On Tue, 28 May 2024 00:37:49 -0600, Charlie wrote:

> Surveillance Risk: Apple's WiFi-Based Positioning System
> <https://www.govinfosecurity.com/surveillance-risk-apples-wifi-based-positioning-system-a-25330>

Why would Apple design a system so incredibly horrific against privacy?

Basically you can track anyone simply by asking Apple for their location.
No permission? No problem, says Apple. Here's their location & also the
location of the nearest 400 people to that person. How's that for privacy.

Researchers find Apple's Wi-Fi Positioning System represents a serious
privacy vulnerability.
<https://www.macworld.com/article/2343297/apple-wi-fi-network-wps-vulnerability-location-services-leak.html>

"Apple's WPS server sends up to 400 other known Wi-Fi networks that may be
in the approximate vicinity of the device as part of its crowdsourcing
location database.

From this list, the requesting device searches for eight possible variants
and calculates its location based on this data. Apple's WPS system, the iOS
device, and the router on which the network is based operate with the
so-called BSSIDs (Basic Service Set Identification) and usually correspond
to the MAC address of the device, which is static in most cases.

The request via Apple's APIs is free, so Rye and Levin sent 30 requests per
second with 100 guessed BSSIDs.

The information on the current static location alone is life-threatening in
the wrong hands, as it indicates the location data of the Ukrainian
military units and of refugees as they move about in the Gaza Strip.

With Apple & Google, you can add "_nomap" to your Access Point SSID.

However, Microsoft requires you to give them all your MAC addresses first!
https://account.microsoft.com/privacy/location-services-opt-out