Debunking the hysteria and paranoia about Google’s Street View Wi-Fi site surveys

Introduction

Over this last few weeks, there has been hysterical media and political activity in Europe and Australia concerning Google’s Street View activities. This activity has become focused on the collection of Wi-Fi network data by the Street Survey vehicles which grab the initial street images.

The hysteria focused on identifying details about Internet use and Wi-Fi devices that existed at individuals’ addresses and that this data could be used to spy on individuals.

The truth

Wi-Fi site surveys are a part of Wi-Fi networking life

The Wi-Fi site survey is associated with nefarious activities like wardriving but it is commonly practised as part of Wi-Fi network use.

When you want to connect to your Wi-Fi wireless network with a client device, you will come to a point in the device’s setup operation where you see a list of SSIDs, then you choose the SSID that you wish to connect to. This is an elementary form of a site survey.

This is extended to technology enthusiasts like myself who activate Wi-Fi network scanning functions on smartphones to see a list of wireless networks operating in the neighbourhood that they are in for curiosity’s sake. Here, we see the list of SSIDs and an icon beside each SSID that indicates whether the network is protected or not. The practice also extends to use of “Wi-Fi-finder” devices to look for open Wi-Fi networks.

Similarly, people who are optimising wireless networks will use software like inSSIDer (which I have reviewed) or HeatMapper for site surveys and wireless-network optimisation. This software can also yield information about the BSSID and operating channel for that particular SSID and more sophisticated versions can use spectrum analysers to determine interfering frequencies or determine the location using support for GPS modules.

This leads me to Navizon and Skyhook Wireless who have done these surveys in order to turn these beacons in to a location tool in a similar manner to GPS or mobile-phone-tower-based positioning. The most common application of this is the Apple iPhone platform which uses this information for locating the phone during setup, avoiding the need for users to determine their time zone or location.

What does my Wi-Fi network yield

A normally-setup wireless access point or router will send out a “beacon” with contains the following data:

  • SSID or ESSID which is the wireless network name
  • BSSID which is the MAC address for the access point’s radio transceiver. This MAC address does not have any relationship to the Ethernet MAC address or the broadband (WAN) interface’s MAC address on your wireless router.
  • Information required to determine security protocol to establish a successful conection

This data that is in this “beacon” is publicly available in a similar context to the information written on a vehicle’s registration label which would have the registration number (written on the number plates / license plates) and the VIN (vehicle identification number) for that vehicle.

It is also worth knowing that all access points and wireless routers have the option to turn off SSID broadcast. Here, you don’t have the SSID made available but have the network listed as a “hidden network” on some devices. This is something you can do in your router’s or access point’s Web-based management interface

When your network client devices are active in your wireless network and are “talking” to your wireless access point or router, they don’t broadcast an SSID or other beacon because they have “latched on” to that access point or router. This data will usually be encrypeted as part of the WPA security protocols that should be in place on your private wireless network.

Conclusion

Once you know how the Wi-Fi network works, you should then know that a site-survey operation should not gather the actual data that is moved across the network.

Latest Comments

  1. simonmackay 18/03/2016

Leave a Reply