Have a Wi-Fi-Enabled Phone? Stores Are Tracking You 323
jfruh writes "Call it Google Analytics for physical storefronts: if you've got a phone with wi-fi, stores can detect your MAC address and track your comings and goings, determining which aisles you go to and whether you're a repeat customer. The creator of one of the most popular tracking software packages says that the addresses are hashed and not personally identifiable, but it might make you think twice about leaving your phone on when you head to the mall."
first (Score:5, Informative)
just don't automatically join public wifi (Score:5, Informative)
Re: (Score:2)
Re: (Score:2)
Why can't the phone just listen? Are WiFi access points quiet until they are actively probed? (I believe you that the phone broadcasts something, just wondering why it was done that way.)
Re: (Score:2)
Actually, you don't even need to turn off wifi. Just set your phone to not automatically join any public wifi.
Wireless clients, including the phone, compiles a list of access points you can join using the ESSID broadcast from the access point. In other words, the access points just dumbly advertise their presence and don't know who are looking until your device tries to join.
If they're running something like Kismet, then I don't think you need to join anything; they just sniff packets being sent over the air, grab the MAC, and they know your device manufacturer and have a unique ID for you. If I'm not mistaken, a phone with Wifi on will broadcast it's MAC while looking for access points.
I doubt their ability to determine which aisles of a store you're traversing unless they have a *lot* of antenna set up.
Re:just don't automatically join public wifi (Score:5, Informative)
Because it's not FUD, and you're wrong [my80211.com].
Re: (Score:3)
I remember seeing a few companies that can pinpoint a wifi device without it being connected to an access point. Think reverse war driving...
Exactly.
A radio NIC, for instance, will broadcast a probe request when using active scanning to determine which access points are within range for possible association. Some sniffing software (e.g., NetStumbler) tools send probe requests so that access points will respond with desired info.
http://www.wi-fiplanet.com/tutorials/article.php/1492071 [wi-fiplanet.com]
The think is, your phone is always running a scan, even when you have already associated with a router in the coffee shop, it will still scan occasionally to see other nearby stations. Even if your phone never associates to any of those other stations they can read the scan probe request.
I doubt the stores in your average mall can tell what isle you are in, that would require way higher density of access points than would be necessary to prov
Re: (Score:3)
Beacons are sent from the access point, not the client. The scans from the wifi client (e.g. the phone) are passive, not active. It just sits there listening for beacons from all the access points that are in range.
Re: (Score:3)
Google wifi active scanning, and take the first hit.
Your phone still scans (Score:4, Interesting)
Your phone will still occasionally be sending packets to see if a known access point/SSID will reply. This is so access points with "hidden" SSIDs will still be found. Most devices just do this and there is no option to disable it, apart from disabling wifi completely. This is enough to see if someone with wifi enabled on their device is hanging around.
Even more disturbing, if an access point with the correct SSID replies with no encryption, a lot of devices will automatically try to attach to that AP. By mimicking the identification protocol the device asks to use, you can even get it to attach to your rogue access point; just tell it it's credentials are accepted and it will merrily use your AP without any user interaction.
Re:just don't automatically join public wifi (Score:4, Interesting)
Still it seems like collecting data for no obvious reason, just to know that some one came into the store who spent time in the Shoes department 6 weeks ago.
I think the idea is that information now has value, particularly when it can be associated with consumer habits. Whether or not the grocery store cares how frequently a particular MAC address visits their store, when compiled into a large enough data set--so the logic goes--and cross-referenced with other large data sets, you can mine information that would be otherwise impossible without something intrusive like a survey. The MAC address also contains information about the chipset in your phone, when it was manufactured, etc. It isn't that much further to guessing your income, where you live, and eventually your shopping habits. Even without knowing your name, you could imagine a "smart" grocery store adjusting prices in real-time just, sort of like how airlines drop cookies to see if you have already searched for a ticket so they can keep the price high just for you. It's the high-tech version of the Ralph's Club Card; they want you to use it when you make purchases to track you, but now they can do it without your name or any personal information or anything proactive on your part.
My feeling is that people find it creepy when a computer knows their name. Not many people wants to walk into the grocery store and hear a computer say "Hey Bob Smith, nice to see you again! Pizza bagels are on sale, and I know how much you like those." But if the grocery store sees "consumer type A431" approaching, the sign for pizza bagels may light up and blink "Sale! Sale! Sale!" which is intrinsically less creepy despite accomplishing the same thing. I could imagine doing that just with you MAC address and your approximate height and weight, which is easy to get from the self-checkout machine (it has a camera and weights things). The computer says "5'9", 235 lbs, $500 phone; clearly a Slashdot reader. I'll put the Hot Pockets, Mountain Dew, and hand lotion on special next time I see that MAC address hash."
Re: (Score:2)
Re: (Score:2)
No kidding. How valuable is this research?
"Well Bob, we've determined the spending habits of the demographic stupid-people-who-leave-their-wifi-enabled-and-set-to-auto-connect-to-any-public-hotspot."
Re: (Score:3)
You should really be doing that anyways, if you're not using WiFi, you're still wasting electricity having it broadcasting to the world. Smartphone battery life is bad enough without wasting any on wifi when you're not needing it.
I leave my Wifi (and Bluetooth) turned on all the time and notice very little difference in battery life as compared to when I turn it off. The display on my phone (Galaxy Nexus) is always the top battery user.
Putting it in Airplane mode (thus shutting off the CDMA radio) makes a much more significant difference than just shutting off wifi and bluetooth. Shutting off LTE and using CDMA-only also makes a bit of a difference.
Re: (Score:3)
It's funny - at the university I work for, and ONLY there, I've found my phone battery will drain absurdly quickly if I leave wifi on. Even when it spends the day, unused, in my pocket... I can lose more than half the charge in 8 hours.
I haven't seen this happen anywhere else.
Turn off wifi (Score:5, Insightful)
Most smart phones allow you to turn off wifi.
I keep mine off most of the time unless I need it that also includes GPS and Bluetolth
Re: (Score:2)
Re:Turn off wifi (Score:5, Informative)
Of course marketing guys are going to be more creative in tracking you. I automatically turn off my WiFi when I hit the road. I use a car dock with my Droid, and I use a simple app that detects when I put it in the car dock. It will turn off WiFi, and turn on Bluetooth. When I remove it from the car dock, I could either restore the previous WiFi setting, or leave it off. I generally leave it off unless I'm going somewhere I trust the WiFi, like home or the office.
Android has a nifty little program called Llama [google.com] that I use for pretty much the same thing. Get home, WiFi on, leave the house, WiFi off. The tool has other benefits too, like going into silent mode when home at night so random emails don't wake me. But thanks to Llama, I usually don't have to mess with my WiFi settings unless I'm in a strange place that I know has free WiFi and I want to leech off of it instead of my data connection.
Re: (Score:3, Informative)
The permissions for the Llama app include:
- Read calendar events plus confidential information
- Add or modify calendar events and send email to guests without owners' knowledge
- Read your contacts
- Pair with Bluetooth devices
That seems to be excessive given the functionality of the app.
Re: (Score:3)
Re:Turn off wifi (Score:4, Interesting)
Re: (Score:3)
Whether or not you believe them is a different issue, but that reassured me at least somewhat. I've been using Llama for a few months now, and really enjoy its functionality.
Re: (Score:2)
Re: (Score:2)
Don't use 4G constantly (Score:3, Informative)
Turn off "location" and other "always want the network" apps that you don't need. Put your mail in "on demand" rather than "periodically polling" mode. Set your phone so the only thing it's routinely monitoring for over the air are incoming phone calls and texts.
At this point your WiFi will be a waste of battery when you aren't actually using your phone.
Now you can turn off your WiFi and save your battery.
Comment removed (Score:5, Funny)
Re: (Score:2)
AutoDisconnnect (Score:2)
This is for my N900 and increases battery life to 3+ days at low usage.
http://talk.maemo.org/showthread.php?t=45053 [maemo.org]
Presumably, Droid and Apple with their 100,000 fart apps have something similar.
Re: (Score:2)
Even if the wifi is on, how do they know the mac address unless you use their wifi network? You'd have to be a bit naive to just allow your phone to associate with any open point it finds.
Re: (Score:3)
*all* smartphones allow you to turn off WiFi.
However, for most people, it's easier to just leave it on all the time, so that it autoconnects to known networks. Just turn off connection to unknown, unlocked networks and you'll be fine.
Re: (Score:2, Redundant)
I'm not that concerned with Karma, I post when I think I have something to add
How does the equivalent of "mod parent up" add to the discussion? The parent is at +5, but I doubt people just blindly follow what some random person says it should be modded to.
Re:Turn off wifi (Score:5, Funny)
From signature:
I'm not that concerned with Karma, I post when I think I have something to add
How does the equivalent of "mod parent up" add to the discussion? The parent is at +5, but I doubt people just blindly follow what some random person says it should be modded to.
So true. mod this up!
Re: (Score:2, Funny)
Mod child up! Won't someone think of the children?
Re: (Score:3)
The judge said I should stop thinking about children so much.
Re:Turn off wifi (Score:4, Funny)
So true. mod this up!
Okay.
I used to have mod points. (Score:3)
Change your MAC address (Score:5, Interesting)
Change your MAC address to a pseudo-random one every time you go out of your main home or work environment. It's possible on android and iOS devices.
Re:Change your MAC address (Score:4, Insightful)
"Change your MAC address to a pseudo-random one every time you go out of your main home or work environment. It's possible on android and iOS devices."
This would be of absolutely no help with an in-store tracking system. They don't care what your MAC address IS, they just use it to track you in the store.
And despite what the software vendors claim: a tracking system that assigns a MAC address to you walking down an aisle *IS* personally identifiable... as long as you are in the store.
Re: (Score:2)
It would prevent them from seeing that you're a returning visitor, and while you were looking at computers last time, this time you're in sporting goods, looking at baseball bats to use on said computer.
I'd imagine that would be the major benefit to these types of a system like this, rather than what you do within any given visit, which makes it a significant help against this type of system.
Since it would also fill their databases with noise, it would make it much harder for them to get any useful informat
Re: (Score:2)
They don't care what your MAC address IS, they just use it to track you in the store.
This is an easy one. If you're in Costco, you'd probably go back to get the toilet paper or paper towel and to the front to get a hot dog.(i.e. If you don't know what your customers visit, based on what they regularly buy you're probably not running your business right).
Let's Make a Deal? (Score:2)
Re: (Score:3)
Don't Just Turn Off Wifi (Score:5, Insightful)
Not that I've gone into a mall recently, but seeing any of the stores using this system would be the best way to make sure I never come back.
Re:Don't Just Turn Off Wifi (Score:5, Insightful)
Re: (Score:2)
Stop complaining about stores (those business owners aren't operating a store front because they like seeing you everyday) trying to maximize their profits, and take some responsibility for your own privacy!
We can do both. The fact that we should be looking after our privacy doesn't let the stores off the hook or excuse them from criticism of their behaviour. Nor does the fact that they're only in it for the money (duh)- that explains why they're doing it, it doesn't excuse it.
And to pre-empt another argument I can see coming from someone; no, the fact that we're free to shop or not shop at a particular shop *doesn't* change the fact that we're still entitled to criticise them as much as we like for that beh
Re: (Score:3)
Or the easiest solution that has no possible detriment: don't even care.
Why the hell should I give a damn that a store has a VERY vague indication of where my phone's MAC address is inside it, with no way to tie a name or any other identifying information to it?
It's not neccessarily that vague - with enough appropriately placed AP's (and not as many as you think - their software can look at signal strength from multiple nodes to triangulate your position), they can know your location to within a few square meters - precise enough to link your phone to your purchase when you go to the cash register (they may not be able to single you out the first time you visit, but after a couple purchases they will). Depending on what information you give when you check out (pho
Okay, nice joke. (Score:2)
Who taped a phone to a blind wombat on PCP?
That's what my track would look like. I just wander all around the store, grabbing stuff as it catches my eye, contemplating items I'll never purchase, backtracking and crisscrossing the store at random.
Re: (Score:2)
Who taped a phone to a blind wombat on PCP?
That's what my track would look like. I just wander all around the store, grabbing stuff as it catches my eye, contemplating items I'll never purchase, backtracking and crisscrossing the store at random.
That's exactly the kind of information they want: "Customers keep moving from the tools department to kitchenwares, then back to tools. Maybe we should move the two closer together.. or, luggage sales are slow so lets put the luggage between the two departments to get more walk-by traffic".
You may think your behavior is unique, but aggregated against tens of thousands of people, you might be part of the larger trend.
Re: (Score:2)
You assume that it matters what I'm looking for and where that stuff is located. It doesn't. Even if I know exactly what I'm buying and where it's located in the store, I still shop like a bump-n-go.
If "They" can take my data and do something useful with it, resistance is futile.
Re: (Score:2)
High five, bro! That's exactly what I do. I usually wander randomly around a store for 30 minutes or more before I pick up the thing I came for. Throws 'em off the scent.
"Always keep 'em guessing!" That's my motto.
Defeated by power saving (Score:3)
Most phones turn wifi off when idle to save power. All the time the wifi is powered down they can't track it.
Re: (Score:2)
I don't think my phone is ever "Idle" when I have the "Sync" setting turned on and Gmail accounts set up.
Re: (Score:2)
I can't wait to screw with this (Score:2, Funny)
Some people say it's time to turn off wifi.
Not me. I can't wait to hack the o/s to absolutely fuck with this as hard as I can. I hope the phone's drivers support messing with signal and power level.
I've done it with wardriving, I've done it with my laptop before connecting to any type of wireless point. I've even done it with wireless on my desktop, spoofing a specific authorized mac address of a piece of hardware I no longer own so I didn't have to log in to my access point and add it to the authorized l
Re: (Score:2)
Make a simple device that sets a new MAC every minute (or whatever their poll time is) and plug it in at the store somewhere unnoticeable. Fill up there their database with crap.
Re: (Score:2)
Some people say it's time to turn off wifi.
Not me. I can't wait to hack the o/s to absolutely fuck with this as hard as I can. I hope the phone's drivers support messing with signal and power level.
I've done it with wardriving, I've done it with my laptop before connecting to any type of wireless point. I've even done it with wireless on my desktop, spoofing a specific authorized mac address of a piece of hardware I no longer own so I didn't have to log in to my access point and add it to the authorized list.
I'll sniff for MAC addresses, I'll fake them, spoof them, build in a list of different hardware vendors. You'll see the same person in two different isles. You'll see 5000 people enter the store as I cycle through and sequential addresses as fast as I can for five minutes.
The analytics person is going to have so much fun. 0xdeadbeefbabe all over the place.
Sure, they'll filter me out. Or notice me as one oddball. But soonr or later those stats are going to get mass corrupted because it's my radio and I can broadcast anything I want as long as it's in FCC regs.
To whoever it is that'll be debugging that... i'm 20% sorry in advance, and 80% amused at the thought of the hair pulling this is going to cause.
Uhh...filtering noise like from the data is trivial. The software must already do filtering to filter out devices picked up from users out on the sidewalk passing by the door... when they see a MAC address with a very short track through the store, or a MAC that's moving faster than walking speed, they delete it.
But soonr or later those stats are going to get mass corrupted because it's my radio and I can broadcast anything I want as long as it's in FCC regs
You can broadcast anything you want as long as it's withing FCC regs, but if you broadcast something that's not 802.11, you'll automatically be ignored. And the store is most interested in aggregat
Gas points (Score:3, Insightful)
They will track your movements with facial recognition cameras.
Insurance company will know how much butter, beer and beef you are buying.
Your car will track your driving habits and your TV will track your entertainment.
They will know when you are happy, sad, indifferent or lonely and will provide a product or service that will hit the spot.
Just relax. They have your best interest firmly in mind
Do wifi devices broadcast always? (Score:2)
Why do wifi devices broadcast anything when they are not in range of a known SSID? That seems a bit pointless to me.
Bluetooth tracking like this is very common, because Bluetooth needs to constantly announce its existence so that paired devices know that they must respond. Wifi access points need to broadcast for almost the same reason. But why do regular non-AP non-peer-mode wifi devices broadcast anything? They ought to be silent until they find something to speak to.
Re: (Score:2)
(how else do you automatically connect to non-broadcast SSID networks?)
I was hoping the answer was "you don't automatically connect to non-broadcast SSID". Non-broadcast SSID is a cruel joke.
It is handy to try & connect to unencrypted wifi networks automatically, so you get a message that wifi is available.
You can tell that a wifi network is unencrypted straight from the SSID broadcast, no need to connect.
How long... (Score:2)
...until some one starts spoofing multiple devices just to mess with their data? It would serious mess up their day to see 128 devices in the store but only see 5 people on the cameras.
\would buy that app.
Here's what's really scary... (Score:5, Insightful)
Any smartphone can see all the MAC addresses of all phones and access points around it, bluetooth or WiFi (if enabled of course). With GPS positioning on most of those devices and a Giant Corporate Big Brother aggregating the results, all of us are reporting on our proximity to each other.
We all know that Google's wifi geolocation stuff works this way - by tracking which fixed wifi base stations are in range and correlating with a GPS fix. People forget that Google can also identify other phones within range of your phone, and they know which Google accounts are attached to those devices.
Google really does know who is sitting next to you on the train or in the coffee shop, who your jogging partner is, and which whore you visit when your wife leaves your general vicinity.
I bet they do some amazing automated profiling. This guy is a garbage man and works with these people, that guy likes to sit in coffee shops and this woman is usually also present, she's not his wife, so lets advertise couples vacations and cheater sites, this other woman visits a preschool every day and is probably a parent, let's suggest other parents from the same preschool as her Google+ friend...
Re:Here's what's really scary... (Score:4, Informative)
We all know that Google's wifi geolocation stuff works this way - by tracking which fixed wifi base stations are in range and correlating with a GPS fix. People forget that Google can also identify other phones within range of your phone, and they know which Google accounts are attached to those devices.
While that is certainly a possibility, I doubt that it is currently happening because it requires putting the wifi nic into monitor mode in order to sniff for wifi packets from nodes that are not associated with the same access point or ad-hoc network. The vast majority of wifi nics can not transmit when in monitor mode - thus making it useless for normal networking, which would tend to tip people off pretty quickly that something wasn't kosher.
If you have documented evidence of google using monitor mode on people's phones, bring it on. That is the kind of thing that needs to be widely publicized if it is happening.
Re: (Score:3)
Supposing I visit some tax-dodging coffee shop. My phone picks up the free wifi there, and reports its location back to Google. Lots of other people who are there enjoying their tax-free coffee flavoured drink have phones which also pick up the free wifi and report the location back to Google. Google therefore knows who is in the coffee shop at the same time as me without my phone picking up other phones directly.
Re: (Score:3)
While that is certainly a possibility, I doubt that it is currently happening because it requires putting the wifi nic into monitor mode in order to sniff for wifi packets from nodes that are not associated with the same access point or ad-hoc network.
No reason at all why this couldn't be done. It's a single command on most Linux systems with a wireless card.
The vast majority of wifi nics can not transmit when in monitor mode - thus making it useless for normal networking, which would tend to tip people off pretty quickly that something wasn't kosher.
So do it while the wifi connection is not in active use and the phone is idle in your pocket. Extra credit for enabling wifi without showing an activity indicator. No reason this couldn't be done, either. Quick bursts at idle when phone is not in active use.
If you have documented evidence of google using monitor mode on people's phones, bring it on. That is the kind of thing that needs to be widely publicized if it is happening.
I have no such evidence, but I'll be damned if I'm not going to investigate now. I'm guessing that the Google Location Services TOS that every An
Re:Here's what's really scary... not really... (Score:4, Interesting)
For example, if my signal strength to the AP is 80%, and your's is 80%, that does not mean we are next to each other. We can be on opposite sides of the AP, or we can be at some other arbitrary location, where each of us has a different obstacle blocking the direct line of site to the AP, reducing the signal strength by differing amounts. Plus we have no idea what the transmit power is on each device.
You may be able to get a reasonable guesstimate of proximity to the AP, but not spatial orientation to the AP. (ie, you are within 20 ft of the AP, but you don't know in which direction), and certainly not between each peer. The phone will not be able to give you proximity information to another phone using wifi, because the stock chipset on Android and iOS does not give you access to read these beacon packets from arbitrary un-connected devices. I've been able to get it to work in the lab, but only when I use specific hardware/chipsets, with special drivers/firmware.
So all I'm saying is that people are making this to be a bigger deal than it is.
Re:Here's what's really scary... (Score:3)
Not that it matters, but it doesn't work that way... (My full time job involved researching proximity algorithms)... Using Wifi as proximity, you can tell that say these 5 particular people are in a room, but you have zero idea the spatial relation of each of these 5 people to each other, without the aid of other sensors. Wifi or bluetooth will not give you spatial relationships in any meaningful manner.
The problem is that this is all happening over a long period of time, with a constant location fix. So you're right that a one-time scan of nearby devices is pretty much useless - but looking at who was near me every time I go to my favourite Starbucks over the course of a year will give you a pretty good idea of who is actually there with me.
Spatial relationships in a room less to Google than knowing who is part of my life, and who to suggest I might want to make part of my life.
Re: (Score:2)
Not really. I go to the gym everyday at the same time, and I see the same people there everyday... That is a coincidence that we have similar schedules... I am not in a relationship with any of those people I see regularly.
...and that's easily guessed by the fact that there is a large group of people showing up at the same place on a fixed schedule. Pretty simple to write a "group activity" recognizer. And there's a gym at that address. Okay, fitness class. Now we can sort people for "fitness activity" by their attendance. Great, now we have list of people ranked by how serious they are about their personal fitness. Let's advertise supplements to the top 30%, personal training to the middle 30%, and fitness DVDs and McDonalds
Re: (Score:2)
I see what you're saying.
My only point is really that maybe Google can't say you were "with someone" because you were both at the same Starbucks a couple of nights a week for a month.
But if you start being in proximity with that someone in other places during the course of your day over several months, then all those previous proximity events are much more likely to have been "with that person".
You're absolutely right that Google or anyone else can't decide you are with someone just because your devices can
Re: (Score:2)
If there is more than one AP within range, which is quite often the case, I can currently see 7 of them, then it would be possible to figure out whether you are next to each other or opposite sides of the AP.
Re: (Score:2)
It's not as easy as you think. I spent a long time researching this, and I had a Mathematics PHd on staff helping me. I was able to get granularity down to about 15-20ft, when I saw about 20 access points. But 15-20 ft is still pretty big if you are trying to get spatial orientation between people...
And even then, even when I saw 20+ AP, I was still able to find points inside our building where I got matching signal-strength profiles from the APs as another location pretty far away. Remember, proximity detections is not the same as location tracking. I can get unique profiles from contiguous location blocks, but I can't guarantee the same for non-contiguous blocks.
A Cisco MSE will get your location down to around 3 - 5 meters, with 4 or 5 nearby AP's
http://www.cisco.com/en/US/products/ps9742/products_tech_note09186a00809d1529.shtml [cisco.com]
Re: (Score:2)
All they need are two or more access points and they can triangulate by signal strength.
Re: (Score:2)
Why are you limiting this to Google?/quote>
I'm not. They're just an easy example.
Cisco/ThinkSmart (Score:3)
Cisco's acquisition of ThinkSmart Technologies was all about leveraging WiFi for customer analytics. http://www.cisco.com/web/about/ac49/ac0/ac1/ac259/thinksmart.html [cisco.com]
It's more than just tracking who goes in and out of a store- it's about dwell time, product placement and spot marketing.
I Smell a DOS prank (Score:5, Interesting)
Presumably they are looking for the initial broadcast packet that starts the handshake to establish a wifi connection with a base station. Seems like you could mess with these guys if your phone had an app to dynamically change the MAC address on every handshake, you could also speed up the rate of such handshake initiations. Wander the aisles for a half hour and the store's now got a million bogus entries in their tracking database.
People really leave WiFi on? (Score:2)
Re: (Score:2)
3g/HSPA+/4G sucks more out of your phone than Wifi. Access Point scanning is trivial to your battery life, so if you're always at home or near an access point you can use, you would save battery life by keeping wifi on.
Also, GPS doesn't turn on unless requested by a process (not service). So leaving GPS on all the time does not affect your battery whatsoever, unless you like to open Maps all day with GPS off.
Real-life testing on what drains the battery (Score:3)
3g/HSPA+/4G sucks more out of your phone than Wifi.
True.
It goes something like: ... with GPS using 10x lower power than C/GPU.
1. C/GPU
2. Screen + backlight
3. Calls or sending/receiving data
4. Camera
5. Vibrate
6. Screen no backlight
7. GPS continuously receiving
When idling, your smartphone is using maybe 2 orders of magnitude less power than eg browsing. Since smartphones are idling a lot of the time, these numbers become significant.
8. Automatic checking whether anyone's messaged you on FB/Twitter is a significant battery killer. I don't have figures for th
Re: (Score:2)
Not *all* the time, but e.g. you can get better location data (for your mapping use, not others tracking you) by using the WiFi networks' locations as well as GPS, as the iPhone tells you if you have WiFi off.
I turn off GPS & cell service (though often including WiFi, in "airplane mode") more often to save battery.
I believe this assumes (Score:2)
So imagine my surprise when I saw at Macy's last night - they have in store WiFi! The evil in my wants to war drive it and see what else I can access.
and who cares? (Score:3)
if tracking were only ever used for advertising, i would not have any problem with it. my concern about tracking is that people with the power to fuck my life over will get a hold of it and use the data irresponsibly. sorry, but i just don't see how "walked down aisle 3 five times on Sunday" can contribute to that.
when i see people who are deathly afraid of advertising, i wonder why. there's an old saying among door-to-door salesmen that you hit the houses with signs reading "no solicitors," exactly because the occupants are easily influenced; after all, that's why they put the sign up.
with two exceptions, i research my purchases meticulously before making them. the exceptions are a limited amount of impulse buys (for example, i know they put the candy bars exactly in that spot to maximize sales, but i don't care; i knew that i'd be buying the damned candy bar before i entered the store) and... actually that's about it. the other exception involves my hobbies, but it's not like i ever go to a fountain pen or book store without a budget anyway. i just let myself enjoy the experience more than other places.
i'm fairly confident that i am mostly resistant to advertising. in fact, i can identify the ubiquitous re-use of phrases and images that are "proven" by marketing psychologists to influence people and it's just mildly nauseating. now maybe this is the dunning-kruger effect, but looking around my home, i don't see much stuff that i regret buying, so i'm either making good decisions or i am completely brainwashed. i suspect the former.
Re: (Score:2)
sure, and if life has become such a dystopian surveillance hellscape, i'll either emigrate or start removing the battery from my phone, &c.
and your magical insights into my personal life are truly stunning. i'm impressed. tell me, do you really believe that no one can be accurately confident in their resistance to advertising, or did you use your non-existent information about my life to give me a personal diagnosis?
No they are not.... (Score:2)
Tasker.... My wifi is turned off unless I am at a location that I want it on. If you own an android phone and dont use tasker, you deserve to be tracked.
That's Fine (Score:3)
That makes up for me stalking their aisles for products and then buying them online for cheaper.
Can be used to catch people too.. (Score:2, Interesting)
We had someone vandalize one of our cars. Long story short, it was my sons X girlfriend. See lives about 60 miles away but at 3:20am, I saw her iPhone attach to my access point. I knew it was hers because I've seen it in the logs from when she was welcome in the house. That time in my logs matched the time frame a neighbor saw someone running through our yard. It never actually made it to a court but she admitted it when questioned by the police.
I live in a pretty rural area and you have to be much clo
Re: (Score:3)
Re: (Score:2)
I would have thought they'd already be doing this with credit card details since forever anyway, and getting much more informative data to mine as a result.
Most credit card companies do not allow merchants to hang on to credit card details except for subscriptions.
Re: (Score:3)
There is no maybe about it, tracking is the primary reason for loyalty cards. The other reason is that people love "points"; they will often go for points valued at 1% of the purchase rather than pick a competing brand which is 10% cheaper...
Re:Why does this matter? (Score:4, Insightful)
No, that's not what it means at all. It means they'll be able to better tailor their store to profit off of you. Generally, that's not a good thing for you.
Re:Why does this matter? (Score:5, Interesting)
No, that's not what it means at all. It means they'll be able to better tailor their store to profit off of you. Generally, that's not a good thing for you.
That is worth repeating. All of this "personalization" stuff is not about making your shopping experience better, it is about maximizing the amount of money you spend. Any benefit to you is purely incidental.
Re: (Score:2)
Why does shopping (and everything else) have to be an "experience" these days? Can't I just go buy my food and be done with it? No need for any fancy "experience" there.
Re: (Score:2)
if it's bad for the store to "profit off of you," what are you doing there in the first place?
Re:Why does this matter? (Score:5, Interesting)
The trouble starts when all mac address's activity gets logged into big data and stays there.
Then later on, your mac address gets cross-referenced with your real name and phone number and personally identifying data some day (because, for example, you may frequent Starbucks or locations that feature free wifi).
Suddenly, without anyone really trying, your every movement throughout the day just became trackable and they know how to reach you.
Re: (Score:2)
No need for "big data" for that. Single store data is enough.
Buying stuff with credit card (or in-store discount card that's linked to your person or so) this more than enough. All they have to do is record all MAC addresses of people in the shop when you make our purchase, and link those to your credit card. Next time you go there again, they do the same, and eliminate all non-duplicate addresses. Good chance they end up with just yours. If not, the third time will likely do. The chance that some random p
Re:Why would it matter if it were hashed? (Score:4, Insightful)
Isn't a hashed MAC address going to be the same every time? Seems like it would be easy to match the phone to a person if they made a couple credit card purchases on separate trips into a store.
Correct, hashing does not do anything useful here except keep up the pretence. Well it prevents multiple-vendor networks from combining logs from different vendors, but I bet all monitoring devices from a single vendor use the same hash.
Re: (Score:2)
Well it prevents multiple-vendor networks from combining logs from different vendors, but I bet all monitoring devices from a single vendor use the same hash.
Only if they would salt the MAC addresses. Not likely to happen. They probably just take a plain MD5 or SHA2 hash.
Re: (Score:2)
(Not to be a pedant, but it's "pretense" by the way.)
British vs. American English. I try to stick with British, but I am not always successful.
Oxford Dictionaries entry for pretence [oxforddictionaries.com]
Re: (Score:2)
My apologies, I wasn't aware British English spelled it "pretence".
Re: (Score:2)
Indeed, this really confuses me as well.
If I am connected to a wireless network they can track me, but I rarely bring my home wireless router shopping with me. Do unassociated devices really send out "hey there!"-packets from time to time, and if so, why do they do that and how can I make them stop?
I had a play around with airodump-ng for a few minutes, but I only detected one unassociated device and that one seemed to be attempting to associate to a nearby SSID.
Re: (Score:2)
Re: (Score:2)
no they dont. Because sniffing that costs $5000-$8000 per sniffer.
Where as wifi trackers are less than $70.00 each by using unifi AP's.