Google Street View Cars Caught Snooping on Peoples Wi-Fi Networks

reply to post by mattifikation


Well you do have Google on that computer and It doesn't take a genius to type a search for 'mac address'...

You'll find links to how to change your mac address on the first page.

It's called 'research' and something a smart person would do before posting about it. You should never take anything you read at face value, always check it out for yourself before spreading alarmist stories. You have time to read stories and post them on ATS then you have time to do research.

BTW I left home at 16 which was probably before you were born, so please be careful with making assumptions and judging people, thanx...

reply to post by mattifikation

I absolutely agree with your post, star for you.
I don't know why google is doing this, maybe the reason is not sinister, but I prefer if they don't, at least if they don't have a good reason to do so.

Originally posted by stumason
reply to post by TXRabbit

 

Indeed.

I also query how exactly they can tie a MAC address to an individual street address too. Just detecting a Wifi Network doesn't tell you were someone lives, unless they named their network with "123 Dipstick Avenue". There is also nothing stopping anyone else doing this either, it aint just Google. Shady types can sit outside your house too.

However, if you are a peado/terrorist/drug lord and want to keep secrets, then just go and buy a new router or what have you. MAC addresses are fixed to each physical device at the factory. Google are not going to be driving around your neighbourhood any time soon, so it's a total non-story.

Check out Kismet, which will with the GPS plugin direct you to exactly the address of the wi fi network based on the Lat and Long coordinates. Now with the uproar of the census taking Lat and long coordinates during their recent census, this could really become an issue.

Having said all of that, most routers allow you to change the MAC address either by cloning the local systems MAC, or by typing in your own. Some ISP's require you to register your MAC with them to get internet access in the first place, so this is where the cloning facility is generally used.

Google need only access the census database to cross reference the MAC addresses with the GPS locations and compare that to the coordinates provided by programs like Kismetand they will indeed know where you live.

Unless you know what the hacker/phreak is going for..how can you with any certainty claim the average person has nothing to hide? Even something as simple as your identity is worth big $$ to the right (or wrong) people....

Just saying.

..Ex

reply to post by ANOK


You don't have many friends who aren't computer nerds, do you? I have quite a few, and with or without plain English instructions they have a hard time using their computers. And at any rate, the issue isn't whether or not it's difficult to change your MAC address. The issue is whether or not Google is wrong to drive around recording them.

The only valid argument anyone has put forth in Google's favor is that they probably weren't actually able to record any network's exact street address - and even that is only an assumption based on probability.

Regardless of how easy it is for YOU or for ME to Google how to change your MAC address so that Google won't have a record of it anymore, the vast, vast, VAST majority of people using the Internet have never even heard of the term "MAC address" before. Chances are, people won't be looking up how to change something if they don't even know it exists, or that some crooked billionaires are sending people to drive around recording it.

And for those people, telling them "Okay, now you have to Google how to change your MAC address and do it, or you don't deserve privacy anymore" would be like if I told you, "Okay, now you have to Google how to change your car's transmission or you don't deserve to shift gears anymore." And before you bypass my point completely, if you're also a mechanic or something and you know how to change a transmission, then just pick a different analogy.

And I don't really care where you live or how old you are, my point was that having a life outside of computers doesn't make somebody a "n00b" with no right to privacy. Way to miss it completely.

Originally posted by mythatsabigprobe
reply to post by stumason

 

Stu, Google has cars and drivers mapping every street in every country. They have your house photographed I'll bet and therefor they have your MAC address logged if you have a wireless network. I see it doesn't bother you, but that would mean that every site you've ever visited and every comment you've ever made on a blog like this could be traced to you regardless of your IP address. Never clicked a link in somebody's post and ended up somewhere distasteful? Never said anything that might look bad to a prospective employer? Never discussed anything you want kept private in an IM or email?

With your MAC address it's possible to catalog everything that computer ever did on the Internet and Google has the databases and computing power to do it.

The above is not even remotely true. Not even a little bit. The MAC address isn't some magical fingerprint that your systems has, gawd keep the dis info to a minimum please.

Originally posted by TXRabbit
if you're worried about someone recording the MAC address of your WAP, simply run out and buy a new one - often. I'm sure you can replace your unit faster than Google can schedule another drive-by
More fear-mongering on an uneducated public..

As previously mentioned, some ISP's require you to register your MAC with them in order to gain internet access at all. So once you change your address, you would still have to register it again with the isp which may or may not share that info.

Originally posted by who-me?

See above..

Originally posted by stumason
EDIT 2: You are also aware that when you visit Google's website, they can see your MAC address to? It's broadcast out in every packet your computer sends, whether it be wired or wireless.

Actually, they can't. The last router you hit before you reach that server is the only MAC address they would get. Plus you can only get the MAC's if your connected directly to that machine... the command is Arp -a X.x.x.x where x is the ip address of the machine you are connected to.

Originally posted by LieBuster

You are correct. This is how ARP works.

Originally posted by ANOK
You can even install software that changes your mac address every re-boot.

Originally posted by joesomebody
Beat me to it...I was going to call everyone a n00b for not realizing this. You can even change the router's MAC address as easily.

Please see above statement regarding ISP's and registered MAC addresses.

Originally posted by anti-spin
I believe that a HTTP server cannot find out the clients MAC address, so if I am right, then Google cannot find out a visits MAC address by them simply visiting the website.

Both you and Liebuster are correct, only the last hop would be forwarded, and not the originating MAC of the ip request.

Ok I think I got everybody.
For the record, I'm old, and I run an ISP. I have direct access to some extremely expensive gear and servers and have been doing this for about 15 years. This isn't to say I know, "it all", but I know a lot. I don't live in my parents basement, my parents have been dead lots of years.

Google should NOT be doing this under any circumstances. In your neighborhood, driving by your house, they CAN get your MAC address, but they cannot from their webservers when you are searching.

Even if they get your MAC address, it isn't some kind of magical entry that gives Google the unlock code to your entire internet history. They have that when you use them to search for things. Don't like it, use a different search engine.

thanks
..Ex

Google did ask for help from the NSA to help with it's "security development" so perhaps Google was returing a favor?

We all have a right to our privacy, and Google has no right to invade it for any reason.

Originally posted by mattifikation
reply to post by ANOK

 

You don't have many friends who aren't computer nerds, do you?

When you start with assumptions I don't bother reading the rest of the post.

If you can post on a forum you know how to use Google and research stuff, it's got NOTHING to do with knowing HOW to change your mac address. All you have to do is Google the subject of the article which was (ironically) 'Google Street View Caught Snooping' and recording peoples 'mac address', so you research 'mac address' and find you can CHANGE IT. Simple. End of conspiracy, no big brother out to get you.

It's about researching the topic you're posting on, not knowing how to do nerdy computer stuff. But wouldn't it be smart too learn this stuff if you're, you know, so paranoid about it...Be proactive, not a whining victim.

I started out nice, by adding the information to the thread, but for some reason some people don't like their fantasies messed with I guess...

[edit on 4/26/2010 by ANOK]

Originally posted by v3_exceed
Actually, they can't. The last router you hit before you reach that server is the only MAC address they would get. Plus you can only get the MAC's if your connected directly to that machine... the command is Arp -a X.x.x.x where x is the ip address of the machine you are connected to.

Indeed, I was incorrect there. I do Transmission in my day job (layer 1 to you IP fluffy coud types). I was getting confused with the destination/source MAC header in an Ethernet packet and the destination/source IP address header in an IP packet.

As for those saying people don't have a clue as to what a MAC address is or how to get it changed, I'm afraid ignorance is no defence. It's like not securing your WiFi network and therefore allowing someone to access it for kiddy porn. Ignorance would be no defence, I'm afraid.

Might just be me, but whenever I use something, i like to know what I am doing and how it works. I don't have much sympathy for the ignorant who won't learn.

This really is a non-issue, to be honest.

I also don't get the arguments against this OP.

I don't care how easy it is to workaround, it's disgraceful that i should have to.

It doesn't matter if you consider wi-fi to the equavalent of having a conversation with a megaphone, i actually agree with you there, but as soon as somebody shows up and starts writing names down its already gone too far.

Stop using google? Stop using wifi? Stop using the internet?

Perhaps. But if nothing else, it shows google lied about WHAT it was recording.

What else does google lie about? (lies NEVER travel alone)

I do not believe for a moment that advocates of invasion of privacy intend the same to apply to themselves. They're too clever to get caught in THAT trap

[edit on 26-4-2010 by harryhaller]

Originally posted by mattifikation
Okay, I'm about to just plain OOZE sarcasm here when I state:

Yes, people, the solutions you are presenting are absolutely viable for the vast majority of computer users, who as we all know are capable of doing so much more than turning on their computer and clicking on the picture labeled "Internet Explorer" to make their web browser come up.

Sarcasm over, now for the "Shame on you, fellow ATSers" portion of my post.

I suppose you also all believe that if somebody isn't computer savvy, they automatically forfeit their right to privacy. That seems to be what you're saying... "If you don't replace perfectly functional hardware to change your MAC address, you deserve to be spied on!" or "lol n00b doznt kno how 2 sekure hiz netwerxz lolz!"

What a bunch of elitists. The vast majority of us have better things to do than live in our parents' basements playing WoW on one computer and taking MCSE courses for shoots and giggles on two others, but if you think that nullifies our rights to privacy then you need to grow up.

yeah, i would say the vast majority of computer users dont even know waht a MAC address is, and certainly dont know how to change it.

other than that, is google becoming big brothers adopted little brother?

Originally posted by ANOK


When you start with assumptions I don't bother reading the rest of the post.

Clearly you didn't, since you failed completely to address any of my points.

I just like to add something here. ISPs of some countries have been recording LAN and Wifi MAC address of users via modem/router (part of internet package).

One notorious brand is 2Wire. The company based in California but its products' admin interface firmware customized to ISPs worldwide. ISPs using this brand have full knowledge (and control) over modem/router and users' connection info.

Unlike other router brands that can change firmware to open source DD-WRT, 2Wire is different.

If you're someone who intends to use your computer and wifi adapter for top secret missions, please avoid connecting to your own ISP 2Wire (if you're using one).







[edit on 4 26 2010 by wisdomnotemotion]

Originally posted by ANOK

Originally posted by joesomebody
Static IP addresses are more of a concern.

Use a proxy server?

www.ipaddresslocation.org...

nOOb

No thats the last thing to do if you don't know what you are doing

Most proxy servers pass you IP in the header as Proxy_For whilst others encrypt your IP and pass it as an eTag in each request so they can find you later if they need to.

Do you realy think someone is going to lend you band width without getting something back ?? Many are just waiting for you to make a mistake and type in a password or ID

I've written a proxy server from scratch and it would not be to hard for me to tweak it for a man in the middle attack using SSL to get your credit card numbers and not only does a proxy server get to read your cookies and such like it can also write cookies so that Googles PREF= any thing you like. This is something i will be doing myself so lots of users all get to share Google cookies because i see this as the way we need to fight back with Big Bro.

Trying to find a free public proxy server that has the performance, lets you post and is not watching you is like finding hens teeth and is not to be truted at any costs with passwords.

The Tor network is the only one i would trust and i think i'll move towards a SSL paid for proxy server so that my ISP get to see as little as possible.

Originally posted by mattifikation



I suppose you also all believe that if somebody isn't computer savvy, they automatically forfeit their right to privacy. That seems to be what you're saying... "If you don't replace perfectly functional hardware to change your MAC address, you deserve to be spied on!" or "lol n00b doznt kno how 2 sekure hiz netwerxz lolz!"

What a bunch of elitists. The vast majority of us have better things to do than live in our parents' basements playing WoW on one computer and taking MCSE courses for shoots and giggles on two others, but if you think that nullifies our rights to privacy then you need to grow up.

I know we're not s'posed to do this. But...

Oh... BANG!

You nailed it. Not to mention, that I sneezed soda out my nose, and 'bout fell outta my chair laughing...

"..."lol n00b doznt kno how 2 sekure hiz netwerxz lolz!""

Mwaahaahaa!

Oh gawd... *wipes a tear* That was friggin' great.

There is no way, I coulda said it that well. On behalf of the veritably technologically illiterate, (self acknowledged and otherwise) everywhere...

Thank you.

Originally posted by LieBuster
Do you realy think someone is going to lend you band width without getting something back ?? Many are just waiting for you to make a mistake and type in a password or ID

OK don't like proxies then just change your IP addy...

www.ehow.com...

Or ask your provider for a dynamic IP (which has it's pros and cons also).

Again it is better to research solutions than whine about it and act like a defenseless victim...

It's not that hard, even for those with learning difficulties...

But what I'm saying is that it's completely impossible for people to even look up how to change their MAC address or change their IP address if they've never even heard either term before. Even something as simple as putting a password on your wireless network becomes a challenge to people who don't even know that they can or should put a password on their network.

If you stood 100 yards away from a McDonald's and asked 10 people "How do you find a MAC address," I bet 5 of them would point and say "It's right there."

As I've said before, even a complete and total lack of technical knowledge does not forfeit a person's rights.

Originally posted by ANOK
It's not that hard, even for those with learning difficulties...

I had a look but changing your IP address on you LAN is not going to change a dam thing it's your public IP address from the router/modem you need to change and as i've pointed out switching your IP does next to nothing when it comes to getting Google off your tail.

Google runs a scripts and they know everything from what version of _javascript you are using to what software you have installed on your PC and the screen resolution plus your habits.

Lets say you delete your history, cookies, flash object (Cookies) and change your IP from 168.1.1.101 to 168.1.1.21 log back in then do a google to find this page and log on ATS to make a reply to this post.

We can see from the top of this page that google renders an image so google knows your here and knew 168.1.1.101 also viewed this page in the past with a very simular IP address to yours.

Now lets try the first method and look at the URL in the browser that is sent to google as the referer in the HTTP header for this page since your logged in to reply to this post.

abovetopsecret.com/forum/post.php?action=reply&fid=1&tid=564489&repquote=8663218

It's clean as far as i can see but many forums use an internal ID for each member and the URL would include something like www.????????&MemberID=12345678 so that would tie your old google ID back to you and they know it's you because you have logged in.

Plan B

after making your reply to this post you go to mail.com to read your emails and google also has code in the page (addscence is everywhere) well already bells are starting to ring because what are the chances of member X coming here and then going to any one of 1,000,000 hotmail type accounts and having a simular IP address to your old one ???

Already it looking bad but since they also know your user_agent from the HTTP request , your CPU make , What files you will accept in the Accept header then they are already on to you because it's very easy to match on the data shown below in the HTTP header.

GET / Http1.1
Connection: Keep-Alive
User-Agent: Mozilla/4.7 [Fr] (Win98; I)
Host: www.Google.com
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png,Word,Xls,pdf,plus other installed software
Accept-Encoding: gzip
UcPU : X86
Referer: www.abovetopsecret....???????????????
Accept-Language: Fr
Accept-Charset: iso-8859-1,*,utf-8

Now i've looked at some of the _javascript google runs in your browser and in addition to the above it also picks up about 50 other bits of information about the version of flash your using, screen resolution and a lot more than i care to remember.

Looking at the numbers it would be fair to say google is 99.9% certain it's you by now and i've not covered other methods they use or assumed your member ID was going be used in the URL of the browers for the rest of the week.

Even if you ignor all this and just know that Google is requesting a file called safebrowsing.xml that your browser downloads every hour and you also know that this file uses some funney encryption and google is sending encrypted data out from your browsers in the request for this file every hour then it's fair to assume google got you before you got out of bed this morning.

As we know google is good at sorting data and coming up with a match so it's fair to assume they are doing the same with all this data that they are going out there way to collect from you

a good tool to use is fiddler that shows you all the hidden calls and data being sent out from your browser and if you go to mail.com and keep pressing refresh on the main page without loging in then you will discover like i have done that this one single page, over time will connect you to over 100 tracking sites and if you start blocking these sites then they even try catching you out using private IP adresses.

Originally posted by ANOK
Again it is better to research solutions than whine about it and act like a defenseless victim...

Yes i agree and the way to fight back is to corrupt the data by having software that clicks every double click advert it sees and by sharing cookies plus runing random searches on google.

YouTube is owned by Google and they are upto all kinds of wierd stuff and it's a fair bet they share data with Google and the only good thing is Microsoft seems to be Googles number one enermy and i think it would be a very brave or stupid man that thinks they can stop MS coming in whenever they like and that includes all the ilegal windows copies everyone has.

As i have shown you can not run from these people and this is the only way i can see to fight back unless you let them win and turn your computer off.

Do you happen to know anything about CrossDomain.xls and can silverlight use it also ?

Originally posted by stumason
reply to post by mythatsabigprobe

 

How can they know what house contains what network?

The ISP tracks modem connections by MAC address. Their servers are programmed to allow communication with your Modem which is identified via MAC address. Forget IP Addressing. That can be changed internally via NAT (Network Address Translation). That is not so important.

The MAC address directly ties the billing account (which comes with a name and address) to a specific MAC address. The MAC address is simply listed on the bottom of the modem (cable/DSL). This is the address that is visible to the outside world.

The RIAA and Movie Houses love this tech as it pin-points someone's street address via their MAC address.

Beware - you can change the MAC addresses all you like - it's the modem's MAC address that is important.

The question is: Can a cable or DSL modem spoof a MAC address???

I don't think so.

Cloning MAC addresses usually happens after the modem has seen the net traffic and before your PC get the traffic - in other words at the router level.

Another question would be: Can you place a router before the modem and have another router after the modem? I don't see why not? Perhaps that would allow for a cloned (not real) MAC address to be visible at the hardware level.

-E2