Google Describes Wi-Fi Sniffing In Pending Patent

theodp writes "After mistakenly saying that it did not collect Wi-Fi payload data, Google had to reverse itself, saying, 'it's now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) Wi-Fi networks.' OK, mistakes happen. But, as Seinfeld might ask, then what's the deal with the pending Google patent that describes capturing wireless data packets by operating a device — which 'may be placed in a vehicle' — in a 'sniffer' or 'monitor' mode and analyzing them on a server? Guess belated kudos are owed to the savvy Slashdot commenter who speculated back in January that the patent-pending technology might be useful inside a Google Street View vehicle. Google faces inquiries into its Wi-Fi packet sniffing practices by German and US authorities."

Mr Hyde?

[symes]

It seems there's one bit of Google that really wants to sniff packets and another side, probably PR, that doesn't want the bad press. At the end of the day they're now just another multinational corporation with potential markets rather than individual customers.

What website is this again?

[Anonymous Coward]

I am totally unconcerned with Google or anyone else collecting this kind of data. If you don't want anyone to know about your access point then stop broadcasting for hundreds of feet over public property. If you don't want me to decrypt your satellite feeds to get free TV then stop broadcasting it into my receiver on my property.

Re:Wardriving?

[gilesjuk]

Why patent it? is that to stop other people doing the same?

Honestly, Google, Microsoft, IBM, Apple and co, put them on a big ship and sink it. They don't want to compete, they want to lock up very generic ideas and stop everyone else from using them.

Re:What website is this again?

[Anonymous Coward]

I am totally unconcerned with Google or anyone else collecting this kind of data. If you don't want anyone to know about your access point then stop broadcasting for hundreds of feet over public property. If you don't want me to decrypt your satellite feeds to get free TV then stop broadcasting it into my receiver on my property.

I don't mind that people see me when I go out on the street.

But at the same time, I don't want Google or any other company to film me, and digitally store every trip I make.

But following your line of thought, I should reason that if I don't want Google to film me in my own street, then I shouldn't go outside.

Oh come on, this is ridiculous.

[ZorbaTHut]

The patent is for capturing the metadata and analyzing it. Guess what the Google van was supposed to do? That's right: capture the metadata, and analyze it. Nobody's disputing that, nobody ever has disputed that.

The accidental part is that it turns out they were capturing more than metadata. The patent doesn't talk about doing that, there's no evidence Google ever intended to do that, and it's difficult to determine what they could possibly gain from it anyway.

So, here, let's improve the headline.

"Google Has Pending Patent For Exactly The Process They Tried To Implement, But Slightly Screwed Up"

SHOCKING!

Misleading summary?

[chrb]

But, as Seinfeld might ask, then what's the deal with the pending Google patent that describes capturing wireless data packets

The deal is that the patent describes capturing and analysing wireless data packets to extract the IP adress alongside GPS coordinates in order to enhance Google's IP geolocation accuracy. The "mistake" that they owned up to is actually dumping and storing all packets, not just the external IP address. Those are two different things.

Re:Mr Hyde?

[AHuxley]

"harm was done" is a slope many parts of the world do not want to slide down.
They have strict laws to make sure you do not record people on cameras, voice calls and now data.
What google did was intercept communications not intended for them and keep the fragments they sucked up.
They did this around the world, long term and had to set the tech up to do it and keep the data collection going.
When caught by the press they tried to fake their way out with a local admission and then where forced to tell more of the truth only when exposed further.
Google missed a request from the German gov to show what data they collected and how it was stored ect.
That kind of throws "accidental" and "pretty useless" out.
"Accidental" would be a beta test car in one city, data dump found, turned off and local permission to wifi map requested.
As for what it is used for, who knows what google sells in bulk beta form to its customers about its consumers (end losers).
How many external eyes got to scan city maps with MAC, IP and plain text data for keywords?
From spam to ip misuse to police raids to state task forces and COINTELPRO 2.0 dreams?
The state sends out spyware/p2p hunt, finds an open MAC and wants to sneak and peak based on googles "bulk" data.
Wrong family, wrong time, right MAC.

Re:What website is this again?

[Anonymous Coward]

Meanwhile, I have 4 seperate Linksys WRT54G-TM units sporting directional antennae in the attic along each of the outside walls in my house. Each broadcasts the SSID and makes NO use of encryption. When the most sensitive site I could possibly log in to without requiring https is going to sell my strawberry harvest datum to its sales 'partners' anyway? It seems to me that security should be starting a little further from home.

In addition to good will toward and from my neighbors, I receive plausible deniability and the 'occasional' monetary donation from anonymous philanthropists (One cannot resell internet access via my current provider).

In all honesty, other than a little bandwidth (which I control from my edge router), what advantage do I have in keeping other people out?

• My private shares are password protected and the non-password protected shares aren't intended to be private.
• Any sacrosanct websites already have encryption in the form of SSL (https)
• My internal network stuffs are properly hardened and firewalled from both the Internet zone as well as the wireless zone. It's seriously not much more work to have 2 zones setup proper than one (You do have your network properly secured from the WORLDWIDE internet, don't you?).
• My neighbors know where to throw a few bucks when they need minor repair, etc.

Oh, and the neighbors listen when I tell them to Stay Off My Lawn. ...
Profit?

Re:What website is this again?

[FuckingNickName]

You do realise that sending an SSID over the airwaves is not an implicit offer to "the public" that you "advertise a service", yes?

I mean, if I put a sign in front of my house giving the name of my house, am I telling you that you can come in and use it at your whim?

No. No, I would't. Not at all.

[JSBiff]

They were sniffing OPEN, unencrypted networks. I don't think anyone should go to jail or even be sued for that. If you don't want people accessing your traffic, encrypt it. I mean, I could see the argument that if you used *any* kind of encryption, even WEP (which we all know is easily broken), then you have a reasonable expectation of privacy, and if someone cracks the encryption, then they should be legally liable. But really, if you don't take any measures at all to protect your wireless network, then you have no expectation of privacy.

It's fair game for all the world, as far as I'm concerned. I don't see anything evil about that. That's like hooking your telephone speakerphone output up to a big-ass stereo, turning the volume way up, opening your windows, then complaining when passersby on the street hear your conversation.

Re:No. No, I would't. Not at all.

[Anonymous Coward]

No, this is like using a long range mic to pick up private conversations.

Yes, if they want to have a "private" conversation, they should have it inside a sound proof room, just like Google cheerleaders like you insist everyone should use encryption to avoid this. Try telling that to grandma.

Re:What website is this again?

[Anonymous Coward]

Unencrypted networks are not a grey area. You're just making them out to be since it fits your immoral and illegal behaviour.
1) The majority of new APs do not have encryption enabled by default
2) If you are unsure of its reason for being open, assume the safest option, not the one that just happens to suit you
3) The AP is broadcasting its open status, not the owner. Last I checked, electronic devices do not have the legal right to grant permission to their connection

This isn't ethical rocket science, just another example of the free culture "Generation Me" retards.

Re:Mr Hyde?

[LordLimecat]

They did this around the world, long term and had to set the tech up to do it and keep the data collection going.

Perhaps its silly of me to ask, but is this speculation, or fact that can be sourced?

Google missed a request from the German gov to show what data they collected and how it was stored ect.

My understanding from every article ive seen on the topic is that, whilst complying with the German authorities, they discovered the issue, promptly announced it, and complied with requests to delete the data. Can you provide a link that shows otherwise?

How many external eyes got to scan city maps with MAC, IP and plain text data for keywords?

Is this like that whole "did glenn beck rape and murder children in 1990" thing, where you can ask questions based in fantasy to imply wrongdoing? Do you have any evidence that anyone other than a computer actually saw the payload data?

The state sends out spyware/p2p hunt, finds an open MAC

What the hell is an open MAC? A rooted Apple computer?

Why was your post rated insightful? One can see by references to "Open MACs", "P2P hunts", and the implication that IP addresses are personally identifying / private that you have no idea what the hell youre talking about. Half of your post is directly refuted by every article we've had on this topic since it came to light.

Re:What website is this again?

[jabbathewocket]

That logic is precisely the definition of slippery slope... if tommorrow it is announced that a brand new version of wifi needs to be installed to prevent "breaches in security" does that mean that everyone who does not spend $$ to update immediately is deserving of being considered (legally at any rate) having "opened their network on purpose for any and all to use in any way they see fit" ?

There are *alot* of ancient B devices, not to mention a huge number of newer G devices that simply do not interact properly (or at all) given the not always overlapping security choices.. IE Device A can use X version of G security, device B can use X Y Z and device C can only use Z type. but all support "open"

Does that mean that because this combination of devices only works properly with open security (and requires broadcasting SSID) that these networks are LEGALLY fair game for any and all to do whatever they please with?

Ultimately it comes down to "just because you can do it, does that make it morally and legally the right thing to do? I would say that historically the legal allowance of behavior hinges far less on the "is it possible" and more on the "is it the right thing to do"

As far as Google vs "others" is concerned.. its again about slippery slopes.. allowing Google to capture supposedly "unidentifiable information to determine location" is a great way to open the door for others to do things that perhaps we do not as a society want them to do.. the "do no evil" mantra that Google tries to portray around itself.. should extend to not opening the door to evil, even if they are not doing the evil themselves (which is open to debate in many ways but that is a subject for another post.