New report analyzes online location privacy

New report analyzes online location privacy.

-- Tom

 

As far as I know a VPN will prevent any type of GEO location tracking. Does anyone know of any installed programs that might bypass this?

 

Firefox, Chrome, Opera.

Do a search on "W3C Geolocation API" and "Google Location Services"

IP address is just one method (and the least accurate, and least preferred) of determining geolocation. Firefox and Chrome 5 will take mac addresses of wireless access points that a computer can see and send them to Google Location Services and receive back a fairly accurate location. Phones use GPS or tower information.

Twitter just enabled (opt-in) geolocation stuff.

The upside is that, at least with Firefox, one can spoof the geolocation info sent to sites that request it and basically tell them you are where ever you want.

 

If I am using Xerobank, I am pretty sure that the only thing that a website can see is Xerobank.

Evidently firefox sees my geo location as being in whatever country the Xerobank exit node is in because it shows Google or Myspace etc... in that country's language.

If you can show me a test or proof of concept otherwise I would love to see it.

 

See my previous post.

The way the geolocation api works is that lacking any other basis for location info it falls back to IP address. So you are likely using a wired ethernet connection, or any wireless mac addresses that are visible to your computer aren't yet in the Google Location Services database. In either case the geolocation api uses method-of-last-resort and does what it can using your IP address, which in your case is the VPN egress IP.

On the other hand if you are using a wifi connection and there are access points visible to your computer whose mac addresses are in the Google Location Services database, which is likely unless you are in a rural area, if you are using recent builds of Firefox or Chrome (coming soon to Opera), then when you go to certain geolocation sites you'll get the pop-down asking to share your location. In that case Google's geolocation API won't be using your IP address, it will using wifi ap mac addresses.

 

That's just plain evil. That'd also be an issue for WiMax, yes?

 

I don't know. I haven't read anything about WiMax access point data being utilized by Google Location Svcs. They do use mobile phone tower data for geolocation for mobile phones though (if there's no GPS info)

I wouldn't call it evil. Geolocation data isn't sent without your permission. And with Firefox it can be permanently disabled (about:config, geo.enabled set to false), or spoofed for lulz.

 

What's evil is that it's enabled by default, and that momentary inattention could reveal your location. Also, if browsers are collecting geolocation data, I suspect that websites could collect it without asking.

 

Hi Guys

For people wanting to... Deactivate Location Aware Browsing In Firefox
But like myself... Maybe aren't quite so familiar with some of the deeper settings of Firefox
This Might Help: http://www.howtogeek.com/howto/1672/deactivate-location-aware-browsing-in-firefox-3.5/

Zeena

 

What about geo.wifi.uri?
Or, NetworkGeolocationProvider.js?

 

What if your VPN is blocked from your favorite websites?
Detecting and blocking proxy/VPN access seems not to be so difficult... Please read this thread!

 

geo.wifi.uri is the setting in about:config that points to the geolocation provider, which is Google Location Services at https://www.google.com/loc/json

You could change that to another provider or point it to a file.

NetworkGeolocationProvider.js is the actual Firefox javascript that handles all the geolocation stuff, getting the request from the site, talking to the geolocation provider, trying wifi, then IP location resolution, etc.

 

I find it more fun just to spoof other locations...
https://addons.mozilla.org/en-US/firefox/addon/14046

 

Mozillazine Forums
Found this after posting.

 

It's interesting that youtube still knows where I am when I upload videos, but it's probably just looking up my IP. When I zoom right in on the map I can see that my position is actually a few miles from where I am.

If my location was detected via wifi hotspots my position is correct to about 40-50 yards, which seems quite amazing.

 

Hi Jesus. I think it was you who suggested that a new technology that helped to apprehend child porn suspects was based on Geolocation. Do you remember the article? I can't find the original but this is another one. They say that the ISP has to install some software but that's all they have to do. The detectives have some way of using that software to pinpoint the suspect's location. They then drive there and point a device toward the house or apartment to verify the router.

http://www.geek.com/articles/chips/...-child-predators-using-the-internet-20090615/

I think they are probably working on ways to incorporate this technology on a much broader scale. And as the technology improves, it will become easier and easier to use. As it is now, they could probably use it legally for anything they like.