Friday, August 06, 2010

Dear @Google, just how much Wi-Fi data did you take; and did you decrypt?


Firstly – please note I am happy to be educated about Wi-Fi in the comments!
We recently visited my sister in law and family (see previous article for why); and as I wanted to do a bit of data work on my phone, I asked if I could hook myself up to their Wi-Fi (that I setup a few years ago when they first got it).
We were planning a couple of journeys so I fired up Google Maps and was then surprised to find that my location was showing as accurate within 40m, but in totally the wrong part of town.  Then a penny dropped.
My sister in law and husband moved this year.
So Google had recognised the Wi-Fi data that they had taken on the street view crawl.  Now I don’t profess to be a Wi-Fi cryptography and protocol expert; but:
  • my in-laws' network does not broadcast SSID
  • and is encrypted with WPA2-PSK
  • the data take by Google was allegedly very small (just how long was the Street View car in range anyway?).
So how on earth did they get enough useable information in such a short space of time to be able to get a big enough fingerprint to geo-locate me?

No comments: