How Does Location Work?

On Thu, 30 Apr 2015 21:04:12 -0700, "David Kaye"

HTML5 does geolocation.
<http://www.webcodegeeks.com/html5/html5-geolocation-example-weather-widget-demo/>
Your 12 year old computah is probably running XP, which does support
browsers that support HTML5.

The Geolocation API is supported by the following browsers and
smartphones. Minimum version requirements are mentioned as well.
Google Chrome 5.0
Internet Explorer 9.0
Firefox 3.5
Safari 5.0
Opera 16.0
Iphone 3.0
Android 2.0
Opera Mobile 10
Blackberry OS 6.0

Were you using any of these browsers?

HTML5 geolocation API:
<http://www.w3.org/TR/geolocation-API/>

Mozilla Firefox location aware browsing:
<https://www.mozilla.org/en-US/firefox/geolocation/>

Post by David Kaye
What's even odder was that on a mapping website the map located me to within
two blocks of where I live.

The NSA knows where you're hiding. Google does it by IP address (and
wi-fi SSID if available). I couldn't find much on accuracy and
methodology, but reading between the lines, my guess(tm) is that they
ping your IP address from various servers and triangulate using the
delays.

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

David Kaye

2015-05-01 10:33:36 UTC

Post by Jeff Liebermann
Google does it by IP address (and
wi-fi SSID if available).

This is what's perplexing. Does Google have some kind of relationship with
Comcast, allowing them to get my address, or at least my neighborhood from
IP assignments? Also, in the time I've lived here I've changed modems a
couple times and Comcast's DHCP has assigned other IPs when I've changed.
Also, one day when we had a 3-hour power failure going back online gave us a
different IP.

Yeah, I can understand getting location from SSID and MAC addresses, but I'm
getting this location info without using wi-fi.

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

Jeff Liebermann

2015-05-01 15:09:07 UTC

On Fri, 1 May 2015 03:33:36 -0700, "David Kaye"

Post by Jeff Liebermann
Google does it by IP address (and
wi-fi SSID if available).

Google doesn't need to involve Comcast. Getting your IP address is
fairly trivial if you have a program on your machine that talks to a
Google server. The obvious one is the Google Account, which I use to
access Gmail email, Google Apps, Google Drive, etc. Also, the browser
could be looking at a page that uses Google Analytics or something
that requires a Google based lookup (such as displaying an
advertisement), and you've accessed a Google server. I suspect it's
now considered standard practice for every connection to Google to
grab as much information about you that CGI, Javascript, and Java can
provide, all of which deliver your IP address. Basically, it's
difficult to use any computer that doesn't touch a Google server at
some point.

What your browser discloses:
<http://mybrowserinfo.com/detail.asp>
Your IP address is at the top of the list.

Firefox lets you turn geolocation off for their browser:
In the URL bar, type about:config
Type geo.enabled
Double click on the geo.enabled preference
Location-Aware Browsing is now disabled

Note that it uses Javascript. I'm not sure if turning off Javascript
will cause it to fumble.
<https://developers.google.com/maps/documentation/javascript/>

You can see if enable/disable works for Firefox at:
<https://developers.google.com/maps/documentation/javascript/examples/map-geolocation>
If you DON'T see a map, geolocation is turned off for that particular
site.

While it doesn't show if your browser hits Google ads or features, you
can see if your browser has looked at a Google site with:
<https://history.google.com/history/>
or just click the "clock" icon at the top of the page for history.

Google's privacy policy specifically allows them to collect your IP
address for location information:
<http://www.google.com/intl/en/policies/privacy/>
Location information
When you use Google services, we may collect and process
information about your actual location. We use various
technologies to determine location, including IP address, GPS,
and other sensors that may, for example, provide Google
with information on nearby devices, Wi-Fi access points and
cell towers.

Post by David Kaye
Yeah, I can understand getting location from SSID and MAC addresses, but I'm
getting this location info without using wi-fi.

Once Google has your IP address, the rest is triangulation by ping
latency. Since they're measuring latency to your router, not your
client computah, it doesn't change much, unless you move the router.
So, it's not tracking your location. It's tracking the location of
your router. As an experiment, you might want to try moving your
Comcast router to someone elses location that has cable. Two routers
on the same coax segment are not a problem and won't corrupt anything.
Then, see if your location has moved (or how long it takes to move).

Assuming they do use some form of ping to refine the location data, I
don't see how they do it if ICMP ping is turned off in the router. My
guess(tm) is that it's done backwards, where the geolocation API pings
various Google servers, and uses that information for triangulation.

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Julian Macassey

2015-05-01 16:38:56 UTC

Post by Jeff Liebermann
Google doesn't need to involve Comcast. Getting your IP address is
fairly trivial if you have a program on your machine that talks to a
Google server. The obvious one is the Google Account, which I use to
access Gmail email, Google Apps, Google Drive, etc. Also, the browser
could be looking at a page that uses Google Analytics or something
that requires a Google based lookup (such as displaying an
advertisement), and you've accessed a Google server. I suspect it's
now considered standard practice for every connection to Google to
grab as much information about you that CGI, Javascript, and Java can
provide, all of which deliver your IP address. Basically, it's
difficult to use any computer that doesn't touch a Google server at
some point.

Don't ya just love the Goggle monster? They want to know
all about you, yet when the chairman has data about him made
public he gets grumpy.

Remember their motto - "Don't be evil, that's our job".

Post by Jeff Liebermann
<http://mybrowserinfo.com/detail.asp>
Your IP address is at the top of the list.

With tor, this site thinks I am running Windows 7 in
France.

With Safari, this site thinks I am in Seattle,
Washington. It does get my IP right though.

Post by Jeff Liebermann
<https://developers.google.com/maps/documentation/javascript/examples/map-geolocation>
If you DON'T see a map, geolocation is turned off for that particular
site.

Safari gives me: "Google
404. That's an error.

The requested URL was not found on this server. That's all we
know."

Tor gives me: "Error: Your browser doesn't support
geolocation."

Post by Jeff Liebermann
While it doesn't show if your browser hits Google ads or features, you
<https://history.google.com/history/>
or just click the "clock" icon at the top of the page for history.

That seems to want me to log in with my google account
details.

Post by Jeff Liebermann
Google's privacy policy specifically allows them to collect your IP

Of course it does and as Bruce Schneier says, if
something is free, you are not the customer, you are the product.

They peddle your details. Privacy? Where do you think you
are?

--
"We can’t be successful unless we lie to customers.” Larry
Ellison to Bruce Scott.

David Kaye

2015-05-01 23:37:47 UTC

I have a Google account but the info in it is bogus because I don't trust
Google. I don't use the account for anything but to access a couple
features; I certainly don't use it for email.

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

n***@sbcglobal.net

2015-05-02 18:50:50 UTC

I have a Google account but the info in it is bogus because I don't trust
Google. I don't use the account for anything but to access a couple
features; I certainly don't use it for email.
---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

Being an Android developer Google knows all about me anyway so it doesn't matter. And I was at Google back in February.

Julian Macassey

2015-05-03 03:31:17 UTC

Post by n***@sbcglobal.net
Being an Android developer Google knows all about me anyway so it doesn't matter. And I was at Google back in February.

Could you get them to fix the broken wordwrap on their
usenet client?

It used to work, they broke it.

--
"C'est un Nagra. C'est Suisse, et tres, tres precis." - "Jules" in the
1981 French movie "Diva".

Kevin McMurtrie

2015-05-02 02:09:50 UTC

Post by Jeff Liebermann
On Fri, 1 May 2015 03:33:36 -0700, "David Kaye"

Post by Jeff Liebermann
Google does it by IP address (and
wi-fi SSID if available).

Google doesn't need to involve Comcast. Getting your IP address is
fairly trivial if you have a program on your machine that talks to a
Google server. The obvious one is the Google Account, which I use to
access Gmail email, Google Apps, Google Drive, etc. Also, the browser
could be looking at a page that uses Google Analytics or something
that requires a Google based lookup (such as displaying an
advertisement), and you've accessed a Google server. I suspect it's
now considered standard practice for every connection to Google to
grab as much information about you that CGI, Javascript, and Java can
provide, all of which deliver your IP address. Basically, it's
difficult to use any computer that doesn't touch a Google server at
some point.
<http://mybrowserinfo.com/detail.asp>
Your IP address is at the top of the list.
In the URL bar, type about:config
Type geo.enabled
Double click on the geo.enabled preference
Location-Aware Browsing is now disabled
Note that it uses Javascript. I'm not sure if turning off Javascript
will cause it to fumble.
<https://developers.google.com/maps/documentation/javascript/>
<https://developers.google.com/maps/documentation/javascript/examples/map-geol
ocation>
If you DON'T see a map, geolocation is turned off for that particular
site.
While it doesn't show if your browser hits Google ads or features, you
<https://history.google.com/history/>
or just click the "clock" icon at the top of the page for history.
Google's privacy policy specifically allows them to collect your IP
<http://www.google.com/intl/en/policies/privacy/>
Location information
When you use Google services, we may collect and process
information about your actual location. We use various
technologies to determine location, including IP address, GPS,
and other sensors that may, for example, provide Google
with information on nearby devices, Wi-Fi access points and
cell towers.

Post by David Kaye
Yeah, I can understand getting location from SSID and MAC addresses, but I'm
getting this location info without using wi-fi.

There is no such thing as triangulation by ping latency across routers.
It only works for line-of sight communications, like WiFi and cellular.

Google is geo-tagging WiFi access points using Android cell phones.
It's in the TOS when you use Google Location Services.

Post by Jeff Liebermann
Assuming they do use some form of ping to refine the location data, I
don't see how they do it if ICMP ping is turned off in the router. My
guess(tm) is that it's done backwards, where the geolocation API pings
various Google servers, and uses that information for triangulation.

--
I will not see posts from astraweb, theremailer, dizum, or google
because they host Usenet flooders.

Jeff Liebermann

2015-05-02 03:15:55 UTC

On Fri, 01 May 2015 19:09:50 -0700, Kevin McMurtrie

Post by Kevin McMurtrie
There is no such thing as triangulation by ping latency across routers.
It only works for line-of sight communications, like WiFi and cellular.

You may be right that Google isn't using ping triangulation. I really
don't know and will admit that I'm guessing.

Their Geolocation thing puts my Ben Lomond house in Soquel, and my
office in Santa Cruz in Pentaluma. If I query the other Geolocation
services, I get Scotts Valley, Boulder Creek, Campbell, Portola
Valley, and Santa Cruz (which is correct). So much for accuracy. To
see the mess, try my static IP of 50.79.215.121 in:
<http://www.iplocation.net>

In the distant past, I worked on a project to refine Geolocation using
ICMP ping. It failed because most routers now block ICMP echo to
eliminate IP reflection DoS attacks, because installing a client side
program to provide the necessary pings was deemed unacceptable, and
that arping was deemed politically incorrect. Hint:
<http://www.webopedia.com/TERM/P/ping_triangulation.html>

As for only working in a straight line, that's true except that a
route can be a series of straight lines, forming a curve. If you know
the geogrphic locations of the key ISP's, and you know the average
latency between them using traceroute, I can produce a tolerably
accurate location for any connection. Sure, there are plenty of error
sources, but overall, it's not too horrible.

Post by Kevin McMurtrie
Google is geo-tagging WiFi access points using Android cell phones.
It's in the TOS when you use Google Location Services.

Sure, but David Kaye's original question noted that Wi-Fi was not
involved.
"There is no wi-fi hooked to this computer, either. It's
Ethernet only."

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

David Kaye

2015-05-02 07:45:07 UTC

Post by Jeff Liebermann
If I query the other Geolocation
services, I get Scotts Valley, Boulder Creek, Campbell, Portola
Valley, and Santa Cruz (which is correct). So much for accuracy. To
<http://www.iplocation.net>

Heh...my address puts me in the city of Folsom.

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

d***@90.usenet.us.com

2015-05-05 00:41:58 UTC

Post by Jeff Liebermann
<http://mybrowserinfo.com/detail.asp>
Your IP address is at the top of the list.

Nobody cares about that IP address any more.

Post by Jeff Liebermann
Once Google has your IP address, the rest is triangulation by ping

shudder. Who is pinging? No driveby wifi can ping my addresses.
Ping latency from me to any number of servers is not helpful, except maybe
to detect my quadrant of the state, if that.

Post by Jeff Liebermann
So, it's not tracking your location. It's tracking the location of
your router.

I have proven that, when I moved. I left the cable modem behind, but took
my router, which was in the wrong place until I used Google Maps on my
phone.

Note: The geolocation doesn't work when I am connected to my VPN.
I added a route to cdn.mozilla.net outside of my VPN, and it worked in
Chrome, but still not in Firefox.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

Jeff Liebermann

2015-05-05 15:26:56 UTC

Post by Jeff Liebermann
<http://mybrowserinfo.com/detail.asp>
Your IP address is at the top of the list.

Nobody cares about that IP address any more.

If you think that they're tracking the MAC address of the router, that
would be difficult. Remote MAC addresses are not revealed by any of
the Javascript, CGI, HTML5, etc tools that I could find. Many users
transfer their PC's MAC address to the router WAN port in order to
deal with ancient authentication schemes. The originating MAC address
is stripped off by bridges, switches and router and cannot be sniffed
on the opposite side. The only way I would guess Google might obtain
the local MAC address is by having the browser supply it to Google
after perhaps running arp -a or something similar.

Post by Jeff Liebermann
Once Google has your IP address, the rest is triangulation by ping

shudder. Who is pinging? No driveby wifi can ping my addresses.
Ping latency from me to any number of servers is not helpful, except maybe
to detect my quadrant of the state, if that.

My mistake. I was guessing how Google might have refined David Kaye's
location without using wi-fi and speculated that it could be done with
ping. I did some work with that 20 years ago, and know that it can be
done. However, I didn't make it clear that this was my guess, not
some kind of inside information. Sorry(tm).

Post by Jeff Liebermann
So, it's not tracking your location. It's tracking the location of
your router.

I have proven that, when I moved. I left the cable modem behind, but took
my router, which was in the wrong place until I used Google Maps on my
phone.

Nice test. Thanks.

Post by d***@90.usenet.us.com
Note: The geolocation doesn't work when I am connected to my VPN.
I added a route to cdn.mozilla.net outside of my VPN, and it worked in
Chrome, but still not in Firefox.

For geolocation to work inside any browser, you need to first give
Google permission to use your location information. It's usually a
dialog that appears when you first connect to a site that requests
your location. If you said "allow" in Chrome, but "don't allow" in
Firefox, that would explain the difference.
<https://www.mozilla.org/en-US/firefox/geolocation/>
See: "How do I undo a permission granted to a site"?
I have mine set to "Use Default" except I can't find where to set the
default in Firefox.

Also, I have a suspicion that add-ons like this:
<https://addons.mozilla.org/en-us/firefox/addon/geolocater/>
might be responsible for some of the erronious geolocation returns.

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

d***@90.usenet.us.com

2015-05-05 17:38:29 UTC

Post by Jeff Liebermann
<http://mybrowserinfo.com/detail.asp>
Your IP address is at the top of the list.

Nobody cares about that IP address any more.

I misspoke that no one cares about the IP address. If nothing else is
available, they use that, and they want fast returns.
But, I think most people get supsiciously better location results than
ip2location.com delivers from your IP address. My home router is located
20 miles away by IP address.

Post by Jeff Liebermann
If you think that they're tracking the MAC address of the router, that
would be difficult. Remote MAC addresses are not revealed by any of

The MAC address of the WAP is certainly what they use. You used to be able
to look that up in a google database to show the location of a router.
http://samy.pl/androidmap/ worked well for me, once upon a time.
What do you supply to Google that lets them associate you to a known
router?

Post by Jeff Liebermann
For geolocation to work inside any browser, you need to first give
Google permission to use your location information. It's usually a

The difference for me yesterday, was VPN verses not VPN. If I provided a
secondary route to Mozilla, off my VPN, the geolocation worked. It also
worked if I was not connected to the VPN.

Today's observation: I clicked the location button in Google Maps. It
blinked for a while, and opened to the location of my cable-co egress to
the internet, presumably IP location. I had revoked, or maybe never given,
permission to Google Maps for location info in Chrome on this computer.
When I gave permission, the icon went blue, and changed to my correct
location.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

Jeff Liebermann

2015-05-05 23:38:59 UTC

Post by d***@90.usenet.us.com
But, I think most people get supsiciously better location results than
ip2location.com delivers from your IP address. My home router is located
20 miles away by IP address.

In my palatial office in Santa Cruz on Comcast, it claims I'm in
Boulder Creek, that I'm on a T1, and my domain is NFL.COM. Data in,
garbage out.

Post by d***@90.usenet.us.com
The MAC address of the WAP is certainly what they use. You used to be able
to look that up in a google database to show the location of a router.

Yes, that's true. However, the original problems was that David Kaye
did not have an active wireless router at his location.
"What's even odder was that on a mapping website the map located
me to within two blocks of where I live. There is no wi-fi hooked
to this computer, either. It's Ethernet only..."
It's easy for Google to do it via Wi-Fi because attempting to connect
to a wireless router not only delivers the MAC address, but also puts
Google on the LAN side of the router, not the WAN where there's a
firewall to keep Google honest. So, yes they can do it via Wi-Fi, but
the question is how do they do it from the internet side?

Post by d***@90.usenet.us.com
http://samy.pl/androidmap/ worked well for me, once upon a time.

Yeah, I remember that. It lasted for quite a while until something
screamed privacy.

Post by d***@90.usenet.us.com
What do you supply to Google that lets them associate you to a known
router?

With Wi-Fi, that's easy. MAC address and IP. No need to connect or
associate with the wireless router. The MAC address is never
encrypted or buried in Wi-Fi and is needed for the initial association
exchange. Just try to associate with the AP and the first thing it
delivers is the MAC address.

However, the WAN side is much more difficult. I'm not sure what is
supplied by the Google geolocation API.

Light reading:

Monitor the user's location
<https://developers.google.com/web/fundamentals/device-access/user-location/monitor-location?hl=en>

HTML5 for the Mobile Web - a guide to the Geolocation API
<http://mobiforge.com/design-development/html5-mobile-web-a-guide-geolocation-api>

7 Things You Should Know About the Geolocation API
<http://www.developer.com/lang/7-things-you-should-know-about-the-geolocation-api.html>

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

d***@90.usenet.us.com

2015-05-06 18:07:42 UTC

Post by Jeff Liebermann
Yes, that's true. However, the original problems was that David Kaye
did not have an active wireless router at his location.
"What's even odder was that on a mapping website the map located
me to within two blocks of where I live. There is no wi-fi hooked
to this computer, either. It's Ethernet only..."

I don't parse that the same way.
"There is no wi-fi hooked to this computer"
Might have been expanded to
"There is no wi-fi hooked to this computer, but the router to which I am
hardwired is a wifi router that I use every day with my tablet for
reviewing Google Maps."
His router data might already be in the Google Database.

A friend of mine was not aware that his 2-wire DSL modem, connected to one
computer in the house, had WiFi enabled, or that it even had WiFi.
I walked over, looked at the bottom of his router for "the key", and
connected my laptop.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

Jeff Liebermann

2015-05-07 02:06:20 UTC

Good point. The computah could get the MAC address and WAN side IP
address of the (wireless) router. It could NOT get the SSID of the
router. The Google geolocation API could send this information to
Google, which would then lookup the MAC address in it's Wi-Fi
database, and extract the SSID and wireless MAC address[1], which it
could then use to locate the computah based on previous drive-by
location information. I have no idea if Google actually does this,
but it's possible.

One of the Google geolocation API pages mumbled something about
expiring the collected data after about 30 days, but I can't seem to
find the URL right now.

Post by d***@90.usenet.us.com
A friend of mine was not aware that his 2-wire DSL modem, connected to one
computer in the house, had WiFi enabled, or that it even had WiFi.
I walked over, looked at the bottom of his router for "the key", and
connected my laptop.

Yep. I see that all the time. At least 2-wire was into installing
fairly unique SSID's and pre-assigning pass phrases. Some vendors
shipped their wireless routers with a wide open wireless connection
and no password. Fortunately, I don't see that too much these daze.

[1] The MAC address for the wireless port is different from the WAN
port, and different from each of the LAN ports. The typical home
wireless router has 6 MAC addresses. If the wireless router is dual
band (2.4/5GHz), it will have two wireless MAC addresses.

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Jeff Liebermann

2015-05-07 02:36:05 UTC

Post by Jeff Liebermann
[1] The MAC address for the wireless port is different from the WAN
port, and different from each of the LAN ports. The typical home
wireless router has 6 MAC addresses. If the wireless router is dual
band (2.4/5GHz), it will have two wireless MAC addresses.

A bit of clarification. An ethernet switch or wireless device does
NOT have a MAC address until something is connected to it. It then
picks up the MAC address of the connected device and uses that for
switching. In the case of a typical home router, the LAN side will
start with at least one MAC address, which is associated with the
router LAN IP address, and with the wireless. For example, my DD-WRT
based router shows:
Router Name DD-WRT
Router Model Buffalo WHR-HP-G54
LAN MAC 00:16:01:97:FD:A6
WAN MAC 00:16:01:97:FD:A7
Wireless MAC 00:16:01:97:FD:A8
WAN IP 63.249.85.127
LAN IP 192.168.1.1

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Steve Pope

2015-05-07 14:46:52 UTC

A bit of clarification. An ethernet switch or wireless device does
NOT have a MAC address until something is connected to it.

And here I thought every time a Wi-Fi device was shipped, it has
a unique MAC address. Same with ethernet devices.

I would expect a wireless router with a WAN port, four LAN ports
and WiFi to have three (perhaps more) MAC addresses assigned to
the LAN, WAN and WiFi interfaces. Of course you may not see
all (or any) of them in any given setup, due to spoofing etc.

Steve

Jeff Liebermann

2015-05-07 15:13:41 UTC

A bit of clarification. An ethernet switch or wireless device does
NOT have a MAC address until something is connected to it.

And here I thought every time a Wi-Fi device was shipped, it has
a unique MAC address. Same with ethernet devices.

As I understand it, a managed ethernet switch might have a MAC address
(and IP address) for configuation and monitoring. However, each port
on the ethernet switch does NOT have its own MAC address, but instead
uses the MAC address of whatever happens to be connected.
<http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/MACAddress.pdf>
To switch frames between LAN ports efficiently, the switch
maintains an address table. When the switch receives a frame,
it associates the media access control (MAC) address of the
sending network device with the LAN port on which it was received.

The easiest way to see that is on the label of the switch[1]. The
dumb switches do not have any MAC addresses listed on the serial
number label. Managed switches have one MAC address. Wireless access
points have at least two (LAN and wireless). Wireless routers have
one for the ethernet switch (used for setting up the IP address for
configuration), one each for the wireless radios, and one for each WAN
port.

Post by Steve Pope
I would expect a wireless router with a WAN port, four LAN ports
and WiFi to have three (perhaps more) MAC addresses assigned to
the LAN, WAN and WiFi interfaces. Of course you may not see
all (or any) of them in any given setup, due to spoofing etc.

Yep. That's the way it works. I haven't checked, but I think adding
multiple SSID's on a wireless router also creates additional MAC
addresses[2].

[1] One needs the MAC address in order to initially configure a
managed switch due to the lack of a DHCP or BOOTP server. Typically,
one simply assigns a static IP address with something like:
arp -s 192.168.1.55 00-11-22-33-44-55
and then uses the IP address to connect to the switch.

[2] Reminder: All wi-fi operates on layer 2, the MAC layer. The
only involvement of IP addresses (layer 3) in wi-fi is for
configuration and management.

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Steve Pope

2015-05-07 16:43:49 UTC

Post by Steve Pope
And here I thought every time a Wi-Fi device was shipped, it has
a unique MAC address. Same with ethernet devices.

As I understand it, a managed ethernet switch might have a MAC address
(and IP address) for configuation and monitoring. However, each port
on the ethernet switch does NOT have its own MAC address, but instead
uses the MAC address of whatever happens to be connected.
<http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/MACAddress.pdf>
To switch frames between LAN ports efficiently, the switch
maintains an address table. When the switch receives a frame,
it associates the media access control (MAC) address of the
sending network device with the LAN port on which it was received.
The easiest way to see that is on the label of the switch[1]. The
dumb switches do not have any MAC addresses listed on the serial
number label. Managed switches have one MAC address. Wireless access
points have at least two (LAN and wireless). Wireless routers have
one for the ethernet switch (used for setting up the IP address for
configuration), one each for the wireless radios, and one for each WAN
port.

I think we're in agreement that the wireless router should have
three assigned (i.e. hardware) MAC addresses. I do not think a
dual-band radio needs to have two actually.

Yep. That's the way it works. I haven't checked, but I think adding
multiple SSID's on a wireless router also creates additional MAC
addresses[2].
[1] One needs the MAC address in order to initially configure a
managed switch due to the lack of a DHCP or BOOTP server. Typically,
arp -s 192.168.1.55 00-11-22-33-44-55
and then uses the IP address to connect to the switch.
[2] Reminder: All wi-fi operates on layer 2, the MAC layer. The
only involvement of IP addresses (layer 3) in wi-fi is for
configuration and management.

I think where we may disagree is the extent to which various 802 devices
within these equipments have a hardware MAC address.

For example, suppose a desktop is connected by ethernet cable to the
LAN port on a router. The ethernet adapter in the desktop has
a MAC layer with a MAC address, and its peer on the other end is
the MAC layer of an ethernet adapter in the router, also with a
MAC address. The ethernet frames sent over that particular ethernet
cable contain these MAC addresses. I think if you tapped into
the cable with a network analyzer you would see these "hardware"
(factory-assigned) addresses on all frames. And, they would not change
after booting/configuration, but to the outside world, it is as
if they had changed. There is no need to spoof the MAC addresses
on that cable.

However, I could be wrong about this.

Steve

Roy

2015-05-07 18:11:07 UTC

Post by Steve Pope
And here I thought every time a Wi-Fi device was shipped, it has
a unique MAC address. Same with ethernet devices.

As I understand it, a managed ethernet switch might have a MAC address
(and IP address) for configuation and monitoring. However, each port
on the ethernet switch does NOT have its own MAC address, but instead
uses the MAC address of whatever happens to be connected.
<http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/MACAddress.pdf>
To switch frames between LAN ports efficiently, the switch
maintains an address table. When the switch receives a frame,
it associates the media access control (MAC) address of the
sending network device with the LAN port on which it was received.
The easiest way to see that is on the label of the switch[1]. The
dumb switches do not have any MAC addresses listed on the serial
number label. Managed switches have one MAC address. Wireless access
points have at least two (LAN and wireless). Wireless routers have
one for the ethernet switch (used for setting up the IP address for
configuration), one each for the wireless radios, and one for each WAN
port.

I think we're in agreement that the wireless router should have
three assigned (i.e. hardware) MAC addresses. I do not think a
dual-band radio needs to have two actually.

Yep. That's the way it works. I haven't checked, but I think adding
multiple SSID's on a wireless router also creates additional MAC
addresses[2].
[1] One needs the MAC address in order to initially configure a
managed switch due to the lack of a DHCP or BOOTP server. Typically,
arp -s 192.168.1.55 00-11-22-33-44-55
and then uses the IP address to connect to the switch.
[2] Reminder: All wi-fi operates on layer 2, the MAC layer. The
only involvement of IP addresses (layer 3) in wi-fi is for
configuration and management.

I think where we may disagree is the extent to which various 802 devices
within these equipments have a hardware MAC address.
For example, suppose a desktop is connected by ethernet cable to the
LAN port on a router. The ethernet adapter in the desktop has
a MAC layer with a MAC address, and its peer on the other end is
the MAC layer of an ethernet adapter in the router, also with a
MAC address. The ethernet frames sent over that particular ethernet
cable contain these MAC addresses. I think if you tapped into
the cable with a network analyzer you would see these "hardware"
(factory-assigned) addresses on all frames. And, they would not change
after booting/configuration, but to the outside world, it is as
if they had changed. There is no need to spoof the MAC addresses
on that cable.
However, I could be wrong about this.
Steve

MAC addresses are required for layer 2 endpoints. A router would have
one as well as the ethernet (or Wifi) adapter in your computer. A
switch (or hub) doesn't need a MAC unless it also an endpoint (usually
for management purposes). A switch that would be doing media conversion
(eg ethernet cable to fiber) probably would have a MAC.

MAC addresses could be a BIA (burned in address) aka UAA (Universal
Administer Address). The other possibility is a LAA (locally
administered address) that is set by software.

LAA ranges

x2-xx-xx-xx-xx-xx
x6-xx-xx-xx-xx-xx
xA-xx-xx-xx-xx-xx
xE-xx-xx-xx-xx-xx

Steve Pope

2015-05-07 18:39:39 UTC

Post by Roy

Post by Steve Pope
For example, suppose a desktop is connected by ethernet cable to the
LAN port on a router. The ethernet adapter in the desktop has
a MAC layer with a MAC address, and its peer on the other end is
the MAC layer of an ethernet adapter in the router, also with a
MAC address. The ethernet frames sent over that particular ethernet
cable contain these MAC addresses. I think if you tapped into
the cable with a network analyzer you would see these "hardware"
(factory-assigned) addresses on all frames. And, they would not change
after booting/configuration, but to the outside world, it is as
if they had changed. There is no need to spoof the MAC addresses
on that cable.
However, I could be wrong about this.

MAC addresses are required for layer 2 endpoints. A router would have
one as well as the ethernet (or Wifi) adapter in your computer.

Okay

Post by Roy
A switch (or hub) doesn't need a MAC unless it also an endpoint (usually
for management purposes). A switch that would be doing media conversion
(eg ethernet cable to fiber) probably would have a MAC.
MAC addresses could be a BIA (burned in address) aka UAA (Universal
Administer Address). The other possibility is a LAA (locally
administered address) that is set by software.
LAA ranges
x2-xx-xx-xx-xx-xx
x6-xx-xx-xx-xx-xx
xA-xx-xx-xx-xx-xx
xE-xx-xx-xx-xx-xx

Thanks. So my example above is perhaps wrong -- perhaps after
configuration, the Ethernet frames emerging from the desktop
have a destination MAC address that is an LAA, rather than the BIA
of an Ethernet adapter in the router.

I can see doing it either way.

Steve

Jeff Liebermann

2015-05-07 22:54:16 UTC

Post by Steve Pope
I think we're in agreement that the wireless router should have
three assigned (i.e. hardware) MAC addresses. I do not think a
dual-band radio needs to have two actually.

Dual band radio requires a MAC address for each band or bridging
between the two radios would not work. That was a problem in some of
the early dual band wireless access points. You could connect to the
internet using either band, but you couldn't bridge from one band to
the other. I just looked at a few dual band wireless routers in my
pile and all of them have individual MAC addresses for each band.

Post by Steve Pope
I think where we may disagree is the extent to which various 802 devices
within these equipments have a hardware MAC address.

Methinks Roy explained it quite well.

However, life is more complexicated than that. An extreme example are
the various Xirrus access points, which can have up to 16 physical and
16 emulated radios.
<http://www.xirrus.com/product-comparison/>
Each radio, physical or virtual, gets its very own MAC address. You
could put all the radios under the same SSID, as is commonly done in
"campus" networks, where there is only one visible SSID, but many MAC
addresses, one for each access point radio. I worked with a prototype
AP that had a 900 MHz, 2.4GHz, and 5GHz radios in one box, each radio
with a different MAC address.

Much of the wi-fi analyzer software shows this. This week, my favored
program is WiFi Analyzer for Android:
<https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer>
My Google Nexus 7 Tablet is dual band and shows different MAC
addresses for each radio on each band. If I look at the hotel near my
office, it shows about 8 access points under the same SSID with
different SSID's for each band. Same at other "campus" installations.
I can do screen grabs of some of this, but not today.

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Steve Pope

2015-05-07 23:33:03 UTC

Post by Steve Pope
I think we're in agreement that the wireless router should have
three assigned (i.e. hardware) MAC addresses. I do not think a
dual-band radio needs to have two actually.

Dual band radio requires a MAC address for each band or bridging
between the two radios would not work.

I agree. But, most dual-band WiFi implementations do not
contain two radios, they contain only one dual- (or multi-) band
radio, along with one baseband processor, and one lower MAC; and have
a single BIA MAC address (using Roy's terminology).

There may be situations where such a single-radio dual-band WiFi
device could be made to made to look like it is bridging between two bands
(or for that matter, between two different channels in the same band).

Post by Jeff Liebermann
Methinks Roy explained it quite well.
I worked with a prototype
AP that had a 900 MHz, 2.4GHz, and 5GHz radios in one box, each radio
with a different MAC address.

Sounds pricey ... but one assumes, targeted for bridging applications.

I can almost guarantee you that when 802.11ah (900 MHz WiFi) devices
become widely available, none of them will have a separate 900 MHz
radio, they will all be dual- or most likely tri-band radios.

What you might at that point see is AP's that contain three
tri-band WiFi chips, each configured to operate in only one band.
(Just a prediction, based on what I'm seeing being designed.)

Steve

Jeff Liebermann

2015-05-09 00:52:24 UTC

Post by Steve Pope
I think we're in agreement that the wireless router should have
three assigned (i.e. hardware) MAC addresses. I do not think a
dual-band radio needs to have two actually.

Dual band radio requires a MAC address for each band or bridging
between the two radios would not work.

I agree. But, most dual-band WiFi implementations do not
contain two radios, they contain only one dual- (or multi-) band
radio, along with one baseband processor, and one lower MAC; and have
a single BIA MAC address (using Roy's terminology).
There may be situations where such a single-radio dual-band WiFi
device could be made to made to look like it is bridging between two bands
(or for that matter, between two different channels in the same band).

Well, yes if it's a client. In the current way of doing things, you
can only connect to a single access point with a client radio. Yes, I
know there are new and wonderful protocols and hacks that allow more
than one connection, but I'm talking about the typical client radio,
such as a laptop, tablet, or smartphone. So, for one of these client
radios, you only need one MAC address because one never has both bands
connected to something at the same time. Dual band wireless sniffing
doesn't count because the client radio never associates with any of
the AP's (or clients) that it's sniffing.

Well, let's see if that's true. My Google Nexus 7 (2013) does dual
band and uses a Qualcomm/Atheros WCN3660 chip:
<https://chipworks.secure.force.com/catalog/ProductDetails?sku=QUA-WCN3660>
For a nominal $5,000, I get to find out what's inside without an NDA:
<http://www.chipworks.com/TOC/Qualcomm_WCN3660_Wireless_Combo_Chip_FAR-1208-803_TOC.pdf>
The press release doesn't help much:
<https://www.qualcomm.com/news/releases/2011/05/31/qualcomm-atheros-announces-highly-integrated-connectivity-solution-superior>
Ah... it has a LTE/ISM coexistence which implies that only one radio
is on at a time. Ok, it's one radio with BT/LTE/WiFi on only one at a
time.

I'm having a hell of a time finding an app that will deliver my
tablet's MAC address. So far:
Settings -> WiFi -> Advanced
shows the same MAC address for whether I connect to my router on 2.4
or 5GHz. So, for the client, it's probably a single MAC address for
the device.

However, looking at all the dual band wireless routers on the shelf,
all of them have a different MAC address for each radio and most seem
to have different chips for 2.4 and 5GHz. For example, I've been
pushing Linksys EA2700 routers (because I got a bunch of them cheap).
<http://www.smallnetbuilder.com/wireless/wireless-reviews/31738-cisco-linksys-ea2700-gigabit-dual-band-wireless-n600-router-reviewed>
It uses a Broadcom BCM47186 for 2.4Ghz and a BCM43236 for 5GHz. See
photo and notice that the 2x antennas each go to a separate shielded
section on the PCB.

If I do find a wireless router with only one Wi-Fi chip, I would also
expect to find that it won't do 2.4/5 Ghz simultaneously and if it did
happen to support 2.4 <-> 5Ghz bridging, it would be dreadfully slow
due to multiplexing.

Post by Jeff Liebermann
I worked with a prototype
AP that had a 900 MHz, 2.4GHz, and 5GHz radios in one box, each radio
with a different MAC address.

Sounds pricey ... but one assumes, targeted for bridging applications.

Yep. It died after the first prototype. This was long before
802.11ah. Ubiquiti was selling their flavor of 900 Mhz 802.11 style
chips, which was suppose to be an option. It had 4 mini-PCI slots
that could handle various combinations of radios. My job was keeping
the radios from desensitizing and interfering with each other. I'm
rather glad it died because I the coupling was so horrible, that I
don't think I could have made it work without expensive shielding.

Post by Steve Pope
I can almost guarantee you that when 802.11ah (900 MHz WiFi) devices
become widely available, none of them will have a separate 900 MHz
radio, they will all be dual- or most likely tri-band radios.

I would agree for the client side (tablets, smartphones, and laptops).
I'll disagree for the wireless router side, which methinks needs
separate radios or the performance will be disgusting and bridging
between wireless ports will be slow or impossible.

Post by Steve Pope
What you might at that point see is AP's that contain three
tri-band WiFi chips, each configured to operate in only one band.
(Just a prediction, based on what I'm seeing being designed.)

I think Xirrus does exactly that. You plug in a "radio" module, and
program it to do whatever you want. I'm not sure if the antenna needs
to be swapped.

Drivel: Typical Friday. UPS and Fedex arrive with the parts I've
been waiting for all week just before I try to leave. So, I get to
work all night. Argh.

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

d***@90.usenet.us.com

2015-05-08 18:15:40 UTC

Post by Steve Pope
I think we're in agreement that the wireless router should have
three assigned (i.e. hardware) MAC addresses. I do not think a
dual-band radio needs to have two actually.

Needs? Spoofs? Clones?

The dual-band Asus RT-N56U shows two MAC addresses in total.

From the Asus management Web page
WAN MAC is blank unless the Clone option was used.
LAN MAC address 10:C3:7B:22:BC:71
Wireless 2.4GHz MAC address 10:C3:7B:22:BC:70
Wireless 5GHz MAC address 10:C3:7B:22:BC:71
The printed label on the back is MAC: 10C37B22BC70

Viewed from the Cable Modem Addresses page:
Known CPE MAC Address 10:C3:7B:22:BC:70

The asus "dummy ui" online
http://event.asus.com/2009/networks/dummy_ui/en/index.html
WAN MAC 20CF300F3E77
2.4 GHz MAC 20:CF:30:B7:80:57
5 GHz MAC 20:CF:30:B7:80:58

The WAN is quite different.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

d***@90.usenet.us.com

2015-05-07 06:46:28 UTC

On my Asus NT-56U, the LAN MAC is the same as the 5GHz address, and the 2.4
GHz address differs by one digit, which is repeated as the WAN MAC.

From the admin page for "Network Map":
LAN MAC address 10:C3:7B:22:BC:71
Wireless 2.4GHz MAC address 10:C3:7B:22:BC:70
Wireless 5GHz MAC address 10:C3:7B:22:BC:71
It offers the ability to "MAC Clone", but the box with the WAN MAC address
is currently empty.
Viewed from the Cable Modem Addresses page:
Known CPE MAC Address 10:C3:7B:22:BC:70 is the same as the 2.4 GHz MAC.

This agrees with "iwlist scanning" and "arp -a" on a Linux box.
Hey! iwlist says the 2.4GHz is :70, but arp -a says :71
iwconfig says 2.4GHz, :70. The label on the box says :70
upnp says :71.
the ipv6 address of the router has "BC71" in it.

I've always figured that Google would add/subtract 1 to find suitable MACs
in the same router in its database. That might come up wrong, but you
already have ip2location for a reasonablness test. And the 12 other
routers in the area that are in the database.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

David Kaye

2015-05-07 03:31:51 UTC

Post by d***@90.usenet.us.com
I don't parse that the same way.
"There is no wi-fi hooked to this computer"
Might have been expanded to
"There is no wi-fi hooked to this computer, but the router to which I am
hardwired is a wifi router that I use every day with my tablet for
reviewing Google Maps."
His router data might already be in the Google Database.

A couple things here. We used to have the wi-fi turned on, but that was
used to link an old Dell desktop to the router rather than run wires. I do
use a tablet from time to time, but I don't use it on our own router; I use
it on a neighbor's Comcast wi-fi. Also, my tablet either doesn't have GPS
or it's broken because I keep getting messages on things like boating apps
that tell me I'll have to set my location manually because they can't detect
my location.

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

d***@90.usenet.us.com

2015-05-05 18:11:30 UTC

Post by Jeff Liebermann
If you think that they're tracking the MAC address of the router, that
would be difficult.

upnp calls reveal the "serial number" of routers, which looks just like the
MAC address, but geolocation works with no upnp.
As you mentioned, someone might clone their PC MAC onto the router, so your
laptop MAC might be stored as the MAC of the router in the geolocation
database.

So, what might the by-guess-and-by-golly method be?
Try upnp, get a known Router Mac in the geo-database: done.
Check the external IP, locate that in a genaric ip2location, <sigh>, keep
looking for a better location.
Look for the external IP in the database, maybe a good hit, maybe not,
since a Google Maps phone probably did a nice job of providing mac, ip, and
location. If the address hasn't been reassigend, that might be stable, but
untrusted.

There was a time when cellular modems returned awkward results, but those
were stripped from the database for known MACs.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

Steve Pope

2015-05-05 18:24:16 UTC

Post by Jeff Liebermann
If you think that they're tracking the MAC address of the router, that
would be difficult.

upnp calls reveal the "serial number" of routers, which looks just like the
MAC address, but geolocation works with no upnp.
As you mentioned, someone might clone their PC MAC onto the router, so your
laptop MAC might be stored as the MAC of the router in the geolocation
database.
So, what might the by-guess-and-by-golly method be?
Try upnp, get a known Router Mac in the geo-database: done.
Check the external IP, locate that in a genaric ip2location, <sigh>, keep
looking for a better location.
Look for the external IP in the database, maybe a good hit, maybe not,
since a Google Maps phone probably did a nice job of providing mac, ip, and
location. If the address hasn't been reassigend, that might be stable, but
untrusted.
There was a time when cellular modems returned awkward results, but those
were stripped from the database for known MACs.

802 has been considering protocols that allow (or perhaps, even require)
MAC layer devices to appear to have randomized MAC addresses. Kind
of the opposite of the original intent of a MAC address.

This is still in the early stages, and of course will not apply
to cellular.

Steve

Roy

2015-05-05 19:26:35 UTC

Post by Jeff Liebermann
If you think that they're tracking the MAC address of the router, that
would be difficult.

upnp calls reveal the "serial number" of routers, which looks just like the
MAC address, but geolocation works with no upnp.
As you mentioned, someone might clone their PC MAC onto the router, so your
laptop MAC might be stored as the MAC of the router in the geolocation
database.
So, what might the by-guess-and-by-golly method be?
Try upnp, get a known Router Mac in the geo-database: done.
Check the external IP, locate that in a genaric ip2location, <sigh>, keep
looking for a better location.
Look for the external IP in the database, maybe a good hit, maybe not,
since a Google Maps phone probably did a nice job of providing mac, ip, and
location. If the address hasn't been reassigend, that might be stable, but
untrusted.
There was a time when cellular modems returned awkward results, but those
were stripped from the database for known MACs.

802 has been considering protocols that allow (or perhaps, even require)
MAC layer devices to appear to have randomized MAC addresses. Kind
of the opposite of the original intent of a MAC address.
This is still in the early stages, and of course will not apply
to cellular.
Steve

Also IPv6 is a factor. Under Stateless Address Assignment IPv6
addresses will be built from a combination of the Layer 3 subnet prefix
and the MAC address of the client.

Steve Pope

2015-05-05 20:23:04 UTC

Post by Roy

Post by Steve Pope
802 has been considering protocols that allow (or perhaps, even require)
MAC layer devices to appear to have randomized MAC addresses. Kind
of the opposite of the original intent of a MAC address.

Also IPv6 is a factor. Under Stateless Address Assignment IPv6
addresses will be built from a combination of the Layer 3 subnet prefix
and the MAC address of the client.

Interesting. I assume IETF is doing the Stateless Address Assignment.
They usually coordinate well with 802, so probably everything is okay.

S.

Kevin McMurtrie

2015-05-06 05:16:24 UTC

Post by Jeff Liebermann
<http://mybrowserinfo.com/detail.asp>
Your IP address is at the top of the list.

Nobody cares about that IP address any more.

Post by Jeff Liebermann
Once Google has your IP address, the rest is triangulation by ping

shudder. Who is pinging? No driveby wifi can ping my addresses.
Ping latency from me to any number of servers is not helpful, except maybe
to detect my quadrant of the state, if that.

Post by Jeff Liebermann
So, it's not tracking your location. It's tracking the location of
your router.

I have proven that, when I moved. I left the cable modem behind, but took
my router, which was in the wrong place until I used Google Maps on my
phone.

Nice test. Thanks.

Not correct.

You need to give permission for the transfer of Google Location data via
the browser to another site. Any site may look up your location
directly via IP address. Once permission is given, the mapping can
remain on the server forever.

Post by Jeff Liebermann
<https://www.mozilla.org/en-US/firefox/geolocation/>
See: "How do I undo a permission granted to a site"?
I have mine set to "Use Default" except I can't find where to set the
default in Firefox.
<https://addons.mozilla.org/en-us/firefox/addon/geolocater/>
might be responsible for some of the erronious geolocation returns.

--
I will not see posts from astraweb, theremailer, dizum, or google
because they host Usenet flooders.

n***@sbcglobal.net

2015-05-06 19:13:47 UTC

Post by Kevin McMurtrie

Post by Jeff Liebermann
<http://mybrowserinfo.com/detail.asp>
Your IP address is at the top of the list.

Nobody cares about that IP address any more.

Post by Jeff Liebermann
Once Google has your IP address, the rest is triangulation by ping

shudder. Who is pinging? No driveby wifi can ping my addresses.
Ping latency from me to any number of servers is not helpful, except maybe
to detect my quadrant of the state, if that.

Post by Jeff Liebermann
So, it's not tracking your location. It's tracking the location of
your router.

I have proven that, when I moved. I left the cable modem behind, but took
my router, which was in the wrong place until I used Google Maps on my
phone.

Nice test. Thanks.

Not correct.
You need to give permission for the transfer of Google Location data via
the browser to another site. Any site may look up your location
directly via IP address. Once permission is given, the mapping can
remain on the server forever.

--
I will not see posts from astraweb, theremailer, dizum, or google
because they host Usenet flooders.

When they rely on IP address it will show Santa Clara which is a good 35 miles from where I am.

For my Android apps I sync with the satellites first and if they won't sync up within 1.5 minutes then I take the network location which will work okay for my users. If that doesn't work then it takes "last known good location." My users can decide whether they want to use GPS or not and it's not on by default.

d***@90.usenet.us.com

2015-05-07 06:52:40 UTC

Post by n***@sbcglobal.net
When they rely on IP address it will show Santa Clara which is a good 35
miles from where I am.

If you are referring to ip2location, sure, but Google might also have an IP
address of the router in it's high granularity database. The ip2location
addresses are input by the operator, if I recall correctly. I think there
was something like E911 in the works 10 years ago, but I don't recall the
details.

Post by n***@sbcglobal.net
For my Android apps I sync with the satellites first and if they won't
sync up within 1.5 minutes then I take the network location which will work
okay for my users. If that doesn't work then it takes "last known good
location." My users can decide whether they want to use GPS or not and
it's not on by default.

How do you "sync with the satellites first"? Do you turn off WiFi?
For Android apps, the fastest satellite lock is to let it use WiFi and
Google for coarse positioning first, so it knows which satellites should be
visible.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

n***@sbcglobal.net

2015-05-07 18:38:20 UTC

Post by n***@sbcglobal.net
When they rely on IP address it will show Santa Clara which is a good 35
miles from where I am.

The GPS API lets you prioritize. My use is for people on the go who need the present location not some wifi they're connected to. You can look up examples in the Android SDK. But yes, the kids at Google tend to think the whole world is connected via wifi all the time. That's a very narrow and inexperienced view.

Jeff Liebermann

2015-05-07 23:05:42 UTC

... the kids at Google tend to think the whole world is connected via wifi
all the time. That's a very narrow and inexperienced view.

Yep, and it causes some oddities. I just bought a new bottom of the
line smartphone (Motorola Moto G first generation) which in Android
4.4.4 has a setting:
Settings -> Wifi -> Advanced
Scanning Always Available
Let Google's Location service and other apps scan for
networks, even when Wi-Fi is off.

When it does scan and find another network, it doesn't come back to
the original SSID. The problem manifests itself when I'm connected to
my nice strong wireless router in my palatial office. The phone goes
into standby after a few minutes. While in standby, Google decides
it's time to phone home and send Google my location. Even though it
could easily reconnect to my SSID, it decides to scan for access
points instead. For some unknown reason, xfinitywifi is always the
first choice, even if the signal is weak, and the previously connected
SSID is present and has a strong signal. I have "Keep Wi-Fi on during
sleep = always" selected, which is not the problem. My phone connects
to xfinitywifi, but does not successfully transfer my location because
Comcast demands a login and password and the Wi-Fi manager does not
store browser based login/password pairs. Sometime later, I punch a
button to kick my phone out of standby, and find myself connected to
xfinitywifi, instead of my office router. It's quite consistent and
happens every time. The only way I can make it work is to disable
scanning for location service.

Assumption, the mother of all screwups.

--
Jeff Liebermann ***@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

d***@90.usenet.us.com

2015-05-08 18:30:22 UTC

Post by n***@sbcglobal.net
The GPS API lets you prioritize. My use is for people on the go who need the present location not some wifi they're connected to. You can look up examples in the Android SDK. But yes, the kids at Google tend to think the whole world is connected via wifi all the time. That's a very narrow and inexperienced view.

Letting the Wifi assist WiFi should be faster getting the satellite lock,
but you will get your gps location. Do you think that's not true?
That would be a defect in your GPS App.

There is a set of Wifi locations cached in your Android device that may or
may not be helpful when you try to get satellite lock, and are offline.

I find this google API to be well aware of what is connected and not.

I find Google Maps to be a little slow on the uptake...
It sometimes fails to map because I happened to drive by someone's homw ith
an Xfinitywifi for me to poach. Moments later, out of range of that WiFi,
it will route. That is on the internet lookup side, though, not GPS.

I find other programs brain dead in the connected/not connected area. If I
launch them from my driveway and drive away, they just don't work... they
don't give up on the WiFi connection and use cellular. Or if there is
cellular in a sporadic area, the app never comes up.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

n***@sbcglobal.net

2015-05-09 20:52:03 UTC

Letting the Wifi assist WiFi should be faster getting the satellite lock,
but you will get your gps location. Do you think that's not true?
That would be a defect in your GPS App.
There is a set of Wifi locations cached in your Android device that may or
may not be helpful when you try to get satellite lock, and are offline.
I find this google API to be well aware of what is connected and not.
I find Google Maps to be a little slow on the uptake...
It sometimes fails to map because I happened to drive by someone's homw ith
an Xfinitywifi for me to poach. Moments later, out of range of that WiFi,
it will route. That is on the internet lookup side, though, not GPS.
I find other programs brain dead in the connected/not connected area. If I
launch them from my driveway and drive away, they just don't work... they
don't give up on the WiFi connection and use cellular. Or if there is
cellular in a sporadic area, the app never comes up.
--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

I'm not saying that it always takes a minute and a half. Often around here it doesn't at all, just a few seconds. In other parts of the world it may take longer. Sometimes if you're indoors it can take a while otherwise outside faster.

A friend who worked for a company in the 1980s which developed GPS receivers marvel at being able to do it on a smartphone because back then it took a rack of equipment.

d***@90.usenet.us.com

2015-05-06 19:04:01 UTC

Many users transfer their PC's MAC address to the router WAN port in

The MAC on the WAN side of a local router would have very limited
visibility. The WiFi user can't see it, it is only visible to the next
hop, the cable modem.

If your phone is connected via WiFi, you have a router MAC visible to you
that you politely pass along to Google along with MACs of other WAPs in the
neighborhood. Any wifi-but-not-gps enabled user can utilize that list of WAPs
for gelocation from Google.

My router provides the same MAC address to WiFi as it does to LAN Ethernet,
according to arp -a, so that lookup would be identical, in the Google Database.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

Julian Macassey

2015-05-01 16:20:51 UTC

Post by Jeff Liebermann
On Thu, 30 Apr 2015 21:04:12 -0700, "David Kaye"

Out of curiosity, I brought up http://www.wunderground.com

First using the tor browser. The website had no idea
where I was and gave me a generic world page.

Then I used Safari. It thought I was in Washington State
which seems to be the hub for my ISP, I get that as my location
usually.

So, my guess is that the geo-location is working off a
map of IPs.

I have a static IP.

--
Banks are an almost irresistible attraction for that element of
our society which seeks unearned money. - J. Edgar Hoover

Kevin McMurtrie

2015-05-01 05:05:42 UTC

Post by David Kaye
I went to Weather Underground (wunderground.com) and my browser asked if I
wanted to share my location with the website. I said yes and it located me
in San Francisco, though I am using a 12 year old desktop computer with no
geolocation hardware on it.
What's even odder was that on a mapping website the map located me to within
two blocks of where I live. There is no wi-fi hooked to this computer,
either. It's Ethernet only. And yet my Comcast IP usually indicates Santa
Clara when I look it up, or if it does say SF, then it locates to the Folsom
Street intertie. How to the map and the Wunderground websites know?
I'm assuming that some cookies have been dropped somewhere, but when I
turned off and deleted cookies on all my browsers the neighborhood mapping
was still able to locate me within 2 blocks of my address. And what's more,
if random webpages can find me or nearly find me, there must be some kind of
co-operation in the web world to make this happen, and yet web developers
can't even agree on which version of HTML to use!
I'm stymied. Ideas anyone?
---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

Firefox says their browser asks Google Location Services to identify
your location.

Google continuously tracks the position of every phone and every WiFi
access point nearby when the phone is using Google Location Services.
Google Street View cars may also be monitoring WiFi signals. Your IP
address may have been connected to a WiFi access point at some time,
which would allow it to be seen by hundreds of phones that are being
tracked.

Google knows your exact location by IP address without your permission.
Clear cookies and open maps.google.com. There you are, in the center of
the map. Wonder where Google Maps gets its realtime traffic data? It's
watching phones move.

--
I will not see posts from astraweb, theremailer, dizum, or google
because they host Usenet flooders.

Steve Pope

2015-05-01 05:56:43 UTC

If you use your phone from the same location, they may well have
disambiguated you, so it is using a cell tower as the location.

I know that Google, and perhaps Facebook, and others, have disambiguated
me across several devices (despite consistent cookie-cleaning, not
loging on simulatenously to more than one service, etc.) The general
rule is, they are smarter than you and one slip-up and they
can disambiguate.

There's one (only somewhat creepy, but weird enough) result of this is
for me, is that back in the 2008 financial crisis, while reading Google
News, I must have innocently typed in a search string "Merkel Bonds Spain",
relevant at the time. Ever since, on any device, in any location,
whether logged into Google or not, if I go to Google News it fetches an
entire category labeled "Merkel Bonds Spain", at the top hierarchy level,
level with "World News", "Sports", "Science News", etc.

In a way, I'm flattered that they grooved my search string so much.
Like, we're not going to be rid of Merkel/Bonds/Spain anytime very
soon so after 7 years it is relevant. I fantasize that the Dark
Overlords have deemed my "Merkel Bonds Spain" search-argument of
sufficient importance they might even serve it up to other phenotypes
who may resemble me in their algorithms.

But what happened to all of the hundreds of other Google News search strings
in the intervening time? No fucking clue. It's just this one.
It must be the lottery winner.

Steve

Julian Macassey

2015-05-01 16:46:58 UTC

On Fri, 1 May 2015 05:56:43 +0000 (UTC), Steve Pope

Post by Steve Pope
There's one (only somewhat creepy, but weird enough) result of this is
for me, is that back in the 2008 financial crisis, while reading Google
News, I must have innocently typed in a search string "Merkel Bonds Spain",
relevant at the time. Ever since, on any device, in any location,
whether logged into Google or not, if I go to Google News it fetches an
entire category labeled "Merkel Bonds Spain", at the top hierarchy level,
level with "World News", "Sports", "Science News", etc.
In a way, I'm flattered that they grooved my search string so much.
Like, we're not going to be rid of Merkel/Bonds/Spain anytime very
soon so after 7 years it is relevant. I fantasize that the Dark
Overlords have deemed my "Merkel Bonds Spain" search-argument of
sufficient importance they might even serve it up to other phenotypes
who may resemble me in their algorithms.
But what happened to all of the hundreds of other Google News search strings
in the intervening time? No fucking clue. It's just this one.
It must be the lottery winner.

Here's a trick for Goggle news searches:

In the www.duckduckgo.com search bar enter:

!news Merkel Bonds Spain

--
"They hate our freedoms" - George W. Bush, September 20, 2001

n***@sbcglobal.net

2015-05-01 18:21:58 UTC

I let Google find my location as well as other services because I got tired of seeing the weather in Santa Clara. In some cases it's just that you probably put your zip code in for something. If I do a Google search for some service or store it's better to have what's around me than 40 miles away.

But I guess if you are planning some subversive actives you might want to remain hidden.

Roy

2015-05-01 18:52:27 UTC

I opened up a private Firefox window with google maps and it only gave
me the city.

David Kaye

2015-05-01 23:40:49 UTC

I opened up a private Firefox window with google maps and it only gave me
the city.

Interesting. Thanks.

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

Steve Pope

2015-05-02 00:51:57 UTC

I opened up a private Firefox window with google maps and it only gave me
the city.

Interesting. Thanks.

I use the UK version of Google Maps (maps.google.co.uk), mostly because
it seems to load faster but I also believe it is less invasive.

Steve

David Kaye

2015-05-01 23:40:20 UTC

Post by n***@sbcglobal.net
In some cases it's just that you probably put your zip code in for
something.

Actually, I always put in a bogus zip code, near to me but not mine. It's
not that I'm trying to hide anything; it's just that I don't like Google or
anybody else taking info from me when they should be PAYING me for my info.
If I'm such a valuable commodity that they want every bit of info about me
that they can glean, then they should at least be paying for it!

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

Julian Macassey

2015-05-03 03:25:06 UTC

Post by n***@sbcglobal.net
In some cases it's just that you probably put your zip code in for
something.

The only want info about you for their purposes.

--

"If something is free, you're not the customer, you're the
product." Bruce Schneier, Data and Goliath, 2015

Julian Macassey

2015-05-03 03:22:12 UTC

Post by n***@sbcglobal.net
I let Google find my location as well as other services because
I got tired of seeing the weather in Santa Clara. In some
cases it's just that you probably put your zip code in for
something. If I do a Google search for some service or store
it's better to have what's around me than 40 miles away.
But I guess if you are planning some subversive actives you
might want to remain hidden.

"If you have done nothing wrong, comrade, you have nothing to
fear." - Lavrenti Beria, Stalin's head of the NKVD, the secret police.

There are so many people who could tell you they thought
they had nothing to fear. Many of them are dead.

--
In a time of universal deceit, telling the truth is a revolutionary act.
- George Orwell

n***@sbcglobal.net

2015-05-03 21:00:29 UTC

Post by Julian Macassey

"If you have done nothing wrong, comrade, you have nothing to
fear." - Lavrenti Beria, Stalin's head of the NKVD, the secret police.
There are so many people who could tell you they thought
they had nothing to fear. Many of them are dead.
--
In a time of universal deceit, telling the truth is a revolutionary act.
- George Orwell

If you want to make money selling Android apps you'll need to provide such info. Yes, allegedly Google was backed by a CIA run investment firm when it started up. But I'm not quite ready to pack it in and get a cabin in the woods.

Julian Macassey

2015-05-03 22:20:22 UTC

Post by n***@sbcglobal.net

Post by Julian Macassey

"If you have done nothing wrong, comrade, you have nothing to
fear." - Lavrenti Beria, Stalin's head of the NKVD, the secret police.
There are so many people who could tell you they thought
they had nothing to fear. Many of them are dead.
--
In a time of universal deceit, telling the truth is a revolutionary act.
- George Orwell

If you want to make money selling Android apps you'll need to provide such
info. Yes, allegedly Google was backed by a CIA run investment firm when
it started up. But I'm not quite ready to pack it in and get a cabin in
the woods.

Post by Julian Macassey

Post by n***@sbcglobal.net
But I guess if you are planning some subversive actives you
might want to remain hidden.

There are many, many reasons to want your privacy, for example you
may not want your ex to know what you are up to to avoid harrassment.

Yes, even Eric "Boat of Babes" Schmidt wants privacy, he just doesn't
want you to have it.

What, if your lackof privacy trips you up and you never get to that
cabin in the woods? You wouldn't be the first.

P.S. Any chance you can get your good friends at the goggle monster to fix
the wordwarp on their usenet client?

--
The Internet is full of people who can’t read and want to talk
about sandwiches - Noam Chomsky, Oct 2013

David Kaye

2015-05-04 03:35:36 UTC

Post by n***@sbcglobal.net
Yes, allegedly Google was backed by a CIA run investment firm when it
started up.
But I'm not quite ready to pack it in and get a cabin in the woods.

Oh? I had no idea between a Google and CIA connection, though I do remember
Sergei laughing when Americans talked about privacy. "Privacy? We don't
have privacy. That's a quaint notion..." Sergei Brin is Russian, of
course. I wouldn't put it past Google to have all kinds of government
connections.

As to the cabin in the woods, if you're in the market I know of a great one
on northeastern California for $185k, with a mortgage of just $625 a month.
13 acres, a home and two outbuildings, a creek running through it. Great
place.

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

Julian Macassey

2015-05-04 13:39:50 UTC

Post by n***@sbcglobal.net
Yes, allegedly Google was backed by a CIA run investment firm when it
started up.
But I'm not quite ready to pack it in and get a cabin in the woods.

Talking of priivacy and controlling data has anyone else
noted something strange about the recent death of the husband of
the facebook CEO's husband?

Privacy? We know he died on Friday, suddenly. We know the
who, Fave Goldberg, husband of Sheryl Sandberg, but they
have managed to keep private the Where (We know not the US), and
he How.

It would seem privacy is available for those who make
money from the lack of privacy of others. The irony amuses me.

--
Before you diagnose yourself with depression or low self-esteem,
first make sure that you are not, in fact, just surrounded by
arseholes - William Gibson

Steve Pope

2015-05-05 00:43:44 UTC

Post by Julian Macassey
Talking of priivacy and controlling data has anyone else
noted something strange about the recent death of the husband of
the facebook CEO's husband?
Privacy? We know he died on Friday, suddenly. We know the
who, Fave Goldberg, husband of Sheryl Sandberg, but they
have managed to keep private the Where (We know not the US), and
he How.
It would seem privacy is available for those who make
money from the lack of privacy of others. The irony amuses me.

There is now an account of his death on (at least) the Wall Street Journal.
Briefly, he died from a head injury apparently accidently inflicted
while using the exercise room at a Four Seasons hotel in Mexico.

Based on that account, the police were probably keeping details
secret until foul play and/or negligence could be ruled out.

Steve

Julian Macassey

2015-05-05 03:17:14 UTC

On Tue, 5 May 2015 00:43:44 +0000 (UTC), Steve Pope

There is now an account of his death on (at least) the Wall Street Journal.
Briefly, he died from a head injury apparently accidently inflicted
while using the exercise room at a Four Seasons hotel in Mexico.
Based on that account, the police were probably keeping details
secret until foul play and/or negligence could be ruled out.

Then explian how come the detail what country this
happened in was kept secret? Or that it was in a hotel? Or that
he was DOA at hospital?

When other people die, these are the minimum details.

I didn't go to an get an American Journalism degree, but
when I was a reporter, the minimum was Who, What, Why, Where,
When, How. That was the minimum, not "pick two".

Maybe Sheryl was busy leaning in.

--
In a time of universal deceit, telling the truth is a revolutionary act.
- George Orwell

d***@90.usenet.us.com

2015-05-05 00:20:37 UTC

Your desktop computer might not have geolocation, or wifi, but does the
router that you are connected to have WiFi?

If not, have you ever connected a laptop to your router, while it also had
wifi?

Google Geolocation isn't magic, it is just so persistent and prevalent that
it looks that way. ;-)

Remember a few years ago when iTunes backup let your locations spill out to
the world (I think that's what the headlines blared)?

It's all the same.

If you use mapping software on a device that has WiFi, all of the WiFi
locations that are close enough for you to see, whether you ever connect to
them or not, have now been geolocated.

Right after the Apple debacle, I looked at the travels of an iPad in the
family. On our travels to Disneyland, it did find us in the Disneyland
Hotel, and in 100+ other locations nearby. It also spotted us in several
communities as much as 20 miles off to the side of I-5, at about the right
time for us to have been traveling on I-5 through that area.

In a gated community near us, it had extensive maps of our travels. I know
those weren't Google StreetView associated, because it is a gated
community, and the streetviewmobile never went in there.

It is not your IP address that locates you, it is the MAC address of your
router. You used to be able to look up the location of a MAC address, but
that feature has been turned off.

With a new router, Google Maps can't locate me... for a few days. But, if
I use an Android device to check Maps, poof, magic, my desktop can now
Geolocate. I forget the timing, but I recall that it was lacking for a few
days, but was available within hours of my using Google Maps on a phone.

If you have Xfinity cable service, you are likey being geomapped even if
you turn your WiFi off, on their WiFi capable routers.

I can see various folks connecting to my "XfinityWifi" SSID. I presume
they are just driving by, and not sitting in my driveway. My own Android
phone gets upset whenever I drive by the local Kaiser hospital, and neglect
to log on to their WiFi.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

d***@90.usenet.us.com

2015-05-05 00:45:41 UTC

Post by d***@90.usenet.us.com
If you use mapping software on a device that has WiFi, all of the WiFi

WiFi and GPS, like most tablets and phones.

Post by d***@90.usenet.us.com
locations that are close enough for you to see, whether you ever connect to
them or not, have now been geolocated.

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

David Kaye

2015-05-05 20:05:33 UTC

Post by d***@90.usenet.us.com
In a gated community near us, it had extensive maps of our travels. I know
those weren't Google StreetView associated, because it is a gated
community, and the streetviewmobile never went in there.

I'm assuming that the Comcast Xfinity modem "upgrade" includes geolocation.
I think this is why they keep bugging me to "upgrade".

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

d***@90.usenet.us.com

2015-05-05 23:08:32 UTC

Post by David Kaye
I'm assuming that the Comcast Xfinity modem "upgrade" includes geolocation.
I think this is why they keep bugging me to "upgrade".

The Xfinity modem doesn't need a geolocation feature. The XfinityWiFi that
is on by default will get picked up and properly located by every Android
and iOS device that has a map running when they drive by.

I could see them in a direct URL, not the normal Arris Modem GUI.

Do you have "XfinityWiFi" as an available WAP that seems about as strong as
your own Comcast router?

--
Clarence A Dold - Santa Rosa, CA, USA GPS: 38.47,-122.65

David Kaye

2015-05-06 00:29:13 UTC

Post by d***@90.usenet.us.com
Do you have "XfinityWiFi" as an available WAP that seems about as strong as
your own Comcast router?

No, because I haven't "upgraded" to the new modem. By the way, here their
wifi is simply called "xfinity" or "cablewifi". I haven't gotten a clear
answer from them on whether other users' use of our modem would count
against our usage, so that's another reason why I haven't "upgraded". But I
actually did "upgrade" some months back but the new modem didn't work. I
turned it back in and they've been trying to charge me for both the current
one and the new one.

---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com

d***@90.usenet.us.com

2015-05-06 18:32:16 UTC