Seattle PD Mum On Tracking By Its New Wi-Fi Mesh Network 107
An anonymous reader writes "The Stranger reports that Seattle's police department has installed a Wi-Fi mesh network paid for by the Department of Homeland Security. FTA: 'The SPD declined to answer more than a dozen questions from The Stranger, including whether the network is operational, who has access to its data, what it might be used for, and whether the SPD has used it (or intends to use it) to geo-locate people's devices via their MAC addresses or other identifiers.'"
changing it is a good idea regardless (Score:4, Informative)
geo-locate people's devices via their MAC addresses
If you use public wireless at all, changing your MAC is just wise, for privacy reasons.
# ifconfig eth0 hw ether
Re:changing it is a good idea regardless (Score:5, Insightful)
No doubt there is a provision buried in Law somewhere that says that any attempt to subvert the surveillance system, obscure your identity, or obscure your location, shall constitution obstruction of police powers and land you in jail.
Re:changing it is a good idea regardless (Score:5, Funny)
No doubt there is a provision buried in Law somewhere that says that any attempt to subvert the surveillance system, obscure your identity, or obscure your location, shall constitution obstruction of police powers and land you in jail.
When it is criminal to use airplane mode, only criminals will have airplane mode.
Re: (Score:2, Insightful)
This is insightful? Really?
The cops aren't setting this up for Joe citizen to use, it's for their use in emergencies. Maybe they can track you, maybe they can't, but we have no idea if they even have any interest in doing that. I live in Seattle and The Stranger is a fun alternative weekly, but they also enjoy stirring the pot and it's probably not a good idea to take their suppositions as fact.
Only on Slashdot can you get the same people freaking out because the police set up a Wi-Fi network that may know
Re:changing it is a good idea regardless (Score:5, Insightful)
This is insightful? Really?
The cops aren't setting this up for Joe citizen to use, it's for their use in emergencies. Maybe they can track you, maybe they can't, but we have no idea if they even have any interest in doing that. I live in Seattle and The Stranger is a fun alternative weekly, but they also enjoy stirring the pot and it's probably not a good idea to take their suppositions as fact.
Only on Slashdot can you get the same people freaking out because the police set up a Wi-Fi network that may know where you are even though they may have no intention of ever doing that ... who will turn around and cheer Google for putting up municipal Wi-Fi that is definitely being used to track you and your location, browsing, mail, search and personal buying habits and send you ads. Why is the police Wi-Fi network the one that people are worried about?
The difference is that Google can't put me in jail on trumped up charges, if they don't like what I say where the police can. All Google wants to do is show me easily blocked ads. Giving the cops recored of my location at all times, which they could easily forge to make it look like you were at a crime or anywhere incriminating is not a good idea.
Re: (Score:1)
The difference is that Google can't put me in jail on trumped up charges
So you think the police - if they wanted to frame you for something - couldn't do it before, but now Wi-Fi is going to change all that? Do you really think that if the police want you badly enough to fake evidence of a crime, they didn't have lots of other ways to do it already? Nobody is building multimillion dollar Wi-Fi networks just to do something they already had lots of ways to accomplish if they really wanted to.
Re: (Score:2)
Seattle police don't have a great record of Protect & Serve.
Re: (Score:2)
It's not a sure thing that police and other surveillance agencies will abuse a capability to track innocent people, but recent history shows that it's the way to bet.
If they CAN use this to track people, they WILL, sooner or later.
That will remain true until we clean house in a big way.
Re: (Score:3)
geo-locate people's devices via their MAC addresses
If you use public wireless at all, keep changing your MAC is just wise, for privacy reasons.
# ifconfig eth0 hw ether
FTFY
Re: (Score:3)
FTFY
You "fixed" it, but not the part where he was changing the wired MAC address to prevent wireles tracking.
Try wlan0.
Re:changing it is a good idea regardless (Score:5, Funny)
You "fixed" it, but not the part where he was changing the wired MAC address to prevent wireles tracking.
Try wlan0.
Utter nonsense- carrying around miles of ethernet cable is the only way to be safe.
Re: (Score:2)
Yep!
Re: (Score:3)
Im sure your iPhone does this automagically
Re: (Score:2)
Im sure your iPhone does this automagically
Only if you are holding it wrong.
Looks like Aruba mesh network with Airwave (Score:5, Informative)
This just looks likely to be an out of the box Aruba Airwave (tracking) install on an Aruba MSR4000 mesh network. So just turn your wifi off when your not using it?
Re: (Score:3)
Re: (Score:2)
I wonder if it would be possible to configure the phone's wifi to remain passive until it detects the beacon from a known access point?
Full disclosure: I'm not very familiar with the physical layer of 802.11 networks, please point out if this is impossible.
Re: (Score:2)
I think you should be able to do that, and I seem to remember a setting mentioned somewhere. Basically, your phone shouldn't respond to an unknown beacon.
Re: (Score:2)
Just did a quick bit of reading, and get the impression that Android phones do a passive scan, meaning they wouldn't be seen unless they connected, I believe. As usual, I may be wildly incorrect.
Re: (Score:3)
AIUI, Android uses a heuristic to classify networks as hidden or non-hidden. If no hidden networks are defined, your device passively listens until it hears a beacon from a known network, and won't transmit anything till then. If one or more hidden networks are defined, it will periodically query all hidden networks, wasting a bit of battery life and conveniently transmitting both your current MAC and your list of known hidden-SSID networks to any 802.11 radios that happen to be listening (thus enabling a s
Re: (Score:2)
Do you know if there's any way to tell which of your networks are defined as 'hidden'? Is there a utility that you know of? Seems like the nice, secure thing to do from a wireless client perspective is to not use them at all.
Re: (Score:2)
The sane thing to do is absolutely to not use them at all, unless
you absolutely need to connect to some network whose administrator you are unable to knock the requisite sense into, in which case the best recourse is for the OS to not automatically probe for them, but rather to require you to manually trigger probing and connection when you actually need to connect to the hidden-ssid network. Unfortunately, I don't know of a single OS that does this correct behavior by default for hidden-SSID networks, and
Re:Looks like Aruba mesh network with Airwave (Score:4, Informative)
Install llama on your Android phone. Permit it to learn what your home environment looks like. Disable WiFi outside of the home area. That is also more trouble than many are willing to take, but if you do it once then your phone will disable WiFI for you when you go out.
Re: (Score:3)
Llama looks neat, but it also looks like a non-starter for VZW: "Llama uses phone masts to determine your location"
Attempting to locating oneself using Verizon towers alone only gets, at best, the approximate location of the tower itself, and never that of the handset.
Re: (Score:2)
This shouldn't be true. (Note, I'm not particularly familiar with the CDMA family of protocols, but some assumptions seem pretty reasonable.)
I assume you mean because Verizon uses CDMA instead of GSM, so there's no timing-advance value, so you don't get a distance-from-tower measure. Which is true, and means you'll never get anything like the accuracy from GSM.
However, CDMA networks still have to do handoffs when moving from one cell to another, so it seems to me the mobile terminal must (1) be aware of mor
Re: (Score:2)
Because....you can't get there from here because that's all buried in the baseband firmware and VZW says "No"? Because no matter what, it always only reports that there is either exactly one or zero towers within earshot?
Because, even with their incarnation of LTE (which is loosely based on existing GSM methods), each tower reports its location as being 0,0 lat, lon? So even if you glean a unique identifier for it, you still need a
Re: (Score:2)
Ouch! Thanks for the info.
(I take it that you don't live in the US.)
I do live in the US, but I'm fortunate enough to live where T-mobile coverage is good, and the only smartphones I've ever had were Nokia Meego/Maemo hacktoys, an N900 and an N9; since the N9 died I've been getting by with larger devices (a couple tablets and a UMPC) + a dumbphone serving as bluetooth modem. I've never used Verizon, and though I realized they were evil, I didn't realize they were that evil. (Actually, I wasn't really sure it was possible to be that evil...) My condo
Re: (Score:2)
Them's the rubs.
FWIW, around here, VZW has excellent coverage, and I really have no complaints about that at all. Every other carrier is a mixture of failure. (NW Ohio, which is all fairly well populated even once you get off of the beaten path. It's a hard place to cover even though it is ruler-flat, because the density is neither great enough for a large number of very small cells to make sense, nor can it be adequately covered with a smaller number of big cells due to usage. VZW seems to have figured
Re: (Score:2)
That's okay. It doesn't actually try to locate itself. It just looks for conditions that it recognizes.
Re: (Score:2)
If Wifi is off (because the whole point is that Wifi is off), and GPS is off (because, you know, we don't like being tracked), then what other "conditions" does it have other than cellular?
Re: (Score:2)
If you mean you can't detect cells at all, you're screwed. Otherwise, it can use cells to which it can't even establish a connection sufficient to make a call.
Re: (Score:2)
Who knows what it can detect. It -reports- the cell that I'm on, and the signal strength of that cell.
It cannot (or at least, does not) report anything else, without Wifi or GPS (I forgot to mention it before, but GPS obviously doesn't work well indoors and it's a massive battery-suck).
And that's not enough data to determine if I'm safely at home, and the Wifi is safe to turn on: On a 2D plot, this data can (at very best) produce a broad line, but never a point.
It's generally good enough for Weatherbug to
Re:Looks like Aruba mesh network with Airwave (Score:4, Informative)
What you'd need to do is disable query frames. Easily enough done, but probably not the default.
When I was hacking all my neighbour's wifi just for practice to see if I could, I noticed that I could detect busses passing by. Their onboard computer queries every few seconds for the depo's ESSID.
This means that the bus is actually asking 'Are we nearly there yet?' every five seconds, like an annoying child.
Re: (Score:3)
"So just turn your wifi off when your not using it?"
Isn't NOT taking a live cellphone with you when robbing banks or planting bombs equivalent of wearing a clown mask in digital times?
Re: (Score:2)
Since I can't tell whether or not your cell phone is turned off by looking at you, it would be more like carrying a clown mask in your jacket - not quite as obvious to the rest of us, but an examination will make it clear.
OTOH, isn't carrying a working cell phone while committing a major crime equivalent to doing so while carrying around a sign saying "Here I am"?
SPD (Score:4, Insightful)
Stasi Police Dragnet.
Coming soon to a fully-integrated nationwide real time tracking, private records collection, and surveillance system near you.
To fight drug abuse, arrest paedophiles, stop terrorists, and...right?
Re: (Score:2)
What do you mean, "coming soon?"
It's here today, and has been here for quite a while.
Re: (Score:3)
No and. We had to remove "money laundering" from the Infocalypse list.
I mean, think, who has still money left to launder, hmm?
Re: (Score:2)
its for the children for god's sake!
Why should they care if Cellnet? (Score:1)
How long before (Score:5, Insightful)
How long before we see something like this:
Cops show up at "suspects" work or home
Cops: "Sir, your MAC address was at the scene of the crime/terrorist attack yesterday. How do you explain that."
Suspect: "I have no idea."
Cops: "Sir, you need to come with us."
Neighbors or work associates: "WTF?! We were right next to the guy and he's a TERRORIST!"
And in the meantime, the criminals will just leave their electronic devices at home. - at least the smart ones. The terrorists will have none.
Badge + gun == grunt.
All this sophisticated tracking technology will only further destroy our freedoms.
Re: (Score:3)
'..And in the meantime, the criminals will just leave their electronic devices at home. - at least the smart ones. The terrorists will have none..'
already being found in a public place without a mobile phone is regarded as suspicious behaviour in certain quarters..
But a dead battery is perfectly normal...
Re: (Score:2)
Ladies and gentleman, may I please present The Faraday Bag [faradaybag.com].
Re: (Score:2)
the smart ones (Score:2)
And in the meantime, the criminals will just leave their electronic devices at home. - at least the smart ones. The terrorists will have none.
No, they will spoof honest citizens mac addresses.
Re: (Score:3, Insightful)
No, they will spoof honest citizens mac addresses.
There are no "honest citizens". State authorities ascribe to the doctrine of original sin. Your existence is a crime. There may be mitigating circumstances, but it lies in the hand of law enforcement how much leeway they are willing to give you. Pray, and believe them to know what's good for you with all your heart, or you'll be damned.
Re: (Score:2)
I call BS, There is no US v Haddon that involves obstruction of justice.
This is why you must cite your sources, because now I just think your a liar.
So which US v Haddon was it?
1977?
1991?
1995?
Re: (Score:2)
The press most definitely is a check on police powers. The fact you think differently shows how little you understand the importance of the press.
Re:Meaning (Score:4, Interesting)
Pursuant to RCW Ch. 42.56 (Public Records Act), I hereby request the following records: The maps, purchase orders, maintenance contracts, technical specifications, usage policies, access procedures, data retention policies, installation instructions, device configurations, interconnect details, and other public records requests for the wireless mesh network installed in the second half of 2012.
Obviously these are all things they should have right? I've been fighting with the police department for months, and the best I've gotten is a picture of a crumpled up printout of a low resolution map of the system [pilloud.us]. You'd think there would be source files for that picture right?
There is clearly a coverup going on here, but the police aren't going to talk about it. So I went to the IT and Finance people. Well, I got back quite a few interesting records from them! For example, this project included $9795.19 RADIUS server [pilloud.us]. On what planet does a RADIUS server cost that much? It turns out to be a $1000 dell server running FreeRADIUS. Even that is overkill.
Another interesting feature, is the camera aspect you brought up. There are already 36 high-res pan tilt zoom cameras on this network, and there is enough bandwidth for them to add over 1600 more. [pilloud.us] In addition, they significantly overpaid for the cameras by not properly following their own bidding process rules.
There are real problems with this project and most of them are not related to surveillance. Even when it is just a small blogger investigating, it is the Seattle Police Department's responsibility under Washington state law to turn over copies of records requested. Hopefully The Stranger article will bring enough attention to this problem to encourage the Police department to do the right thing, obey the law, and release the records to anyone who asks for them.
Why should we care... (Score:4, Insightful)
...what some policeman's mother has to say?
Random Mac Address Applet (Score:3)
So, we just need a applet that every so often will generate a random new mac address for your device. Sure, if its in the middle of the day you lose connection for a moment, but is that really that big of a deal on a phone/tablet?
Of course i have been saying for years that eventually you will have to register your mac address(es) of all your devices at time of purchase and it will become a crime to spoof. Along with being handed out your assigned block of ipv6, again for tracking reasons.
Re: (Score:3)
It's impossible on a phone/tablet unless you hack it first. Rooting android isn't too difficult, but it's still an undesireable situation when the only way to avoid government tracking is is via technological skill.
Re: (Score:2)
True, it does take the 'extra step', but that doesn't negate a need for it. There are plenty of apps out there that *only* work on rooted/Jail broken devices. Just because the newbie-joe cant do it, doesn't mean it shouldn't be done.
As far as 'the only way avoid tracking is to have skill' idea, we have already passed that point, long ago.
Re: (Score:2)
The obvious solution is for those who do have skill to make the task as simple and automated as possible for everyone else. Beyond that though, we also need to get the techniques in widespread use.
Right now, if someone is arrested on a serious charge and the police find they have anti-tracking software on their phone, they could probably use that as a sign of suspicion in court - if this person is innocent, why are they hideing from justice? The solution is to just get the software as widely used as possibl
Re:Random Mac Address Applet (Score:4, Informative)
You used to have to do that back in the early days of home Internet around the mid 1990's. Just to register for a SLIP/PPP dial-up connection with a static IP address and hostname required proof of identity, your name, address, contact details, and you'd get this deed of ownership of the hostname.
In France they actually require ID and a copy of your passport just to get a SIM card.
Re: (Score:3)
Just to get static address I never had to do that back in the old days. ( well nothing beyond what you would do in order to have any telecom service.. as someone has to pay the bill remember ) Not saying you didn't, but not everyone had to.
Re: (Score:2)
Who made you do that? None of the providers I dealt with back then required anything like that.
Re: (Score:2)
Demon Internet 1994 - you gave them your credit card details (name + address + city), plus a billing address if it wasn't the same as the credit card. Then they gave you your information pack plus the account details page which was a thick sheet of paper with your hostname, static IP address and password details.
It also had information on how to use their DOS based usenet and email reader, based on trumpet sockets.
We should, but won't. (Score:2)
I can see a time coming, not so far from now, where all this is used as a quasi-radar system to track people, feeding into the machine that already tracks by face and license plate recognition.
Perhaps now is the time for constitutional amendment. Let's outlaw mind-reading machines, which are on the horizon, while we're at it. As in supra-4th Amendment, "Neither Congress nor any State shall (something flowery about invading a mind's operation to determine thoughts.)"
Re: (Score:1)
Note on that: Flat-out ban, not banned-without-warrant.
Re: (Score:2)
And while at it, how about one saying that a warrant means an actual warrant, signed by an actual judge? Not an all-encompassing national security letter, not a secret order to hand everything over, not a rubber-stamped off-the-public-records order by a FISA court, and not a flimsy 'Non-citizens have no rights' excuse.
Re: (Score:3)
lol (Score:2)
Jee, we can't let Google store this kind of information, good thing the police can do what they want with out a warrent!
The NSA does not have god-like powers. (Score:2)
Re: (Score:2)
Helps, but most cities now either have or are looking into large-scale CCTV systems. Face recognition isn't up to the task of automatically following you across the city yet, but it's only a matter of time.
No, they weren't. (Score:2)
Re: (Score:1)
If this new technology stops nefarious activities and dastardly villains, I'm all for it.
Did you know that placing a member of law enforcement or the military in every home - including yours - will stop nefarious activities and dastardly villains too. The same could be said for placing cameras with feeds to law enforcement or the military. Still all for it?