Google Street View Cars Caught Snooping on Peoples Wi-Fi Networks

Who is GOOGLE to bully me into doing this or not doing that ?

Even if I knew how to defend my privacy computer-wise, I do
not accept anyone, besides what my law-maker´s rulings allow,
to spy on my privacy, period.

This car is spying over fences into people´s properties that
no passer-by can look into, unless he put up a ladder in front
of the fence and climbed up.

Now, it would be very impertinent to ask the property´s owner
to pull up the fence, so no ladder would be tall enough for any-
body to look over !

So, all the recommendations to ward off the spying attempts
at my expense are just foolish.

Originally posted by EyesII
Cloning MAC addresses usually happens after the modem has seen the net traffic and before your PC get the traffic - in other words at the router level.

From the bit i know BT-Click and others register the MAC address of the home router to the person paying the bill and if you swap your MAC address then you won't get a connection.

That MAC address isued is only ever seen by you and the first router/POE controled by your ISP or someone driving down your street scanning wi-fi connections????? Correct me if i'm wrong but i don't think Google gets to see it or anyone else you connect to whilst downloading torrents and such like.

Paying cash for a T-Moblie dongle would seem a safe bet if it was pratical but even so i would guess the software would pull your MAC from your 10/100 network card and send that out to T-Mobile or use something from the bios.

60% off new laptops all have an ET call home program in the bios but i think they would only use it if the CIA/KGB wanted it's computer back and is no use to me or you if someone nicks our gear.

The more i learn the more i realise it is all but impossible to stop this spying and i think the internet was designed that way, i don't know but i do know a hell of a lot of watching is going on and therefore our defence needed to turn towards sending out mixed signals so that much of the data becomes worthless but this is not something you can do alone.

i'm off to google up some pink knickers now using my russian SSL proxy server because i think that type of informatin needs to be shared with the KGB and remember we are all [KeyLoggerOff]terrorists[/KeyLoggerOff] now

This article (the source) is Fear Mongering.

Lets recap on a few things:

1. Google drives around in a car taking pictures of streets.
   
2. Google drives around in a car scanning for WiFi routers, WiFi cards.
   

I do this actually. What is wrong with it? I am not invading your privacy by doing so, infact I am taking pictures of buildings because I do photography and specifically architectural photography. I also drive around in a car using Kismet and a GPS device recording all WiFi network details because I thought that maybe, just maybe; if I could detect all the WiFi networks in my area, then I would know where to sell my new WiFi service as a business. I would know what zones have more customers using wireless technology, this is called marketing and if your business minded you would know about things like this.

A MAC address is easy to spoof.
$ macchanger --mac 00:11:22:33:44:55 wlan0
(above is a code to change your MAC address to 00:11:22:33:44:55 on a wireless card labelled wlan0 - it varies depending on your hardware and OS etc. Program is called macchanger and the OS I used is called BackTrack)

People are asking how a person can be traced using a MAC address and how Google or a third party would know who exactly owned that MAC address? Well, if you purchased your router, computer or network card/s via credit card, then your credit card that you used to purchase it would be used to trace your name and address etc.

Computers using wireless card broadcast their MAC address
Routers using wireless tech also broadcast their MAC address.

Above is 2 MAC addresses that a third party could use to determine your name and address etc. The letters and numbers on a MAC address can be explained and broken down. The first few tells a professional what manufacturer the card came from, the rest are just model and references numbers. A company would know that its a Linksys network router, then they move on to the next numbers, finding out that PC World (example) in (say) Northern Ireland, branch number 0250 sold this specific router. Then they would ask PC World to check their database to see who purchased that exact model, then PC World would say that it was purchased with a credit card and then BOBS YOUR UNCLE, they got an address.

Its not impossible for Google to do this or the 3rd party they sell the information too, at first it depends on the authenticity of the MAC address, if spoofed, then its a no go and nobody can do anything.

People need not to worry about this, do you know how much money, time, resources and manpower is required to do this? Something like this would only be done in the circumstances of a breach in national security.

EDIT: Yes Google is a Tyrant, but the technology it uses is only a fraction of what is available to the government and military. If Google never existed or NASA never sold its imagery to companies, it would be happening anyway. You should be greatful that you can also use this technology and that it is available to the general public. Again...TPTB would do it anyway, even if google never had street view, they still do it and did it before Google was invented.

[edit on 27/4/2010 by the_denv]

The trouble with all this spying is often the owners of site don't know how the banners are being abused and if they use IFrame like they do here and on most others sites then sure they can look like they just load up a bit of flash or an image with an atag around it but they also link out to scripts on other sites like Rover.eBay.com that produce no visual content.

ATS Looks about average when i look at the proxy logs after pressing refresh on this page and we can all see google is here, the banner at the top that says i have 3 new messages and the girl on the left that lost a load of weight and we can ignor avatars (All cached anyway) so you would think we are talking about 3 hits outside of ATS

Would you expect Ten and i bet the owners of ATS would not expect this themselves and yet i assure you, sadly this is quite normal.

I have no trouble with adverts so long as they don't popup a new browser or are the new style, in your face divs but i do have a problom with spyware esp if it comes from the big three, Google/youtube/ebay who i'm sure are trading data so ebay gave Google my address and eBay knows i've been looking for a pair of pink knickers on Google.

wait a second, someone is baning on my door.............................

................. it was just the deleivery man with one of them pads in his hand, asking me to sign for delivery and knowing the signiture would look like everyone elses in the street so i made sure it got my thumb print.

EDIT: Yes Google is a Tyrant, but the technology it uses is only a fraction of what is available to the government and military

I've worked for BT and picked up a bit of gossip and they are 20 years ahead of where you think they are and also note BT seems ripe for being nationalised since the share price is no higher then when they floated the company 20 plus years ago and they own the copper/optics in the street even if Virgin rents the line.

People need not to worry about this, do you know how much money, time, resources and manpower is required to do this? Something like this would only be done in the circumstances of a breach in national security.

Manpower does not come into it once you have the software and disk storage is dirty cheap plus if read the guidelines for who is a potential terrorists then "national security" takes on a very wide scope.

Would i know you better than your wife if i looked over your sholder everytime you used a PC ?

Good post and i will seek your advise when i get stuck with MAC's again.

Originally posted by LieBuster

I've worked for BT and picked up a bit of gossip and they are 20 years ahead of where you think they are and also note BT seems ripe for being nationalised since the share price is no higher then when they floated the company 20 plus years ago and they own the copper/optics in the street even if Virgin rents the line.

Yeh I heard that myself when I worked for BT, they own all the MDFs (Main Distribution Frame) within all of the telephone exchanges.

Originally posted by LieBuster
Manpower does not come into it once you have the software and disk storage is dirty cheap plus if read the guidelines for who is a potential terrorists then "national security" takes on a very wide scope.

Would i know you better than your wife if i looked over your sholder everytime you used a PC ?

Good post and i will seek your advise when i get stuck with MAC's again.

What do you mean mate? I was talking about the manpower within intelligence agencies tracking down a random MAC address grabbed by a Google car to identify the address and identification of the owner of said MAC address. going through credit card purchases and tracking the WiFi models that customer uses from the Manufacturer->Buyer->Branch and of course going through the customers Bank account once the credit card number is obtained via the computer store where the WiFi router or adapter was purchased from.

Yeah I know what you mean by the "national security" list being huge, but lets not forget that the intelligence agencies that Google are selling the MAC address list to, will have been given a list of hundreds of thousands of MAC addresses, if not millions. They would not be wanting to see a specific MAC owner, they will be going through the list one by one, then once that is done they could easily bring up a persons name and address linked to their credit card number. They can, but only after the database is compiled, and that will take a lot of manpower and time and resources etc.

Yes (if I had a wife) you would know more about me than her (metaphorically) looking over my shoulder. Its amazing the fingerprint-data that people leave behind and your 100% correct about those banners. Banner grabbing is just too easy. Open up Wireshark and look at the TCP/IP stream of data that ATS shoots back at you.

If ATS would like a pentest done on their HTTP server, let me know and I will do one free of charge. I bet there is a HUGE list of exploits on this website as there would be, people just dont see the importance of it.

reply to post by EyesII


I know ISP's log the MAC of the modem, as I worked for one and did precisely that with new installs.

But Google doesn't have access to this info and to just release it without a Court order is a breach of Data Protection law, in the UK at least.

So I'll rephrase my question:

"How will GOOGLE know what Wifi network pertains to what street address?"

Originally posted by the_denv
People are asking how a person can be traced using a MAC address and how Google or a third party would know who exactly owned that MAC address? Well, if you purchased your router, computer or network card/s via credit card, then your credit card that you used to purchase it would be used to trace your name and address etc.

Again, information that is protected by Law. Google have no power or right to obtain this information.

They can scan, scan, scan away but even if they have a pretty good idea what network is in what house, they cannot be sure. If they are sure, they've broken the law.

Originally posted by LieBuster
I've worked for BT and picked up a bit of gossip and they are 20 years ahead of where you think they are and also note BT seems ripe for being nationalised since the share price is no higher then when they floated the company 20 plus years ago and they own the copper/optics in the street even if Virgin rents the line.

Not true. Virgin have their own network, which is what they mean when they say "cabled area". Your right in saying Virgin rents the line if they sign up an ADSL customer from outside a cabled area, but if you live within one, you're on Virgins network.

And I am totally puzzled by your statement of BT being "20 years ahead". Ahead in what? Running a crappy network? Charging too much? Not being able to fix simple faults? Please elaborate what you mean by this.....

Originally posted by the_denv
Yeh I heard that myself when I worked for BT, they own all the MDFs (Main Distribution Frame) within all of the telephone exchanges.

No, they don't. Virgin and others, such as C&W, own their own networks, with their own "exchanges" (such a 1950's terminology, only ever used by those not in the industry). BT have a huge network yes, but to imply they own everything and just lease it out is bullcrap.


[edit on 27/4/10 by stumason]

How will GOOGLE know what Wifi network pertains to what street address

Google toolbar tells google your mac address and they also picked up your mac address when scanning the streets so they just put the two togeather but the bad thing is the toolbar also passes google data on wi-fi's around you.

Originally posted by stumason
Not true. Virgin have their own network, which is what they mean when they say "cabled area". Your right in saying Virgin rents the line if they sign up an ADSL customer from outside a cabled area, but if you live within one, you're on Virgins network.

Sorry i should had said BT owns 95% plus of all the copper/optics

And I am totally puzzled by your statement of BT being "20 years ahead". Ahead in what? Running a crappy network? Charging too much? Not being able to fix simple faults? Please elaborate what you mean by this.....

Yes with you on the crap service and all that but i can not go into more detail on this one for reasons of security.

Originally posted by LieBuster
Sorry i should had said BT owns 95% plus of all the copper/optics

No, they don't. Virgins and C&W's UK network combined equal the size of the BT network. BT own the local loop, but Virgin have their own local fibre/copper network in a significant part of the country and are expanding it with new overhead deployment on the Telegraph poles.

I have worked for NTL, Telewest, Nortel, Energis and C&W as an engineer. I work in C&W's NMC in Bracknell managing the UK transmission network. I know of what I speak.

Originally posted by LieBuster
Yes with you on the crap service and all that but i can not go into more detail on this one for reasons of security.

Give over. I have SC and BC clearance from the Home Office, I won't tell

Whatever BT might have up their sleeves, you can guarantee Virgin, C&W and the major vendors are following the same sort of line.

In fact, in terms of technological capability, BT's network is lagging behind. It's why BT are losing major corporate customers hand over fist to C&W, because we already have a cutting edge Next Gen network, wheras BT are still faffing around with old technology.

If your going to make wild claims, back them up with something. Even a hint as to what you mean.

Are you on about higher capacity optical networks?

Or perhaps a roll out of FTH?

Quantum Cryptography?

What?

Originally posted by the_denv
If ATS would like a pentest done on their HTTP server, let me know and I will do one free of charge. I bet there is a HUGE list of exploits on this website as there would be, people just dont see the importance of it.

Yes i agree, like most they will have some but at least they are not running ASP.Net that makes it worse because MS leaves so many back doors open.

Part of ATS just got an auto ban from my proxy server.

They have a small file 'tan.gif' on the home page and hosted on 'images.abovetopsecret.com' but all you ever get is a 302 reply for the file that sends you to the new location at 'files.abovetopsecret.com' but because the server never seems to send any 200 OK replys from 'images.abovetopsecret.com' domain then after a while the proxy server put an autoban on the site.

in the case of ATS it's simply a case of moving files and leaving a redirect on the file but most spyware servers don't ever give back a 200 OK reply else people would see what they are upto if they viewed the browsers history files.

a common trick is to request a stylesheet from script with a URL like:

AddServer.com/MyStyleSheet.css?I=Your_details_Screen_size_AndAllThat

the reply could be a 404 or 302 but still includes a Set-Cookie :OurID=123

The proxy server i use see it's not a 200 reply and blocks the cookie and executes a Bad++ and then later if Bad>Good then bingo it puts an autoban on the site because none of the spyware ban lists can be 100%

out going eTags can also be banned plus URL's that contain an IP address because i've seen on mail.com that once they workout your blocking cookies from certain sites they try it on using a servers on a static IP address.

Why don't the browsers allow you to block cookies from non 200 replys or being sent off to a static IP address or is it because MS is watching you and FF gets $50m a year from Google ?

In IE 6 if you use promt for 3rd party cookies then you get a zillion dialog boxes and even if you click apply to this site it still keeps asking the same question so as usual when it comes to MS you have no pratical option but to leave yourself wide open and thats by design i thinks.

Google sends out massive scripts with all the line brakes removed and silly function names so it's very hard to see whats going on and if you block these scripts like i do and the page still works OK then it shows it for spying and nothing to do with the user interface.

Google mates at YouTube keep making me click buttons when i use an old browser to view the site and yet flash runs inside a container so i guess they are upset because it's stopping them spying on me or something.

I could write a book on all the tricks these people try on and i bet i only know half of them.

"No, they don't. Virgins and C&W's UK network combined equal the size of the BT network. "

Customer base maybe but not when it comes to cable going into peoples homes which is the best place to listen in and maybe you could lets us have a link on the size of Virgin and C&W inside the UK.

"BT own the local loop"

You answered your own question

"but Virgin have their own local fibre/copper network in a significant part of the country and are expanding it with new overhead deployment on the Telegraph poles."

Telegraph poles and i was thinking BT was backwards.

I like Virgin and have worked for them in the past but not in connection with phones/internet but the weak link has now become the wi-fi within the home it's just not that good for spying en-mass.

if you told someone twenty years ago that you could fit a 32gb drive into your top pocket, drop it on the floor and it would still work then they would had taken you to the nut house. Now apart from the security aspect, i don't want to go to the nut house quite just yet so i can not give you more details but i did once read that the americans can put a virus on a hard drive inside a computer, from a distance ............................................
.............................and without a network connection.....................................................................
..................................................................................................

whilst the computer is turned off


sounds mad i agree and at first i was thinking how could they get a lazer to go throught steel to burn dots into a disk but after thinking about it for a few months and learning that 60% of laptops now have a program in the bios that calls home incase the computer is nicked and also knowing that motherboards have a battery to keep the time and were designed or made in the USA then maybe it is possible even today to tamper with a machine from a distance and for all i know some motherboards in PC world might already have some type of auto update on them that flashes the bios in the same way MS keeps trying to update my drivers every other day.

maybe it's not so mad after all.

Originally posted by LieBuster
Customer base maybe but not when it comes to cable going into peoples homes which is the best place to listen in and maybe you could lets us have a link on the size of Virgin and C&W inside the UK.

Customer base? I'm talking network elements and copper/fibre deployment. For example, Virgin has thousands of Km of underground fibre and copper. They are made up of the combination of the old telewest and NTL networks, which themselves are made up of the old, smaller cable companies of yesteryear. Each street cab you see will typically contain 1 or 2 multiplexors for transmission. There are thousands in the UK.

Cable and Wireless has an even larger network of both underground and overhead deployed fibre and copper. There are approximately ten thousand plus Transmission multiplexors in the Uk network alone. That's not counting switches or the IP stuff. We have hundreds of nodes throughout the country and even more access points co-located within the BT network sites.

Also, with the aquisition of Energis in 2006 we obtained their fibre network which is deployed over the HV National Grid pylons. Take a look next time your near a pylon and check out the earhing cable at the top, you'll see something wrapped around it. Take a look next time your in an urban area, you'll see manhole covers for CW, Energis, BT, Global Crossing, Verizon, AT&T, France Telecom, you name it.

This myth that BT owns all the physical network is bunk.

Originally posted by LieBuster
"BT own the local loop"

You answered your own question

You do know what this means, don't you? They own the decrepit copper cables going from their network node sites out to the local area. This is barely more than a couple of Km's in most cases.

We use BT tails on some of ccts and 90% of the routing will be over our own network, owned and managed by us, with the final mile put out over BT, for the sole reason that it is cheaper to lease some fibre/copper off BT than it is too put in our own. It's also worth mentioning that around 80% of all our faults reported are because of BT, as their network is a pile of cack.

In alot of cases, however, we don't even need BT as our own network is large enough. We only really need them when delivering services to out of the way places, whereas in urban area's we have significant network coverage of our own.

Originally posted by LieBuster
"but Virgin have their own local fibre/copper network in a significant part of the country and are expanding it with new overhead deployment on the Telegraph poles."

Telegraph poles

and i was thinking BT was backwards.

You obviously don't understand what I said.

Due to the laws and regulations governing the LLU, Virgin won a court battle with BT for the right to use the telegraph poles (the very same poles used in the local loop) so they can run their own fibres over them instead of using BT and copper.

The reason they want to use overhead deployment instead of U/G is because it costs around £75/metere to put fibres in the earth, whereas it costs a fraction to string them on overheads. This enables them to expand their network even further without prohibative costs and all the wrangling that comes with digging up the roads.

This isn't backwards by any stretch of the imagination, especially when Virgin can use these new fibres to deliver 100Mbs+ services to homes.

I have to deal with alot of overhead fibres in my day job and I wouldn't call a DWDM system with a bandwidtch of 80Gb/s, per fibre, backwards. The cable I mentioned going over the earthing wire typically contains 48 or 96 fibres. That's alot of bandwidth.

Originally posted by LieBuster
I like Virgin and have worked for them in the past but not in connection with phones/internet

Well, I have and trust me, BT ain't all that. They are usually way behind in deployment of products and it's overpriced in any case.



[edit on 28/4/10 by stumason]

Some routers will let you spoof your mac address but then you will also need to contact your provider from the cable company else the connection won't work and given how useless many of these providers are in providing a service then it's a very brave man that tries this option.

if MAC addreses are so useless then why was Google collecting them and why does Google toolbar need to scan Wi-Fi MAC addresses from the people living around you.

i can not beging to say what lenghts companies go to track you but i do remember being called a nut years ago when i told people that the police were going to use average speed cameras and just as big a nut when i say they will soon be tracking your car speed from space but i can live with being a nut so long as i'm right.

as i type Google is watching and knows i'm here and offer free indexing to sites which costs Google time, money , effort and bandwidth all from the goodness of their art ? Google profits tell me otherwise and they even want to host your private medical records, all free of charge of course.

China exposed Google for spying but you might had only read the version where google say it's an effort to restrict internet access to the chinesse people ! the truth lies inbetween.

i advise everyone to have a play with Fidder and to see for yourselves just how far these people go and if your carfull you will even see google is using it's own special encryption and you might also see Google is requesting a file called SafeBrowsing.xml 200 times a day and in each call they are passing out information in the URL about you.

Google also runs scripts on you machine that send about 50 bits of information back google that includes things like the version of _javascript you are running, screen size, resolution and all this information is being used to tie you back to googles hidden profile.

YouTube is part of Google and they are putting Flash Cookies on your machine and any request for a flash file will include the four digit flash version number and by the time you collate all this information togeather along with the User_Agent, Excepts, U-Cpu then every conputer has a finger print that is almost unique and since google knows your browing habbit and are everywhere so they know you when they see you.

it is just about impossible to hide even after you spoofed your mac address, swapped IP, cleared cookies, history, Flash cookies (SOL i think) UserData if your using IE (delete you index.dat files) and don't open emails in HTML mode (see eTags) and also somehow avoid visting any sites where you need to login that places any internal MemberID in the URL (See HTTP Referer strings) and have not been stupid and loaded any type of google toolbar and thats just what i know about.

Please let me know of anymore if you know any.

Browsers/ TCPIP/HTML was desgined for old copper twisted pair with lots of error control and was never built for the masses but for the military/corporations/Goverment/Big Bro so don't exspect any change any time soon even if it's 30 years old and fails to meet todays needs.

Anyone that thinks they can stop the likes of GCHQ/MI5/CIA walking in to view contents/ side step virus control on anyones machine as they like had better not be running windows from back door bill and even if your running Unix then that still leaves the bios built by intel corp and already we know that 60% of new laptops have a hidden program that reports back to central servers incase the laptop has been stolen.

PGP encryption was classed as munitions in the states so anything that does not pass that test is not worth using and a personal computer is anything but personal these days

i won't be rushing out to get a phone implated in my ear just to get cheap calls and if you think it's science fiction then read on.

www.wired.com...

Don't throw away your old mobile phones they just might not be bugged !

The simplest measure of internet security, don't use wifi, use hard line.

Hasn't that solved problems for how long? Kind of hard for someone to snoop on you line, unless they vamp it.

Other wise if you must have a wifi, rotate routers.

Still I don't use wifi unless there is no way around it.

reply to post by Mdv2


forgive me if I do not understand. Streetview is just pictures. So then how do they show anything besides those pictures?

we thought it was big brother we had to worry about. now its little brother, Google. how do you know they dont have very good hacking soft wear to get your mac address? and who knows what else. they got court this time. and what else have they been doing? thieves have use’d the picture to look over homes to see witch is the best to burgle. no this. to many on line sites like google facebook. take your privet information and sell it. and I would bet the American secret service has some thing to do with it. I hope they shoot them when they try this in china. because they are spy’s.
P.S. google is doing all this because you may have pirate soft wear. so its all legal.

It (Google) was forced to destroy private online information gathered from scores of homes and offices around Ireland.

It looks like the Irish Gov was on the ball on this one

Source Article ... Independent.ie