Google admits wi-fi data collection blunder

[Dewotter]

I'd also be more worried about iPhone users who don't know that their phone can connect automatically to unsecured networks. Yes, they do. I've witnessed mine doing it while walking down the street.

This interests me, from my own iPhone the most it will ever do is prompt to connect to a network but never actually connect unless it has been connected to in the past.

I'm guessing there is a certain amount of similar information that it parses and therefore believes it should connect to that network, like an identical SSID. Although I'd have thought the access points MAC address plays into this too.

 

[Sin_Chase]

Mobile encryption is broken.

Unsecured wifi network with active and enabled DHCP is an invitation to connect to the network and most devices will do it without any prompts, that's how the protocol works.

It is entirely your own responsibility to secure your network and pleading ignorance is not an excuse, if you do not know better, seek advice or pay someone who does.

UNDERSTAND the technology you use, respect it and the ramifications of using it wrongly.

 

[Energize]

As far as I'm concerned anything transmitted in public space is fair game, whether that be tv signals, radio, wifi etc. Don't transmit anything over the air encrypted or otherwise if you want privacy. I just don't think it's realistic to do so. On the same line I wish the bbc would stop trying to charge people for tv signals forced into their home.

 

[BigglesPiP]

LOL, the Google code base has reached sentience.

 

[iviv]

Well, google maps is using wi-fi data to pinpoint your location on google maps (hit the 'show my location' round button above the zoom slider). Weirdly, it got it correct for my laptop, but not for my PC, both connected to the same network.

Information: http://maps.google.com/support/bin/answer.py?hl=en&answer=153807

Q. How does Google know my location?
A. Google Maps makes use of your web browser's Geolocation feature to determine your location. When you activate the My Location feature, your browser will ask whether you're happy to share your location with Google Maps. If you agree, your browser will attempt to determine your location. This involves analyzing the Wi-Fi access points around you and your computer's IP address, and sending this information to a Google server to then be translated into a location that we can show on the map.

 

[Spyhop]

If it was a mistake, don't Google examine the collected data themselves from time to time?

 

[Efour]

If "they" wanted to do "something" malicious they would do it anyway and not tell anyone.
We live in a modern world, stuff happens that most cant even comprehend every second.

like my typing

 

[mrk]

Do you not think it raises some privacy questions?

No more or less than why people don't knowledge-up and secure their networks. And anyway it's not like Google would knowingly do anything illegal with the data like steal your card details and buy things with it or worse, sell it on like Johnny Average down the street who sits round the corner with his Laptop?

 

[Cavallino]

Can someone just clarify my understanding.

What exactly can Google extract from these unsecured WiFis exactly? Surely even though the WiFi is unsecure, the PCs that they are connected to are secure?

Or am I missing the point here?

 

[steinooo]

Loads of people in this thread are missing the point. Google inspecting packets without permission is against UK law.

 

[ChrisJSY]

Inspecting or catching? What did they admit to exactly?

 

[tntcoder]

Inspecting or catching? What did they admit to exactly?

Direct from google:

In that blog post, and in a technical note sent to data protection authorities the same day, we said that while Google did collect publicly broadcast SSID information (the WiFi network name) and MAC addresses (the unique number given to a device like a WiFi router) using Street View cars, we did not collect payload data (information sent over the network). But it’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products.

However, we will typically have collected only fragments of payload data because: our cars are on the move; someone would need to be using the network as a car passed by; and our in-car WiFi equipment automatically changes channels roughly five times a second. In addition, we did not collect information traveling over secure, password-protected WiFi networks.

 

[steinooo]

I've always known this lot are absolute scum, this is the worst I've heard of them though

 

[mrk]

tntcoder you selectively chose to bold only part of that whole sentence.
Out of context quotes ***?

But it’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products.

Even if it was a legitimate mistake every punter out there is now going to think it was something more sinister.

Hooray for media sensationalism.

 

[Tombo]

I've always known this lot are absolute scum, this is the worst I've heard of them though

Absolute scum

 

[Cosimo]

Google has your unsecured pron, what else do they have?

 

[Dolph]

I wonder how quickly they'd have revealed this had they not been under pressure from the German government and not found anything useful to do with the data?

How do you accidentally collect that much extra data over 4 years and not realise?

 

[Retorted]

How do you accidentally collect that much extra data over 4 years and not realise?

I won't get wrapped up in the hype, but I too find it hard to believe that this data was collected accidentally.

 

[Cavallino]

Can someone just clarify my understanding.

What exactly can Google extract from these unsecured WiFis exactly? Surely even though the WiFi is unsecure, the PCs that they are connected to are secure?

Or am I missing the point here?

*cough cough*

 

[Moredhel]

*cough cough*

Wireless networks are kind of like the old hubs you used to get on wired networks. Everything on the network can see all the data packets going accross the network at any given moment. Even if your PC is secure, when you visit your goat porn website the data packets going over the wireless can be read by anyone else on that network, assuming the website in question doesn't use SSL. Normally your WiFi network would be encrypted, and only machines with the WiFi key could read these packets, so it's generally not an issue.

If your wireless network is unsecured, these data packets aren't encrypted at all, and Joe Blogs on the corner can sit there reading any data going accross the network that's not subsequently encrypted by SSL or the like. Such as web pages you visit, pictures you download, emails you might read or just about anything else.

The technology to do this isn't Google specific, either. Any standard WiFi card in promiscuous mode is able to intercept this data, and there are plenty of programs out there to help collect it.

What surprises me about this whole thing is that the German government asked Google for this data within days of signing a law that requires private WiFi networks to be secured or face a fine. it's almost like they knew Google had data that they shouldn't. Good PR for the new law.