
Append "_nomap" to your AP's SSID to opt out of Google Location Services (2011) - WD-42
http://googleblog.blogspot.com/2011/11/greater-choice-for-wireless-access.html
======
Hopka
This post is already a few years old:

    
    
      Posted: Monday, November 14, 2011

~~~
r0h1n
That's a great catch and something all of us (in our default anti-Google mode)
missed. Feel silly now.

------
r0h1n
Once upon a time the default privacy model used to be "opt-in". Which then
became "opt-out" thanks in large parts to Google. Of course it helped that
very few "lay people" take active steps to opt-out.

It appears "rename and opt-out" is the latest model. I'm guessing even fewer
lay users will take this step.

Technically this allows Google to claim it gives people an easy way to opt
out, but in practice nothing much is likely to change as those who were
worried about privacy were probably not broadcasting their SSID publicly to
begin with.

~~~
qKyuu
Also once upon a time people knew what they were talking about before
launching into a nonsensical speech filled with privacy cliches.

They are mapping public WiFi APs, public data, it's well within their right
and that of other to do so. Offering an opt-out is just going over and beyond
to appease the stubbornly misinformed.

~~~
droopybuns
Why are you slandering anyone who thinks google is a shitty company and
doesn't want them profiting on their data?

~~~
qKyuu
What does that have to do with the correctness of the statements?

And since when is publicly broadcast SSIDs are anyone's private data?

It's very unfortunate that zealots and hateful people are increasingly finding
a home on HN.

~~~
rsanders
How is a signal generated by something owned by me, located inside my private
residence, intended for use inside my house by my family and guests only,
considered "publicly broadcast"? Are cordless phone transmissions publicly
broadcast? Baby monitors? Burglar alarms? Home automation devices? Bluetooth
headsets?

~~~
dragonwriter
> intended for use inside my house by my family and guests only

"Intended" is a description of your subjective mental state, not an objective
quality of the broadcast.

> Are cordless phone transmissions publicly broadcast? Baby monitors? Burglar
> alarms? Home automation devices? Bluetooth headsets?

If they aren't encrypted, yes.

------
ZoF
Ehh... It's pretty fucking ridiculous that I should have to change my networks
SSID in order to NOT be mapped.

What if I had some established nomenclature. My old SSID was Nikola with a
password some variant of Tesla... Nikola_nomap just doesn't have the same
spark.

~~~
sneak
Stop broadcasting a unique identifier unencrypted on a public unliscensed band
into the middle of your street, then.

Google is doing nothing wrong here.

~~~
droopybuns
No, they are. Sorry. The population of wifi users that overlaps with HAMs is
pretty minimal. This shit is fucking evil.

------
lwh
How about you only opt-in people who add "_map" to their SSID?

~~~
joekrill
Because that would make their service completely useless, because not enough
people would opt-in. I think ideally they should have some easier way to opt-
out -- maybe submit your SSID/BSSID for removal directly to Google.

~~~
dsr_
Yes, I shall submit "linksys".

------
eli
Is there something that makes this newly relevant? To be honest, I don't
really understand the objection to mapping SSIDs.

------
ryanmcdonough
Why should I have to ruin my naming standard for them? Personally I don't mind
them mapping my SSID.

~~~
watty
Why do you have to ruin anything? You aren't forced to use a technology that
broadcasts your identification to everyone. If you do choose to use Wifi you
can choose a name that Google won't track. Since the technology does broadcast
it publically anyone else and every other company CAN track it.

------
emeidi
Shouldn't it be the other way around? Opt-in instead of Opt-out: Append "_map"
to your AP's SSID! Idiots.

~~~
dragonwriter
Arguably, broadcasting an ID _is_ opting in to people recording that they
received the broadcast and where that occurred.

------
simias
Heh, after "Do Not Track" we now have "Do Not Map".

This hack does not resolve the ethical conundrum of indexing a huge amount of
publicly available data for private use. We already have technical solutions
if we want to make hidden access point, not having to rely on the good faith
of an outsider.

What's next, if I don't want google street view to photograph my house I paint
"Do Not Photograph" on the wall?

I don't even understand why google took steps to implement that. It means that
they acknowledge there's a potential privacy issue but at the same time offer
a solution they must know won't satisfy anybody who's concerned about this
issue.

------
LukeB_UK
Everyone who's saying it should be opt-in need to realise that the majority of
people won't care that people can collect this publicly available data. I
don't care either. It helps people navigate more accurately. If you really
care, you wouldn't be broadcasting your SSID.

e: spelling

------
chimeracoder
I really dislike the new standard of making location tracking opt-out, not
opt-in.

There's a startup that tracks the location of customers across stores using
the MAC addresses of their cell phones, without their knowledge. In order to
opt-out, you have to register your MAC address with them:
[http://nomi.com/privacy/](http://nomi.com/privacy/)

The key to both Nomi and (to a lesser extent) Google is that users _don 't
even know_ when they are being tracked. Opt-out only makes sense when there is
a reasonable expectation that the user knows that the tracking exists.

------
nly
Anyone know a way to query the API for your BSSID and see if you're in their
database, or do they just respond to queries with a location rather than per-
network confirmations?

~~~
SEJeff
How to do the queries yourself:
[https://developers.google.com/maps/documentation/business/ge...](https://developers.google.com/maps/documentation/business/geolocation/#wifi_access_point_object)

How to look for access points near you (view this from a mobile):
[http://test-geolocation.appspot.com/](http://test-geolocation.appspot.com/)

Or just use curl! Put in a mac address to query for:

curl -d
'{version:"1.1.0",request_address:true,wifi_towers:[{mac_address:"00:00:00:00:00:00"}]}'
www.google.com/loc/json

~~~
WD-42
You need a Geolocaiton for Business API key which requires a credit card as
far as I can tell.

------
billpg
No. If there's someone on the street outside my home whose lost and can't get
a GPS signal, I want them to stay lost!

Even though I'm happy with my AP broadcasting it's identity in the clear, the
idea that anyone else might find that useful is just wrong and infringes on my
privacy or something.

Screw those guys!

------
jacob019
That's rediculous and ugly. How about a website where we can submit our BSSID
to a blacklist.

------
oakwhiz
I'm pretty sure that SSIDs have a maximum length of 32 characters. If your
SSID is already 32 characters long, then you can't append "_nomap" to the end
of your SSID, since that would be too long.

------
bananas
How about simply "fuck off Google". We shouldn't have to do that and then
reconfigure our piles of client devices.

Also isn't it about as useful as the do not track header? What about other
vendors mapping it and data sense etc?

I moan on behalf of others as my network is ethernet due to things like this.

~~~
aviraldg
Did you even read what this does? It's used to aid geopositioning. No data
from the network is logged, other than its SSID/MAC address and its
approximate location.

~~~
bananas
Yes I understand it entirely.

There are enough AP's around me for Apple Maps to know if I'm in bed or having
a poo. You can see the marker move.

More services like this are bad.

They already know who I am.

What could possibly go wrong?

Edit: when I say more services are bad like this I mean we should be opt-in
for both collection and usage rather than opt out.

~~~
oconnore
That problem is entirely due to you choosing to run Google/Apple software on a
network attached computer that you carry with you everywhere (even,
apparently, to poo).

Mapping the source of radio signals is common and expected. Your Wifi router
is basically a big bright lightbulb that flashes with a unique pattern, and
can be seen through walls. You can't legitimately ask the rest of the world
not to notice it, the same way you can't request that no one use your porch
light as a landmark.

~~~
droopybuns
No. It shouldn't be expected that a $410b market cap company is out mapping
this data and selling it to advertisers. Just because you can, doesn't mean
you should. Not a trustworthy company.

------
jr203fj2fuf
Would it be possible to randomize the (non-vendor part of) the AP's MAC
address periodically to defeat this? Perhaps getting AP manufacturers to add
this as a feature would be difficult, though.

~~~
SEJeff
That would be semi-trivial seeing as how changing your mac is easy with Linux
and many of the access points run Linux. The hard part would be reconnecting
all of the clients each time you change the mac address.

------
oftenwrong
Do they map wireless networks that do not broadcast an SSID?

~~~
daenney
No.

~~~
scott_karana
Why _wouldn 't_ they, and how could we verify that they don't?

(I suspect they don't, but again, who knows?)

------
stox
If you play your stereo loud enough to be heard on the next block, appending
_nomap to it will not stop the police from coming to visit you.

------
HorizonXP
I keep my SSID hidden. Not sure if that "blocks" Google from using it or not.

------
silveira
What about _mapmeplease to opt in.

