My money is on a wifi SSID that matches the one used by thieves or a heavily-trafficked location the victims all pass through.
My company moved ~5 blocks and it really screwed up the map on my phone (which I use to get around the city) for several months. My company had left the network SSID the same in the old location, so that no one had to re-configure their wifi. Even with GPS on, my phone was always convinced it was in the old location up the block, and this would persist even when I was out on the street, until I walked around a bit.
There are companies (presumably Skyhook is one of them) who drive around mapping SSIDs to physical locations. The problem is that SSIDs can move or be duplicated elsewhere.
The article says of one of the couple "at one point he reset their router, and changed the frequency at which it broadcasts; it didn’t solve the problem." It does not say if he changed the SSID.
Theoretically, location is often determined using not just one but several nearby SSIDs, a sort of triangulation. Another possibility here is that there are multiple nearby SSIDs around this home that match the SSIDs surrounding some other area tied to the victims.
It seems much more likely that there is some bogus location data set somewhere that improperly links SIDS and GPS coordinates or filters fail and result some index into a GPS table that happens to correspond to this couple's home.
If I were these two people, I'd contact the local police department every single time anyone shows up at their house and require that the PD fill out a report of some kind and keep it in a single case/incident/folder. Then put a sign on the door that says:
> Before knocking contact the police department at ###-###-#### and ask about incident #XYZ. The get off our property.
It's bullshit that police are coming to the door and dragging them outside while trying to determine if a search warrant is in order.
What rights are you referring to? The police seem to have done everything correctly. These were individuals who were being detained pursuant to an investigation of an ongoing crime. The police did not search the inside of the house without a warrant - though, it's unclear why not - if they had strong belief that there was a crime in progress, they had every legal right to do so.
I guess the only thing in question is whether "missing child" was precise enough to be upgraded to "crime" in this jurisdiction. I think that, given the evidence, the police did everything correctly; being detained pursuant to an investigation isn't a great inconvenience (though, some accommodation should be made to allow people to use washroom facilities if investigation is extensive - just obviously not in the house under investigation.)
The findmyfriends feature on my iPhone has been 100% accurate in identifying where my friends are. If I had a child who went missing, and findmyfriends showed that they were in a house, I would absolutely hope that the police would go to the house and rescue my child.
I would also hope that the police would have enough sense to prevent any occupants from the house from going into the house and potentially destroying/hiding any evidence, and/or, powering down the iPhone.
As it was, I think the police showed restraint by not going into the house until they had a warrant.
The findmyfriends feature on my iPhone has been 100% accurate in identifying where my friends are
My wife and I use Find My Friends quite often to keep track of our children. I've used it for years, so I'm quite familiar with it. Our experience is quite the opposite of "100% accurate".
In my opinion Find My Friends does not meet the standard of probable cause as defined by that Wikipedia article. I'd characterize its behavior be somewhere in between "reasonable suspicion" and "probable cause". I've seen the location be wrong and stay wrong for 1/2 hour or more. And I don't mean it can't find a location, I mean that it is repeatedly reporting the wrong location ("now") for an extended period of time.
Oh, and BTW following that Wiki link for "reasonable suspicion" says that it is sufficient for obtaining a warrant. IMO Find My Friends does meet that standard, at least as I understand it by a quick reading of Wiki.
Why do parents track their children? Kids are tougher than parents credit them for. It's unfortunate that new technology will let parents hover forever.
Luckily, they're resourceful. I wonder if it's possible to hack the app to send false location data? There are ways to jailbreak a phone that make it appear unjailbroken (e.g. to put a keylogger on it). Maybe this technique could be used to acquire freedom, by MITMing whatever findmyfriends is sending to their servers and modifying it in transit. The phone's location is probably a JSON field in the request. TLS provides no protection against an attacker with sudo privileges on the same box, so it seems possible.
Wanting to sneak out to see someone at 1 AM is a pretty powerful force, so this would be an amusingly effective way to get teens interested in hacking.
> - it's not unknown for kids to have relatively poor reasoning and decision-making skills
Agreed. And one way to get better at decision making (if you're a kid) is having the opportunity to try and fail at it. So this isn't a good reason to track your kids after all, IMHO.
Why do parents track their children? Kids are tougher than parents credit them for. It's unfortunate that new technology will let parents hover forever.
That's me. I "stalk" my children. Here's the long story of why.
I live in a relatively safe area, the suburbs of Portland Oregon. There's a fair amount of petty property crime, which tends to be tolerated if not quite condoned.
Fortunately the region has generally investigated violent crimes quite aggressively, and the violent crime rate is relatively low compared to many parts of the country.
But that doesn't mean there aren't bad guys, violent sociopaths who live in the area. People like that live everywhere. E.g. here's something horrible that happened just a few miles away to two girls, one age 12 the other age 13: https://en.wikipedia.org/wiki/Ward_Weaver_III#Murders_of_Ash...
My girls were just about that age when they got iPhones. So, I try to keep an eye on them. There's a slight chance they'll run into some serious danger and I might be able to help.
But, more realistically, it helps kids stay out of trouble, because they know there's an increased probability that they will get caught. It's not perfect. E.g. my older daughter was only supposed to drive my car from home to high school and back. But she chose to drive off campus at lunch. And, since she was a very inexperienced driver, she got into a car accident. So, even when she knew that dad might be stalking her, she chose to be a free spirit. That's just how some kids are.
Certainly some kids will be resourceful enough to hack their phones. More power to them! But there are simpler ways. My older one simply turns off location services and then blames it on "Low Power Mode".
But, more realistically, it helps kids stay out of trouble, because they know there's an increased probability that they will get caught.
If my father knew I'd stolen his car to go see a girlfriend at 1 AM on a school day, he would have completely flipped out.
He'd have stopped me. And in doing so, would have deprived me of one of the best nights of my life.
I won't question your parenting methods. No one should, unless they have children.
But what you've described sounds like a meager existence. I hope your children can escape their taskmaster.
More likely, they'll grow up shaped into whatever form you decided suits them. Hopefully you're a tasteful architect.
Just know that this kind of thing can have long-term trauma effects. I wish I could paste the conversation from a physicist friend. I asked her how she's been, and she said completely miserable. "What?" "Well... Don't worry, I'm less miserable now than I was before."
This was alarming. She's nearing the end of grad school, and by all accounts is a successful physicist at the start of her career. She's worked very hard for four years to get there. Miserable? Isn't this what she's worked so hard to attain?
Turns out, she's never wanted to be a physicist. Her father coerced her into thinking she wanted to be. And now he's still pushing her to go into academia by pressuring her to get a PhD. She says that getting a real job is all she's dreamed about for years.
She's one of the smartest people I know. She's a brilliant mathematician, far better than I could ever hope to be. How could someone so smart end up with such a miserable life?
Because her parents decided that would be best, of course. I'm sure they meant well.
As you chip away with hammer and chisel, try to use a light touch. Therapists can't always reverse the damage.
> But what you've described sounds like a meager existence. I hope your children can escape their taskmaster... More likely, they'll grow up shaped into whatever form you decided suits them... Therapists can't always reverse the damage.
It had a profoundly bad outcome for me, but maybe that's a one-off. It's arguable whether it had a bad outcome for my physicist friend. After all, she is a successful physicist.
This was intended to highlight some things that may not be immediately obvious. Life is counterintuitive.
It is very easy to do terrible things by accident. Morals are subjective. Is it morally wrong to declaw a cat? Some are horrified and compare it to clipping off a finger. Others think it's good for the cat and perfectly normal.
If I sat here and said "What you're doing is wrong; stop this," what good would it do? Absolutely nothing.
Sharing data is a little different. No one has perfect information. They have to choose to do something, and I respect that. Highlighting unintended consequences of a decision isn't quite the same as judging it.
Wait... you are saying you are willing to have a 49% chance that the police hold you in custody and search your house when you are totally innocent?!? Think about that.... there are LOTS of stolen phones and tablets, and if the police end up searching the wrong house nearly HALF the time that would be hundreds of innocent people. Fuck that I am SO not willing to live in a society where that happens.
It was a missing girl, not a random stolen phone. Yes I'd absolutely be willing to risk inconveniencing one person to save a kidnapped girl.
The 50% number was made up anyway, it's likely higher than that. GPS especially is pretty accurate, and these tracking systems probably use it when available.
For a single stolen phone, probably not. Though you can still go to their house and then call the phone right as they answer the door. If you hear ringing then that's probable cause.
What are you talking about? The standards should definitely be lower for missing children. Finding your missing phone is a lot less important than finding a kidnapped girl. Are you really saying the police shouldn't have been allowed to do that search?
I'm saying that the same indicator ("location service claims this is the spot") should have the same result (probable cause?).
If crime1 w/ probable cause means you enter the building and crime2 w/ probable cause means you enter the building then there's no reason to bring up tiny girls or puppies.
Your argument works equally well against you. Most people agree the search is justified if it's a missing girl, therefore it should also be justified for any trivial crime as well.
But obviously there is a difference between trivial crimes and kidnappings. Inconveniencing a few people to save a life is acceptable. The expected utility is positive. It likely is not for more trivial crimes.
That it not how statistics work. Assume it is correct 90% of the time. There are 700 million iPhones worldwide. Assume 1% of them use the app, that is 7 million friends found, and 700k incorrect locations.
And only 1% of those users will have their phones stolen, and only 0.01% of those users will be suspected kidnapping victims. So only a handful of people would actually be actually be inconvenienced by such a policy.
The way this would work out in a proper world, is that the search would take place, they'd realize it was fruitless and that the location information provided was incorrect and then the phone manufacturer and the cell phone company would each cut a check for $1,000,000 to the person who was false accused. And this would happen each and every single time a person's civil rights were violated because some product developer did a shitty job. A 1% failure rate is pretty low quality.
You aren't owed a million dollars because your house was falsely searched. That's absurd. The police have a right to do searches if there is decent evidence or suspicion of a crime, and 99% is way more than enough for probable cause. A 1% failure rate is actually incredibly good and means it will be very very rare for innocent people to get searched at all.
"And sometimes, it’s not just a phone that’s missing, but a person. In June, the police came looking for a teenage girl whose parents reported her missing. The police made Lee and Saba sit outside for more than an hour while the police decided whether they should get a warrant to search the house for the girl’s phone, and presumably, the girl. "
"Probable cause" isn't even enough - all that does is let police go get a warrant.
To enter a house without needing a warrant (without the resident's permission), the situation needs to be much more compelling than just probable cause. For example, if police are in the middle of pursuing someone and they see that person flee into a house, then they can enter it immediately. See https://en.wikipedia.org/wiki/Exigent_circumstance
I too was thinking that a big laminated sign on their door or front porch that says "WE DO NOT HAVE YOUR PHONE", followed with a paper describing that their location is commonly given out when more accurate location is not available. Now that they've had some press, a pamphlet box (like realtors use) containing printouts of some articles would deter most people.
It might make some people more suspicious ('maybe this is how they cover it up'), but should send most people on your way. Your idea of having a police report on file and contacting the local police department is even better.
> If I were these two people, I'd contact the local police department every single time anyone shows up at their house and require that the PD fill out a report of some kind and keep it in a single case/incident/folder.
While I would want to do that, too, that's not how police departments work in Atlanta (or pretty much any urban area of the USA).
Well, BSSID, not the easily-changed ESSID (as commented below.)
Presumably some manufacturer of ultra-cheap wifi gear isn't properly setting a unique BSSID range into the units they make, and some stolen-phone operation has the same BSSID as these folks do.
You maybe getting the point there. This incident sounds a lot like an inaccurate Wifi locating result.
Or someone in a large stolen-phone operation has been using a randomly picked MAC address to confuse the Find-My-Phone softwares. That's a lot easier to do.
I bet someone at Google or Skyhook could look into the Mac address to see if there are any abnormalities for that particular one.
I really hope Sherlock Holmes will be there to resolve the mystery.
I took my router with me when i moved back home from university (and i changed the SSID first thing). For about a year my iPad would think it was still at university, and sometimes when i used it to chat with friends on Facebook they would reply "Oh, you're back in town?? Come visit!".
An amusing example of this sort of problem shows up sometimes on airplanes with onboard WiFi. If the phone doesn't get a GPS lock right away (common when you're in a metal tube) then it may show the position based on the mapped location for the hotspot MAC address, which is often at a completely different airport.
Obviously, Skyhook isn't driving around mapping airliners, but I think these days they have the mobile devices themselves do the mapping, by phoning home with the WiFi hotspots it sees while out and about.
> I think these days they have the mobile devices themselves do the mapping, by phoning home with the WiFi hotspots it sees while out and about.
That thought is correct. Google has been doing this for years, popping up an agree-to-continue like screen on Android phones on which everyone clicks "sure, I just want to use GPS now" and then uploads every place they ever go to Google. Mozilla is working on their own version of this to create a variant of a more open nature: https://location.services.mozilla.com
And it’s horrible when no one activates it, and you’re the first to do so – every minute your phone will activate WiFi, scan, activate GPS, get a lock, and upload the data.
Battery is empty in a few hours.
But, after doing so for a few days in a row, your battery consumption goes down again, probably because it has mapped enough for now.
Is it private when you're screaming it on the street corner for everyone to hear? If we're talking about vocal utterances, the law says "no".
It's... disappointing that the addition of a computer to a activity makes people lose sight of the similarities between that activity and very similar ones that have long-settled legal treatment.
Edit: To drive the point home: There are many jurisdictions that require you to affix your street number to the exterior of the building in which you live using numerals that are sufficiently large to be read clearly from across the street. Noone would honestly make the claim that the data provided by those numerals is in any way private information, and that broadcasting your street number to everyone who was walking or driving by is in any way a breach of privacy. :)
> Is it private when you're screaming it on the street corner for everyone to hear?
Yes, it is, if the screaming is between you and another person and not addressed at the public.
> If we're talking about vocal utterances, the law says "no"
Actually the law says "yes". At least in all the countries in which secrecy of telecommunications laws are in place. The general outline has been laid out by the ITU and the paraphrased rule is, that it is strictly forbidden to listen to communications to which one is not the intended communications partner and the signal is not addressed at the public. It's debateable if a SSID beacon is a public broadcast or not. But at least from most user's point of view their intention is not broadcasting to the general public if they set up an encrypted 802.11 access point.
> Yes, it is, if the screaming is between you and another person and not addressed at the public.
CPC 632 disagrees with you. California is a two-party consent state when it comes to recording of conversations, but it does not require consent of both of the communicating parties if "...the parties to the communication may reasonably expect that the communication may be overheard or recorded." [0]
I expect that you'd be hard-pressed to find a judge who would buy your theory that someone screaming out in public on the street corner would not reasonably expect that their communication might be overheard... regardless of to whom they were addressing their screams.
> Actually the law says "yes". At least in all the countries in which secrecy of telecommunications laws are in place. ... The general outline has been laid out by the ITU...
AFAIK, telecommunications law does not cover shouting-with-one's-vocal-cords-without-electronic-assistance-in-public. Do you have court decisions or rulings (that were not later overturned) that say otherwise?
It's even more unfortunate that the committees designing these protocols don't think this way. People with an identifier number tattooed on their arm don't walk around continually reciting it. In fact, they generally wear long sleeves.
The comparison between willingly assigned and transmitted MAC addresses and death camp tattoos is utterly absurd, both because it unnecessarily pulls Nazis into the conversation, and because they have no useful parallels purely from a technical point of view.
Calling them "willingly" transmitted is a bit of a stretch, given that people don't have much choice to turn just them off and defaults are a powerful thing.
The useful parallel is the general inventorying and tracking of people. Luckily we don't have the rest of totalitarianism (yet), but this cornerstone is well laid due to naive designers.
BTW you were the one who brought up the subject of Nazis.
Right, when you said "People with an identifier number tattooed on their arm" you weren't even thinking of Nazi concentration camp victims. Sure. Pull the other one.
Every router I've ever seen has a pretty clear setup option for creating a hidden network. I agree that defaults are powerful, but they don't make it any less "willing," they merely expose people's indifference.
Actually I was thinking of prisoners of the Japanese in WWII. As I said, the Nazis were hardly the only ones to number prisoners, and I suspect the phenomenon has more to do with technology than with the supreme evil tidily ascribed to losers of wars.
I'm making a general point about identifiers and protocols. The same thing applies to client MACs, which are obviously being used to track phone users with wifi on. Obviously MAC addresses can be cycled, but that takes active diligence. If the protocol had simply been designed to eschew and hide such identifiers in the first place, the entire issue wouldn't even exist.
> Actually I was thinking of prisoners of the Japanese in WWII.
I've never heard of this, and have family that served in the Pacific during WWII. I'm also having difficulty discovering any sources that mention the practice, let alone reliable ones.
> I certainly see plenty of references to "POW number" for various conflicts.
AFAIK, it was never policy of the Allied forces to tattoo anything on captured POWs. I would be very surprised if captured Axis soldiers were not given some sort of uniform, unique tracking number.
> It's even more unfortunate that the committees designing these protocols don't think this way.
So. How would you design a system to permit associated or unassociated stations to passively determine whether or not they were in range of a given AP? Remember that unassociated stations may never have ever interacted with the AP in question before this moment.
That's the easy part. If previous contact hasn't taken place, persistence is irrelevant. Simply envision the current system with a periodically changing BSSID as your proof of existence.
If the AP and client possess a shared secret (as in WPA2), then there's no reason for a third party to be able to deduce any identifying information.
> That's the easy part. If previous contact hasn't taken place, persistence is irrelevant. A periodically-changing ID would do.
Okay. How would you design a system to permit associated or unassociated stations to passively determine whether or not they were in range of a given AP? Remember that human-friendly names for a given AP are almost certain to collide.
First, for purposes of this comment I only need to address the situation where WPA2 is currently used (the majority of private APs). Second, I'm one person taking a few minutes to write a HN comment, not a design committee.
Simple protocol: The AP and client have shared secret K (similar to the present WPA2 key). We define the identity of a network as this secret key. The AP can change "BSSID" every hour, while broadcasting [BSSID, Hash(BSSID, K)]. An interested client runs through their database of known private networks, checking if the broadcaster is any they know.
This obviously has a number of shortcomings (eg our attacker is also known to groom people into uploading K to their silos), but it should illustrate the concept.
As I said originally, just change the BSSID periodically. The network name is the network identity, and people deal with collisions just fine. Also, this is back to the case of non-WPA2 (otherwise the user would have to enter the secret K anyway, merely changing the process slightly).
Are you designing two half systems, one of which periodically changes BSSID but provides no other anonymity protection, and the other which hashes the BSSID with the WPA2 PSK?
Or are you designing one system with a rotating BSSID that transmits -in cleartext- the BSSID and the hashed BSSID?
I'm pointing out existence certificates of each independent property. View them as two systems, or assume they can be merged into one system.
It's obviously impossible to have a publicly-available network that hides its existence to the public (while a private network can obviously hide its existence to the public completely), so each problem will obviously have different ideal solutions.
> View them as two systems, or assume they can be merged into one system.
It's the merging and the details of the same that's the complicated bit, and the only thing worth talking about in this sub-thread.
You made the assertion that the "the committees designing [wireless communications] protocols don't think [that things screamed on the street corner are public data]". [0] This is simply not true. The folks who designed 802.11 had to make several key-management-complexity/computational-power/ease-of-use tradeoffs.
> ...while a private network can obviously hide its existence to the public completely...
Not if it's a relatively-high-performance radio network operating in a relatively tiny slice of spectrum, [1] it can't.
Merging them really only means merging the concepts for a common model of administration. Public and private are two completely different modes, and don't exist simultaneously.
A high-bandwith radio transmitter obviously gives its presence up, but that doesn't mean it needs to identify itself. Of course the FCC likes transmitters to do this, but that too is an anti-feature with respect to public-use spectrum.
There were obviously tradeoffs involved for 802.11, which is how we got WEP. I'd just be surprised if having a (semi-)fixed MAC address was ever questioned, given that it's the basis for 802.3 and leaking some associated identity is basically a forgone conclusion in today's world of license plates, etc. But with the obvious effects of mechanized tracking and aggregation, it really shouldn't be. So I stand by my assertion that the designers would have benefited from a perspective where being pushed to do the equivalent of continually shouting/showing one's identity is a very bad thing.
This seems like a stretch. SSIDs aren't whats stored here, its the mac address of the access point that's stored. There are millions of SSID called "Netgear" for example. You can't use the name as a unique value, so mac addresses it is.
Regardless, phones are smart enough to understand that GPS is authoratitive, AGPS second, and wifi/IP address as last. If GPS/AGPS says Chicago, but the wifi says Atlanta, the phone should consider Chicago authoritative. I also believe its not the access point youre near, but a relationship of access points nearby that gives you a location. So if you see three mac addresses, all three are looked up to do a lookup and act as a sanity check against people recently moving and taking their wifi router with them.
I imagine the real reason will be something more prosaic than some GPS shattering bug. Neighbors running a criminal ring perhaps, duplicate mac address, random idiots messing with these poor people, some bug in a popular 'find my phone' app, a geoIP bug, a local craigslist scammer using their address for whatever reason, etc.
Sadly, the article doesn't specify what service is being used to track the phones or really any technical details, so its difficult to really say whats going on here. They really should just buy a new access point to be safe (might help). Eventually you'll get a hothead that won't buy this story and that might turn out badly for them.
Can't wait for this mystery to be solved. Hopefully, someone from Google or Apple will reach out and investigate this from their end.
Minor nitpick: AGPS, or Assisted GPS is actually almost the same as GPS. The only difference is that it gets the Almanach data off the Internet, instead of the satellites themselves (the satellites are constantly broadcasting that data, but it takes a few minutes to download it all).
Like you say the almanac (and ephemeris) data is preloaded over an IP network to provide for a better TTFF (Time-To-First-Fix).
Also since the locations of the currently associated mobile tower is known, that is used as a seed for the GPS fix (or even a crude triangulation based on the signal strength from multiple towers).
I always wondered how it would handle lesser known systems, like the SSID "Train's on-board WiFi" (Dutch: "WiFi in de trein") that we have in the Netherlands. There are not a million trains, but they do appear in a million places. Like with airlines, I'd think they notice, or have a script to detect, "oh we have a bunch of locations many kilometers apart" and then remove them, but since I don't use WiFi location services (I don't agree to share my location with Google 24/7) I don't actually know.
I'd guess MAC address is more important that SSID.
(If this were me, I'd want to somehow covertly install that router at Google/Apple/Skyhook/the-local-police-station, I suspect that'd pretty quickly get someone to give-a-shit enough to solve the problem...)
Unfortunately, it's not likely that there is anything they can do to change this. This is just a record in a database somewhere now and until that record is changed (and propagated everywhere) this will continue to happen for them.
I was vaguely expecting the location to be somehow "significant", like this one that anybody who's ever done much geolocation/mapping work probably immediately recognises if they've used data without sufficient validation:
Something similar happened to me. I moved maybe 5 blocks a couple years ago and for the first couple of weeks my location-based stuff would have trouble deciding where I was. Eventually the combination of GPS and cellular triangulation must've forced the SSID database to update but for a little while it was a minor annoyance.
I've lived on the same 200 acres for 22 years...remote, rustic...you cannot GPS me (find me) even if I give you the state, county, and mailing address...G-maps has roads and features mislabeled all around me...at one point part of the land I live on was labeled "Public Use", meaning open to hunters...that's the only thing I ever bothered to get changed...I sort of like things the way they are...
My point is, anything is possible...tech (especially apps) is still very new, despite what we think we coders think we've accomplished...
Would like to know how long they've lived in that house...don't think the article provided that info...
Spoofed IP > wifi network improperly linked, or worse, aggregated > lying in a database somewhere as a reference point...just a possibility...
I know that iOS dropped skyhook in 2010, and always assumed that their new database would self-correct faster due to feedback from phones that had GPS + wifi turned on.
My company moved ~5 blocks and it really screwed up the map on my phone (which I use to get around the city) for several months. My company had left the network SSID the same in the old location, so that no one had to re-configure their wifi. Even with GPS on, my phone was always convinced it was in the old location up the block, and this would persist even when I was out on the street, until I walked around a bit.
There are companies (presumably Skyhook is one of them) who drive around mapping SSIDs to physical locations. The problem is that SSIDs can move or be duplicated elsewhere.
The article says of one of the couple "at one point he reset their router, and changed the frequency at which it broadcasts; it didn’t solve the problem." It does not say if he changed the SSID.
Theoretically, location is often determined using not just one but several nearby SSIDs, a sort of triangulation. Another possibility here is that there are multiple nearby SSIDs around this home that match the SSIDs surrounding some other area tied to the victims.