Forgot your password?
typodupeerror
Privacy Wireless Networking Your Rights Online

Seattle PD Mum On Tracking By Its New Wi-Fi Mesh Network 107

Posted by timothy
from the progressive-city dept.
An anonymous reader writes "The Stranger reports that Seattle's police department has installed a Wi-Fi mesh network paid for by the Department of Homeland Security. FTA: 'The SPD declined to answer more than a dozen questions from The Stranger, including whether the network is operational, who has access to its data, what it might be used for, and whether the SPD has used it (or intends to use it) to geo-locate people's devices via their MAC addresses or other identifiers.'"
This discussion has been archived. No new comments can be posted.

Seattle PD Mum On Tracking By Its New Wi-Fi Mesh Network

Comments Filter:
  • by Anonymous Coward on Saturday November 09, 2013 @09:35AM (#45376683)

    geo-locate people's devices via their MAC addresses

    If you use public wireless at all, changing your MAC is just wise, for privacy reasons.

    # ifconfig eth0 hw ether

    • by EmagGeek (574360) <gterich @ a o l.com> on Saturday November 09, 2013 @10:05AM (#45376759) Journal

      No doubt there is a provision buried in Law somewhere that says that any attempt to subvert the surveillance system, obscure your identity, or obscure your location, shall constitution obstruction of police powers and land you in jail.

      • by houstonbofh (602064) on Saturday November 09, 2013 @10:18AM (#45376805)

        No doubt there is a provision buried in Law somewhere that says that any attempt to subvert the surveillance system, obscure your identity, or obscure your location, shall constitution obstruction of police powers and land you in jail.

        When it is criminal to use airplane mode, only criminals will have airplane mode.

      • Re: (Score:2, Insightful)

        by schnell (163007)

        This is insightful? Really?

        The cops aren't setting this up for Joe citizen to use, it's for their use in emergencies. Maybe they can track you, maybe they can't, but we have no idea if they even have any interest in doing that. I live in Seattle and The Stranger is a fun alternative weekly, but they also enjoy stirring the pot and it's probably not a good idea to take their suppositions as fact.

        Only on Slashdot can you get the same people freaking out because the police set up a Wi-Fi network that may know

        • by lister king of smeg (2481612) on Saturday November 09, 2013 @02:11PM (#45377983)

          This is insightful? Really?

          The cops aren't setting this up for Joe citizen to use, it's for their use in emergencies. Maybe they can track you, maybe they can't, but we have no idea if they even have any interest in doing that. I live in Seattle and The Stranger is a fun alternative weekly, but they also enjoy stirring the pot and it's probably not a good idea to take their suppositions as fact.

          Only on Slashdot can you get the same people freaking out because the police set up a Wi-Fi network that may know where you are even though they may have no intention of ever doing that ... who will turn around and cheer Google for putting up municipal Wi-Fi that is definitely being used to track you and your location, browsing, mail, search and personal buying habits and send you ads. Why is the police Wi-Fi network the one that people are worried about?

          The difference is that Google can't put me in jail on trumped up charges, if they don't like what I say where the police can. All Google wants to do is show me easily blocked ads. Giving the cops recored of my location at all times, which they could easily forge to make it look like you were at a crime or anywhere incriminating is not a good idea.

          • by schnell (163007)

            The difference is that Google can't put me in jail on trumped up charges

            So you think the police - if they wanted to frame you for something - couldn't do it before, but now Wi-Fi is going to change all that? Do you really think that if the police want you badly enough to fake evidence of a crime, they didn't have lots of other ways to do it already? Nobody is building multimillion dollar Wi-Fi networks just to do something they already had lots of ways to accomplish if they really wanted to.

        • Seattle police don't have a great record of Protect & Serve.

        • by sjames (1099)

          It's not a sure thing that police and other surveillance agencies will abuse a capability to track innocent people, but recent history shows that it's the way to bet.

          If they CAN use this to track people, they WILL, sooner or later.

          That will remain true until we clean house in a big way.

    • by arisvega (1414195)

      geo-locate people's devices via their MAC addresses

      If you use public wireless at all, keep changing your MAC is just wise, for privacy reasons.

      # ifconfig eth0 hw ether

      FTFY

    • by citizenr (871508)

      Im sure your iPhone does this automagically

  • by kaptink (699820) on Saturday November 09, 2013 @09:39AM (#45376693) Homepage

    This just looks likely to be an out of the box Aruba Airwave (tracking) install on an Aruba MSR4000 mesh network. So just turn your wifi off when your not using it?

    • This is more trouble than many are willing to take. It would be nice if you could blacklist ESSIDs and never touch them.
      • I wonder if it would be possible to configure the phone's wifi to remain passive until it detects the beacon from a known access point?

        Full disclosure: I'm not very familiar with the physical layer of 802.11 networks, please point out if this is impossible.

        • by Nerdfest (867930)

          I think you should be able to do that, and I seem to remember a setting mentioned somewhere. Basically, your phone shouldn't respond to an unknown beacon.

          • by Nerdfest (867930)

            Just did a quick bit of reading, and get the impression that Android phones do a passive scan, meaning they wouldn't be seen unless they connected, I believe. As usual, I may be wildly incorrect.

            • AIUI, Android uses a heuristic to classify networks as hidden or non-hidden. If no hidden networks are defined, your device passively listens until it hears a beacon from a known network, and won't transmit anything till then. If one or more hidden networks are defined, it will periodically query all hidden networks, wasting a bit of battery life and conveniently transmitting both your current MAC and your list of known hidden-SSID networks to any 802.11 radios that happen to be listening (thus enabling a s

              • by Nerdfest (867930)

                Do you know if there's any way to tell which of your networks are defined as 'hidden'? Is there a utility that you know of? Seems like the nice, secure thing to do from a wireless client perspective is to not use them at all.

                • The sane thing to do is absolutely to not use them at all, unless
                  you absolutely need to connect to some network whose administrator you are unable to knock the requisite sense into, in which case the best recourse is for the OS to not automatically probe for them, but rather to require you to manually trigger probing and connection when you actually need to connect to the hidden-ssid network. Unfortunately, I don't know of a single OS that does this correct behavior by default for hidden-SSID networks, and

      • Install llama on your Android phone. Permit it to learn what your home environment looks like. Disable WiFi outside of the home area. That is also more trouble than many are willing to take, but if you do it once then your phone will disable WiFI for you when you go out.

        • by adolf (21054)

          Llama looks neat, but it also looks like a non-starter for VZW: "Llama uses phone masts to determine your location"

          Attempting to locating oneself using Verizon towers alone only gets, at best, the approximate location of the tower itself, and never that of the handset.

          • This shouldn't be true. (Note, I'm not particularly familiar with the CDMA family of protocols, but some assumptions seem pretty reasonable.)

            I assume you mean because Verizon uses CDMA instead of GSM, so there's no timing-advance value, so you don't get a distance-from-tower measure. Which is true, and means you'll never get anything like the accuracy from GSM.

            However, CDMA networks still have to do handoffs when moving from one cell to another, so it seems to me the mobile terminal must (1) be aware of mor

            • by adolf (21054)

              If there's some reason this can't be done, I'm curious to know what it is.

              Because....you can't get there from here because that's all buried in the baseband firmware and VZW says "No"? Because no matter what, it always only reports that there is either exactly one or zero towers within earshot?

              Because, even with their incarnation of LTE (which is loosely based on existing GSM methods), each tower reports its location as being 0,0 lat, lon? So even if you glean a unique identifier for it, you still need a

              • Ouch! Thanks for the info.

                (I take it that you don't live in the US.)

                I do live in the US, but I'm fortunate enough to live where T-mobile coverage is good, and the only smartphones I've ever had were Nokia Meego/Maemo hacktoys, an N900 and an N9; since the N9 died I've been getting by with larger devices (a couple tablets and a UMPC) + a dumbphone serving as bluetooth modem. I've never used Verizon, and though I realized they were evil, I didn't realize they were that evil. (Actually, I wasn't really sure it was possible to be that evil...) My condo

                • by adolf (21054)

                  Them's the rubs.

                  FWIW, around here, VZW has excellent coverage, and I really have no complaints about that at all. Every other carrier is a mixture of failure. (NW Ohio, which is all fairly well populated even once you get off of the beaten path. It's a hard place to cover even though it is ruler-flat, because the density is neither great enough for a large number of very small cells to make sense, nor can it be adequately covered with a smaller number of big cells due to usage. VZW seems to have figured

          • by drinkypoo (153816)

            That's okay. It doesn't actually try to locate itself. It just looks for conditions that it recognizes.

            • by adolf (21054)

              If Wifi is off (because the whole point is that Wifi is off), and GPS is off (because, you know, we don't like being tracked), then what other "conditions" does it have other than cellular?

              • by drinkypoo (153816)

                If you mean you can't detect cells at all, you're screwed. Otherwise, it can use cells to which it can't even establish a connection sufficient to make a call.

                • by adolf (21054)

                  Who knows what it can detect. It -reports- the cell that I'm on, and the signal strength of that cell.

                  It cannot (or at least, does not) report anything else, without Wifi or GPS (I forgot to mention it before, but GPS obviously doesn't work well indoors and it's a massive battery-suck).

                  And that's not enough data to determine if I'm safely at home, and the Wifi is safe to turn on: On a 2D plot, this data can (at very best) produce a broad line, but never a point.

                  It's generally good enough for Weatherbug to

      • by SuricouRaven (1897204) on Saturday November 09, 2013 @02:16PM (#45378009)

        What you'd need to do is disable query frames. Easily enough done, but probably not the default.

        When I was hacking all my neighbour's wifi just for practice to see if I could, I noticed that I could detect busses passing by. Their onboard computer queries every few seconds for the depo's ESSID.

        This means that the bus is actually asking 'Are we nearly there yet?' every five seconds, like an annoying child.

    • by nospam007 (722110) *

      "So just turn your wifi off when your not using it?"

      Isn't NOT taking a live cellphone with you when robbing banks or planting bombs equivalent of wearing a clown mask in digital times?

      • by mdielmann (514750)

        Since I can't tell whether or not your cell phone is turned off by looking at you, it would be more like carrying a clown mask in your jacket - not quite as obvious to the rest of us, but an examination will make it clear.

        OTOH, isn't carrying a working cell phone while committing a major crime equivalent to doing so while carrying around a sign saying "Here I am"?

  • SPD (Score:4, Insightful)

    by some old guy (674482) on Saturday November 09, 2013 @09:50AM (#45376715)

    Stasi Police Dragnet.

    Coming soon to a fully-integrated nationwide real time tracking, private records collection, and surveillance system near you.

    To fight drug abuse, arrest paedophiles, stop terrorists, and...right?

    • by EmagGeek (574360)

      What do you mean, "coming soon?"

      It's here today, and has been here for quite a while.

    • No and. We had to remove "money laundering" from the Infocalypse list.

      I mean, think, who has still money left to launder, hmm?

    • its for the children for god's sake!

    • I seem to be missing a point here, why sould the PD care about identifying devices by MAC Address if they alredy have the capability (and have had this capability for decades) to trace the same device by it's phone number and just make your tipical Verizon collaborte with them. I mean, this is how you recieve phone calls, it wouldn't even work without this capability. So what do they plan to do with it?
  • How long before (Score:5, Insightful)

    by Anonymous Coward on Saturday November 09, 2013 @09:54AM (#45376725)

    How long before we see something like this:

    Cops show up at "suspects" work or home

    Cops: "Sir, your MAC address was at the scene of the crime/terrorist attack yesterday. How do you explain that."

    Suspect: "I have no idea."

    Cops: "Sir, you need to come with us."

    Neighbors or work associates: "WTF?! We were right next to the guy and he's a TERRORIST!"

    And in the meantime, the criminals will just leave their electronic devices at home. - at least the smart ones. The terrorists will have none.

    Badge + gun == grunt.

    All this sophisticated tracking technology will only further destroy our freedoms.

    • And in the meantime, the criminals will just leave their electronic devices at home. - at least the smart ones. The terrorists will have none.

      No, they will spoof honest citizens mac addresses.

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        No, they will spoof honest citizens mac addresses.

        There are no "honest citizens". State authorities ascribe to the doctrine of original sin. Your existence is a crime. There may be mitigating circumstances, but it lies in the hand of law enforcement how much leeway they are willing to give you. Pray, and believe them to know what's good for you with all your heart, or you'll be damned.

  • by Chris Mattern (191822) on Saturday November 09, 2013 @10:03AM (#45376751)

    ...what some policeman's mother has to say?

  • by nurb432 (527695) on Saturday November 09, 2013 @10:41AM (#45376919) Homepage Journal

    So, we just need a applet that every so often will generate a random new mac address for your device. Sure, if its in the middle of the day you lose connection for a moment, but is that really that big of a deal on a phone/tablet?

    Of course i have been saying for years that eventually you will have to register your mac address(es) of all your devices at time of purchase and it will become a crime to spoof. Along with being handed out your assigned block of ipv6, again for tracking reasons.

    • It's impossible on a phone/tablet unless you hack it first. Rooting android isn't too difficult, but it's still an undesireable situation when the only way to avoid government tracking is is via technological skill.

      • by nurb432 (527695)

        True, it does take the 'extra step', but that doesn't negate a need for it. There are plenty of apps out there that *only* work on rooted/Jail broken devices. Just because the newbie-joe cant do it, doesn't mean it shouldn't be done.

        As far as 'the only way avoid tracking is to have skill' idea, we have already passed that point, long ago.

        • The obvious solution is for those who do have skill to make the task as simple and automated as possible for everyone else. Beyond that though, we also need to get the techniques in widespread use.

          Right now, if someone is arrested on a serious charge and the police find they have anti-tracking software on their phone, they could probably use that as a sign of suspicion in court - if this person is innocent, why are they hideing from justice? The solution is to just get the software as widely used as possibl

    • by mikael (484) on Saturday November 09, 2013 @11:24AM (#45377091)

      You used to have to do that back in the early days of home Internet around the mid 1990's. Just to register for a SLIP/PPP dial-up connection with a static IP address and hostname required proof of identity, your name, address, contact details, and you'd get this deed of ownership of the hostname.

      In France they actually require ID and a copy of your passport just to get a SIM card.

      • by nurb432 (527695)

        Just to get static address I never had to do that back in the old days. ( well nothing beyond what you would do in order to have any telecom service.. as someone has to pay the bill remember ) Not saying you didn't, but not everyone had to.

      • by Holi (250190)

        Who made you do that? None of the providers I dealt with back then required anything like that.

        • by mikael (484)

          Demon Internet 1994 - you gave them your credit card details (name + address + city), plus a billing address if it wasn't the same as the credit card. Then they gave you your information pack plus the account details page which was a thick sheet of paper with your hostname, static IP address and password details.
          It also had information on how to use their DOS based usenet and email reader, based on trumpet sockets.

  • I can see a time coming, not so far from now, where all this is used as a quasi-radar system to track people, feeding into the machine that already tracks by face and license plate recognition.

    Perhaps now is the time for constitutional amendment. Let's outlaw mind-reading machines, which are on the horizon, while we're at it. As in supra-4th Amendment, "Neither Congress nor any State shall (something flowery about invading a mind's operation to determine thoughts.)"

    • Note on that: Flat-out ban, not banned-without-warrant.

      • And while at it, how about one saying that a warrant means an actual warrant, signed by an actual judge? Not an all-encompassing national security letter, not a secret order to hand everything over, not a rubber-stamped off-the-public-records order by a FISA court, and not a flimsy 'Non-citizens have no rights' excuse.

  • by sjwt (161428)

    Jee, we can't let Google store this kind of information, good thing the police can do what they want with out a warrent!

  • One way to protect ourselves from this sort of thing (at least for a while) is to stop using many convenient technologies. The more stories about government surveillance I read, the less technology I use. So far it is little things like leaving my cell phone turned off most of the time, using cash instead of debit cards, not shopping online, etc. Most importantly I now think about leaving a digital footprint and privacy any time I use technology. The NSA does not have god-like powers and I will not g
  • But now they're thinking about it. Thanks a lot, The Stranger.

It is surely a great calamity for a human being to have no obsessions. - Robert Bly

Working...