Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

You have had a long-term stimulation relative to business.

comp / comp.mobile.android / Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)

SubjectAuthor
* Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)Andrews
`* Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)Jeff Liebermann
 `* Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)Arno Welzel
  +* Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)Andrews
  |`- Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)Arno Welzel
  `- Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)Jeff Liebermann

1
Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
From: Andrews
Newsgroups: comp.mobile.android, alt.internet.wireless
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Date: Tue, 29 Oct 2024 02:39 UTC
References: 1
Path: eternal-september.org!news.eternal-september.org!feeder2.eternal-september.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail
From: andrews@spam.net (Andrews)
Newsgroups: comp.mobile.android,alt.internet.wireless
Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
Date: Tue, 29 Oct 2024 02:39:21 -0000 (UTC)
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Message-ID: <vfphso$28r1$1@nnrp.usenet.blueworldhosting.com>
References: <vfhvpo$18uv$1@nnrp.usenet.blueworldhosting.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 29 Oct 2024 02:39:21 -0000 (UTC)
Injection-Info: nnrp.usenet.blueworldhosting.com;
logging-data="74593"; mail-complaints-to="usenet@blueworldhosting.com"
User-Agent: tin/1.6.2-20030910 ("Pabbay") (UNIX) (CYGWIN_NT-10.0-WOW/2.8.0(0.309/5/3) (i686)) Hamster/2.0.2.2
Cancel-Lock: sha1:ZBzEi9j/HHDXg/fNW6I/995p+Ko= sha256:2yXyg+8a70Im1tyrWXit0yDrhs7tpvpZ5SHuoxr25Dk=
sha1:HJ2+hPIlAv9I5UOypjBL3YI0yYs= sha256:exC9+U9w8F6XZ5rIIPhbvwaVFS5HiNPjzQ0KYyUZbFU=
View all headers

Andrews wrote on Sat, 26 Oct 2024 05:47:36 -0000 (UTC) :

> How do you spoof Wi-Fi location on Android?

I realized while answering Andy's questions that what is needed is not to
"spoof" any particular Wi-Fi access point location, but to zero it out.

That is, any app that requires Wi-Fi access point information would get
nothing so the app would have to fall back on GPS information instead.

Which can easily be spoofed.

Note: You don't use this stuff when you're routing; you use it for apps
like a weather app that don't really need your exact location but they
require it for the app to work (because they're mining your data).

So the question morphs to:
How to we make sure ZERO Wi-Fi access point data is utilized
when precise location is turned on with Google Location Accuracy?

Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
From: Jeff Liebermann
Newsgroups: comp.mobile.android, alt.internet.wireless
Date: Tue, 29 Oct 2024 17:17 UTC
References: 1 2
Path: eternal-september.org!news.eternal-september.org!feeder2.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: jeffl@cruzio.com (Jeff Liebermann)
Newsgroups: comp.mobile.android,alt.internet.wireless
Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
Date: Tue, 29 Oct 2024 10:17:03 -0700
Lines: 58
Message-ID: <rr32ijdg3r261u4sf4nk4un9juirrsfflv@4ax.com>
References: <vfhvpo$18uv$1@nnrp.usenet.blueworldhosting.com> <vfphso$28r1$1@nnrp.usenet.blueworldhosting.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Trace: individual.net c9QZjbT54OwKM1gBC7cy0QeCcDSBTCC9im0Lira45qbPaGVaMc
Cancel-Lock: sha1:YhFATZC/eVPzKim11/tMDjBvUQo= sha256:T60KrpYDzaizeH6hnNI1XZKPNqN2QV/FlJlEpigo+o0=
User-Agent: ForteAgent/8.00.32.1272
View all headers

On Tue, 29 Oct 2024 02:39:21 -0000 (UTC), Andrews <andrews@spam.net>
wrote:

>Andrews wrote on Sat, 26 Oct 2024 05:47:36 -0000 (UTC) :
>
>> How do you spoof Wi-Fi location on Android?
>
>I realized while answering Andy's questions that what is needed is not to
>"spoof" any particular Wi-Fi access point location, but to zero it out.
>
>That is, any app that requires Wi-Fi access point information would get
>nothing so the app would have to fall back on GPS information instead.
>
>Which can easily be spoofed.
>
>Note: You don't use this stuff when you're routing; you use it for apps
>like a weather app that don't really need your exact location but they
>require it for the app to work (because they're mining your data).
>
>So the question morphs to:
> How to we make sure ZERO Wi-Fi access point data is utilized
> when precise location is turned on with Google Location Accuracy?

I'm wondering if carrying a Wi-Fi access point around with you might
offer some benefits. Most (not all) Wi-Fi protocols allow only allow
your phone to join only one wi-fi network at a time. The older
protocols have this useful limitation. Later protocols, such as those
which support seamless roaming, can connect to more than one access
point.
<https://www.tp-link.com/us/support/faq/2097/>
Pre-authenticating, which requires joining more than one wi-fi network
at a time, might also be a problem. For example, the phone could
properly connect your pocket wi-fi access point, and then go wandering
off and roam to some other access point, which is connected to the
internet, in the hope of finding an access point with an internet
connection.

If your phone is connected to a wi-fi access point that is under your
control and is NOT connected to the internet, all the access point can
do is provide your position when it last connected to the internet. In
other words, instead of zero location data, give Google old or
erroneous location data.

Reminder. I'm retired and am not keeping up to date on such things. I
also don't have the time and resources to investigate this further. I
have no plans to do any testing. Also, thank you for the long lists
of URL's on the topic. I'm sure these would make interesting reading,
but right now, I'm dealing with other projects and have other
priorities.

--
Jeff Liebermann jeffl@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann AE6KS 831-336-2558

Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
From: Arno Welzel
Newsgroups: comp.mobile.android, alt.internet.wireless
Date: Wed, 30 Oct 2024 10:39 UTC
References: 1 2 3
Path: eternal-september.org!news.eternal-september.org!feeder2.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: usenet@arnowelzel.de (Arno Welzel)
Newsgroups: comp.mobile.android,alt.internet.wireless
Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
Date: Wed, 30 Oct 2024 11:39:52 +0100
Lines: 21
Message-ID: <loegnoFf10jU11@mid.individual.net>
References: <vfhvpo$18uv$1@nnrp.usenet.blueworldhosting.com>
<vfphso$28r1$1@nnrp.usenet.blueworldhosting.com>
<rr32ijdg3r261u4sf4nk4un9juirrsfflv@4ax.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Trace: individual.net zteq+aBfsG2ljBaPNB/UswedRJ7bGVo+IsZjan3YR879x/pmZo
Cancel-Lock: sha1:dgtASUeln6AWa1JMzLEhtvkQiMw= sha256:JUGFuWl9V2FcDQ+sdCuN5keR0ZOej2cRQYy56DhJLzA=
Content-Language: de-DE
In-Reply-To: <rr32ijdg3r261u4sf4nk4un9juirrsfflv@4ax.com>
View all headers

Jeff Liebermann, 2024-10-29 18:17:

> On Tue, 29 Oct 2024 02:39:21 -0000 (UTC), Andrews <andrews@spam.net>
> wrote:
[...]
>> So the question morphs to:
>> How to we make sure ZERO Wi-Fi access point data is utilized
>> when precise location is turned on with Google Location Accuracy?
>
> I'm wondering if carrying a Wi-Fi access point around with you might
> offer some benefits. Most (not all) Wi-Fi protocols allow only allow
[...]

I don't think so. Because this access point can be seen by *other*
devices which may report its current position. This is how Google learns
the positions of Wi-Fi access points anyway.

--
Arno Welzel
https://arnowelzel.de

Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
From: Andrews
Newsgroups: comp.mobile.android, alt.internet.wireless
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Date: Wed, 30 Oct 2024 13:55 UTC
References: 1 2 3 4
Path: eternal-september.org!news.eternal-september.org!feeder2.eternal-september.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail
From: andrews@spam.net (Andrews)
Newsgroups: comp.mobile.android,alt.internet.wireless
Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
Date: Wed, 30 Oct 2024 13:55:02 -0000 (UTC)
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Message-ID: <vftdrl$2eno$1@nnrp.usenet.blueworldhosting.com>
References: <vfhvpo$18uv$1@nnrp.usenet.blueworldhosting.com> <vfphso$28r1$1@nnrp.usenet.blueworldhosting.com> <rr32ijdg3r261u4sf4nk4un9juirrsfflv@4ax.com> <loegnoFf10jU11@mid.individual.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 30 Oct 2024 13:55:02 -0000 (UTC)
Injection-Info: nnrp.usenet.blueworldhosting.com;
logging-data="80632"; mail-complaints-to="usenet@blueworldhosting.com"
User-Agent: tin/1.6.2-20030910 ("Pabbay") (UNIX) (CYGWIN_NT-10.0-WOW/2.8.0(0.309/5/3) (i686)) Hamster/2.0.2.2
Cancel-Lock: sha1:WrH1UQM8qD/iFk0zZ7D5kx3d3oY= sha256:TB5dtB4PCofH3A37s3NlYMFD0cijyEg7F+HZ/qFn4JQ=
sha1:c0ZfPzpu/kfAvqoBadbc2zhM4v8= sha256:hv7n1p/zUXomfz9NpvQdOMCoz1MbuO7yAFQ8BMuYJiA=
View all headers

Arno Welzel wrote on Wed, 30 Oct 2024 11:39:52 +0100 :

> I don't think so. Because this access point can be seen by *other*
> devices which may report its current position. This is how Google learns
> the positions of Wi-Fi access points anyway.

With Jeff's suggestion, we're finally making progress on the solution.

What Arno said is true that any access point (that advertises itself on
airwaves as not hidden) will be seen (& uploaded) to the AP databases.

This upload is not done by you - but by all the rude people around you.
Which is pretty much everybody who owns an Android phone (9,999 of 10K).

For the one out of 10,000 people who doesn't want to be in the AP db
Google was forced to create an "opt out" mechanism to that upload.
<https://support.google.com/maps/answer/1725632>

Apple & Mozilla "say" they will respect Google's opt-out mechanism too.
Microsoft uses a different opt out, though, namely xxx_optout_nomap
<https://account.microsoft.com/privacy/location-services-opt-out>

Notice it "can take up to five business days" for these outfits to scrub
you from their access point databases, which means, effectively, as long as
a rude Android owner is near you within those five days, you're screwed.

That's why you also need to set your SSID broadcast to "hidden" since all
respectable companies will honor hidden broadcasts as "private" in intent.

Overall, that means your SSID needs only to have these three things:
a. You start with the Google/Mozilla/Apple opt out (SSID_nomap)
b. Then you add the Microsoft opt out (SSID_optout_nomap)
c. Then you turn off the public broadcast (aka, hidden network).
(See the sig for clarification on hiding the access point broadcast.)

I love that Jeff Liebermann has come up with a potential solution.
I will dig into the references to see if what he suggests might work.

Any other ideas for Wi-Fi access point privacy are invited as Jeff, Andy,
Arno and I seem to understand the goal of zeroing out Wi-Fi AP uploads
while we're forced to use precise location for apps that don't need it.

Note: We don't zero it out during routing - but an insect lookup app which
requires precise location doesn't really need it. They're mining you.
--
Every time I mention a hidden broadcast some pundit attacks me saying it
doesn't add "security" but we're not doing it for security. Most articles
on hiding the broadcast have no idea whatsoever why we're hiding it.

Hiding the network access point broadcast packet has one privacy downside
which is your phone tries to find it on its own; so you have to turn off
autoconnect (or geofence your attempts at connecting to your home AP).

Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
From: Jeff Liebermann
Newsgroups: comp.mobile.android, alt.internet.wireless
Date: Wed, 30 Oct 2024 18:06 UTC
References: 1 2 3 4
Path: eternal-september.org!news.eternal-september.org!feeder2.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: jeffl@cruzio.com (Jeff Liebermann)
Newsgroups: comp.mobile.android,alt.internet.wireless
Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
Date: Wed, 30 Oct 2024 11:06:20 -0700
Lines: 38
Message-ID: <mis4ij576ie05rvkojefddod1fhng0u4ci@4ax.com>
References: <vfhvpo$18uv$1@nnrp.usenet.blueworldhosting.com> <vfphso$28r1$1@nnrp.usenet.blueworldhosting.com> <rr32ijdg3r261u4sf4nk4un9juirrsfflv@4ax.com> <loegnoFf10jU11@mid.individual.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Trace: individual.net Te6i4t9dIC8ZqYt7+v4iNgEUgPMpzr1vDCvFsDKSkKqiFkZ7/X
Cancel-Lock: sha1:bWVjCbgYAkKRtNBfPDi6j7wlaOk= sha256:ZDV3yWzfmUZF8gJ6MetsyzaYgWx/G7mRI9ZEOlVfhvI=
User-Agent: ForteAgent/8.00.32.1272
View all headers

On Wed, 30 Oct 2024 11:39:52 +0100, Arno Welzel <usenet@arnowelzel.de>
wrote:

>Jeff Liebermann, 2024-10-29 18:17:
>
>> On Tue, 29 Oct 2024 02:39:21 -0000 (UTC), Andrews <andrews@spam.net>
>> wrote:
>[...]
>>> So the question morphs to:
>>> How to we make sure ZERO Wi-Fi access point data is utilized
>>> when precise location is turned on with Google Location Accuracy?
>>
>> I'm wondering if carrying a Wi-Fi access point around with you might
>> offer some benefits. Most (not all) Wi-Fi protocols allow only allow
>[...]
>
>I don't think so. Because this access point can be seen by *other*
>devices which may report its current position. This is how Google learns
>the positions of Wi-Fi access points anyway.

To get info about what an AP (access point) can hear, dumping the ARP
(address resolution protocol) table or collecting broadcasts seems
like likely methods. There are various ways to limit the scope of the
ARP table. The easiest way is to reduce the number of entries in the
table one entry and assign a static ARP entry. Only one pre-specified
device can connect. Another AP might be able to hear broadcasts from
the pocket AP, but I suspect that it will not add ARP table entries
for devices which cannot connect. This needs to be tested (not by
me).

Jitsi meeting beckons. Later...

--
Jeff Liebermann jeffl@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann AE6KS 831-336-2558

Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
From: Arno Welzel
Newsgroups: comp.mobile.android, alt.internet.wireless
Date: Thu, 31 Oct 2024 19:36 UTC
References: 1 2 3 4 5
Path: eternal-september.org!news.eternal-september.org!feeder2.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: usenet@arnowelzel.de (Arno Welzel)
Newsgroups: comp.mobile.android,alt.internet.wireless
Subject: Re: Was Google Location Accuracy (now is How to Spoof Wi-Fi Location)
Date: Thu, 31 Oct 2024 20:36:23 +0100
Lines: 24
Message-ID: <loi4hlF1im3U1@mid.individual.net>
References: <vfhvpo$18uv$1@nnrp.usenet.blueworldhosting.com>
<vfphso$28r1$1@nnrp.usenet.blueworldhosting.com>
<rr32ijdg3r261u4sf4nk4un9juirrsfflv@4ax.com>
<loegnoFf10jU11@mid.individual.net>
<vftdrl$2eno$1@nnrp.usenet.blueworldhosting.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Trace: individual.net k/SsjcHYukx50R13OGMr9A2/5av6P6h6ds0gCTeomfQSg+byM1
Cancel-Lock: sha1:bENgE802Fd94wHh5kpBxxBCpEo0= sha256:fCQhWhNhswZNcL11kGbrjmwJ+UnYRMbHzemqUgCt5no=
Content-Language: de-DE
In-Reply-To: <vftdrl$2eno$1@nnrp.usenet.blueworldhosting.com>
View all headers

Andrews, 2024-10-30 14:55:

> Arno Welzel wrote on Wed, 30 Oct 2024 11:39:52 +0100 :
>
>> I don't think so. Because this access point can be seen by *other*
>> devices which may report its current position. This is how Google learns
>> the positions of Wi-Fi access points anyway.
>
> With Jeff's suggestion, we're finally making progress on the solution.
>
> What Arno said is true that any access point (that advertises itself on
> airwaves as not hidden) will be seen (& uploaded) to the AP databases.
>
> This upload is not done by you - but by all the rude people around you.
> Which is pretty much everybody who owns an Android phone (9,999 of 10K).

Not *people* - *devices*! People just use their devices and may not even
be aware of this!

--
Arno Welzel
https://arnowelzel.de

1

rocksolid light 0.9.8
clearnet tor