Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.mobile.android > #143823 > unrolled thread

Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)

Back to article view | Back to comp.mobile.android

Contents

  Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-26 05:47 +0000
    Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andy Burns <usenet@andyburns.uk> - 2024-10-26 09:35 +0100
      Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-26 14:28 +0000
    Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) VanguardLH <V@nguard.LH> - 2024-10-26 10:27 -0500
      Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-26 21:28 +0000
        Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) VanguardLH <V@nguard.LH> - 2024-10-26 21:06 -0500
          Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-27 04:22 +0000
          Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andy Burns <usenet@andyburns.uk> - 2024-10-27 09:25 +0000
            Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-27 13:16 +0000
              Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andy Burns <usenet@andyburns.uk> - 2024-10-27 15:23 +0000
              Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andy Burns <usenet@andyburns.uk> - 2024-10-27 15:33 +0000
              Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Jeff Liebermann <jeffl@cruzio.com> - 2024-10-27 12:02 -0700
                Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andy Burns <usenet@andyburns.uk> - 2024-10-27 20:19 +0000
                  Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-27 21:45 +0000
                    Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andy Burns <usenet@andyburns.uk> - 2024-10-28 09:11 +0000
                      Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-28 15:00 +0000
                        Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andy Burns <usenet@andyburns.uk> - 2024-10-28 15:45 +0000
                          Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-29 01:44 +0000
                Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-27 22:34 +0000
                  Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andy Burns <usenet@andyburns.uk> - 2024-10-28 09:08 +0000
                    Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-30 14:43 +0000
            Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) VanguardLH <V@nguard.LH> - 2024-10-27 11:10 -0500
    Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-29 02:39 +0000
      Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Jeff Liebermann <jeffl@cruzio.com> - 2024-10-29 10:17 -0700
        Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Arno Welzel <usenet@arnowelzel.de> - 2024-10-30 11:39 +0100
          Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Andrews <andrews@spam.net> - 2024-10-30 13:55 +0000
            Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Arno Welzel <usenet@arnowelzel.de> - 2024-10-31 20:36 +0100
          Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Jeff Liebermann <jeffl@cruzio.com> - 2024-10-30 11:06 -0700
    Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location) Arno Welzel <usenet@arnowelzel.de> - 2024-10-29 16:46 +0100

Page 2 of 2 — ← Prev page 1 [2]

#143922

Andy Burns wrote on Mon, 28 Oct 2024 09:08:01 +0000 :

>> I just have to figure out HOW to tell what the heck they're spoofing.
> 
> I doubt anything goes over the wire to be wiresharked, it's a local API 
> on the phone.
> 
> There's sample code on github/stack overflow etc, or just use an 
> existing mock app?

I realize I told Jeff Liebermann a slight mistruth when I said in the post
that Andy is responding to...

  "I just have to figure out HOW to tell what the heck they're spoofing.
   Maybe WireShark, Netstumbler, WiGle, etc., might tell me. Dunno.

   You're the Wi-Fi expert who taught me everything I know, way back in the
   day when I was trying to spoof my MAC address (now the AP MAC addresses 
   are spoofed by default on iOS and Android).

   You told me, long ago, that you can't spoof the ROUTER's WAN-facing MAC
   address though - which - unfortunately - is the one we'd want to spoof!"

Since this thread wasn't about randomizing a MAC address, I didn't notice
that what I said above is slightly wrong in "what" MAC address is
randomized.

To be clear on the current state of Android MAC address randomization:

1. The home router's outward-facing (WAN) MAC address is NOT randomized
   (unless the router software allows that - which I don't know about).

2. What's randomized by default now is the mobile device MAC address
   that connects to the router's LAN-facing access point. This default
   mobile device (iOS & Android) randomization is per access point.

3. For Android only in Developer options" is another privacy setting 
   to randomize #2 per connection (so it changes every time you connect).

When Jeff Liebermann and I last spoke about MAC randomization (oh, maybe
ten or fifteen years ago or so), this default randomization didn't exist.

Now both iOS & Android do MAC randomization (per AP) by default.

[toc] | [prev] | [next] | [standalone]

#143871

Andy Burns <usenet@andyburns.uk> wrote:

> VanguardLH wrote:
> 
>> Unless Google is changing the high accuracy setting to enabled
> 
> That is indeed what google did on 16/10/2024 (the day Android 15 was 
> released on Pixels).
> 
> They enabled it, and left a notification on-screen that they had done 
> so, this wasn't only on my Pixel8a phone which got the upgrade, but also 
> my Huawei tablet (which hasn't been upgraded in years, thanks to the US 
> trade blacklist).

That definitely sucks, and is rude.  Close to malicious, or very
insensitive.  I've never been hit with malware, but this action seems
like we need something to watch for changes by Google via Play Store
services.  Seems we need an Anti-Google PUA (Probably Unwanted Action)
app that monitors the settings to either enforce them back to a recorded
state saved in the monitor app, or to force a popup to prompt the user
on every setting change, and not allow or revert the setting if the user
responds No.  That could be a ton of prompts for app, OS, and service
updates making the user spend more time on prompts than in using their
phone.  Too much security interferes with usability.

I suspect such an app wouldn't work unless running on a rooted phone
which pretty much knocks out 99.9% of Android users.  I doubt Apple is
any better.  There are a LOT of Android settings, in addition to those
for the apps, so even with such an intervention prompt the user might
not understand what a pending change is attempting to do.  

There are services, and even an Android app, and problem Windows/Linux
programs to monitor web site to detect changes.  Looks like we need a
change detection app for Android itself.

Would a de-Googled smartphone be any better regarding secured settings
despite updates?  That means no Play Store, and no Play Services.  Not
many users will root their phones.  Even less with play with custom
ROMs that can brick their phones.  You read horror stories about the
attempts, like:

https://www.tomsguide.com/features/i-tried-de-googled-android-again-heres-how-that-went

I haven't much dug into what all you get at https://de-googled.com/,
because I'm not as paranoid about privacy as some others.  I sometimes
use cash, but not to prevent tracking where I've been, what I buy, and
from whom when using credit/debit cards.  I'm not trying to disappear
off the grid.  Somehow detecting I was at Starbucks using my phone seems
no more a privacy invasion than everyone outside that that saw me enter
there, everyone inside the store that saw me there, and any security
cameras in the parking lot, and inside the store recording my presence
either near or in the store.

[toc] | [prev] | [next] | [standalone]

#143896

Andrews wrote on Sat, 26 Oct 2024 05:47:36 -0000 (UTC) :

> How do you spoof Wi-Fi location on Android?

I realized while answering Andy's questions that what is needed is not to
"spoof" any particular Wi-Fi access point location, but to zero it out.

That is, any app that requires Wi-Fi access point information would get
nothing so the app would have to fall back on GPS information instead.

Which can easily be spoofed.

Note: You don't use this stuff when you're routing; you use it for apps
like a weather app that don't really need your exact location but they
require it for the app to work (because they're mining your data).

So the question morphs to:
 How to we make sure ZERO Wi-Fi access point data is utilized 
 when precise location is turned on with Google Location Accuracy?

[toc] | [prev] | [next] | [standalone]

#143907

On Tue, 29 Oct 2024 02:39:21 -0000 (UTC), Andrews <andrews@spam.net>
wrote:

>Andrews wrote on Sat, 26 Oct 2024 05:47:36 -0000 (UTC) :
>
>> How do you spoof Wi-Fi location on Android?
>
>I realized while answering Andy's questions that what is needed is not to
>"spoof" any particular Wi-Fi access point location, but to zero it out.
>
>That is, any app that requires Wi-Fi access point information would get
>nothing so the app would have to fall back on GPS information instead.
>
>Which can easily be spoofed.
>
>Note: You don't use this stuff when you're routing; you use it for apps
>like a weather app that don't really need your exact location but they
>require it for the app to work (because they're mining your data).
>
>So the question morphs to:
> How to we make sure ZERO Wi-Fi access point data is utilized 
> when precise location is turned on with Google Location Accuracy?

I'm wondering if carrying a Wi-Fi access point around with you might
offer some benefits.  Most (not all) Wi-Fi protocols allow only allow
your phone to join only one wi-fi network at a time.  The older
protocols have this useful limitation.  Later protocols, such as those
which support seamless roaming, can connect to more than one access
point.   
<https://www.tp-link.com/us/support/faq/2097/>
Pre-authenticating, which requires joining more than one wi-fi network
at a time, might also be a problem.  For example, the phone could
properly connect your pocket wi-fi access point, and then go wandering
off and roam to some other access point, which is connected to the
internet, in the hope of finding an access point with an internet
connection.

If your phone is connected to a wi-fi access point that is under your
control and is NOT connected to the internet, all the access point can
do is provide your position when it last connected to the internet. In
other words, instead of zero location data, give Google old or
erroneous location data.

Reminder.  I'm retired and am not keeping up to date on such things. I
also don't have the time and resources to investigate this further.  I
have no plans to do any testing.  Also, thank you for the long lists
of URL's on the topic.  I'm sure these would make interesting reading,
but right now, I'm dealing with other projects and have other
priorities.




-- 
Jeff Liebermann                 jeffl@cruzio.com
PO Box 272      http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann      AE6KS    831-336-2558

[toc] | [prev] | [next] | [standalone]

#143913

Jeff Liebermann, 2024-10-29 18:17:

> On Tue, 29 Oct 2024 02:39:21 -0000 (UTC), Andrews <andrews@spam.net>
> wrote:
[...]
>> So the question morphs to:
>> How to we make sure ZERO Wi-Fi access point data is utilized 
>> when precise location is turned on with Google Location Accuracy?
> 
> I'm wondering if carrying a Wi-Fi access point around with you might
> offer some benefits.  Most (not all) Wi-Fi protocols allow only allow
[...]

I don't think so. Because this access point can be seen by *other*
devices which may report its current position. This is how Google learns
the positions of Wi-Fi access points anyway.


-- 
Arno Welzel
https://arnowelzel.de

[toc] | [prev] | [next] | [standalone]

#143920

Arno Welzel wrote on Wed, 30 Oct 2024 11:39:52 +0100 :

> I don't think so. Because this access point can be seen by *other*
> devices which may report its current position. This is how Google learns
> the positions of Wi-Fi access points anyway.

With Jeff's suggestion, we're finally making progress on the solution.

What Arno said is true that any access point (that advertises itself on
airwaves as not hidden) will be seen (& uploaded) to the AP databases.

This upload is not done by you - but by all the rude people around you.
Which is pretty much everybody who owns an Android phone (9,999 of 10K).

For the one out of 10,000 people who doesn't want to be in the AP db
Google was forced to create an "opt out" mechanism to that upload.
 <https://support.google.com/maps/answer/1725632>

Apple & Mozilla "say" they will respect Google's opt-out mechanism too.
Microsoft uses a different opt out, though, namely xxx_optout_nomap
 <https://account.microsoft.com/privacy/location-services-opt-out>

Notice it "can take up to five business days" for these outfits to scrub
you from their access point databases, which means, effectively, as long as
a rude Android owner is near you within those five days, you're screwed.

That's why you also need to set your SSID broadcast to "hidden" since all
respectable companies will honor hidden broadcasts as "private" in intent.

Overall, that means your SSID needs only to have these three things:
a. You start with the Google/Mozilla/Apple opt out (SSID_nomap)
b. Then you add the Microsoft opt out (SSID_optout_nomap)
c. Then you turn off the public broadcast (aka, hidden network).
   (See the sig for clarification on hiding the access point broadcast.)

I love that Jeff Liebermann has come up with a potential solution.
I will dig into the references to see if what he suggests might work.

Any other ideas for Wi-Fi access point privacy are invited as Jeff, Andy,
Arno and I seem to understand the goal of zeroing out Wi-Fi AP uploads
while we're forced to use precise location for apps that don't need it.

Note: We don't zero it out during routing - but an insect lookup app which
requires precise location doesn't really need it. They're mining you.
-- 
Every time I mention a hidden broadcast some pundit attacks me saying it
doesn't add "security" but we're not doing it for security. Most articles
on hiding the broadcast have no idea whatsoever why we're hiding it. 

Hiding the network access point broadcast packet has one privacy downside
which is your phone tries to find it on its own; so you have to turn off
autoconnect (or geofence your attempts at connecting to your home AP).

[toc] | [prev] | [next] | [standalone]

#143933

Andrews, 2024-10-30 14:55:

> Arno Welzel wrote on Wed, 30 Oct 2024 11:39:52 +0100 :
> 
>> I don't think so. Because this access point can be seen by *other*
>> devices which may report its current position. This is how Google learns
>> the positions of Wi-Fi access points anyway.
> 
> With Jeff's suggestion, we're finally making progress on the solution.
> 
> What Arno said is true that any access point (that advertises itself on
> airwaves as not hidden) will be seen (& uploaded) to the AP databases.
> 
> This upload is not done by you - but by all the rude people around you.
> Which is pretty much everybody who owns an Android phone (9,999 of 10K).

Not *people* - *devices*! People just use their devices and may not even
be aware of this!



-- 
Arno Welzel
https://arnowelzel.de

[toc] | [prev] | [next] | [standalone]

#143923

On Wed, 30 Oct 2024 11:39:52 +0100, Arno Welzel <usenet@arnowelzel.de>
wrote:

>Jeff Liebermann, 2024-10-29 18:17:
>
>> On Tue, 29 Oct 2024 02:39:21 -0000 (UTC), Andrews <andrews@spam.net>
>> wrote:
>[...]
>>> So the question morphs to:
>>> How to we make sure ZERO Wi-Fi access point data is utilized 
>>> when precise location is turned on with Google Location Accuracy?
>> 
>> I'm wondering if carrying a Wi-Fi access point around with you might
>> offer some benefits.  Most (not all) Wi-Fi protocols allow only allow
>[...]
>
>I don't think so. Because this access point can be seen by *other*
>devices which may report its current position. This is how Google learns
>the positions of Wi-Fi access points anyway.

To get info about what an AP (access point) can hear, dumping the ARP
(address resolution protocol) table or collecting broadcasts seems
like likely methods.  There are various ways to limit the scope of the
ARP table.  The easiest way is to reduce the number of entries in the
table one entry and assign a static ARP entry.  Only one pre-specified
device can connect.  Another AP might be able to hear broadcasts from
the pocket AP, but I suspect that it will not add ARP table entries
for devices which cannot connect.  This needs to be tested (not by
me).

Jitsi meeting beckons.  Later...


-- 
Jeff Liebermann                 jeffl@cruzio.com
PO Box 272      http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann      AE6KS    831-336-2558

[toc] | [prev] | [next] | [standalone]

#143906

Andrews, 2024-10-26 07:47:

> How do you spoof Wi-Fi location on Android?

On a real device? You can't do this.

With an Android emulator you can spoof any location you want for the
apps. But this is only possible because the emulator is controlled by
the host PC. On a real device you would need to fake the database which
is used to derive the location based on the Wi-Fi SSID(s) the device can
see.

> I probably know this stuff better'n anyone here, but maybe (hopefully)
> someone who reads this question knows it better than I do as I do NOT know
> how to spoof Wi-Fi location when Google Location Accuracy is turned on.
> 
> Whenever I turn on Google Location Accuracy (e.g., when an app requires it
> to run), I immediately first spoof my GPS location (if I'm not routing).

No, it is not "GPS location" it is really just the location of the Wi-Fi
access point which Google recorder earlier when other devices had GPS
*and* Wi-Fi active and the users allowed Google to use that data in the
device settings (maybe this is even the default, I am not sure).

[...]
> Given that situation that it's trivial to spoof GPS when Precise Location
> Accuracy is turned on, does anyone know how to spoof Wi-Fi location data?

You can't.

-- 
Arno Welzel
https://arnowelzel.de

[toc] | [prev] | [standalone]

Page 2 of 2 — ← Prev page 1 [2]

Back to top | Article view | comp.mobile.android

csiph-web