Does browser AP sniffing for Geolocation detect *non* SSID broadcasters?
Most people have WiFi based Geolocation services enabled in their browser(s) and that relies upon detecting nearby APs and sending a list of AP descriptors (AP MAC, AP SSID, AP Signal Strength from the local computer's POV, .?.) to a Geolocation server. So even if you have Geolocation services disabled on your computers, your neighbors if close enough would likely be revealing the presence and location of your AP if you have one. Which I think would really only bite you if somehow your AP info is being inadvertently leaked by some software on your computer. Which shouldn't happen, but I wouldn't be surprised if it does in some scenarios.
I'm wondering if disabling SSID broadcast is a practical way to try to avoid getting caught up in that. Ultimately, disabling SSID broadcast doesn't truly protect you but in practice it *might* help you avoid this. At the very least, it could be argued that disabling SSID broadcast is expressing a desire not to have your AP information harvested by such systems and perhaps a case can be made against those who still do it.
Has anyone here looked into that or read of someone who has? You can, for example, create a geo.wifi.logging.enabled = true preference in Mozilla products and check the output in the Error Console. I believe that will show the URL that is passed to Google during Geolocation lookups which at the end has details about nearby APs. Perhaps other browsers also offer the ability to see what is being passed about nearby APs. FWIW, I tried to explore this via my notebook but for some reason couldn't get the Mozilla WiFi sniffing side of things to work.
|
September 13th, 2012, 05:26 PM
