Are we all handing to Google the SSID of our home routers?

[Alice J.]

I just recently found out that our cellphones may be giving google,
(by default anyway), in general, all the SSIDs around us, but, more
sinisterly specifically, the SSID of our own home broadband routers.

My first question is whether that's true (by default)?

My second question is how to turn that off (only if it's true).

NOTE: I am not asking if we give google our geolocation; I'm only
asking if we give them our SSID when we're at home and under
what conditions (so that I can turn off those conditions).

NOTE: I also know about _nomap (but that's not what I'm asking).

[Arno Welzel]

Alice J. schrieb am 2016-01-29 um 08:27:

> I just recently found out that our cellphones may be giving google,
> (by default anyway), in general, all the SSIDs around us, but, more
> sinisterly specifically, the SSID of our own home broadband routers.

Yep - and this is nothing new. Google has been collecting SSIDs as long
as they do picture recording for StreetView.

> My first question is whether that's true (by default)?

For Android: Yes.

> My second question is how to turn that off (only if it's true).

For Android: Depending on the in the advanced WiFi settings - the option
is called "Scanning always available - Let Google's location service and
other apps scan for networks...".




--
Arno Welzel
http://arnowelzel.de
http://de-rec-fahrrad.de
http://fahrradzukunft.de

[Andy Burns]

Alice J. wrote:

> I just recently found out that our cellphones may be giving google,
> (by default anyway), in general, all the SSIDs around us, but, more
> sinisterly specifically, the SSID of our own home broadband routers.

Sit down before you read this then ...

By default android devices give the *passwords* for your SSIDs to
google, so that when you enter it into one device, it syncs to other
devices on the same account, so you don't need to enter the password
again, or when you replace your device it can restore the settings.

[Alice J.]

Arno Welzel wrote in message 56AB1B69...@arnowelzel.de:

> Yep - and this is nothing new. Google has been collecting SSIDs as long
> as they do picture recording for StreetView.

I was trying to be very specific in NOT bringing up the fact
that they record the SSID with the camera car that drives
around our neighborhood.

That's a DIFFERENT recording that Google does with extremely
expensive and special equipment mounted to the roof of a car.

I was only talking about our everyday cellphones.

>> My first question is whether that's true (by default)?
> For Android: Yes.

If that's true, then we're giving Google the SSID of our home routers
every single night while we sleep (by default).

> For Android: Depending on the in the advanced WiFi settings - the option
> is called "Scanning always available - Let Google's location service and
> other apps scan for networks...".

I don't have "Scanning always available..." as an option in my S3
which is running Android 4.3.

[Alice J.]

Andy Burns wrote in message
csOdnS36_7M2rzbL...@brightview.co.uk:

> Sit down before you read this then ...
>
> By default android devices give the *passwords* for your SSIDs to
> google, so that when you enter it into one device, it syncs to other
> devices on the same account, so you don't need to enter the password
> again, or when you replace your device it can restore the settings.

I have Settings {Connections, My device, Accounts, and More}
https://i.imgur.com/Y2LAgNy.gif

In "More", I have "Location services" set at this level by default
https://i.imgur.com/GmHwRnH.gif

In "Accounts", I have "Google"
https://i.imgur.com/jjmqMW4.gif

Which shows the one Google account that you must have by default
https://i.imgur.com/8Gs6Ew6.gif

And which has "Location settings" at that level by default
https://i.imgur.com/FgqiSR6.gif

Given that, am "I" giving Google my home SSID by default while I sleep?

[Andy Burns]

Alice J. wrote:

> In "Accounts", I have "Google"

But you do have sync turned off, so I think it won't share your
SSIDs/passwords with google or your other devices (assuming you've never
turned it on, even once).

> Which shows the one Google account that you must have by default

I don't think you *must* have a google account, just that the device
will lose a lot of functionality without one, choose your compromise ...

[(PeteCresswell)]

Per Andy Burns:

>By default android devices give the *passwords* for your SSIDs to
>google, so that when you enter it into one device, it syncs to other
>devices on the same account, so you don't need to enter the password
>again, or when you replace your device it can restore the settings.

Is there any connection between that practice and the change to the
Android API that no longer allows saving lists of SSIDs and PWs ?

On my 4.3 phone, I can save a list.

But on my 5.something tablet, I cannot.... the utility that generates
the list runs OK, but the PWs come out looking like GUIDs.
--
Pete Cresswell

[Alice J.]

> But you do have sync turned off, so I think it won't share your
> SSIDs/passwords with google or your other devices (assuming you've never
> turned it on, even once).

I don't even really *understand* what sync does.
Why would I need the phone to sync anything?

I should note that the android account is *not* my gmail account
that I use daily. The android account is only a bogus abc...@gmail.com
style account, just so that I can download from Google Play.

I copy my pictures and files myself, over to my laptop, so I'm not
worried about that kind of data.

> I don't think you *must* have a google account, just that the device
> will lose a lot of functionality without one, choose your compromise ...

I created a wholly bogus abcdefg...@gmail.com account *only* so
that I could use Google Play to download apps.

Are you intimating that I don't even need the Google Play account to
download apps from Google Play?

(Yes, I know there are other repositories.)

[Arno Welzel]

Alice J. schrieb am 2016-01-29 um 11:44:

> Arno Welzel wrote in message 56AB1B69...@arnowelzel.de:
>
>> Yep - and this is nothing new. Google has been collecting SSIDs as long
>> as they do picture recording for StreetView.
>
> I was trying to be very specific in NOT bringing up the fact
> that they record the SSID with the camera car that drives
> around our neighborhood.
>
> That's a DIFFERENT recording that Google does with extremely
> expensive and special equipment mounted to the roof of a car.

There is no "special equipment" needed to see SSIDs. When I go to the
backyard of the apartment building where I live, I can easily pick up
around 10 different SSIDs with my smartphone.

>>> My first question is whether that's true (by default)?
>> For Android: Yes.
>
> If that's true, then we're giving Google the SSID of our home routers
> every single night while we sleep (by default).

Yep. And as long as you don't live in a very high floor or have some
kind of magnetic shielding in your house everybody around the place you
live will pick up the SSID as well - and so the smartphones moving along
the place you live.

>> For Android: Depending on the in the advanced WiFi settings - the option
>> is called "Scanning always available - Let Google's location service and
>> other apps scan for networks...".
>
> I don't have "Scanning always available..." as an option in my S3
> which is running Android 4.3.

The option I described is in Android 5.1. Maybe it is in the advanced
location service settings or in the "Google Settings" app which can be
found on some devices.

[Arno Welzel]

Alice J. schrieb am 2016-01-29 um 16:53:

>> But you do have sync turned off, so I think it won't share your
>> SSIDs/passwords with google or your other devices (assuming you've never
>> turned it on, even once).
>
> I don't even really *understand* what sync does.

It synchronizes your data between the phone and all accounts you have
there. Google is usually one of the accounts, but you can add additional
services which will also do synchronization - e.g. calendar and
addressbook using your own DAV server and the CalDAV/CardDAV app by
Marten Gajda.

> Why would I need the phone to sync anything?

I use this to keep the addressbook and calendar on my PC in sync with
the one on my Android devices - so I don't have to enter the data again
on every single device. And if I add address or an appointment on my
phone it will automatically show up on my PC as well. However I don't
use Google for this but Baikal on my server and apps for CardDAV/CalDAV
on the Android devices.

[...]

> Are you intimating that I don't even need the Google Play account to
> download apps from Google Play?

Officially? No - you always need an account.

> (Yes, I know there are other repositories.)

Yep - for example F-Droid, which only has Open Source stuff.

[Alice J.]

Arno Welzel wrote in message 56AB8F0B...@arnowelzel.de:

> There is no "special equipment" needed to see SSIDs. When I go to the
> backyard of the apartment building where I live, I can easily pick up
> around 10 different SSIDs with my smartphone.

I didn't want to get into the Google cars sniffing of SSIDs.
I just wanted to keep the question about what my phone and my neighbor's
phone does while we're sleeping.

Does the Apple iOS equipment also hand Google our home SSIDs while we sleep?

> Yep. And as long as you don't live in a very high floor or have some
> kind of magnetic shielding in your house everybody around the place you
> live will pick up the SSID as well - and so the smartphones moving along
> the place you live.

To be clear, I'm just worried about my home SSID and what happens
on my phone (which I can control) and what happens on my neighbor's phones
(which I can't control).

> The option I described is in Android 5.1. Maybe it is in the advanced
> location service settings or in the "Google Settings" app which can be
> found on some devices.

I'm on Android 4.3 but still, I can't control the phones of my neighbors.
So what matters mostly is what the default allows.

[Andy Burns]

Alice J. wrote:

> I don't even really *understand* what sync does.

If you have e.g. a phone and a tablet, then sync can keep SSIDs, todo
lists, calendars etc, etc synced between them. Also if you lose your
old phone and buy a replacement, or upgrade to a new one you can just
log in, let it reinstall the same apps and their settings and carry on.

> Why would I need the phone to sync anything?
>
> I should note that the android account is *not* my gmail account
> that I use daily. The android account is only a bogus abc...@gmail.com
> style account, just so that I can download from Google Play.

I don't really use my gmail account daily, but my phone has a separate
google account from my gmail, however google do seems to have formed an
association between the two accounts, probably because I've logged into
either account from the other device, or from common IP addresses, in a
similar way to they have worked out who some of my co-workers are from
being at the same location, or behind the same IP address.

> I created a wholly bogus abcdefg...@gmail.com account *only* so
> that I could use Google Play to download apps.
> > Are you intimating that I don't even need the Google Play account to
> download apps from Google Play?

Yes you need an account to install apps from play store.

[Dave Higton]

In message <n8f48n$p0h$2...@news.albasani.net>

I'm not sure what exctly you want to know.

SSIDs are by definition broadcast, so everyone who's within radio
range of an access point can see its SSID. That's entirely
legitimate and is required so you can see a list of SSIDs and
decide which access point to connect to.

If you want to know whether an Android phone reports back to
Google every SSID it connects to: I don't know. But, since
SSIDs are public knowledge anyway, it's not something I worry
about. YMMV.

Dave

[Andy Burns]

Dave Higton wrote:

> I'm not sure what exctly you want to know.

If everyone around me has a cellphone that tells Google what my
ssid is, and if they then "see" that ssid when I try to connect
at a hotspot, they instantly know exactly who I am simply by
putting two and two together.

That doesn't bother you?

[Lars Enderin]

Your SSID typically belongs to your router, not to your phone.

--
Lars Enderin

[Chris]

Andy Burns <an...@spam.adobe.com> Wrote in message:

> Dave Higton wrote:
>
>> I'm not sure what exctly you want to know.
>
> If everyone around me has a cellphone that tells Google what my
> ssid is,

For a start the SSID is not synonymous with you. It is linked to
the WiFi of an access point (AP), which may or may not be a home
router.

> and if they then "see" that ssid when I try to connect
> at a hotspot,

Er. How does a mobile hotspot relate to a home broadband router's
SSID? Colour me confused.

> they instantly know exactly who I am simply by
> putting two and two together.

No they don't.

1) an SSID can't identify you
2) a hotspot can't identify you

(1) + (2) still means someone can't identify you.

> That doesn't bother you?
>

Nope.

Via some inference it may possible to link the geographic location
of an SSID to an address and then to a householder, but that
doesn't happen 'instantly' nor is it reliable.
--


----Android NewsGroup Reader----
http://usenet.sinaapp.com/

[Bert]

In news:n8f48n$p0h$2...@news.albasani.net "Alice J."

<alice.jone...@ptd.net> wrote:

> I just recently found out that our cellphones may be giving google,
> (by default anyway), in general, all the SSIDs around us, but, more
> sinisterly specifically, the SSID of our own home broadband routers.

Acutally, you're "giving away" the SSID and MAC address of your home
router to the outfits that both Google and Apple hire to roam the
streets harvesting that information for their location services.

How else do you think they know where WiFi-only devices are located?

--
be...@iphouse.com St. Paul, MN

[Andy Burns]

Chris wrote:

>
> Er. How does a mobile hotspot relate to a home broadband router's
> SSID? Colour me confused.

You don't know?

The first thing your laptop screams out is the SSID it last connected
to. This is especially true if your home SSID is hidden.

[DevilsPGD]

In the last episode of <n8grmr$jk5$1...@gioia.aioe.org>, Andy Burns

This is generally only true if your network is misconfigured (SSID
hidden), if not, when not connected, the SSID is only broadcast by the
base station and not clients.

--
There truly is more than one way to skin a cat,
but the limited market for cat skins makes learning
more than three methods impractical.

[DevilsPGD]

In the last episode of <n8gba3$1mv$1...@dont-email.me>, Chris

<ithi...@gmail.com> said:

>Andy Burns <an...@spam.adobe.com> Wrote in message:
>> Dave Higton wrote:
>>
>>> I'm not sure what exctly you want to know.
>>
>> If everyone around me has a cellphone that tells Google what my
>> ssid is,
>
>For a start the SSID is not synonymous with you. It is linked to
> the WiFi of an access point (AP), which may or may not be a home
> router.
>
>> and if they then "see" that ssid when I try to connect
>> at a hotspot,
>
>Er. How does a mobile hotspot relate to a home broadband router's
> SSID? Colour me confused.
>
>> they instantly know exactly who I am simply by
>> putting two and two together.
>
>No they don't.
>
>1) an SSID can't identify you
>2) a hotspot can't identify you
>
>(1) + (2) still means someone can't identify you.

They can't directly identify you, however, simply having a list of SSIDs
and BSSID that a device has identified and used in the past, along with
timeframes when those are added, would allow one to infer a lot of data
about the behaviour of those individuals. Google at least collects the
SSID here, and possibly the BSSID.

Already Google has a list of every BSSID, and it's associated SSID,
along with some indication of when it went online, as well as when it
moves.

Finally, each wireless device broadcasts it's own MAC address during
scanning as well as normal activity. While some security-conscious
devices do randomize their MAC address during active scanning, I'm not
aware of Android doing this, and even if they do, once you connect, a
consistent MAC address is typically used.

Knowing a combination of the SSIDs to which a user connects and details
about the timing will give you a lot of knowledge, potentially enough to
uniquely identify a person in a very short amount of time.

Of course this is relatively moot since it's attached to a Google
Account where you have already provided Google a way to identify you,
however, an omnipotent network observer could learn a lot more than you
might guess just by collecting SSID and BSSID data from devices, and MAC
address visits from base stations -- A large organization such as Google
might move into this world by creating their own line of powerful access
points with a "cloud" management component, along with a widely deployed
line of mobile devices that are dependent on Google's infrastructure and
offer features to upload data automatically for use convenience.

And for the record, do I care? No. I connect to public wifi, I
understand the risks (and can encrypt data over said wifi when needed),
I especially connect to the access points provided by my service
provider(s), and I synchronize my network history between my own mobile
devices as well as frequently use location services.

[Jeff Liebermann]

Yep, but you can turn it off.
<https://support.google.com/fi/answer/6164826?hl=en>
On older Android versions, it's under:
Settings -> Backup & Reset -> Backup My Data
<http://gizmodo.com/google-knows-the-wi-fi-passwords-of-all-android-users-1324036508>

One nice feature is the ability to print out all your stored SSID's
and passwords. That can only be done on a "rooted" Android device.
So, I have one "rooted" phone, which has all the SSID's and passwords
nicely synced from all my other devices. I then run:
<https://play.google.com/store/apps/details?id=com.wifipass.recovery>
which displays and saves all my SSID's and passwords.

Now that you're sitting down, please fasten your seat belt and skim
through the Google Dashboard at:
<https://www.google.com/settings/dashboard>
I think you'll especially enjoy the "location history" and "Manage
Chrome Sync".

You can also vaporize everything on your Android device with a simple
click of a mouse button in the "Android Device Manager":
<https://www.google.com/android/devicemanager?hl=en&u=0>
Here's all your devices:
<https://play.google.com/settings>


--
Jeff Liebermann je...@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

[Jeff Liebermann]

On Fri, 29 Jan 2016 07:27:20 +0000 (UTC), "Alice J."
<alice.jone...@ptd.net> wrote:

>I just recently found out that our cellphones may be giving google,
>(by default anyway), in general, all the SSIDs around us, but, more
>sinisterly specifically, the SSID of our own home broadband routers.
>
>My first question is whether that's true (by default)?

Yep. The SSID is a broadcast and assumed to be publicly available. If
this bothers you, one solution is to hide among the multitudes and
name your SSID as DEFAULT, LINKSYS, BELKIN, or a variety of other
common names. The problem here is that what Google and similar snoopy
companies really want is your wireless routers MAC address, so that it
can distinguish between the multitude of nearly identical SSID's.
While MAC addresses are assumed to be unique, there are plenty of
counterfeits and contrived MAC addresses. However, the combination of
MAC address and SSID is probably unique[1].

>My second question is how to turn that off (only if it's true).

Turn off your wireless access point when you're not using it. Hiding
the SSID does nothing useful as it can extracted from the management
packets. However, if you're really really really paranoid, I
recommend an expect web script, that logs into your wireless router,
changes the SSID at regular intervals. Here's a starting list:
<http://www.gfi.com/blog/the-31-funniest-ssids-ive-ever-seen/>
This should thoroughly confuse Google. Unfortunately, it will also
confuse users of your Wi-Fi router, but sacrifices must be made in the
pursuit of anonymity[2].

>NOTE: I am not asking if we give google our geolocation; I'm only
>asking if we give them our SSID when we're at home and under
>what conditions (so that I can turn off those conditions).
>
>NOTE: I also know about _nomap (but that's not what I'm asking).

[1] Except for one batch of cheap wi-fi access points I once bought
that all had the same MAC address. This was long ago, and they have
surely been recycled by now.

[2] My home SSID is my home address. My office was the office
address, but one of the other businesses in the building decided to
use the same SSID, so I changed it to something obscure. Most of my
customers have either the owner name, company name, or address as the
SSID. If there's a problem I want them to be found.

[Alice J.]

Jeff Liebermann wrote in message
1s5oab9le5bglcpqe...@4ax.com:

> Yep, but you can turn it off.
> <https://support.google.com/fi/answer/6164826?hl=en>

I'm reading your helpful links, but I'm soooo very confused.

I have Android 4.3 that otherwise helpful page assumes you log into
something called a "Google Account", which, to my knowledge, I don't
even do. I don't log into anything that I don't have to.

On purpose, the only "Google Account" action that I do is I have to *define*
one, just so that I can download from Google Play. But that's it for me.
I don't "sign in" to my knowledge, to any Google Account.

Does that mean that "I" don't send Google "my" SSIDs?
(I'm so confused.)

[Alice J.]

Jeff Liebermann wrote in message
1s5oab9le5bglcpqe...@4ax.com:

> Now that you're sitting down, please fasten your seat belt and skim
> through the Google Dashboard at:
> <https://www.google.com/settings/dashboard>
> I think you'll especially enjoy the "location history" and "Manage
> Chrome Sync".

This *seemed* like a good idea, but when I tried to log in from my
laptop into my Android Google Play account, it wouldn't let me.

I had the login and password correct, but Google insisted on gathering
*more* data about me, before it would let me in anywhere!

https://i.imgur.com/MNVHgFi.gif

What's ridiculous is that this says "verify it's you", whereas I could
give it *any* phone number, and it would verify it.

So, it's not actually doing what they purport it to be doing.
It's just gathering *more* data about me, which I don't feel like giving
it.

[Alice J.]

Sqwertz wrote in message 3tnffl00...@sqwertz.com:

> And you can count them slurping the passwords from the data stream
> during your phone backups to Google servers, too (if enabled).

Since I have "sync" turned off, and all my "location info" turned
off, does Google *still* get my SSID and passwords?

[Alice J.]

DevilsPGD wrote in message e41oabhkbj2hram8s...@4ax.com:

> Already Google has a list of every BSSID, and it's associated SSID,
> along with some indication of when it went online, as well as when it
> moves.

The BSSID is the router MAC address, is that correct?
If so, does changing the MAC address of the router (via the clone
function, or via manual modification) work to "confuse" the Google
servers?

I wouldn't mind periodically changing the MAC address that Google
sees of my router if that will work.

Will that work?

[Alice J.]

DevilsPGD wrote in message e41oabhkbj2hram8s...@4ax.com:

> Of course this is relatively moot since it's attached to a Google
> Account where you have already provided Google a way to identify you,

Just as a related note...

I periodically wipe out my Google account on my phone, making up a
new one such as abc...@gmail.com, which Google gives me as long
as it's unique.

I have noticed, thankfully, that NOTHING is lost when I wipe out
the google account. (I don't buy anything with a phone so there
is no way I could have paid for any apps, by design.)

[Alice J.]

Jeff Liebermann wrote in message

n07oabd6saqpcek38...@4ax.com:

> Yep. The SSID is a broadcast and assumed to be publicly available. If
> this bothers you, one solution is to hide among the multitudes and
> name your SSID as DEFAULT, LINKSYS, BELKIN, or a variety of other
> common names.

I like this idea, but it has the hazard that your SSID will be in
all the rainbow tables.

If I pick a really good passphrase (assuming it's not in the rainbow
tables already), would that work?

> The problem here is that what Google and similar snoopy
> companies really want is your wireless routers MAC address, so that it
> can distinguish between the multitude of nearly identical SSID's.

I use MAC Cloning anyway on my router.
I realize the router has a bunch of different MAC addresses, so, may
I ask if the MAC address that we typically clone for the cable company
is the same MAC address that Google 'sees'?

If the one MAC address that we can change on the router happens to be
the same MAC address that Google sees, would a viable solution be for
all of us to stick together and use the following:

SSID = DEFAULT
MAC = DE:AD:BE:EF:CA:FE
Passphrase = It's imperative to make it as unique as you possibly can!

Seriously, I ask this (I'm not joking).

If we all used the same SSID and the same MAC on our home routers,
and if we ensured that our passphrases were as powerful as we can
make them (because we're in the rainbow tables otherwise), would
that work to foil google?

[Andy Burns]

Alice J. wrote:

> when I tried to log in from my
> laptop into my Android Google Play account, it wouldn't let me.

It should.

You seem to think you have an account that is /just/ a Google Play
account, it isn't; it's a full blown Google account with the ability to
do gmail, location history tracking, google+, uploading videos and
commenting on youtube, editing spreadsheets and documents, syncing
calendars and to-do lists, etc, etc ... you just happen to not be using
those parts of it.

[Andy Burns]

Alice J. wrote:

> Since I have "sync" turned off, and all my "location info" turned
> off, does Google *still* get my SSID

Yes, from your neighbour's android devices, and from google's
streetcars, which both report visible SSIDs along with GPS location data.

> and passwords

No.

[Whiskers]

I think that means that you used a Google account you already had, or
created a new one, when you set up your Android device - and that you
have forgotten or never noticed the user-name and password that you must
have used in order to create or access that account. You can use your
device without knowing the user-name and password of the Google account;
you only need those if you want to make changes to that account (such as
add or remove an Android device from it).

--
-- ^^^^^^^^^^
-- Whiskers
-- ~~~~~~~~~~

[Whiskers]

On 2016-01-30, Alice J. <alice.jone...@ptd.net> wrote:

If you give that page some made-up mobile phone number, then Google will
send the automatic 'verify you are you' message to that number. So you
won't see it but someone else might; if they ignore it then Google will
automatically deduce that you don't have access to that mobile phone
number and thus that you aren't you. If that person for whatever reason
tries to respond to the message by following the instructions, they'll
come up against the user-name and password that you know but they don't
and you still won't get into your account but neither will the innocent
stranger you inflicted.

Google might be trying to contact you using the email address you
associated with your Google account; probably a gmail address. You'll
need the matching user-name and password to access it of course.

[Whiskers]

When you connect to a hotspot, your device only has to identify itself;
it passes on no information at all about any other WiFi access points it
may have encountered or accessed in the past.

However when searching for something to connect with, your mobile phone
(like any other WiFi device) will send out signals asking for access
points it has previously connected with to respond; this is so that
automatic connection can be established whenever you are within range of
a known access point - but it also means that anyone listening in to the
background WiFi traffic can get a list of [all?] the access points your
device has accessed in the past, which does to some extent identify
'you'. Which is why it's a good idea to switch off your device's WiFi
unless you're actually using it (that and extending battery life).

[Alice J.]

Whiskers wrote in message
slrnnapica.q...@ID-107770.user.individual.net:

> I think that means that you used a Google account you already had, or
> created a new one, when you set up your Android device - and that you
> have forgotten or never noticed the user-name and password that you must
> have used in order to create or access that account. You can use your
> device without knowing the user-name and password of the Google account;
> you only need those if you want to make changes to that account (such as
> add or remove an Android device from it).

You are close.
1. I created a google account when I first set up the device.
2. Then, over time, periodically I deleted them (once every few months).
3. So I have a current Google account (just for Google Play).
4. I know the password (because it's algorithmic, based on the account name).

As you said, I *never* seem to need the password ever again, so, I
could just as well have forgotten it and it wouldn't matter. I just
delete the account every few months anyway (for privacy purposes).

Since I never log into the account, and since my settings are to have
sync and tracking and all that stuff turned off (as I showed before),
does that mean that "I" don't send Google any SSIDs?

[Alice J.]

Andy Burns wrote in message
VYCdnYXUWZeTDjHL...@brightview.co.uk:

>> when I tried to log in from my
>> laptop into my Android Google Play account, it wouldn't let me.
>
> It should.

I showed a screenshot.
It wouldn't.
It didn't like that I've never logged in, I guess, and that I suddenly
logged in from the web, I guess (instead of from a phone).

There is no way around it.
Google won't let me in without me giving them MORE information
(which is a phone number).

That's kind'a funny.
The account was created on a phone.
But Google doesn't already know my phone number?

How can that be?

> You seem to think you have an account that is /just/ a Google Play
> account, it isn't; it's a full blown Google account with the ability to
> do gmail, location history tracking, google+, uploading videos and
> commenting on youtube, editing spreadsheets and documents, syncing
> calendars and to-do lists, etc, etc ... you just happen to not be using
> those parts of it.

That may be the case, and probably is.
But I don't even use it.
The account is *only* there to allow me to download apps from Google Play.
I delete it every few months anyway, so it wouldn't be worth using it
for anything else.

[Alice J.]

Whiskers wrote in message
slrnnapit4.q...@ID-107770.user.individual.net:

> If you give that page some made-up mobile phone number, then Google will
> send the automatic 'verify you are you' message to that number. So you
> won't see it but someone else might; if they ignore it then Google will
> automatically deduce that you don't have access to that mobile phone
> number and thus that you aren't you. If that person for whatever reason
> tries to respond to the message by following the instructions, they'll
> come up against the user-name and password that you know but they don't
> and you still won't get into your account but neither will the innocent
> stranger you inflicted.
>
> Google might be trying to contact you using the email address you
> associated with your Google account; probably a gmail address. You'll
> need the matching user-name and password to access it of course.

I understood that.
Basically, Google won't let me in.

The *only* time the account was ever used was about a month ago when
I created it (after having deleted the last account on January 1st).

Then, I have never logged in explicitly.
I have all the sync stuff and login stuff on all Google apps turned off:

That includes stuff that automatically logs you in by default:
Settings > Accounts > Google > Privacy > {Search, Location settings, Ads}
0. Settings > Accounts > Google
Account: goask...@gmail.com <=== not my real account
Sync turned off
1. Settings > Accounts > Google > Privacy > Search >
a. Google Account
Signed out for Google Search, and no Google Now cards can be shown.
b. Google location settings
A. Access location: [unchecked]
[Do not] Let Google apps use this device's location any time it is on.
B. Google Location History = blank
c. SafeSearch filter [unchecked]SafeSearch is not active
d. Legal
Web History = off
Personal Results = off
2. Settings > Accounts > Google > Privacy > Location settings >
a. Location access for your phone is off.
Google applications are unable to access your location because
location access for the phone has been turned off.
To turn it back on click below to go to Settings > Location Access
b. Settings > More > Location services > Access to my location = [unchecked]
c. Settings > More > Location services > Location sources >
Use GPS statellites = [unchecked](and grayed out)
Use wireless networks = [unchecked](and grayed out)
3. Settings > Accounts > Google > Privacy > Ads >
a. Ads: Reset advertising ID (click it to reset)
b. Opt out of interest-based ads (check it to opt out)
c. Ads by Google (clicking it will pop up a browser session)
https://www.google.com/ads/preferences/html/mobile-about.html?(x)
[where (x) is a huge encrypted mess of characters]

Did I miss anything to log out of?

[Alice J.]

Andy Burns wrote in message

wbednQlfMPBDDjHL...@brightview.co.uk:

>> Since I have "sync" turned off, and all my "location info" turned
>> off, does Google *still* get my SSID
>
> Yes, from your neighbour's android devices, and from google's
> streetcars, which both report visible SSIDs along with GPS location data.

I was afraid of that.
My stoooooopid neighbors threw me under the bus!

What can we do in that case to get OUT of Google's system?

1. Add _nomap to the end of the SSID <== I didn't really wanna go there
2. Change the SSID periodically
3. Change the MAC periodically

Seems to me, we should *all* work together, to make our router defaults:

SSID = DEFAULT_nomap

MAC = DE:AD:BE:EF:CA:FE

Passphrase = as strong and as unique as we can make it

Hypothetically, as a thought experiment, if we all did that above,
would it work?

[Alice J.]

Whiskers wrote in message
slrnnapk21.q...@ID-107770.user.individual.net:

> However when searching for something to connect with, your mobile phone
> (like any other WiFi device) will send out signals asking for access
> points it has previously connected with to respond; this is so that
> automatic connection can be established whenever you are within range of
> a known access point - but it also means that anyone listening in to the
> background WiFi traffic can get a list of [all?] the access points your
> device has accessed in the past, which does to some extent identify
> 'you'. Which is why it's a good idea to switch off your device's WiFi
> unless you're actually using it (that and extending battery life).

You seem to understand where I was going.

So here's my two part technical question:

Part 1: I already know that if you hide your SSID at home, then your
mobile device must scream out that SSID in order to connect, which the
mobile device will do, to your detriment, at a local hotspot.

Part 2: What you just said though, is that it will scream out *all* your
recent connections, and you didn't mention whether or not it will do that
irrespective of whether those prior connections were broadcast hidden.

Can you (or someone) clarify, as this is an IMPORTANT POINT!

[Andy Burns]

Alice J. wrote:

> My stoooooopid neighbors threw me under the bus!
> What can we do in that case to get OUT of Google's system?

> Add _nomap to the end of the SSID

Just because google.com honours the _nomap suffix, who's to say whether
wigle.net, mozilla.org, locationapi.org, combain.com et al. do?

> Seems to me, we should *all* work together

what about people who *like* to use WiFi geolocation, and don't mind
contributing their own location as the "price" of using everyone else's?

[Mike Yetto]

So it is writ by Alice J. <alice.jone...@ptd.net>,
so mote it be.

> Seems to me, we should *all* work together, to make our router defaults:

> SSID = DEFAULT_nomap
> MAC = DE:AD:BE:EF:CA:FE
> Passphrase = as strong and as unique as we can make it

> Hypothetically, as a thought experiment, if we all did that above,
> would it work?

I'd like to know if appending "_nomap" to the SSID would do
anything more than lengthen the SSID. Is this supposed to be
honored by everyone? That never worked for X-No-Archive. Besides
which, the SSID is no more of a security breach than the number
on the mailbox at the end of your driveway.

No, MACs should be globally unique. Spoofing a computers MAC by
the router it is connected to might not cause a collision, but if
everyone reported the same MAC there would be nothing but
collisions and hilarity would ensue.

As for the pass-phrase, yes it should be at least as strong as
needed in every case where a pass-phrase/password is used.

Mike "an algorithm applied to the id isn't strong" Yetto
--
"I don’t know what I may seem to the world. But as to myself I seem to
have been only like a boy playing on the seashore and diverting myself
now and then in finding a smoother pebble or a prettier shell than the
ordinary, whilst the great ocean of truth lay all undiscovered before
me."
- Sir Isaac Newton

[Jeff Liebermann]

On Sat, 30 Jan 2016 08:41:25 +0000 (UTC), "Alice J."
<alice.jone...@ptd.net> wrote:

>Jeff Liebermann wrote in message
>n07oabd6saqpcek38...@4ax.com:
>
>> Yep. The SSID is a broadcast and assumed to be publicly available. If
>> this bothers you, one solution is to hide among the multitudes and
>> name your SSID as DEFAULT, LINKSYS, BELKIN, or a variety of other
>> common names.
>
>I like this idea, but it has the hazard that your SSID will be in
>all the rainbow tables.

Yeah, that's a potential but different problem. We're discussing
keeping your location hidden from Google and friends. If you're
worried about using a common SSID because it's used as a "seed" for
encrypting your WPA/WPA2 key, I guess that's more important than
hiding from Google.

>If I pick a really good passphrase (assuming it's not in the rainbow
>tables already), would that work?

No, because Google will still know where you're located.

>> The problem here is that what Google and similar snoopy
>> companies really want is your wireless routers MAC address, so that it
>> can distinguish between the multitude of nearly identical SSID's.

>I use MAC Cloning anyway on my router.
>I realize the router has a bunch of different MAC addresses, so, may
>I ask if the MAC address that we typically clone for the cable company
>is the same MAC address that Google 'sees'?

That doesn't work. Using the router feature of MAC address cloning or
changing only changed the MAC address for the WAN (internet) port.
That's useful for the few remaining ISP's that authenticate by MAC
address, but not really a good privacy measure. The MAC addresses for
the LAN side, including the wireless, remains unchanged. Since Google
wants the LAN MAC address for their directory of wi-fi devices, you're
stuck with the MAC address delivered by your wireless router vendor.

The only way I can currently think of changing the wi-fi MAC address
is to plug a wireless card into a PC or SBC (single board computah),
set it up to act as an access point, and change the MAC address in
Linux.
<https://wiki.archlinux.org/index.php/software_access_point>
I haven't tried this.

>If the one MAC address that we can change on the router happens to be
>the same MAC address that Google sees, would a viable solution be for
>all of us to stick together and use the following:
>
>SSID = DEFAULT
>MAC = DE:AD:BE:EF:CA:FE
>Passphrase = It's imperative to make it as unique as you possibly can!
>
>Seriously, I ask this (I'm not joking).

In case it's not obvious, I am somewhat joking. I don't consider
hiding from Google and SSID mutilation to be worthy exercises.

>If we all used the same SSID and the same MAC on our home routers,
>and if we ensured that our passphrases were as powerful as we can
>make them (because we're in the rainbow tables otherwise), would
>that work to foil google?

You're mixing two separate and independent problems.
1. Google knows your location by SSID and MAC address.
2. Evil hackers might crack your WPA2/AES pass phrase because the
SSID is known.
This assumes that Google is not trying to crack your pass phrase.

The first is not worth solving because Google only stores the SSID,
MAC address, and whatever else it can sniff, for a limited amount of
time. I think it's 30 days, but I'm not sure. I can't find the URL
where they mention this, but it's understandable. WiFi location data
gets stale quickly, especially with mobile hotspots.

The second is strictly a matter of minimizing the chances of ending up
in the rainbow tables. I have already mentioned what I consider a
good way to avoid the entire issue, by using WPA2/AES/Enterprise
encryption, with one time keys that are not easily cracked and
non-shared (i.e. no PSK) keys, that cannot be "borrowed" from another
user on the same system.

I hate security discussions, especially on weekends.

[Jeff Liebermann]

On Sat, 30 Jan 2016 08:13:37 +0000 (UTC), "Alice J."
<alice.jone...@ptd.net> wrote:

>Jeff Liebermann wrote in message
>1s5oab9le5bglcpqe...@4ax.com:
>
>> Yep, but you can turn it off.
>> <https://support.google.com/fi/answer/6164826?hl=en>
>
>I'm reading your helpful links, but I'm soooo very confused.

I can only offer sympathy for your confusion. However, if you ask a
decent question, I can try to answer.

>I have Android 4.3 that otherwise helpful page assumes you log into
>something called a "Google Account", which, to my knowledge, I don't
>even do. I don't log into anything that I don't have to.

If you have an Android device, you must have a Google account in order
to operate it. Usually, it's a gmail.com account. If you're using
the Google play store, then use that login and password. None of the
links I provided in my previous rant will work without being logged
into a Google account.

>On purpose, the only "Google Account" action that I do is I have to *define*
>one, just so that I can download from Google Play. But that's it for me.
>I don't "sign in" to my knowledge, to any Google Account.

Your phone signs in to your Google account automagically when you are
online. None of the Google apps and many of the Android features will
not work if you fail to login.

>Does that mean that "I" don't send Google "my" SSIDs?

If you turn OFF syncing contacts, email, settings, etc to the Google
cloud, as was previous described, you will NOT be syncing anything to
Google. However, you may still be logging into your Google account
when you connect to the internet.

Bottom line: You cannot effectively use your Android phone if you do
NOT have a working Google account.

>(I'm so confused.)

Sometimes, I wonder if even Google understands their own products.

[Richard Kettlewell]

Mike Yetto <unet.li...@xoxy.net> writes:
> So it is writ by Alice J. <alice.jone...@ptd.net>,
> so mote it be.
>> Seems to me, we should *all* work together, to make our router defaults:
>
>> SSID = DEFAULT_nomap
>> MAC = DE:AD:BE:EF:CA:FE
>> Passphrase = as strong and as unique as we can make it
>
>> Hypothetically, as a thought experiment, if we all did that above,
>> would it work?
>
> I'd like to know if appending "_nomap" to the SSID would do
> anything more than lengthen the SSID. Is this supposed to be
> honored by everyone? That never worked for X-No-Archive. Besides
> which, the SSID is no more of a security breach than the number
> on the mailbox at the end of your driveway.

Using a common SSID is risky, in that it makes the well-known time-space
tradeoffs for WPA-PSK passphrase cracking worthwhile.

> No, MACs should be globally unique. Spoofing a computers MAC by the
> router it is connected to might not cause a collision, but if everyone
> reported the same MAC there would be nothing but collisions and
> hilarity would ensue.

https://www.google.co.uk/search?q=%2200:50:43:00:45:3e%22
l-)

> As for the pass-phrase, yes it should be at least as strong as
> needed in every case where a pass-phrase/password is used.

But how strong is “as needed”? (Assuming a unique SSID...)

WPA derives PMK from PSK using PBKDF2 with 4096 rounds of HMAC-SHA1.
HMAC invokes the hash function twice, and the input each time is 2
blocks. 256 bits of output are required so there’ll be 2 output blocks.

That gives 4096*2*2*2=32768 invocations of the SHA1 compression function
(plus a trivial amount more for the PTK derivation and MIC calculation).

http://hashcat.net/oclhashcat/ quotes results up to 37Ghash/second on a
single well-stocked chassis (costing I think around $10K), i.e. about a
million WPA-PSK passphrases per second.

If you can estimate your adversary’s equipment budget (and power/cooling
budget!) and how long they’re willing to spend attacking your network,
you now have enough information to work out a lower bound on passphrase
complexity.

Check my workings before relying on any of this!

--
http://www.greenend.org.uk/rjk/

[Jeff Liebermann]

Welcome to two factor authentication. Actually, Google calls it a
"recovery phone" number.
<https://support.google.com/accounts/answer/183723?hl=en&rd=1>
Allegedly, they will contact you on the stored phone number if they
detect "unusual activity". I use email for password recovery, not
SMS.

You're correct that it's a plot for Google to collect your cell phone
number. My Google account was created before 2009 when Google
implemented this nonsense, so Google does NOT have my cell phone
number and does NOT ask for two factor authentication. This might
help:
<http://webapps.stackexchange.com/questions/10489/how-can-i-get-around-giving-my-mobile-phone-number-to-google>
What I did when Google demanded my cell phone number was to give it to
them, do their authentication dance, and then remove the phone number
from my account using the dashboard or account details.
<https://myaccount.google.com/privacy#personalinfo>
<https://myaccount.google.com/phone>
Click the pencil icon under "Add recovery phone".

Google only had my cell phone number for about 5 minutes, but that was
enough for me to get about 10 SMS spam messages and 2 voice spam
messages. Google claimed that was impossible, but I think otherwise.
The spam died down after about 2 weeks.

However, your situation is probably a special case. Changing the
Google account name so many times on a single Android device probably
triggered some security alarms at Google. I would certainly call that
"unusual activity". I don't know what might happen, but Google is
probably interested in determining your identity and possibly
contacting you.

[c...@isbd.net]

Jeff Liebermann <je...@cruzio.com> wrote:
>
> >If we all used the same SSID and the same MAC on our home routers,
> >and if we ensured that our passphrases were as powerful as we can
> >make them (because we're in the rainbow tables otherwise), would
> >that work to foil google?
>
> You're mixing two separate and independent problems.
> 1. Google knows your location by SSID and MAC address.

Only if they know my location. They know it *approximately* from the
phone being on but that's all they *have* to know.

--
Chris Green
·

[Mike Yetto]

So it is writ by Richard Kettlewell <r...@greenend.org.uk>,
so mote it be.

> Mike Yetto <unet.li...@xoxy.net> writes:
>> As for the pass-phrase, yes it should be at least as strong as
>> needed in every case where a pass-phrase/password is used.

> But how strong is “as needed”? (Assuming a unique SSID...)

This depends entirely on your particular threat model. I you live
in an area where the houses are 400 ft apart then "Do not crack
this pass-phrase." might be enough as you would spot someone
parked in your driveway while trying to log in.

If you store data that is worth much to anyone who can get it
then something like "`<~l2-G{V2Q z_N'$XL5", with 132 bits of
entropy, might be a better choice. No one will spend the weeks
necessary to crack such a pass-phrase just to gather marketing
information.

Mike "the SSID is a label, not security, for the network" Yetto
--
"I would defend the liberty of consenting adult creationists to practice
whatever intellectual perversions they like in the privacy of their own
homes, but it is also necessary to protect the young and innocent."
- Arthur C. Clarke

[Jeff Liebermann]

Sorry. I wasn't specific enough. Google knows the location of your
wireless router by SSID and MAC addresses. They might also be
sniffing for smartphones, client radios, range extenders, repeaters,
WISPs, laptops, tablets, PDAs, game machines, wireless media players,
RC controlled airplanes, drones, or anything that might benefit from
an overdose of advertising. However, these are uncertain and part of
a different discussion. We're currently discussing a home wireless
router.

[Jeff Liebermann]

On Sat, 30 Jan 2016 12:05:41 -0500, Mike Yetto
<unet.li...@xoxy.net> wrote:

>No, MACs should be globally unique.

Not on this planet. We have locally administered MAC addresses"
<http://alliedtelesis.com/manuals/at2911GP/ah1073511.html>
<http://serverfault.com/questions/40712/what-range-of-mac-addresses-can-i-safely-use-for-my-virtual-machines>
in addition to the usual counterfeit and bogus MAC addresses.

[Alice J.]

Jeff Liebermann wrote in message

hj0qabhqm97u1agoo...@4ax.com:

> Bottom line: You cannot effectively use your Android phone if you do
> NOT have a working Google account.

Jeff, I (almost) debate that sentence.

I think we *can* log out of almost all of the Google accounts.
I know I have tried (see details below).

Any advice for what I've missed would be excellent!

Here are all the Google Apps that I can think of on my phone:
https://i.imgur.com/p915GdC.png

1. Google Play Store*
Hamburger > {Settings, My account}
There does not seem to be any way to sign OUT of Google Play!
https://i.imgur.com/vqVFmUI.png
2. Google Search
HardMenu > Settings > Privacy & accounts > Google Account =
I seem to be signed out permanently.
https://i.imgur.com/KjcTYaN.png
3. Google Maps
HardMenu > Settings > Sign in
I seem to be signed out permanently.
https://i.imgur.com/O4iNdBL.png
4. Google Gmail
Hamburger > Sign in
I seem to be signed out permanently.
https://i.imgur.com/Pk96Ab6.png
5. Google YouTube
Hamburger > Sign in
I seem to be signed out permanently.
https://i.imgur.com/LRptwAH.png
6. Google Chrome
HardMenu > Settings
I seem to be signed out permanently.
https://i.imgur.com/cXUdO1t.png
7. Google Hangouts*
Automatically logs you in when you start the app!
Signing out kills the app!
HardMenu > Settings > Sign out
https://i.imgur.com/mq7Ttzd.png
8. Google My Tracks
HardMenu > Settings
Does not seem to have any log in capability
https://i.imgur.com/QIQA3oY.png

Every single one of those, I have long ago expressly logged OUT of
and I have never logged back in, and my phone seems to work just fine.

* The only ones I can't seem to log out of are Google Play, and Hangouts,
although I don't have to actually *use* either one of those in day
to day activities.

[Alice J.]

Jeff Liebermann wrote in message

691qabt17mkv70rlt...@4ax.com:

> However, your situation is probably a special case. Changing the
> Google account name so many times on a single Android device probably
> triggered some security alarms at Google. I would certainly call that
> "unusual activity". I don't know what might happen, but Google is
> probably interested in determining your identity and possibly
> contacting you.

I am very experienced in avoiding giving Google any phone number
or ancillary email.

It has been getting harder than ever in the past year.

I use VPN and Google really hates when you come in from multiple
IP addresses. I also change my user agent string a lot (it's
random, to avoid fingerprinting).

So, at this point, in the last few months, it has been almost impossible
to start a Gmail account without giving them a phone number. Sigh.

[Alice J.]

Andy Burns wrote in message

2ZadnewgS4isdzHL...@brightview.co.uk:

>> Seems to me, we should *all* work together
>
> what about people who *like* to use WiFi geolocation, and don't mind
> contributing their own location as the "price" of using everyone else's?

That's fine. 99.99% of the people out there don't even *know* what you
know, for example.

But, for those who both know and care, then we (those people) can work
together.

Besides, I'm just asking as a thought experiment, would it work?

Would it work if we all did these three things?

1. Set our SSID to the same ssid (e.g., DEFAULT_nomap).
2. Set our MAC to the same MAC (e.g., DE:AD:BE:EF:CA:FE).
3. Set a very strong passphrase ('cuz we'd need it!).

Would that work?

[Alice J.]

Mike Yetto wrote in message
slrn20160130115...@may.eternal-september.org:

> I'd like to know if appending "_nomap" to the SSID would do
> anything more than lengthen the SSID.

AFAIK, it would only work for Google who "says" they'll honor it.

See:
Google Announces “_nomap” WiFi Opt-out Option, Wants Other Location Providers To Go Along
http://searchengineland.com/google-announces-nomap-wifi-optout-101134

> No, MACs should be globally unique. Spoofing a computers MAC by
> the router it is connected to might not cause a collision, but if
> everyone reported the same MAC there would be nothing but
> collisions and hilarity would ensue.

I think you're wrong, Mike. It's rare that I know more than you do,
but, at the level of the router, which is behind the cable or dsl modem or
wisp tranceiver, it wouldn't matter at all, I think, if we all had
the same DE:AD:BE:EF:CA:FE MAC address.

Am I right?

(Someone here must know the answer to that question.)

I guess whether the modem is set up as a "bridge" or "router" might matter.
Jeff might know more about that.

[Alice J.]

Richard Kettlewell wrote in message 87zivmx...@mantic.terraraq.uk:

> Using a common SSID is risky, in that it makes the well-known time-space
> tradeoffs for WPA-PSK passphrase cracking worthwhile.

I fully understood that the salt for wpa2 encryption is the ssid, which
is why our passphrases would have to be as strong as we can make them.

> But how strong is “as needed”? (Assuming a unique SSID...)

It would have to NOT be in the rainbow tables at the very least.
I see what you're saying is that it exposes us to brute-force attacks.

[Alice J.]

Mike Yetto wrote in message

slrn201601301644...@may.eternal-september.org:

> Mike "the SSID is a label, not security, for the network" Yetto

Except that your MAC gives you away.

[Alice J.]

Jeff Liebermann wrote in message

52hqab9i2r57ip5vc...@4ax.com:

>>No, MACs should be globally unique.
>
> Not on this planet. We have locally administered MAC addresses"
> <http://alliedtelesis.com/manuals/at2911GP/ah1073511.html>
> <http://serverfault.com/questions/40712/what-range-of-mac-addresses-can-i-safely-use-for-my-virtual-machines>
> in addition to the usual counterfeit and bogus MAC addresses.

Jeff,
Wouldn't DE:AD:BE:EF:CA:FE work on almost all routers?

The router is behind the modem (or transceiver in the case of WISP).

I guess it depends on whether the modem (or transceiver) is set up
as a bridge or router, but, wouldn't it work in most cases?

[Mike Yetto]

So it is writ by Alice J. <alice.jone...@ptd.net>,
so mote it be.

> I use VPN and Google really hates when you come in from multiple
> IP addresses. I also change my user agent string a lot (it's
> random, to avoid fingerprinting).

You should look at this tool supplied by EFF
(THE ELECTRONIC FRONTIER FOUNDATION).
<https://panopticlick.eff.org/>

Mike "don't know if anyone takes it to this level" Yetto
--
'In Usenet, no-one can hear you click.'
- Whiskers

[Alice J.]

Jeff Liebermann wrote in message

s3vpab5ivum2dbj3r...@4ax.com:

> That doesn't work. Using the router feature of MAC address cloning or
> changing only changed the MAC address for the WAN (internet) port.
> That's useful for the few remaining ISP's that authenticate by MAC
> address, but not really a good privacy measure. The MAC addresses for
> the LAN side, including the wireless, remains unchanged. Since Google
> wants the LAN MAC address for their directory of wi-fi devices, you're
> stuck with the MAC address delivered by your wireless router vendor.
>
> The only way I can currently think of changing the wi-fi MAC address
> is to plug a wireless card into a PC or SBC (single board computah),
> set it up to act as an access point, and change the MAC address in
> Linux.
> <https://wiki.archlinux.org/index.php/software_access_point>
> I haven't tried this.

DRAT.

Can you further clarify WHICH mac address Google is getting?

I know a typical SOHO router has a bunch of mac addresses, one for each NIC.
MAC0 = WAN Ethernet port <=== is this the one that is easily cloned?
----------
MAC1 = LAN Ethernet port 1
MAC2 = LAN Ethernet port 2
MAC3 = LAN Ethernet port 3
MAC4 = LAN Ethernet port 4
----------
MAC5 = LAN WiFi 2.4GHz <====I think you're saying they get this
MAC6 = LAN WiFi 5GHz <======and this
----------

Are you saying that Google is saving a MAC address which you can't
normally change on our SOHO routers?

[Alice J.]

Jeff Liebermann wrote in message

s3vpab5ivum2dbj3r...@4ax.com:

> I hate security discussions, especially on weekends.

:)

[Alice J.]

Mike Yetto wrote in message

slrn20160130183...@may.eternal-september.org:

> You should look at this tool supplied by EFF
> (THE ELECTRONIC FRONTIER FOUNDATION).
> <https://panopticlick.eff.org/>

I've been battling my browser fingerpints for a few years now.

That's why I'm happy to see the very latest tor browser bundle finally
bundled the fonts inside the browser.

My browser comes up unique because of the darn fonts and the
darn oddball screen size. Drives me crazy.

So I have to futz with other things that are otherwise fine,
just to be *differently* unique each time.

Drives me crazy.

[Alice J.]

Alice J. wrote in message n8jhb0$roo$7...@news.albasani.net:

> Jeff,
> Wouldn't DE:AD:BE:EF:CA:FE work on almost all routers?
>
> The router is behind the modem (or transceiver in the case of WISP).
>
> I guess it depends on whether the modem (or transceiver) is set up
> as a bridge or router, but, wouldn't it work in most cases?

Nevermind.

I saw your post that said Google gets the LAN SSID/MAC and not the
WAN MAC, which is what "cloning" changes.

Sigh.

[Alice J.]

Alice J. wrote in message n8jh19$roo$4...@news.albasani.net:

>
> I think you're wrong, Mike. It's rare that I know more than you do,
> but, at the level of the router, which is behind the cable or dsl modem or
> wisp tranceiver, it wouldn't matter at all, I think, if we all had
> the same DE:AD:BE:EF:CA:FE MAC address.

I think Jeff explained that the MAC address that we can clone is
not the same MAC address that google saves.

We clone the WAN MAC address, which is always behind a modem or
transceiver so everyone could have the same WAN MAC address I think.

But, Jeff explained that Google doesn't save your WAN MAC address.
Google saves the LAN MAC address.

That LAN MAC address can't be cloned, and, it's an important part
of keeping the neighbors out of your WiFi, so, it wouldn't work
if everyone had the same LAN MAC address.

Sigh.

[Jeff Liebermann]

On Sat, 30 Jan 2016 23:34:56 +0000 (UTC), "Alice J."
<alice.jone...@ptd.net> wrote:

>Jeff Liebermann wrote in message
>52hqab9i2r57ip5vc...@4ax.com:
>
>>>No, MACs should be globally unique.
>>
>> Not on this planet. We have locally administered MAC addresses"
>> <http://alliedtelesis.com/manuals/at2911GP/ah1073511.html>
>> <http://serverfault.com/questions/40712/what-range-of-mac-addresses-can-i-safely-use-for-my-virtual-machines>
>> in addition to the usual counterfeit and bogus MAC addresses.
>
>Jeff,
>Wouldn't DE:AD:BE:EF:CA:FE work on almost all routers?

Like I previously mumbled, the typical home router only allows you to
change the WAN (internet) MAC address to allow the ISP to use the MAC
address for authentication. You normally cannot change the LAN side
MAC addresses, which includes the Wi-Fi port (which is on the LAN
side).

Incidentally, if you're going to spoof MAC addresses, at least make
the first octet one of the locally administered numbers found in the
above URL's.

>The router is behind the modem (or transceiver in the case of WISP).
>
>I guess it depends on whether the modem (or transceiver) is set up
>as a bridge or router, but, wouldn't it work in most cases?

A modem (modulator/demodulator) mostly lives on the VC or LLC bottom
half of OSI Layer 2. It does not usually have a MAC address normally
associated with the top half of Layer 2. The only reason modems have
MAC addresses is because it's required by the LAN or management
ethernet port. Even so, the ISP will see the router MAC address, not
the MAC address of the modem.

Incidentally, in the dark ages of internet, we had USB DSL modems that
didn't have an ethernet port. These also didn't have a MAC address
anywhere in sight. Also, when using SLIP or PPP over a dialup modem,
the ISP again only sees the MAC address of the router, because dialup
modems don't have MAC addresses.

Incidentally, the current 48 bit MAC address morphs into a 64 bit
(EUI-64) MAC address under IPv6.
<https://supportforums.cisco.com/document/100566/understanding-ipv6-eui-64-bit-address>

[Mike Yetto]

So it is writ by Alice J. <alice.jone...@ptd.net>,
so mote it be.

The BSSID is a unique label, not security, for the access point
of the network.

Mike "that pass-phrase keeps looking more important" Yetto
--
"I don`t know half of you half as well as I should like; and I like less
than half of you half as well as you deserve."
- Bilbo Baggins

[Mike Yetto]

So it is writ by Alice J. <alice.jone...@ptd.net>,
so mote it be.

> Alice J. wrote in message n8jh19$roo$4...@news.albasani.net:

>>
>> I think you're wrong, Mike. It's rare that I know more than you do,
>> but, at the level of the router, which is behind the cable or dsl modem or
>> wisp tranceiver, it wouldn't matter at all, I think, if we all had
>> the same DE:AD:BE:EF:CA:FE MAC address.

> I think Jeff explained that the MAC address that we can clone is
> not the same MAC address that google saves.

> We clone the WAN MAC address, which is always behind a modem or
> transceiver so everyone could have the same WAN MAC address I think.

> But, Jeff explained that Google doesn't save your WAN MAC address.
> Google saves the LAN MAC address.

Actually it is the Wireless LAN address not the wired LAN
address. You can see this as the BSSID on your phone if you
install something like the "Wifi Analyzer" app.

> That LAN MAC address can't be cloned, and, it's an important part
> of keeping the neighbors out of your WiFi, so, it wouldn't work
> if everyone had the same LAN MAC address.

> Sigh.

Mike "if you could do it you wouldn't want to" Yetto
--
"The Web is great for finding a list of the ten biggest cities in the
United States, but if the scientific literature is merely littered with
wrong facts, then cyberspace is an enticing quagmire of falsehoods,
propaganda, and just plain bunkum. There simply is no substitute for
skepticism."
- Samuel Arbesman

[Mike Yetto]

So it is writ by Alice J. <alice.jone...@ptd.net>,
so mote it be.

> Mike Yetto wrote in message
> slrn20160130115...@may.eternal-september.org:

>> No, MACs should be globally unique. Spoofing a computers MAC by
>> the router it is connected to might not cause a collision, but if
>> everyone reported the same MAC there would be nothing but
>> collisions and hilarity would ensue.

> I think you're wrong, Mike. It's rare that I know more than you
> do, but, at the level of the router, which is behind the cable
> or dsl modem or wisp tranceiver, it wouldn't matter at all, I
> think, if we all had the same DE:AD:BE:EF:CA:FE MAC address.

> Am I right?

I don't think so. The MAC address that your router broadcasts is
the one shown as the BSSID of that access point/router. The LAN
and WAN MACs are separate from the wireless MAC.

If several Wi-Fi networks in an area all showed the same BSSID
they would cause collisions among and between all of the
networks. You might be able to keep it all straight by handing
control over to a neighborhood network administrator. Just be
sure to address him as the BOFH (Bastard Operator From Hell).

All this to avoid having your browsing habits aggregated by
Google? Perhaps you should use a wired only network at home.

Mike "Google and Android or Apple and, well, Apple" Yetto
--
"Science is the poetry of the Universe, a way to understand its beauty,
power, and subtlety."
- Phil Plait

[Jeff Liebermann]

On Sat, 30 Jan 2016 23:40:11 +0000 (UTC), "Alice J."
<alice.jone...@ptd.net> wrote:

>Jeff Liebermann wrote in message
>s3vpab5ivum2dbj3r...@4ax.com:
>
>> That doesn't work. Using the router feature of MAC address cloning or
>> changing only changed the MAC address for the WAN (internet) port.
>> That's useful for the few remaining ISP's that authenticate by MAC
>> address, but not really a good privacy measure. The MAC addresses for
>> the LAN side, including the wireless, remains unchanged. Since Google
>> wants the LAN MAC address for their directory of wi-fi devices, you're
>> stuck with the MAC address delivered by your wireless router vendor.
>>
>> The only way I can currently think of changing the wi-fi MAC address
>> is to plug a wireless card into a PC or SBC (single board computah),
>> set it up to act as an access point, and change the MAC address in
>> Linux.
>> <https://wiki.archlinux.org/index.php/software_access_point>
>> I haven't tried this.

>DRAT.

I'm from an early generation that used "Curses... foiled again".
I think the current explitive is "Bummer".

>Can you further clarify WHICH mac address Google is getting?

Yes, I can. However, a late dinner beckons.

>I know a typical SOHO router has a bunch of mac addresses, one for each NIC.
>MAC0 = WAN Ethernet port <=== is this the one that is easily cloned?
>----------
>MAC1 = LAN Ethernet port 1
>MAC2 = LAN Ethernet port 2
>MAC3 = LAN Ethernet port 3
>MAC4 = LAN Ethernet port 4
>----------
>MAC5 = LAN WiFi 2.4GHz <====I think you're saying they get this
>MAC6 = LAN WiFi 5GHz <======and this
>----------

The above is correct. Only the WAN MAC address can be easily tweaked
or clones in the home wireless router. The rest, including the Wi-Fi,
are fixed.

>Are you saying that Google is saving a MAC address which you can't
>normally change on our SOHO routers?

Yep.
<http://www.wired.com/2012/05/google-wifi-fcc-investigation/>
"...Street View software to collect so-called payload data,
which includes telephone numbers, URLs, passwords, e-mail,
text messages, medical records, video and audio files sent
over open Wi-Fi networks."

"A year later, when our mobile team started a project to
collect basic WiFi network data like SSID information
and MAC addresses using Google’s Street View cars, they
included that code in their software, although the project
leaders did not want, and had no intention of using,
payload data."

Sure... accidental. That's about as accidental as the numerous
accidental attempts by Microsoft to accidentally upgrade Win 7 and 8.1
users to Win 10. I've been unable to find exactly what data Google is
CURRENTLY collecting with Street View.

Incidentally, you can visit your data online:
<http://www.google.com/about/datacenters/gallery/#/tech>
It's in there, somewhere...

[Alice J.]

Mike Yetto wrote in message

slrn201601302315...@may.eternal-september.org:

> Actually it is the Wireless LAN address not the wired LAN
> address. You can see this as the BSSID on your phone if you
> install something like the "Wifi Analyzer" app.

Thank you for clarifying. That was my mistake.
Google sees the BSSID (i.e., MAC address) of the *wireless* LAN.
Unfortunately, we can't easily change *that* MAC address. (Sigh)

BTW, I have lots of apps that show the SSID/BSSID such as these
which I recommend to others in the order shown ...

Wifi Analyzer, by farproc
https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer

WiFi SNR, by Javali Inc.
https://play.google.com/store/apps/details?id=com.javali.wifisnr

inSSIDer, by MetaGeek
https://play.google.com/store/apps/details?id=com.metageek.inSSIDer

FRITZ!App WLAN, by AVM GmbH
https://play.google.com/store/apps/details?id=de.avm.android.wlanapp

[Alice J.]

Mike Yetto wrote in message

slrn201601302301...@may.eternal-september.org:

> If several Wi-Fi networks in an area all showed the same BSSID
> they would cause collisions among and between all of the
> networks.

Again, I was wrong.
Thank you for clarifying.
I was thinking that we clone MAC addresses on the router all the
time and it causes no problem.

But, Jeff (and you) explained we only clone the WAN wired MAC address
while Google is stealing our LAN wireless addresses.

May I presume that Google steals both the 2.4GHz and 5GHz BSSID's?

[Alice J.]

Mike Yetto wrote in message

slrn201601302321...@may.eternal-september.org:

>> Except that your MAC gives you away.
>
> The BSSID is a unique label, not security, for the access point
> of the network.

Yes. You are correct.
But my point was that the MAC *is* unique darnit.
That's bad for privacy to have a unique number.

I'd much prefer Jeff's suggestion of changing it, but he explained
that it's not as easy as just cloning the WAN MAC address is.

Sigh.

Changing the SSID monthly is looking better and better.

[Alice J.]

Jeff Liebermann wrote in message

rr1rabpeam8gf0e65...@4ax.com:

> Like I previously mumbled, the typical home router only allows you to
> change the WAN (internet) MAC address to allow the ISP to use the MAC
> address for authentication. You normally cannot change the LAN side
> MAC addresses, which includes the Wi-Fi port (which is on the LAN
> side).

My mistake.
I later realized my folly.
It was wishful thinking, on my part, that we could change the MAC address
that Google gets from our phones (not mine) and those of our neighbors.

I just wish my neighbors didn't throw me under the bus.

[Alice J.]

Jeff Liebermann wrote in message

rr1rabpeam8gf0e65...@4ax.com:

> Incidentally, if you're going to spoof MAC addresses, at least make
> the first octet one of the locally administered numbers found in the
> above URL's.

Here's the script someone posted on the unix newsgroup that I use
to change the mac address daily of my laptop.

It uses a randomized OIC ...

#!/bin/bash
#################################################
#
# Script: changemac.sh
# written by: Marek Novotny
# modified by: Tom
# version: 0.4
# date: 2015-10-17
# notes: MAC Address Changing Kubuntu
# See also: http://wintelguy.com
# https://www.adminsub.net/mac-address-finder
#################################################
# In the future, change the MAC address in /etc/network/interfaces.
# That way, the interface starts up with fake mac.
# When the interface goes down it gets re-configured.
# You can put the hide_me script in /etc/if-pre-up.d
# and the change would go in before the interface comes up.

# use sudo if you're not root (add ifconfig to sudoers.d)
if [ $(id -u) != 0 ] ; then
priv="sudo"
else
priv=""
fi

# grab the NIC interface (e.g., devID=wlan0)
# WIP: Add a check if device ID is "tun0", don't change it
devID=$(ip route get 8.8.8.8 | awk 'NR==1 {print $5}')
# Get the device MAC address
MACaddr=$(ifconfig $devID | grep HWaddr | awk '{print $5}')
echo "old MAC: $MACaddr"

# Set up a list of organizationally unique identifiers OUI
# https://www.adminsub.net/mac-address-finder
OUIArray=(
00:01:2a # telematica sistems inteligente
00:02:b3 # intel corporation
00:03:47 # intel corporation
00:04:23 # intel corporation
00:04:3a # intelligent telecommunications, inc.
00:05:b5 # Broadcom Technologies
00:06:5b # dell computer corp.
00:07:e9 # intel corporation
00:08:1a # sanrad intelligence storage communications 2000 ltd.
00:08:74 # dell computer corp.
00:09:58 # intelnet s.a.
00:0a:f7 # Broadcom Corp.
00:0b:db # dell inc
00:0c:c7 # intelligent computer solutions inc.
00:0c:f1 # intel corporation
00:0d:56 # dell inc
00:0d:b6 # Broadcom Corporation
00:0e:0c # intel corporation
00:0e:35 # intel corp
00:0f:1f # dell inc
00:10:18 # BroadCOM CORPORATION
00:10:e6 # applied intelligent systems, inc.
00:11:11 # intel corporation
00:11:43 # dell inc
00:11:75 # intel corporation
00:11:76 # intellambda systems, inc.
00:12:3f # dell inc
00:12:f0 # intel
00:12:f0 # intel corporate
00:13:02 # intel corporate
00:13:20 # intel corporate
00:13:72 # dell inc
00:13:b1 # intelligent control systems asia pte ltd
00:13:ce # intel corporate
00:13:e8 # intel corporate
00:14:22 # dell inc
00:14:4d # intelligent systems
00:15:00 # intel corporate
00:15:17 # intel corporate
00:15:1f # multivision intelligent surveillance hong kong ltd
00:15:c5 # dell inc
00:16:6f # intel corporate
00:16:76 # intel corporate
00:16:ea # intel corporate
00:16:eb # intel corporate
00:16:f0 # dell
00:18:8b # dell inc
00:18:de # intel corporate
00:19:00 # intelliverese - dba voicecom
00:19:25 # intelicis corporation
00:19:b4 # intellio ltd
00:19:b9 # dell inc.
00:19:d1 # intel corporate
00:19:d2 # intel corporate
00:1a:3f # intelbras
00:1a:a0 # dell inc
00:1b:0a # intelligent distributed controls ltd
00:1b:21 # intel corporate
00:1b:77 # intel corporate
00:1b:b2 # intellect international nv
00:1b:e9 # Broadcom Corporation
00:1b:f9 # intellitect water ltd
00:1c:23 # dell inc
00:1c:bf # intel
00:1c:bf # intel corporate
00:1c:c0 # intel corporate
00:1d:09 # dell
00:1d:09 # dell inc
00:1d:40 # intel – ge care innovations llc
00:1d:e0 # intel corporate
00:1d:e1 # intel corporate
00:1e:4f # dell inc.
00:1e:64 # intel corporate
00:1e:65 # intel corporate
00:1e:67 # intel corporate
00:1e:c9 # dell inc
00:1f:0c # intelligent digital services gmbh
00:1f:3b # intel corporate
00:1f:3c # intel corporate
00:20:7b # intel corporation
00:21:5c # intel corporate
00:21:5d # intel corporate
00:21:6a # intel corporate
00:21:6b # intel corporate
00:21:70 # dell inc
00:21:9b # dell inc
00:22:19 # dell inc
00:22:46 # evoc intelligent technology co.,ltd.
00:22:e6 # intelligent data
00:22:fa # intel corporate
00:22:fb # intel corporate
00:23:14 # intel corporate
00:23:15 # intel corporate
00:23:ae # dell inc.
00:23:b2 # intelligent mechatronic systems inc
00:24:d6 # intel corporate
00:24:d7 # intel corporate
00:24:e8 # dell inc.
00:24:ea # iris-gmbh infrared & intelligent sensors
00:25:64 # dell inc.
00:25:bd # italdata ingegneria dell'idea s.p.a.
00:26:21 # intelicloud technology inc.
00:26:b9 # dell inc
00:26:c6 # intel corporate
00:26:c7 # intel corporate
00:26:fd # interactive intelligence
00:27:0e # intel corporate
00:27:10 # intel corporate
00:30:72 # intellibyte inc.
00:50:f1 # intel corporation
00:60:aa # intelligent devices inc. idi
00:6b:a0 # shenzhen universal intellisys pte ltd
00:80:53 # intellicom, inc.
00:90:27 # intel corporation
00:a0:c9 # intel corporation - hf1-06
00:aa:00 # intel corporation
00:aa:01 # intel corporation
00:aa:02 # intel corporation
00:b0:d0 # dell computer corp.
00:c0:4f # dell computer corporation
00:c2:c6 # intel corporate
00:d0:5d # intelliworxx, inc.
00:d0:b7 # intel corporation
00:db:df # intel corporate
04:9b:9c # eadingcore intelligent technology co., ltd.
08:11:96 # intel corporate
08:3f:76 # intellian technologies, inc.
08:d4:0c # intel corporate
0c:8b:fd # intel corporate
0c:d2:92 # intel corporate
10:02:b5 # intel corporate
10:0b:a9 # intel corporate
10:4a:7d # intel corporate
10:98:36 # dell inc.
14:18:77 # dell inc
14:1b:f0 # intellimedia systems ltd
14:fe:b5 # dell inc
18:03:73 # dell inc
18:06:75 # dilax intelcom gmbh
18:3d:a2 # intel corporate
18:5e:0f # intel corporate
18:a9:9b # dell inc
18:c0:86 # Broadcom Corporation
18:fb:7b # dell inc
18:ff:0f # intel corporate
1c:40:24 # dell inc
20:47:47 # dell inc.
24:6e:96 # dell inc.
24:77:03 # intel corporate
24:97:ed # techvision intelligent technology limited
24:b6:fd # dell inc
28:b2:bd # intel corporate
28:c8:25 # dellking industrial co., ltd
2c:6e:85 # intel corporate
30:3a:64 # intel corporate
34:02:86 # intel corporate
34:13:e8 # intel corporate
34:17:eb # dell inc
34:de:1a # intel corporate
34:e6:ad # intel corporate
34:e6:d7 # dell inc.
3c:a9:f4 # intel corporate
3c:fd:fe # intel corporate
40:25:c2 # intel corporate
44:1e:91 # arvida intelligent electronics technology co.,ltd.
44:85:00 # intel corporate
44:a8:42 # dell inc.
48:45:20 # intel corporate
48:51:b7 # intel corporate
4c:34:88 # intel corporate
4c:76:25 # dell inc.
4c:79:ba # intel corporate
4c:80:93 # intel corporate
4c:eb:42 # intel corporate
50:2d:a2 # intel corporate
50:45:f7 # liuhe intelligence technology ltd.
54:9f:35 # dell inc.
58:10:8c # intelbras
58:91:cf # intel corporate
58:94:6b # intel corporate
58:a8:39 # intel corporate
5c:26:0a # dell inc.
5c:51:4f # intel corporate
5c:c5:d4 # intel corporate
5c:d2:e4 # intel corporate
5c:e0:c5 # intel corporate
5c:f9:dd # dell inc
60:36:dd # intel corporate
60:46:16 # xiamen vann intelligent co., ltd
60:57:18 # intel corporate
60:67:20 # intel corporate
60:6c:66 # intel corporate
64:00:6a # dell inc.
64:55:63 # intelight inc.
64:80:99 # intel corporate
64:d4:da # intel corporate
68:05:ca # intel corporate
68:17:29 # intel corporate
68:3c:7d # magic intelligence technology limited
68:5d:43 # intel corporate
6c:29:95 # intel corporate
6c:88:14 # intel corporate
6c:a1:00 # intel corporate
70:93:83 # intelligent optical network high tech co.,ltd.
74:86:7a # dell inc
74:e5:0b # intel corporate
74:e6:e2 # dell inc.
78:0c:b8 # intel corporate
78:2b:cb # dell inc
78:3d:5b # telnet redes inteligentes s.a.
78:45:c4 # dell inc
78:92:9c # intel corporate
78:ff:57 # intel corporate
7c:5c:f8 # intel corporate
7c:7a:91 # intel corporate
7c:cc:b8 # intel corporate
7c:cf:cf # shanghai seari intelligent system co., ltd
80:00:0b # intel corporate
80:19:34 # intel corporate
80:86:f2 # intel corporate
80:9b:20 # intel corporate
80:a1:ab # intellisis
84:2b:2b # dell inc.
84:2b:bc # modelleisenbahn gmbh
84:3a:4b # intel corporate
84:73:03 # letv mobile and intelligent information technology beijing corporation ltd.
84:8f:69 # dell inc.
84:a6:c8 # intel corporate
88:53:2e # intel corporate
88:cb:a5 # suzhou torchstar intelligent technology co.,ltd
8c:70:5a # intel corporate
8c:a9:82 # intel corporate
90:2e:1c # intel corporate
90:49:fa # intel corporation
90:b1:1c # dell inc.
90:e2:ba # intel corporate
94:65:9c # intel corporate
94:f1:9e # huizhou maorong intelligent technology co.,ltd
98:4f:ee # intel corporate
98:90:96 # dell inc
9c:31:78 # foshan huadian intelligent communications teachnologies co.,ltd
9c:4e:36 # intel corporate
a0:36:9f # intel corporate
a0:6d:09 # intelcan technosystems inc.
a0:88:69 # intel corporate
a0:88:b4 # intel corporate
a0:98:ed # shandong intelligent optical communication development co., ltd.
a0:a8:cd # intel corporate
a4:02:b9 # intel corporate
a4:1f:72 # dell inc.
a4:34:d9 # intel corporate
a4:4e:31 # intel corporate
a4:ba:db # dell inc.
a4:c4:94 # intel corporate
a4:de:c9 # qlove mobile intelligence information technology w.h. co. ltd.
ac:72:89 # intel corporate
ac:7b:a1 # intel corporate
ac:fd:ce # intel corporate
b0:59:47 # shenzhen qihu intelligent technology company limited
b0:83:fe # dell inc
b4:6d:83 # intel corporate
b4:b6:76 # intel corporate
b8:03:05 # intel corporate
b8:08:cf # intel corporate
b8:2a:72 # dell inc
b8:8a:60 # intel corporate
b8:ac:6f # dell inc
b8:b8:1e # intel corporate
b8:bf:83 # intel corporate
b8:ca:3a # dell inc
bc:0f:64 # intel corporate
bc:30:5b # dell inc.
bc:77:37 # intel corporate
c0:8b:6f # si sistemas inteligentes eletrônicos ltda
c4:85:08 # intel corporate
c4:d9:87 # intel corporate
c8:1f:66 # dell inc
c8:34:8e # intel corporate
c8:f7:33 # intel corporate
cc:2a:80 # micro-biz intelligence solutions co.,ltd
cc:3d:82 # intel corporate
d0:43:1e # dell inc.
d0:67:e5 # dell inc
d0:7e:35 # intel corporate
d4:01:29 # Broadcom Corporation
d4:ae:52 # dell
d4:ae:52 # dell inc
d4:be:d9 # dell
d4:be:d9 # dell inc
d4:c9:ef # hp
d4:ec:86 # linkedhope intelligent technologies co., ltd
d8:9d:67 # hp
d8:9e:3f # apple
d8:a2:5e # apple
d8:fc:93 # intel corporate
dc:15:db # ge ruili intelligent technology
dc:53:60 # intel corporate
dc:a9:71 # intel corporate
e0:3e:44 # Broadcom Corporation
e0:61:b2 # hangzhou zeno intel technology co., ltd
e0:94:67 # intel corporate
e0:9d:31 # intel corporate
e0:db:55 # dell inc
e4:f8:9c # intel corporate
e4:fa:fd # intel corporate
e8:2a:ea # intel corporate
e8:b1:fc # intel corporate
ec:23:68 # intellivoice co.,ltd.
ec:f4:bb # dell inc
f0:1f:af # dell inc
f0:4d:a2 # dell inc.
f4:06:69 # intel corporate
f8:16:54 # intel corporate
f8:b1:56 # dell inc
f8:bc:12 # dell inc
f8:ca:b8 # dell inc.
f8:db:88 # dell inc
fc:8f:c4 # intelligent technology inc.
fc:f8:ae # intel corporate
)

# if [ $# -eq 0 ]
# then
# echo -n "Enter new MAC: "
# read $newMAC
# else
RANGE=$((${#OUIArray[@]} + 1))
i=$RANDOM
let "i %= $RANGE"
OUI=${OUIArray[$i]}

# generate a new NIC specific identifier
NIC=$(date | md5sum | sed 's/../&:/g' | cut -b 9-17)
newMAC="$OUI$NIC"
# fi

echo "new MAC: $newMAC"

# Offer to replace old mac addr with the new
echo "Do you wish to assign $newMAC to $devID?"
echo "Press 1 to assign $newMAC to $devID? (otherwise press 2)"
select yn in "Yes" "No" ; do
case $yn in
Yes )
$priv ifconfig $devID down
sleep 2 # allow interface to go down
$priv ifconfig $devID hw ether $newMAC
sleep 2 # allow time to assign MAC to interface
$priv ifconfig $devID up && $priv ifconfig $devID | grep HWaddr
break
;;
No )
exit 0
;;
esac
done

## END ##

[Alice J.]

Jeff Liebermann wrote in message

rr1rabpeam8gf0e65...@4ax.com:

> A modem (modulator/demodulator) mostly lives on the VC or LLC bottom
> half of OSI Layer 2. It does not usually have a MAC address normally
> associated with the top half of Layer 2. The only reason modems have
> MAC addresses is because it's required by the LAN or management
> ethernet port. Even so, the ISP will see the router MAC address, not
> the MAC address of the modem.

Hey! Maybe that's why Comcast *requires* a MAC address to be cloned
in my kid's router?

[Alice J.]

Jeff Liebermann wrote in message

773rabhspg3c0vhse...@4ax.com:

> The above is correct. Only the WAN MAC address can be easily tweaked
> or clones in the home wireless router. The rest, including the Wi-Fi,
> are fixed.

ᴅ̶ʀ̶ᴀ̶ᴛ̶ ummm ... I mean .... Bummer!

[Jeff Liebermann]

Maybe, but I don't think so. Comcast formerly required registering
the MAC address. However, that was years ago and should no longer be
the case. What you're probably seeing is that Comcast does not like
having the MAC address change. The ARP table in the router, which is
what relates the MAC address to an associated IP address, requires
some time to reset. I run into this problem all the time when
juggling different cable modems and routers. You have to power OFF
the cable modem for about 10-15 minutes, before connecting a new cable
modem. I've heard rumors that it's now down to about 5 minutes, but I
haven't test it yet.

There's also a similar problem between the cable modem and router, if
they are two separate boxes. The cable modem stores exactly one MAC
address, which is the device that it connects to, in this case the
router. Similarly, the router WAN port only stores one MAC address,
which is presumably the cable modem ethernet MAC address. This is why
connecting a switch or hub to a cable modem doesn't work. With only
one MAC address, you only can connect to one IP address. Anyway, when
changing modems or routers, turn them BOTH OFF, wait a few seconds for
things to discharge in the boxes, and then turn them both back on.
Otherwise, the boxes will have the unrelated MAC address of the
previously connected boxes in memory, which will not work. The reason
that cloning the MAC address in the router seems to help is that all
your boxes having the same MAC address, juggling boxes does not change
the MAC addresses so everything works.

[Alice J.]

Jeff Liebermann wrote in message

7i8rabpq9531a2e38...@4ax.com:

> Maybe, but I don't think so. Comcast formerly required registering
> the MAC address.

I set up this with my kid at college last September and I do NOT remember
Comcast *asking* for a MAC address. This jives with what you said above.

> However, that was years ago and should no longer be
> the case. What you're probably seeing is that Comcast does not like
> having the MAC address change.

Again, my kid's observation jives with what you said. The kid said
the cloning must be done after hooking up the computer to the modem
or when the modem or router is disconnected and then turned back on,
but not all the time.

I don't get a clear story, but the fix when it happens is always
to clone the MAC address.

> The ARP table in the router, which is
> what relates the MAC address to an associated IP address, requires
> some time to reset. I run into this problem all the time when
> juggling different cable modems and routers. You have to power OFF
> the cable modem for about 10-15 minutes, before connecting a new cable
> modem. I've heard rumors that it's now down to about 5 minutes, but I
> haven't test it yet.

When I was last up there, I disconnected the router & modem to move them,
and then the Internet didn't work. I only had them unplugged for a minute.

Called the router company (TP-Link) and they had us clone the Mac and
that worked to get the Internet back up and running.

> There's also a similar problem between the cable modem and router, if
> they are two separate boxes. The cable modem stores exactly one MAC
> address, which is the device that it connects to, in this case the
> router. Similarly, the router WAN port only stores one MAC address,
> which is presumably the cable modem ethernet MAC address. This is why
> connecting a switch or hub to a cable modem doesn't work. With only
> one MAC address, you only can connect to one IP address. Anyway, when
> changing modems or routers, turn them BOTH OFF, wait a few seconds for
> things to discharge in the boxes, and then turn them both back on.

So, would this work?
1. Turn off everything.
2. Wait the prescribed period (whatever it is)
3. Turn on cable modem (and wait a while)
4. Turn on router (and wait a while)
5. Turn on laptop (and wait a while).

[Jeff Liebermann]

On Sun, 31 Jan 2016 06:27:00 +0000 (UTC), "Alice J."
<alice.jone...@ptd.net> wrote:

>I don't get a clear story, but the fix when it happens is always
>to clone the MAC address.

I haven't had to clone the MAC address in many years. In the distant
past, when it was about 15 minutes, I sometimes had to call Comcast
support and have them remove my MAC address from the ARP table in the
CMTS (cable modem termination system). That required 2nd level
support, which did take some time. My guess(tm) is that the power
wasn't off on the modem long enough.

>When I was last up there, I disconnected the router & modem to move them,
>and then the Internet didn't work. I only had them unplugged for a minute.

One minute is not long enough. I did some Googling and didn't find a
definitive time interval. The last modem swap I did (leased Arris
TM722 traded for customer owned TM822) methinks took about 10 mins.

>Called the router company (TP-Link) and they had us clone the Mac and
>that worked to get the Internet back up and running.

Fine. If you're curious if I'm right, just set the MAC address back
to the default, pull the plug, wait 15 or more minutes, plug it back
in, and see if it works. It should.

>So, would this work?
>1. Turn off everything.
>2. Wait the prescribed period (whatever it is)
>3. Turn on cable modem (and wait a while)
>4. Turn on router (and wait a while)
>5. Turn on laptop (and wait a while).

Yes, that's probably the ideal method. However, turning on the modem,
router, and laptop at the same time will probably also be ok. The
only part that might get screwed up is if the DHCP client in the
laptop times out. For Linux you might have to do some of this:
<http://www.cyberciti.biz/faq/howto-linux-renew-dhcp-client-ip-address/>
<http://www.cyberciti.biz/faq/ubuntu-renew-dhcp/>

Some devices, such as laptops, have WOL (Wake On LAN), where the
ethernet power remains on when the device is turned off. Some
routers, and media players also have WOL. If that's the case, you
need to physically remove the power plug and possibly the battery to
reset the ethernet card.

Many Comcast modems and router have a built in battery, especially
when if they have built in VoIP (EMTA). For these, you have to either
press the reset push button, or temporarily remove the battery as
pulling the power plug does nothing.

[c...@isbd.net]

Jeff Liebermann <je...@cruzio.com> wrote:
> On Sat, 30 Jan 2016 19:16:01 +0000, c...@isbd.net wrote:
>
> >Jeff Liebermann <je...@cruzio.com> wrote:
> >>
> >> >If we all used the same SSID and the same MAC on our home routers,
> >> >and if we ensured that our passphrases were as powerful as we can
> >> >make them (because we're in the rainbow tables otherwise), would
> >> >that work to foil google?
> >>
> >> You're mixing two separate and independent problems.
> >> 1. Google knows your location by SSID and MAC address.
>
> >Only if they know my location. They know it *approximately* from the
> >phone being on but that's all they *have* to know.
>
> Sorry. I wasn't specific enough. Google knows the location of your
> wireless router by SSID and MAC addresses.

That's not a physical location though is it, that was the point I was
making.

--
Chris Green
·

[Dave Celt]

On Sun, 31 Jan 2016 11:14:07 +0000 it happened:

> That's not a physical location though is it, that was the point I was
> making.

Isn't it within a few feet of your location, based on the GPS
coordinates listed in your phone?

So, that's pretty physical, isn't it?

[c...@isbd.net]

Dave Celt <dc...@spam.invalid> wrote:
> On Sun, 31 Jan 2016 11:14:07 +0000 it happened:
>
> > That's not a physical location though is it, that was the point I was
> > making.
>
> Isn't it within a few feet of your location, based on the GPS
> coordinates listed in your phone?
>

That's sort of where I came in, I always keep the GPS turned off in my
phone, so all that's available is proximity to microwave tower.

--
Chris Green
·

[Whiskers]

On 2016-01-30, Alice J. <alice.jone...@ptd.net> wrote:
> Whiskers wrote in message
> slrnnapk21.q...@ID-107770.user.individual.net:
>
>
>> However when searching for something to connect with, your mobile
>> phone (like any other WiFi device) will send out signals asking for
>> access points it has previously connected with to respond; this is so
>> that automatic connection can be established whenever you are within
>> range of a known access point - but it also means that anyone
>> listening in to the background WiFi traffic can get a list of [all?]
>> the access points your device has accessed in the past, which does to
>> some extent identify 'you'. Which is why it's a good idea to switch
>> off your device's WiFi unless you're actually using it (that and
>> extending battery life).
>
> You seem to understand where I was going.
>
> So here's my two part technical question:
>
> Part 1: I already know that if you hide your SSID at home, then your
> mobile device must scream out that SSID in order to connect, which the
> mobile device will do, to your detriment, at a local hotspot.
>
> Part 2: What you just said though, is that it will scream out *all*
> your recent connections, and you didn't mention whether or not it will
> do that irrespective of whether those prior connections were broadcast
> hidden.
>
> Can you (or someone) clarify, as this is an IMPORTANT POINT!

I don't know exactly what a device broadcasts when trying to
auto-connect; the MAC number of the access point being sought would be
better than the SSID as SSIDs aren't unique but MACs are supposed to be.
Access points that aren't hiding their SSIDs tell everyone within range
both pieces of information.

Disabling auto-connect should make your presence a little less obvious.

You can't hide your presence when connecting to a WiFi access point.
The best you can do is disguise yourself - eg give your network card a
new MAC every time you use it, or only use a device once then discard
it.

--
-- ^^^^^^^^^^
-- Whiskers
-- ~~~~~~~~~~

[Whiskers]

On 2016-01-30, Alice J. <alice.jone...@ptd.net> wrote:

> Andy Burns wrote in message
> 2ZadnewgS4isdzHL...@brightview.co.uk:
>
>>> Seems to me, we should *all* work together
>>
>> what about people who *like* to use WiFi geolocation, and don't mind
>> contributing their own location as the "price" of using everyone
>> else's?
>
> That's fine. 99.99% of the people out there don't even *know* what you
> know, for example.
>
> But, for those who both know and care, then we (those people) can work
> together.
>
> Besides, I'm just asking as a thought experiment, would it work?
>
> Would it work if we all did these three things?
>
> 1. Set our SSID to the same ssid (e.g., DEFAULT_nomap). 2. Set our
> MAC to the same MAC (e.g., DE:AD:BE:EF:CA:FE). 3. Set a very strong
> passphrase ('cuz we'd need it!).
>
> Would that work?

No. Each device and each access point has to be uniquely and
consistently identified so that you know which thing is talking to
which. Your suggestion would have everyone blasting invalid passwords
at everyone else and no-one getting connected. A good way to collect
passwords, but not good for anything else.

[Andy Burns]

c...@isbd.net wrote:

> I always keep the GPS turned off in my
> phone, so all that's available is proximity to microwave tower.

But it can tell you're near your neighbours, by seeing their SSIDs :-)

[Char Jackson]

One way to change the MAC is to buy a dozen wireless routers and rotate a
different one into service on a random basis, whenever you feel icky.

[Richard Kettlewell]

Mike Yetto <unet.li...@xoxy.net> writes:
> So it is writ by Richard Kettlewell <r...@greenend.org.uk>,
> so mote it be.
>> Mike Yetto <unet.li...@xoxy.net> writes:
>>> As for the pass-phrase, yes it should be at least as strong as
>>> needed in every case where a pass-phrase/password is used.
>
>> But how strong is “as needed”? (Assuming a unique SSID...)
>
> This depends entirely on your particular threat model.

That’s why I gave a quantitative approach for translating estimated
attacker capabilities into an answer, which doesn’t seem to have
survived your editing.

> I you live in an area where the houses are 400 ft apart then "Do not
> crack this pass-phrase." might be enough as you would spot someone
> parked in your driveway while trying to log in.
>
> If you store data that is worth much to anyone who can get it
> then something like "`<~l2-G{V2Q z_N'$XL5", with 132 bits of
> entropy, might be a better choice. No one will spend the weeks
> necessary to crack such a pass-phrase just to gather marketing
> information.

“Weeks” is just a teeny bit of an underestimate here!

--
http://www.greenend.org.uk/rjk/

[Mike Yetto]

So it is writ by Alice J. <alice.jone...@ptd.net>,
so mote it be.

> Mike Yetto wrote in message
> slrn201601302321...@may.eternal-september.org:

>>> Except that your MAC gives you away.
>>
>> The BSSID is a unique label, not security, for the access point
>> of the network.

> Yes. You are correct.
> But my point was that the MAC *is* unique darnit.
> That's bad for privacy to have a unique number.

It is necessary for operations that it be unique within its own
ken. Since that extends to about 100 meter sat best anyone
wishing to take advantage of that uniqueness will need to be
close.

> I'd much prefer Jeff's suggestion of changing it, but he explained
> that it's not as easy as just cloning the WAN MAC address is.

> Sigh.

> Changing the SSID monthly is looking better and better.

Why? Don't you have to change all of the devices that would
connect to this access point? I would never consider changing
something used over dozen devices on a regular basis. Not to
mention how annoyed my elder son, his wife, my younger son, his
girlfriend, and my wife would be every time I told them to change
their devices. This doesn't even consider any other relatives who
may have accessed it and still have the connection defined on a
phone, tablet, or laptop.

Mike "yes I am free with my home network" Yetto
--
"One defeats a fanatic precisely by not being a fanatic oneself, but on
the contrary by using one`s intelligence."
- George Orwell

[Arno Welzel]

Alice J. schrieb am 2016-01-29 um 17:37:

> Arno Welzel wrote in message 56AB8F0B...@arnowelzel.de:
>
>> There is no "special equipment" needed to see SSIDs. When I go to the
>> backyard of the apartment building where I live, I can easily pick up
>> around 10 different SSIDs with my smartphone.
>
> I didn't want to get into the Google cars sniffing of SSIDs.
> I just wanted to keep the question about what my phone and my neighbor's
> phone does while we're sleeping.
>
> Does the Apple iOS equipment also hand Google our home SSIDs while we sleep?

Maybe they do also send SSIDs - but not to Google of course but to Apple.

>> Yep. And as long as you don't live in a very high floor or have some
>> kind of magnetic shielding in your house everybody around the place you
>> live will pick up the SSID as well - and so the smartphones moving along
>> the place you live.
>
> To be clear, I'm just worried about my home SSID and what happens
> on my phone (which I can control) and what happens on my neighbor's phones
> (which I can't control).

As i explained - the SSIDs may be transferred along with the current
mobile network cell id and/or GPS location so Google can use the SSIDs
as an additional way for "coarse location".

But I don't worry about this. Neither my privacy nor the security of my
data depends on hiding the SSID of my home WiFi network.

>> The option I described is in Android 5.1. Maybe it is in the advanced
>> location service settings or in the "Google Settings" app which can be
>> found on some devices.
>
> I'm on Android 4.3 but still, I can't control the phones of my neighbors.
> So what matters mostly is what the default allows.

AFAIK the default allows transmitting the SSID. So even if you turn it
off on your own device many other devices may still tell Google which
SSIDs they see at their current location. But I'm not sure about this as
I don't check this on every device I use.


--
Arno Welzel
http://arnowelzel.de
http://de-rec-fahrrad.de
http://fahrradzukunft.de

[Mike Yetto]

s/the weeks necessary/until the heat death of the universe/

Mike "slightly less of an overestimate?" Yetto
--
"Science has taught me (Science warns me) to be careful how I adopt a
view which jumps with my preconceptions, and to require stronger
evidence for such belief than for one to which I was previously hostile.
My business is to teach my aspirations to conform themselves to fact,
not to try and make facts harmonize with my aspirations."
- Thomas Huxley

[Arno Welzel]

Jeff Liebermann schrieb am 2016-01-30 um 19:43:

[...]
> Bottom line: You cannot effectively use your Android phone if you do
> NOT have a working Google account.

You can. You just don't have all the Google services. But with F-Droid
(<https://f-droid.org/>) there are alternatives - e.g. K9 Mail, OsmAnd,
DAVdroid etc..

And telephony, addressbook and calendar work without a Google account as
well. Also internet access is possible without Google as well.

With CyanogenMod or AOKP you don't get any Google stuff anyway - and it
also works quite well.

[Arno Welzel]

Alice J. schrieb am 2016-01-30 um 09:20:

> Jeff Liebermann wrote in message

> 1s5oab9le5bglcpqe...@4ax.com:
>
>> Now that you're sitting down, please fasten your seat belt and skim
>> through the Google Dashboard at:
>> <https://www.google.com/settings/dashboard>
>> I think you'll especially enjoy the "location history" and "Manage
>> Chrome Sync".
>
> This *seemed* like a good idea, but when I tried to log in from my
> laptop into my Android Google Play account, it wouldn't let me.
>
> I had the login and password correct, but Google insisted on gathering
> *more* data about me, before it would let me in anywhere!
>
> https://i.imgur.com/MNVHgFi.gif

This is just a two-factor-authentication to avoid that someone else uses
your account.

You can also setup the Google Authenticator on your phone (or a similar
App on a Smartwatch like Pebble) as the second factor - then you don't
need to provide a mobile number for the verification process.

> What's ridiculous is that this says "verify it's you", whereas I could
> give it *any* phone number, and it would verify it.

No - it wouldn't - because the number you enter there is the one of the
person who will be allowed to use the account. Google will send a
verification code to this number which you have to enter on the next
page during the login process.

For the first time this may look stupid as someone who has stolen your
account details may abuse this. But therefore it is even more important
to set this up - because the second time Google will not ask again but
just send you a verification code via SMS if needed. And this makes your
account more secure as before.

You can also use Apps like Authenticator or QuickAuth on Pebble
smartwatches as the second authentication factor and configure this in
your Google account, so you don't need to use a mobile number at all in
the future.

> So, it's not actually doing what they purport it to be doing.

Why?

[Arno Welzel]

Alice J. schrieb am 2016-01-31 um 00:24:

> Jeff Liebermann wrote in message

> 691qabt17mkv70rlt...@4ax.com:
>
>> However, your situation is probably a special case. Changing the
>> Google account name so many times on a single Android device probably
>> triggered some security alarms at Google. I would certainly call that
>> "unusual activity". I don't know what might happen, but Google is
>> probably interested in determining your identity and possibly
>> contacting you.
>
> I am very experienced in avoiding giving Google any phone number
> or ancillary email.
>
> It has been getting harder than ever in the past year.

Just don't use a standard Android device but something with CyanogenMod
or AOKP - then you don't have Google services at all. No Maps, no GMail,
no Play Store.

Or just don't log in to Google on the phone - this is not needed at all.

For apps you can use F-Droid as well (see <https://f-droid.org>).

> I use VPN and Google really hates when you come in from multiple
> IP addresses. I also change my user agent string a lot (it's
> random, to avoid fingerprinting).

No, Google does not "hate" you. It's just a security measure not to
allow a login from many multiple adresses without an additional
authentication factor beside a username and password.

> So, at this point, in the last few months, it has been almost impossible
> to start a Gmail account without giving them a phone number. Sigh.

Then don't do it. What's the problem with that? What kind of Google
service do you need that bad, that you still log in there and not just
stop using Google services at all?

[Arno Welzel]

Alice J. schrieb am 2016-01-30 um 16:25:

> Andy Burns wrote in message

> wbednQlfMPBDDjHL...@brightview.co.uk:
>
>>> Since I have "sync" turned off, and all my "location info" turned
>>> off, does Google *still* get my SSID
>>
>> Yes, from your neighbour's android devices, and from google's
>> streetcars, which both report visible SSIDs along with GPS location data.
>
> I was afraid of that.
> My stoooooopid neighbors threw me under the bus!
>
> What can we do in that case to get OUT of Google's system?

Taking Google to the court.

> 1. Add _nomap to the end of the SSID <== I didn't really wanna go there

If this works, why not? The SSID is just some technical detail. I
wouldn't bother naming my WiFi network "myname_nomap" if this helps
getting the network deleted from Googles database.

> 2. Change the SSID periodically
> 3. Change the MAC periodically

The location is still the same and the SSID or MAC address will not show
up somehwere esle. So Google may assume that in fact this is always the
same network just changing its SSID or MAC address.

> Seems to me, we should *all* work together, to make our router defaults:
>
> SSID = DEFAULT_nomap
> MAC = DE:AD:BE:EF:CA:FE
> Passphrase = as strong and as unique as we can make it
>
> Hypothetically, as a thought experiment, if we all did that above,
> would it work?

Even if it would - this will not happen as you can not teach and
persuade everybody in this world to do that.

[Arno Welzel]

Alice J. schrieb am 2016-01-31 um 06:31:

> Mike Yetto wrote in message
> slrn201601302321...@may.eternal-september.org:
>
>>> Except that your MAC gives you away.
>>
>> The BSSID is a unique label, not security, for the access point
>> of the network.
>
> Yes. You are correct.
> But my point was that the MAC *is* unique darnit.
> That's bad for privacy to have a unique number.

It's not very unique. Half of the address - the first 24 of 48 bits of
the MAC address - is the manufacturer identification (OUI) and the
remaining 24 bits are some serial number by the manufacturer. So it's
very likely that this address will exist more than once as many big
manufacturers produce more than 524288 network devices in total (which
is the maximum possible number of unique numbers using 24 bits).

And some addresses are reserved as well - as for example
ff-ff-ff-ff-ff-ff is the broadcast address and the addresses between
01-00-5e-00-00-00 and 01-00-5e-7f-ff-ff are reserved for multicast.

> Changing the SSID monthly is looking better and better.

And you really like to tell your devices the new SSID every month? I
have around 6 WiFi devices which I use here. It would just be awful if I
would have to reconfigure the network on all these devices every month.

I think it's easier just to use the "_nomap" extension for the SSID and
believe Google that they don't record these SSIDs. Otherwise take Google
to the court to forbid them the recording at all - good luck with that.

[Alice J.]

Arno Welzel wrote in message 56AE34B5...@arnowelzel.de:

> Then don't do it. What's the problem with that? What kind of Google
> service do you need that bad, that you still log in there and not just
> stop using Google services at all?

What's a good free permanent email service you suggest outside of
Google or Yahoo (too much spam) that you can get without having to
provide a phone number?

I can't find any.

[Alice J.]

Arno Welzel wrote in message 56AE32F5...@arnowelzel.de:

>> So, it's not actually doing what they purport it to be doing.
>
> Why?

I think you missed the point which was to set up a free
permanent mail account *without* having to give it a phone
number.

Google used to let you do that until only extremely recently
(months).

Who else let's you do that?

[Alice J.]

Whiskers wrote in message
slrnnas02j.p...@ID-107770.user.individual.net:

> No. Each device and each access point has to be uniquely and
> consistently identified so that you know which thing is talking to
> which. Your suggestion would have everyone blasting invalid passwords
> at everyone else and no-one getting connected. A good way to collect
> passwords, but not good for anything else.

Actually, it wouldn't work, but not for the reason you stated.
People make up MAC addresses all the time.
For example, I change mine daily on my laptop when I travel.
When I'm at a hotel, I always change it so that all devices use
the same connection (if the connection is limited to 1 device).

Cable subscriber 'clone' a MAC address all the time also.

So, changing the mac address is not causing "chaos" in the
world.

But, the problem is that you can't easily change the SSID's
MAC address, as Jeff explained. You can easily change the router's
WAN ethernet port MAC address, but that's the only one easily
changed on the router.

[Alice J.]

Mike Yetto wrote in message

slrn201601311024...@may.eternal-september.org:

> Don't you have to change all of the devices that would
> connect to this access point?

Yes. Privacy was never synonymous with convenient.

[Alice J.]

Char Jackson wrote in message fu7sabpv3ivf8ig68...@4ax.com:

>
> One way to change the MAC is to buy a dozen wireless routers and rotate a
> different one into service on a random basis, whenever you feel icky.

I love that idea!

It's novel, and it would work!

(It's expensive though... but you knew that!).

:)

[Alice J.]

Arno Welzel wrote in message 56AE397C...@arnowelzel.de:

> I think it's easier just to use the "_nomap" extension for the SSID and
> believe Google that they don't record these SSIDs.

Yes. Using _nomap is easier. I agree.
It's a no brainer, from the standpoint of privacy.

[Arno Welzel]

I have my own server and my own domains - so I can't really recommend
anything (and no, my services are not for free ;-)). But so far GMX also
worked quite well for me.

But wait - in <n8ik4e$7u0$1...@news.albasani.net> you mentioned that don't
use a permanent Google account but change it frequently - "Then, over
time, periodically I deleted them (once every few months).".

But when you want to use a pemanent email service at Google - isn't it
much easier to have just *one* Google account for everything? I do since
I also publish Apps and use the web developer tools to check if there is
any issue with my websites and it would be quite cumbersome if I would
have to login with a number of different Google accounts all the time.

And seriously: If you don't trust Google, then don't use their services.
Or do you encrypt all the e-mail you exchange with others?

[Alice J.]

Whiskers wrote in message
slrnnarvp7.p...@ID-107770.user.individual.net:

> You can't hide your presence when connecting to a WiFi access point.
> The best you can do is disguise yourself - eg give your network card a
> new MAC every time you use it, or only use a device once then discard
> it.

I always turn off my wifi card using the switch on the laptop.
Unfortunately, my script to change the mac *requires* the laptop wifi
card to be turned on (I don't really know why, but it does).

So, I have to turn on the laptop far away in the parking lot first,
and change the mac address, and then go into the hotspot.

Here's the changemac script that I pulled off of the linux newsgroup:
#!/bin/bash
#################################################
#
# Script: changemac.sh
# written by: Marek Novotny
# version: 0.4
# date: 2015-10-17
# notes: MAC Address Changing Kubuntu
# See also: http://wintelguy.com
# https://www.adminsub.net/mac-address-finder
#################################################
# use sudo if you're not root (add ifconfig to sudoers.d)
if [ $(id -u) != 0 ] ; then
priv="sudo"
else
priv=""
fi

# grab the NIC interface (e.g., devID=wlan0)
# WIP: Add a check if device ID is "tun0", don't change it
devID=$(ip route get 8.8.8.8 | awk 'NR==1 {print $5}')
# Get the device MAC address
MACaddr=$(ifconfig $devID | grep HWaddr | awk '{print $5}')
echo "old MAC: $MACaddr"

# Set up a list of organizationally unique identifiers OUI
# https://www.adminsub.net/mac-address-finder
OUIArray=(
00:01:2a # telematica sistems inteligente
00:02:b3 # intel corporation
00:03:47 # intel corporation
00:04:23 # intel corporation
00:04:3a # intelligent telecommunications, inc.
00:05:b5 # Broadcom Technologies
00:06:5b # dell computer corp.
00:07:e9 # intel corporation
00:08:1a # sanrad intelligence storage communications 2000 ltd.
00:08:74 # dell computer corp.
00:09:58 # intelnet s.a.
00:0a:f7 # Broadcom Corp.
00:0b:db # dell inc
00:0c:c7 # intelligent computer solutions inc.
00:0c:f1 # intel corporation
00:0d:56 # dell inc
00:0d:b6 # Broadcom Corporation
00:0e:0c # intel corporation
00:0e:35 # intel corp
00:0f:1f # dell inc
00:10:18 # BroadCOM CORPORATION
00:10:e6 # applied intelligent systems, inc.
00:11:11 # intel corporation
00:11:43 # dell inc
00:11:75 # intel corporation
00:11:76 # intellambda systems, inc.
00:12:3f # dell inc
00:12:f0 # intel
00:12:f0 # intel corporate
00:13:02 # intel corporate
00:13:20 # intel corporate
00:13:72 # dell inc
00:13:b1 # intelligent control systems asia pte ltd
00:13:ce # intel corporate
00:13:e8 # intel corporate
00:14:22 # dell inc
00:14:4d # intelligent systems
00:15:00 # intel corporate
00:15:17 # intel corporate
00:15:1f # multivision intelligent surveillance hong kong ltd
00:15:c5 # dell inc
00:16:6f # intel corporate
00:16:76 # intel corporate
00:16:ea # intel corporate
00:16:eb # intel corporate
00:16:f0 # dell
00:18:8b # dell inc
00:18:de # intel corporate
00:19:00 # intelliverese - dba voicecom
00:19:25 # intelicis corporation
00:19:b4 # intellio ltd
00:19:b9 # dell inc.
00:19:d1 # intel corporate
00:19:d2 # intel corporate
00:1a:3f # intelbras
00:1a:a0 # dell inc
00:1b:0a # intelligent distributed controls ltd
00:1b:21 # intel corporate
00:1b:77 # intel corporate
00:1b:b2 # intellect international nv
00:1b:e9 # Broadcom Corporation
00:1b:f9 # intellitect water ltd
00:1c:23 # dell inc
00:1c:bf # intel
00:1c:bf # intel corporate
00:1c:c0 # intel corporate
00:1d:09 # dell
00:1d:09 # dell inc
00:1d:40 # intel – ge care innovations llc
00:1d:e0 # intel corporate
00:1d:e1 # intel corporate
00:1e:4f # dell inc.
00:1e:64 # intel corporate
00:1e:65 # intel corporate
00:1e:67 # intel corporate
00:1e:c9 # dell inc
00:1f:0c # intelligent digital services gmbh
00:1f:3b # intel corporate
00:1f:3c # intel corporate
00:20:7b # intel corporation
00:21:5c # intel corporate
00:21:5d # intel corporate
00:21:6a # intel corporate
00:21:6b # intel corporate
00:21:70 # dell inc
00:21:9b # dell inc
00:22:19 # dell inc
00:22:46 # evoc intelligent technology co.,ltd.
00:22:e6 # intelligent data
00:22:fa # intel corporate
00:22:fb # intel corporate
00:23:14 # intel corporate
00:23:15 # intel corporate
00:23:ae # dell inc.
00:23:b2 # intelligent mechatronic systems inc
00:24:d6 # intel corporate
00:24:d7 # intel corporate
00:24:e8 # dell inc.
00:24:ea # iris-gmbh infrared & intelligent sensors
00:25:64 # dell inc.
00:25:bd # italdata ingegneria dell'idea s.p.a.
00:26:21 # intelicloud technology inc.
00:26:b9 # dell inc
00:26:c6 # intel corporate
00:26:c7 # intel corporate
00:26:fd # interactive intelligence
00:27:0e # intel corporate
00:27:10 # intel corporate
00:30:72 # intellibyte inc.
00:50:f1 # intel corporation
00:60:aa # intelligent devices inc. idi
00:6b:a0 # shenzhen universal intellisys pte ltd
00:80:53 # intellicom, inc.
00:90:27 # intel corporation
00:a0:c9 # intel corporation - hf1-06
00:aa:00 # intel corporation
00:aa:01 # intel corporation
00:aa:02 # intel corporation
00:b0:d0 # dell computer corp.
00:c0:4f # dell computer corporation
00:c2:c6 # intel corporate
00:d0:5d # intelliworxx, inc.
00:d0:b7 # intel corporation
00:db:df # intel corporate
04:9b:9c # eadingcore intelligent technology co., ltd.
08:11:96 # intel corporate
08:3f:76 # intellian technologies, inc.
08:d4:0c # intel corporate
0c:8b:fd # intel corporate
0c:d2:92 # intel corporate
10:02:b5 # intel corporate
10:0b:a9 # intel corporate
10:4a:7d # intel corporate
10:98:36 # dell inc.
14:18:77 # dell inc
14:1b:f0 # intellimedia systems ltd
14:fe:b5 # dell inc
18:03:73 # dell inc
18:06:75 # dilax intelcom gmbh
18:3d:a2 # intel corporate
18:5e:0f # intel corporate
18:a9:9b # dell inc
18:c0:86 # Broadcom Corporation
18:fb:7b # dell inc
18:ff:0f # intel corporate
1c:40:24 # dell inc
20:47:47 # dell inc.
24:6e:96 # dell inc.
24:77:03 # intel corporate
24:97:ed # techvision intelligent technology limited
24:b6:fd # dell inc
28:b2:bd # intel corporate
28:c8:25 # dellking industrial co., ltd
2c:6e:85 # intel corporate
30:3a:64 # intel corporate
34:02:86 # intel corporate
34:13:e8 # intel corporate
34:17:eb # dell inc
34:de:1a # intel corporate
34:e6:ad # intel corporate
34:e6:d7 # dell inc.
3c:a9:f4 # intel corporate
3c:fd:fe # intel corporate
40:25:c2 # intel corporate
44:1e:91 # arvida intelligent electronics technology co.,ltd.
44:85:00 # intel corporate
44:a8:42 # dell inc.
48:45:20 # intel corporate
48:51:b7 # intel corporate
4c:34:88 # intel corporate
4c:76:25 # dell inc.
4c:79:ba # intel corporate
4c:80:93 # intel corporate
4c:eb:42 # intel corporate
50:2d:a2 # intel corporate
50:45:f7 # liuhe intelligence technology ltd.
54:9f:35 # dell inc.
58:10:8c # intelbras
58:91:cf # intel corporate
58:94:6b # intel corporate
58:a8:39 # intel corporate
5c:26:0a # dell inc.
5c:51:4f # intel corporate
5c:c5:d4 # intel corporate
5c:d2:e4 # intel corporate
5c:e0:c5 # intel corporate
5c:f9:dd # dell inc
60:36:dd # intel corporate
60:46:16 # xiamen vann intelligent co., ltd
60:57:18 # intel corporate
60:67:20 # intel corporate
60:6c:66 # intel corporate
64:00:6a # dell inc.
64:55:63 # intelight inc.
64:80:99 # intel corporate
64:d4:da # intel corporate
68:05:ca # intel corporate
68:17:29 # intel corporate
68:3c:7d # magic intelligence technology limited
68:5d:43 # intel corporate
6c:29:95 # intel corporate
6c:88:14 # intel corporate
6c:a1:00 # intel corporate
70:93:83 # intelligent optical network high tech co.,ltd.
74:86:7a # dell inc
74:e5:0b # intel corporate
74:e6:e2 # dell inc.
78:0c:b8 # intel corporate
78:2b:cb # dell inc
78:3d:5b # telnet redes inteligentes s.a.
78:45:c4 # dell inc
78:92:9c # intel corporate
78:ff:57 # intel corporate
7c:5c:f8 # intel corporate
7c:7a:91 # intel corporate
7c:cc:b8 # intel corporate
7c:cf:cf # shanghai seari intelligent system co., ltd
80:00:0b # intel corporate
80:19:34 # intel corporate
80:86:f2 # intel corporate
80:9b:20 # intel corporate
80:a1:ab # intellisis
84:2b:2b # dell inc.
84:2b:bc # modelleisenbahn gmbh
84:3a:4b # intel corporate
84:73:03 # letv mobile and intelligent information technology beijing corporation ltd.
84:8f:69 # dell inc.
84:a6:c8 # intel corporate
88:53:2e # intel corporate
88:cb:a5 # suzhou torchstar intelligent technology co.,ltd
8c:70:5a # intel corporate
8c:a9:82 # intel corporate
90:2e:1c # intel corporate
90:49:fa # intel corporation
90:b1:1c # dell inc.
90:e2:ba # intel corporate
94:65:9c # intel corporate
94:f1:9e # huizhou maorong intelligent technology co.,ltd
98:4f:ee # intel corporate
98:90:96 # dell inc
9c:31:78 # foshan huadian intelligent communications teachnologies co.,ltd
9c:4e:36 # intel corporate
a0:36:9f # intel corporate
a0:6d:09 # intelcan technosystems inc.
a0:88:69 # intel corporate
a0:88:b4 # intel corporate
a0:98:ed # shandong intelligent optical communication development co., ltd.
a0:a8:cd # intel corporate
a4:02:b9 # intel corporate
a4:1f:72 # dell inc.
a4:34:d9 # intel corporate
a4:4e:31 # intel corporate
a4:ba:db # dell inc.
a4:c4:94 # intel corporate
a4:de:c9 # qlove mobile intelligence information technology w.h. co. ltd.
ac:72:89 # intel corporate
ac:7b:a1 # intel corporate
ac:fd:ce # intel corporate
b0:59:47 # shenzhen qihu intelligent technology company limited
b0:83:fe # dell inc
b4:6d:83 # intel corporate
b4:b6:76 # intel corporate
b8:03:05 # intel corporate
b8:08:cf # intel corporate
b8:2a:72 # dell inc
b8:8a:60 # intel corporate
b8:ac:6f # dell inc
b8:b8:1e # intel corporate
b8:bf:83 # intel corporate
b8:ca:3a # dell inc
bc:0f:64 # intel corporate
bc:30:5b # dell inc.
bc:77:37 # intel corporate
c0:8b:6f # si sistemas inteligentes eletrônicos ltda
c4:85:08 # intel corporate
c4:d9:87 # intel corporate
c8:1f:66 # dell inc
c8:34:8e # intel corporate
c8:f7:33 # intel corporate
cc:2a:80 # micro-biz intelligence solutions co.,ltd
cc:3d:82 # intel corporate
d0:43:1e # dell inc.
d0:67:e5 # dell inc
d0:7e:35 # intel corporate
d4:01:29 # Broadcom Corporation
d4:ae:52 # dell
d4:ae:52 # dell inc
d4:be:d9 # dell
d4:be:d9 # dell inc
d4:c9:ef # hp
d4:ec:86 # linkedhope intelligent technologies co., ltd
d8:9d:67 # hp
d8:9e:3f # apple
d8:a2:5e # apple
d8:fc:93 # intel corporate
dc:15:db # ge ruili intelligent technology
dc:53:60 # intel corporate
dc:a9:71 # intel corporate
e0:3e:44 # Broadcom Corporation
e0:61:b2 # hangzhou zeno intel technology co., ltd
e0:94:67 # intel corporate
e0:9d:31 # intel corporate
e0:db:55 # dell inc
e4:f8:9c # intel corporate
e4:fa:fd # intel corporate
e8:2a:ea # intel corporate
e8:b1:fc # intel corporate
ec:23:68 # intellivoice co.,ltd.
ec:f4:bb # dell inc
f0:1f:af # dell inc
f0:4d:a2 # dell inc.
f4:06:69 # intel corporate
f8:16:54 # intel corporate
f8:b1:56 # dell inc
f8:bc:12 # dell inc
f8:ca:b8 # dell inc.
f8:db:88 # dell inc
fc:8f:c4 # intelligent technology inc.
fc:f8:ae # intel corporate
)

# if [ $# -eq 0 ]
# then
# echo -n "Enter new MAC: "
# read $newMAC
# else
RANGE=$((${#OUIArray[@]} + 1))
i=$RANDOM
let "i %= $RANGE"
OUI=${OUIArray[$i]}

# generate a new NIC specific identifier
NIC=$(date | md5sum | sed 's/../&:/g' | cut -b 9-17)
newMAC="$OUI$NIC"
# fi

echo "new MAC: $newMAC"

# Offer to replace old mac addr with the new
echo "Do you wish to assign $newMAC to $devID?"
echo "Press 1 to assign $newMAC to $devID? (otherwise press 2)"
select yn in "Yes" "No" ; do
case $yn in
Yes )
$priv ifconfig $devID down
sleep 2 # allow interface to go down
$priv ifconfig $devID hw ether $newMAC
sleep 2 # allow time to assign MAC to interface
$priv ifconfig $devID up && $priv ifconfig $devID | grep HWaddr
break
;;
No )
exit 0
;;
esac
done

## END ##