On 09/09/13 22:58, Chris Peterson wrote: > Google's Location Service prevents people from tracking individual > access points by requiring requests to include at least 2-3 access > points that Google knows are near each other. This "proves" the > requester is near the access points.
Related question: it would be great if there were some way to lift this restriction, at least for the web service if not for the database, while preserving the necessary privacy protections. My family's house, which is in a rural area, has a single access point; I want my phone to know where it is immediately when I'm there. Not everywhere has lots of access points. One thought I had was to allow submission of the MMC/MNC (mobile network IDs) as proof that you were nearby. > Unlike Google's Location Service, our server does not store MAC > addresses or SSIDs. We identify access points by hash IDs, specifically > SHA1(MAC+SSID). To query the location of an access point in the > database, you must know both its MAC address and current SSID. I think that this is an excellent idea, for the reasons you articulate later in the thread. Gerv _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
