtoday.org/2019/03/power-place-geolocation-tracking-privacy/
https://community.absolute.com/s/article/Update-Google-Maps-WiFi-Positioning-Database

Of course, none of this happens if you change your phone & router defaults.

[toc] | [prev] | [next] | [standalone]


#143478

FromEnrico Papaloma <enrico@papaloma.net>
Date2024-09-23 06:32 +0200
Message-ID<vcqr0o$2is1$1@news.gegeweb.eu>
In reply to#143458
On 9/22/2024 8:29 AM, Chris wrote:
>>> That is not the same as identifying your phone which is the
>>> purpose of IMEI in your phone to let carriers know you have permission
>>> via account status to use their service.
>> 
>> When you go to the local marijuana shop on Monday, if your home router was
>> set up for privacy, then your phone broadcasted your unique BSSID of
>> 01100100 01100101 01100001 01100100 01100010 01100101 01100101 01100110
>> 01100011 01100001 01100110 01100101.
>> 
>> Worse, if you have more than one home access point, your phone broadcast
>> the unique 96-character BSSID of every one of your home access points.
> 
> Your phone will broadcast *all* WAPs that you've ever connected to (and not
> removed). There's no way for the shop - even if they cared - to identify
> which WAP is your home one. Even if they had a global database look-up of
> all BSSIDs and geographical addresses. With the exception of if you only
> ever connect to a single WAP which is your home.

Again, you show an understanding of networking details which is very good.

I just checked my phone by looking in Settings > Connections > (then long
pressing on the existing Wi-Fi connection) > (then tapping the three dots
at the top right of the screen) > Advanced Settings > Manage Networks >
where that lists all recent wireless access points that I've connected to.

There are a good dozen, but they all say "Auto reconnect turned off".
Which means the unique BSSID is not broadcast the way my phone is set up.

However, I'm well aware most people have every Wi-Fi access point they've
ever connected to set up to automatically re-connect (if it's seen again).

Which is the common (default) setup that you are trying to explain to me.

That means most people do broadcast all wireless access point unique BSSIDs
(let's ignore the non-unique SSID for now) everywhere they go, just as you
said they would.

But not me.

Do we agree on that as a basic starting point.
a. Your phone broadcasts the unique BSSIDs of every WAP you connected to.
b. Mine does not.

That's just a basic starting point, but do we at least agree on that yet?

[toc] | [prev] | [next] | [standalone]


#143532

FromArno Welzel <usenet@arnowelzel.de>
Date2024-09-28 13:40 +0200
Message-ID<llq88tFiecrU2@mid.individual.net>
In reply to#143384
Enrico Papaloma, 2024-09-18 17:40:

> On 9/18/2024 1:50 AM, Arno Welzel wrote:
>>> Instead of waiting for the phone to find the network and connect to it,
>>
>> How long to you have to wait? My phone usually connects within seconds
>> if a known WiFi network is in reach.
> 
> How long is the wait? Forever. 
> 
> Actually the wait is "forever and ever" because I have the wi-fi
> auto-connect turned off for privacy reasons - as leaving auto-connect
> turned on shouts out your home BSSID every few seconds everywhere you go.

Then live with the consequences.


-- 
Arno Welzel
https://arnowelzel.de

[toc] | [prev] | [next] | [standalone]


#143536

FromEnrico Papaloma <enrico@papaloma.net>
Date2024-09-28 15:17 +0200
Message-ID<vd8vm2$13gi$1@news.gegeweb.eu>
In reply to#143532
On 9/28/2024 1:40 PM, Arno Welzel wrote:
> Then live with the consequences.

You make it sound like efficiency is an evil thing for someone to desire.

The consequences is it takes more than a single tap to connect to a hidden
home WAP where the goal of this thread is to reduce that to a single tap.

What I'm seeking is a shortcut that connects to any given access point.

That shouldn't be hard to do - but I don't know how to do it. Do you?

[toc] | [prev] | [next] | [standalone]


#143539

From"Carlos E.R." <robin_listas@es.invalid>
Date2024-09-28 22:08 +0200
Message-ID<8a4mskxhep.ln2@Telcontar.valinor>
In reply to#143536
On 2024-09-28 15:17, Enrico Papaloma wrote:
> On 9/28/2024 1:40 PM, Arno Welzel wrote:
>> Then live with the consequences.
> 
> You make it sound like efficiency is an evil thing for someone to desire.
> 
> The consequences is it takes more than a single tap to connect to a hidden
> home WAP where the goal of this thread is to reduce that to a single tap.
> 
> What I'm seeking is a shortcut that connects to any given access point.
> 
> That shouldn't be hard to do - but I don't know how to do it. Do you?

Nobody needs it, only you — because of your choices. You are of course 
welcomed to your choices, but they have consequences. :-)


So, learn how to program for Android, and create yourself that 
application. It is the only thing you can do. Or convince some 
programmer to create it.



I could suggest that there are personalization/customization apps. You 
tap the phone to a sticker on your door frame; the phone reads it by NFC 
(which you have to keep activated for this to work), and on sensing the 
"HOME" sticker it automatically customizes the phone. Anything should be 
possible, like powering up the WiFi radio and connecting to it.

But you will not like having the NFC active full or most time.


I also long ago mentioned to you an application, that worked well on 
Android 2, that would customize the phone depending on location. This 
app stopped working that well in later Android versions because user 
apps can not switch on/off the Wifi radio.

Pity.


-- 
Cheers, Carlos.

[toc] | [prev] | [next] | [standalone]


#143542

FromArno Welzel <usenet@arnowelzel.de>
Date2024-09-29 21:06 +0200
Message-ID<lltmq5F41jtU2@mid.individual.net>
In reply to#143536
Enrico Papaloma, 2024-09-28 15:17:

> On 9/28/2024 1:40 PM, Arno Welzel wrote:
>> Then live with the consequences.
> 
> You make it sound like efficiency is an evil thing for someone to desire.

No, just inconvinient.

Quote: "is there a way to make a home screen icon to quickly connect to
a definite wi-fi network ap (without using the settings)?"

No - there is not. You have to live with that.


-- 
Arno Welzel
https://arnowelzel.de

[toc] | [prev] | [next] | [standalone]


#143544

FromEnrico Papaloma <enrico@papaloma.net>
Date2024-09-30 00:32 +0200
Message-ID<vdcki8$2tte$1@news.gegeweb.eu>
In reply to#143542
On 9/29/2024 9:06 PM, Arno Welzel wrote:
>> You make it sound like efficiency is an evil thing for someone to desire.
> 
> No, just inconvinient.
> 
> Quote: "is there a way to make a home screen icon to quickly connect to
> a definite wi-fi network ap (without using the settings)?"
> 
> No - there is not. You have to live with that.

Most of this thread was explaining basic networking to people who refuse to
google anything that they're unaware of - which is a waste of our time.

To explain basic networking to people who refuse to google it, my fee is
$200 per hour, but this thread wasn't intended to explain basic networking.

There were two parts to the original question, one of which we found
doesn't exist, but the other MUST exist - which is to figure out the
commands that connect to a given known WAP, and bundle that up.

I'm sure an app can be written to do that, since everything is hard coded,
but I don't have the skills to write that app.

Which is why I was hoping there would be an app to do it but there's not.

That question left of how to bundle the commands into an app or shortcut
needs someone with better networking skills than any of us possess.

I'll ask over in some wifi networking forums if experts know the sequence
of events that are required for Android to connect to a known WAP.

Thank you all very much for all your time and help in answering this!
You guys are great!

I probably won't respond further unless it's about those commands as most
of this thread was defending basic networking that I thought everyone knew.

But thank you all for your assistance as you helped me hone the direction I
must go to solve the problem - which is to find the sequence of commands.

[toc] | [prev] | [next] | [standalone]


#143559

FromArno Welzel <usenet@arnowelzel.de>
Date2024-09-30 16:54 +0200
Message-ID<llvsdkFe3aaU2@mid.individual.net>
In reply to#143544
Enrico Papaloma, 2024-09-30 00:32:

> On 9/29/2024 9:06 PM, Arno Welzel wrote:
>>> You make it sound like efficiency is an evil thing for someone to desire.
>>
>> No, just inconvinient.
>>
>> Quote: "is there a way to make a home screen icon to quickly connect to
>> a definite wi-fi network ap (without using the settings)?"
>>
>> No - there is not. You have to live with that.
> 
> Most of this thread was explaining basic networking to people who refuse to
> google anything that they're unaware of - which is a waste of our time.
> 
> To explain basic networking to people who refuse to google it, my fee is
> $200 per hour, but this thread wasn't intended to explain basic networking.

Name the exact terms what to google for.

[...]
> I'll ask over in some wifi networking forums if experts know the sequence
> of events that are required for Android to connect to a known WAP.

Yes, do this.


-- 
Arno Welzel
https://arnowelzel.de

[toc] | [prev] | [standalone]


Page 2 of 2 — ← Prev page 1 [2]

Back to top | Article view | comp.mobile.android


csiph-web