Does anyone respect a Wi-Fi Access Point SSID with _optout_ or _nomap anymore?

5 views
Skip to first unread message

soyon

unread,
Nov 20, 2021, 3:25:32 PM11/20/21
to
Does anyone respect a Wi-Fi Access Point SSID with _optout_ or _nomap
anymore?

Mozilla apparently said they'd respect the SSID_optout designation.
"Mozilla's client applications do not collect information about WiFi access
points whose SSID is hidden or ends with the string _nomap."
https://location.services.mozilla.com/optout

What "client application" are they speaking about anyway?

Especially as it seems M$ long ago deprecated use of _optout in the SSID.
https://krebsonsecurity.com/2016/05/microsoft-disables-wi-fi-sense-on-windows-10/

Worse, nobody is respecting Google's _nomap appended to your Wi-Fi SSID!
https://blog.appcensus.io/2021/10/25/what-the-huq/

Because even when opted out, your location privacy is still not respected!
https://shirlleycoyle.wordpress.com/2021/10/25/location-data-firm-got-gps-data-from-apps-even-when-people-opted-out/

If you are broadcasting your SSID, can I ask you a question?
Do you use the _optout_ and/or the _nomap on your own router's SSID?

Marco Moock

unread,
Nov 21, 2021, 2:36:22 AM11/21/21
to
Am Sat, 20 Nov 2021 20:25:29 -0000 (UTC)
schrieb soyon <so...@soyon.biz>:

> If you are broadcasting your SSID, can I ask you a question?
> Do you use the _optout_ and/or the _nomap on your own router's SSID?
I don't use it and I won't, because I don't care about Mozilla's or
Google's brain farts anymore.
I don't use their services. If other devices see my SSID, they might
collect that, but anybody walking down the street can see the SSID and
create a map of the SSIDs via GPS.
I see no direct problem for me here.

Piet

unread,
Nov 21, 2021, 5:38:55 AM11/21/21
to
Marco Moock wrote:
> soyon wrote:
>> If you are broadcasting your SSID, can I ask you a question?
>> Do you use the _optout_ and/or the _nomap on your own router's SSID?
>
> I don't use it and I won't, because I don't care about Mozilla's or
> Google's brain farts anymore.

I don't use it and never used it. Nor do I see it in my neighbourhood
or in other placed. And Google has stopped collecting SSID data and
deleted what they had gathered. At least so they say. And this time
I'm inclined to believe it, because it violated Eu's privacy laws and
they would face another huge fine.

> I don't use their services. If other devices see my SSID, they might
> collect that, but anybody walking down the street can see the SSID and
> create a map of the SSIDs via GPS.

They can, but in a high-wifi-density neighbourhood it wouldn't be
trivial to link all SSID's to specific addresses.


> I see no direct problem for me here.

What goes for you doesn't neccessarily go for others too.

-p

Andy Burns

unread,
Nov 21, 2021, 5:51:08 AM11/21/21
to
soyon wrote:

> Does anyone respect a Wi-Fi Access Point SSID with _optout_ or _nomap
> anymore?

I expect google and microsoft still do, but it only takes one or two companies
to *not* respect it, and there are plenty of companies out there whose sole
purpose is to produce databases for wifi location.

> Mozilla apparently said they'd respect the SSID_optout designation.
> "Mozilla's client applications do not collect information about WiFi access
> points whose SSID is hidden or ends with the string _nomap."
> https://location.services.mozilla.com/optout
>
> What "client application" are they speaking about anyway?

That would be my biggest question, a web browser shouldn't see any details (MAC
addr, SSID etc) of the connection it is using, if they still had their
FirefoxOS then that might be involved, but as sfor "client apps" I can't think
that anything they provide should have access.

> Especially as it seems M$ long ago deprecated use of _optout in the SSID.
> https://krebsonsecurity.com/2016/05/microsoft-disables-wi-fi-sense-on-windows-10/

as soon as once company requires you to add "_optout" an another requires
"_nomap" then someone else might require "_dontmapmebro" the battle is lost due
to length of SSIDs

> Worse, nobody is respecting Google's _nomap appended to your Wi-Fi SSID!
> https://blog.appcensus.io/2021/10/25/what-the-huq/
>
> Because even when opted out, your location privacy is still not respected!

People (I suspect my self included) don't pay sufficient heed to what
permissions an app requests.
You mean not setting the "pretend you cant see this SSID" flag?

> can I ask you a question?
> Do you use the _optout_ and/or the _nomap on your own router's SSID?

No.

Jeff Liebermann

unread,
Nov 21, 2021, 1:25:25 PM11/21/21
to
On Sat, 20 Nov 2021 20:25:29 -0000 (UTC), soyon <so...@soyon.biz>
wrote:

>If you are broadcasting your SSID, can I ask you a question?
>Do you use the _optout_ and/or the _nomap on your own router's SSID?

My home router's SSID is my address. It makes finding sources of
interference much easier. Even without broadcasting my SSID, sniffing
the traffic can identify my wireless router by MAC address. I don't
care of Google finds my house by my router location. For my
customers, I ask for their preference and explain the privacy issues.
It usually ends up being their last name so that visitors can easily
find the correct SSID to use.

I used to be a computer consultant and would occasionally run into
_nomap appended SSID's. I've never seen _optout. Maybe 5 routers out
of several hundred. I just greped some 2 year old sniffer logs, which
contain about 5,000 unique SSID's, and found 15 _nomap and 0 _optout
entries. Only one of my customers has ever asked to have _nomap
added. He read some article on security which recommended it. I
talked him out of it.

NOMAP is slang of a pedophile. In the three situations where the
router SSID ended in _NOMAP, one of my tasks was to change it so
something less offensive.
<https://en.wiktionary.org/wiki/NOMAP>
Whether this has anything to do with it not being used is unknown.

Owners of home routers usually do not have a problem with an SSID
ending in _optout or _nomap. However, house guests and visitors seem
to have some difficulty dealing with the concept and would invariably
ask why it's there. I've received a few questions asking if it could
be safely removed. For a time, there was at least one local
consultant or installer who was appending _nomap to his customers
routers. That was just after the feature was announced by Google in
about 2011. I saw such SSID's quite frequently. Then, about 4 years
later, they slowly started to disappear. I could drive around town
today, and probably would not find any. My guess(tm) is the reason
they disappeared is the installer that was doing that went away or the
routers were replaced.

"Control access point inclusion in Google's Location services"
<https://support.google.com/maps/answer/1725632>

A friend is very much into the privacy, anonymous, hidden, etc thing.
Over the years, it's been rather entertaining to watch all the privacy
hacks and "solutions" he has tried. My favorite was a program he
wrote that would change is SSID and MAC address every few minutes. A
scan of available AP's resulted in hundreds of fake SSID's and took
several minutes to connect, even if the correct SSID/pass-phrase
combination had been saved. Security by obscurity perhaps. It lasted
a few days.


--
Jeff Liebermann je...@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272
Skype: JeffLiebermann AE6KS 831-336-2558

Piet

unread,
Nov 21, 2021, 2:36:18 PM11/21/21
to
Jeff Liebermann wrote:
> I used to be a computer consultant and would occasionally run into
> _nomap appended SSID's. I've never seen _optout. Maybe 5 routers out
> of several hundred. I just greped some 2 year old sniffer logs, which
> contain about 5,000 unique SSID's, and found 15 _nomap and 0 _optout
> entries. Only one of my customers has ever asked to have _nomap
> added. He read some article on security which recommended it. I
> talked him out of it.
>
> NOMAP is slang of a pedophile. In the three situations where the
> router SSID ended in _NOMAP, one of my tasks was to change it so
> something less offensive.
> <https://en.wiktionary.org/wiki/NOMAP>
> Whether this has anything to do with it not being used is unknown.

Much or most slang is limited to a limited number of countries.
And lots of words that are innocent in a language can be dirty
or offending in other countries. I doubt if many people in the
US or UK would take offfense to "nomap" in an SSID.

> Owners of home routers usually do not have a problem with an SSID
> ending in _optout or _nomap.

Why would they care about any "extension" in an SSID?

> However, house guests and visitors seem to have some difficulty
> dealing with the concept and would invariably ask why it's there.

Really?

-p

Jeff Liebermann

unread,
Nov 21, 2021, 3:56:47 PM11/21/21
to
On Sun, 21 Nov 2021 20:36:15 +0100, Piet
<www.godfatherof.nl/@opt-in.invalid> wrote:

>Jeff Liebermann wrote:
>> I used to be a computer consultant and would occasionally run into
>> _nomap appended SSID's. I've never seen _optout. Maybe 5 routers out
>> of several hundred. I just greped some 2 year old sniffer logs, which
>> contain about 5,000 unique SSID's, and found 15 _nomap and 0 _optout
>> entries. Only one of my customers has ever asked to have _nomap
>> added. He read some article on security which recommended it. I
>> talked him out of it.
>>
>> NOMAP is slang of a pedophile. In the three situations where the
>> router SSID ended in _NOMAP, one of my tasks was to change it so
>> something less offensive.
>> <https://en.wiktionary.org/wiki/NOMAP>
>> Whether this has anything to do with it not being used is unknown.

>Much or most slang is limited to a limited number of countries.
>And lots of words that are innocent in a language can be dirty
>or offending in other countries. I doubt if many people in the
>US or UK would take offfense to "nomap" in an SSID.

I agree as most people have never heard the term or used it. However,
I did manage to find 3 local users, who knew the term, considered it
offensive because it might be construed as an advertisement, and
didn't know how to deal with a change in SSID. There may have been
some association with Megan's Law but I don't recall the details:
<https://www.meganslaw.ca.gov>

>> Owners of home routers usually do not have a problem with an SSID
>> ending in _optout or _nomap.
>
>Why would they care about any "extension" in an SSID?

Difficult to type, looks strange, not sure about the meaning, etc.
Anything online that looks odd these days is usually considered to be
a potential security problem until it is explained. Paranoia of
sorts. However, that was not the real problem. We have quite a few
B&B (bed and breakfast) rentals in the area. Usually, it's a giant
weekend party or these days, a super-spreader meeting. If only one
attendee asked about the odd looking wi-fi SSID, it probably would not
be considered a problem. However, when the host or owner of the B&B
gets a multitude of near simultaneous requests for an explanation,
it's a problem.

>> However, house guests and visitors seem to have some difficulty
>> dealing with the concept and would invariably ask why it's there.
>
>Really?

Yes. Really. I hate to break the bad news to you, but there are
people out there that really don't need or want to know all the
details of how wi-fi and the internet operate. In this case it's
something simpler. They didn't want to do anything wrong that might
break something and thought it best to ask about the SSID. It's much
like asking before attempting to operate a Japanese toilet:
<https://www.google.com/search?q=japanese+toilet&tbm=isch>
The function is obvious, but the operating details can be tricky.
Better to ask than to flood the house or worse.

Marco Moock

unread,
Nov 22, 2021, 11:20:23 AM11/22/21
to
Am Sun, 21 Nov 2021 20:36:15 +0100
schrieb Piet <www.godfatherof.nl/@opt-in.invalid>:

> Why would they care about any "extension" in an SSID?
It is unusual any they don't know the meaning.

soyon

unread,
Nov 22, 2021, 2:07:39 PM11/22/21
to
On Mon, 22 Nov 2021 17:20:20 +0100, Marco Moock wrote:
>> Why would they care about any "extension" in an SSID?
> It is unusual any they don't know the meaning.

If they claim to know anything whatsoever about SSIDs then
(1) Every company (and person) knows the meaning of _optout & _nomap
(2) Every company (and person) also knows the meaning of hidden broadcasts
(3) The disreputable ones simply ignore the meaning of one, two, or three

Piet

unread,
Nov 22, 2021, 3:51:13 PM11/22/21
to
soyon wrote:
> Marco Moock wrote:
>>> Why would they care about any "extension" in an SSID?
>> It is unusual any they don't know the meaning.
>
> If they claim to know anything whatsoever about SSIDs then
> (1) Every company (and person) knows the meaning of _optout & _nomap

Wrong.

> (2) Every company (and person) also knows the meaning of hidden broadcasts

Wrong.

> (3) The disreputable ones simply ignore the meaning of one, two, or three

Wrong.

-p

soyon

unread,
Nov 22, 2021, 5:24:55 PM11/22/21
to
On Mon, 22 Nov 2021 21:51:09 +0100, Piet wrote:

> Wrong.

There isn't a person or company who knows even the slightest bit about about
Wi-Fi access point privacy that doesn't know what the meaning is of _optout
& _nomap & hidden broadcasts.

If they don't know the meaning, they're simply clueless.
They can't be helped.

The problem isn't that they don't know the meaning.
The problem is they don't respect the meaning.

Piet

unread,
Nov 27, 2021, 6:03:19 AM11/27/21
to
soyon wrote:
> There isn't a person or company who knows even the slightest
> bit about about Wi-Fi access point privacy that doesn't know
> what the meaning is of _optout & _nomap & hidden broadcasts.

Your fantasy has gotten hold of you.

> If they don't know the meaning, they're simply clueless.

Doesn't change anything to reality.

> The problem isn't that they don't know the meaning.
> The problem is they don't respect the meaning.

Your fantasy has gotten hold of you.

-p


Johann Beretta

unread,
Dec 9, 2021, 3:59:19 AM12/9/21
to
On 11/22/21 2:24 PM, soyon wrote:
> On Mon, 22 Nov 2021 21:51:09 +0100, Piet wrote:
>
>> Wrong.
>
> There isn't a person or company who knows even the slightest bit about about
> Wi-Fi access point privacy that doesn't know what the meaning is of _optout
> & _nomap & hidden broadcasts.

Bullshit. I own a Wireless ISP and I had no idea those strings conveyed
anything. My towers are registered with the FCC so I had no need to do a
google search on "How do I get google to not map my location". What
would have been the fucking point? The feds know exactly where my
towers are to a resolution of about 6 inches.

Quit declaring you're omnipotent. You clearly aren't. You don't have
the slightest fucking clue what anybody else knows or does not know.
Arrogant prick.





Reply all
Reply to author
Forward
0 new messages