Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

"All Bibles are man-made." -- Thomas Edison


computers / comp.mobile.android / Hidden SSID broadcast

SubjectAuthor
* Hidden SSID broadcastpaul
+* Re: Hidden SSID broadcastVanguardLH
|+* Re: Hidden SSID broadcastnospam
||+* Re: Hidden SSID broadcastpaul
|||+* Re: Hidden SSID broadcastnospam
||||`* Re: Hidden SSID broadcastpaul
|||| +* Re: Hidden SSID broadcastnospam
|||| |`- Re: Hidden SSID broadcastpaul
|||| `* Re: Hidden SSID broadcastkelown
||||  `* Re: Hidden SSID broadcastpaul
||||   `* Re: Hidden SSID broadcastBrian Gregory
||||    `* Re: Hidden SSID broadcastpaul
||||     `- Re: Hidden SSID broadcastDean Hoffman
|||`* Re: Hidden SSID broadcastEli the Bearded
||| +- Re: Hidden SSID broadcastpaul
||| `* Re: Hidden SSID broadcastnospam
|||  +* Re: Hidden SSID broadcastpaul
|||  |`* Re: Hidden SSID broadcastnospam
|||  | +* Re: Hidden SSID broadcastpaul
|||  | |`* Re: Hidden SSID broadcastJoerg Lorenz
|||  | | `- Re: Hidden SSID broadcastpaul
|||  | +* Re: Hidden SSID broadcastBrian Gregory
|||  | |`* Re: Hidden SSID broadcastpaul
|||  | | `- Re: Hidden SSID broadcastpaul
|||  | `- Re: Hidden SSID broadcastDean Hoffman
|||  `- Re: Hidden SSID broadcastDean Hoffman
||`* Re: Hidden SSID broadcastJoerg Lorenz
|| `* Re: Hidden SSID broadcastnospam
||  +* Re: Hidden SSID broadcastpaul
||  |`* Re: Hidden SSID broadcastnospam
||  | `* Re: Hidden SSID broadcastpaul
||  |  `* Re: Hidden SSID broadcastnospam
||  |   `* Re: Hidden SSID broadcastpaul
||  |    +* Re: Hidden SSID broadcastFrank Slootweg
||  |    |`* Re: Hidden SSID broadcastpaul
||  |    | `* Re: Hidden SSID broadcastFrank Slootweg
||  |    |  `* Re: Hidden SSID broadcastpaul
||  |    |   `* Re: Hidden SSID broadcastFrank Slootweg
||  |    |    +- Re: Hidden SSID broadcastpaul
||  |    |    `* Re: Hidden SSID broadcastPiet
||  |    |     `- Re: Hidden SSID broadcastpaul
||  |    `* Re: Hidden SSID broadcastnospam
||  |     `* Re: Hidden SSID broadcastpaul
||  |      `- Re: Hidden SSID broadcastnospam
||  `* Re: Hidden SSID broadcastJoerg Lorenz
||   `- Re: Hidden SSID broadcastpaul
|+* Re: Hidden SSID broadcastpaul
||`* Re: Hidden SSID broadcastnospam
|| `- Re: Hidden SSID broadcastpaul
|`- Re: Hidden SSID broadcastAndy Burnelli
+* Re: Hidden SSID broadcastAndy Burns
|`- Re: Hidden SSID broadcastpaul
+- Re: Hidden SSID broadcastAlan Baker
+* Re: Hidden SSID broadcastJoerg Lorenz
|`* Re: Hidden SSID broadcastnospam
| `* Re: Hidden SSID broadcastpaul
|  `* Re: Hidden SSID broadcastnospam
|   +* Re: Hidden SSID broadcastpaul
|   |`* Re: Hidden SSID broadcastnospam
|   | `* Re: Hidden SSID broadcastpaul
|   |  `* Re: Hidden SSID broadcastnospam
|   |   +* Re: Hidden SSID broadcastpaul
|   |   |`- Re: Hidden SSID broadcastnospam
|   |   `* Re: Hidden SSID broadcastR.Wieser
|   |    +* Re: Hidden SSID broadcastnospam
|   |    |`* Re: Hidden SSID broadcastR.Wieser
|   |    | +* Re: Hidden SSID broadcastAlan Baker
|   |    | |`* Re: Hidden SSID broadcastR.Wieser
|   |    | | `* Re: Hidden SSID broadcastFrank Slootweg
|   |    | |  `* Re: Hidden SSID broadcastR.Wieser
|   |    | |   +* Re: Hidden SSID broadcastFrank Slootweg
|   |    | |   |`* Re: Hidden SSID broadcastR.Wieser
|   |    | |   | +- Re: Hidden SSID broadcastnospam
|   |    | |   | `- Re: Hidden SSID broadcastFrank Slootweg
|   |    | |   `- Re: Hidden SSID broadcastnospam
|   |    | `* Re: Hidden SSID broadcastnospam
|   |    |  +* Re: Hidden SSID broadcastpaul
|   |    |  |+- Re: Hidden SSID broadcastAlan Baker
|   |    |  |`* Re: Hidden SSID broadcastnospam
|   |    |  | `* Re: Hidden SSID broadcastpaul
|   |    |  |  `* Re: Hidden SSID broadcastnospam
|   |    |  |   `- Re: Hidden SSID broadcastpaul
|   |    |  `- Re: Hidden SSID broadcastR.Wieser
|   |    +* Re: Hidden SSID broadcastEli the Bearded
|   |    |+* Re: Hidden SSID broadcastR.Wieser
|   |    ||`- Re: Hidden SSID broadcastEli the Bearded
|   |    |`* Re: Hidden SSID broadcastR.Wieser
|   |    | +- Re: Hidden SSID broadcastnospam
|   |    | `* Re: Hidden SSID broadcastEli the Bearded
|   |    |  `* Re: Hidden SSID broadcastnospam
|   |    |   `* Re: Hidden SSID broadcastpaul
|   |    |    +* Re: Hidden SSID broadcastnospam
|   |    |    |`* Re: Hidden SSID broadcastpaul
|   |    |    | `- Re: Hidden SSID broadcastnospam
|   |    |    `- Re: Hidden SSID broadcastAlan Baker
|   |    `- Re: Hidden SSID broadcastAlan Baker
|   `* Re: Hidden SSID broadcastJoerg Lorenz
|    +- Re: Hidden SSID broadcastpaul
|    `* Re: Hidden SSID broadcastR.Wieser
|     `* Re: Hidden SSID broadcastnospam
|      `* Re: Hidden SSID broadcastR.Wieser
+* Re: Hidden SSID broadcastpaul
+- Re: Hidden SSID broadcastDean Hoffman
+* Re: Hidden SSID broadcastdan
`- Re: Hidden SSID broadcastpaul

Pages:12345
Hidden SSID broadcast

<s7cia8$1tf1$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15440&group=comp.mobile.android#15440

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Hidden SSID broadcast
Date: Tue, 11 May 2021 02:15:09 +0200
Organization: Aioe.org NNTP Server
Lines: 26
Message-ID: <s7cia8$1tf1$1@gioia.aioe.org>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Tue, 11 May 2021 00:15 UTC

How do you automatically turn off your WiFi broadcast when away from home?

It's well known setting your home router ap to a hidden SSID doesn't aid in
security but where it helps is by not broadcasting the SSID most foreign
Android phones won't upload your SSID, BSSID, GPS and Signal Strength to
Google servers (regardless of whether or not you added_nomap at the end of
all your access point SSIDs as keyword filtering is not done on those
foreign Android phones).

It's just as well known that setting your own phone to that hidden SSID will
generally cause your own phone to continually broadcast that SSID in an
attempt to connect with the hidden SSID that it knows about.

It's also well known that it's advantageous to security to have a unique
SSID (coupled with a non-dictionary passphrase) such that your hash won't
(hopefully) be found in butterfly hash tables available throughout the net.

It's a catch-22 that you can't win but you can perhaps ameliorate somehow.
1... If you don't hide your SSID it gets uploaded to Google servers
2... If you hide your SSID it gets broadcast by your phone looking for it

How do you ameliorate that second problem of your own phone seeking it?
(assuming you hide it to keep your SSID from being uploaded to Google)

Is there an app which will turn off the WiFi based on no connection to
the AP SSID for a given period of time (perhaps for a quarter of an hour)?

Re: Hidden SSID broadcast

<rdqan0ywusvw$.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15443&group=comp.mobile.android#15443

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Mon, 10 May 2021 22:51:26 -0500
Organization: Usenet Elder
Lines: 104
Message-ID: <rdqan0ywusvw$.dlg@v.nguard.lh>
References: <s7cia8$1tf1$1@gioia.aioe.org>
Reply-To: invalid@invalid.invalid
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net xRJyoQBrDupiIXmKTsfEfAIEZ8S+XkxTpZxnBsyuXbrB+E3a9K
Keywords: VanguardLH VLH811
Cancel-Lock: sha1:+TbtZ3AR1IEHhpFe2VsSo55rkTA=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Tue, 11 May 2021 03:51 UTC

paul <nospam@nospam.invalid> wrote:

> How do you automatically turn off your WiFi broadcast when away from
> home?

https://play.google.com/store/apps/details?id=de.j4velin.wifiAutoOff&hl=en_US&gl=US

There are apps that will toggle wifi on/off based on your phone's
connection with a particular cell tower, its GPS location, time of day,
and so on.

> It's well known setting your home router ap to a hidden SSID doesn't
> aid in security but where it helps is by not broadcasting the SSID
> most foreign Android phones won't upload your SSID, BSSID, GPS and
> Signal Strength to Google servers (regardless of whether or not you
> added_nomap at the end of all your access point SSIDs as keyword
> filtering is not done on those foreign Android phones).
>
> It's just as well known that setting your own phone to that hidden
> SSID will generally cause your own phone to continually broadcast
> that SSID in an attempt to connect with the hidden SSID that it knows
> about.
>
> It's also well known that it's advantageous to security to have a
> unique SSID (coupled with a non-dictionary passphrase) such that your
> hash won't (hopefully) be found in butterfly hash tables available
> throughout the net.
>
> It's a catch-22 that you can't win but you can perhaps ameliorate
> somehow.
> 1... If you don't hide your SSID it gets uploaded to Google servers
> 2... If you hide your SSID it gets broadcast by your phone looking for
> it
>
> How do you ameliorate that second problem of your own phone seeking it?
> (assuming you hide it to keep your SSID from being uploaded to Google)
>
> Is there an app which will turn off the WiFi based on no connection to
> the AP SSID for a given period of time (perhaps for a quarter of an hour)?

The numbers nailed to your house do not affect your security or privacy
whether you are home or not. An SSID is just a string of characters,
but often are memorable to the owner of the wifi router, like to show
the SSIDs are for their wifi router, and which one is for 2.4 GHz and
5.0 GHz bands. You don't operate an open (non-passworded) wifi router,
do you? Even with a phone scanning for and reporting what SSIDs it
found within its range, that won't provide access to those that are
locked (passworded). Do you use short and weak wifi passkeys?

In addition, devices that connect to your router are still going to
present their MAC address. So, configure your wifi router to accept
connects only from MAC addresses for *your* devices. Change MAC
filtering mode from Allow-All to Allow, and specify the MAC addresses
you allow connects to your router.

Presumably you already disabled WAN-side remote access to your router,
and changed the login password to something other than the default, like
a long strong password.

Don't know which phone you use. Mine doesn't broadcast any SSIDs that
it found before nor those that are configured for auto-reconnect. My
phone scans for SSIDs, not broadcast them. The only reason I attempt to
use unique SSIDs for the 2.4 and 5.0 bands of my wifi router is so that
*I* recognize they are for my router. My phone sees all the SSIDs in
the nearby neighborhood homes. I don't know their passkeys nor would I
be in the MAC filtering lists.

Uploading of your SSID would be worthless. Whoever got it, like Google,
won't be within range of connecting to that SSID. Only those driving
around your home will find your SSID *and* could possible use your wifi
router if you didn't specify a long strong passkey *and* you allowed
every MAC to connect to your wifi router.

Unclear if your concern is about an attack vector through your router,
or if you are worried about someone tracking your location under the 100
meter range of wifi by your phone by looking for your home's SSID and
the phone announcing its MAC address. Security and privacy are separate
issues. Do you lie to everyone that walks up to you to ask your name?

To eliminate someone from tailing you by keeping close enough to monitor
your phone's wifi transmission means you have some nefarious reason for
not wanting someone to know where you are. So, change your home
router's SSID to some random character string that has nothing to
identify you, and change its SSID everytime you leave home. There are
costs to hiding and being paranoid.

Of course, if you are that paranoid or nefarious and want to eliminate
anyone trailing you, just turn off wifi on your phone. Also of course,
you better configure your phone to NOT auto-reconnect to previously
found wifi hotspots when your wifi is on, because scammers can use SSIDs
of anyplace, like the Starbucks you visited before whos SSID is all of
"starbucks". As for tracking your without having someone trail you
physically by monitoring your wifi broadcasts, a gov't would have deep
enough pockets to place thousands of "snoopy" devices that are within
wifi range of each other to catch your phone's wifi transmissions,
report what they caught in their range back to a database, and track you
as you move around with your phone ... *if* you leave wifi on even when
you have no intent of connecting to any hotspot while travelling.

https://www.youtube.com/watch?v=GvrB6S_O0BE
(dated 2014)

All about tracking you using wifi (and MAC) on your cell phone, not
about invading your home network through your router.

Re: Hidden SSID broadcast

<110520210050265863%nospam@nospam.invalid>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15451&group=comp.mobile.android#15451

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: nos...@nospam.invalid (nospam)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 00:50:26 -0400
Organization: A noiseless patient Spider
Lines: 138
Message-ID: <110520210050265863%nospam@nospam.invalid>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="af2a393173ad0abc89899bc029360e33";
logging-data="816"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18mu7R3G8SqDM1R7hRDDqzg"
User-Agent: Thoth/1.9.0 (Mac OS X)
Cancel-Lock: sha1:4E49Mtq9ckxDfGzHzvIZhTqPGMs=
 by: nospam - Tue, 11 May 2021 04:50 UTC

In article <rdqan0ywusvw$.dlg@v.nguard.lh>, VanguardLH <V@nguard.LH>
wrote:

> paul <nospam@nospam.invalid> wrote:
> > How do you automatically turn off your WiFi broadcast when away from
> > home?
>
>
> https://play.google.com/store/apps/details?id=de.j4velin.wifiAutoOff&hl=en_US&
> gl=US
>
> There are apps that will toggle wifi on/off based on your phone's
> connection with a particular cell tower, its GPS location, time of day,
> and so on.

he wants to switch off his home base station when away, not the phone.

> > It's well known setting your home router ap to a hidden SSID doesn't
> > aid in security but where it helps is by not broadcasting the SSID
> > most foreign Android phones won't upload your SSID, BSSID, GPS and
> > Signal Strength to Google servers (regardless of whether or not you
> > added_nomap at the end of all your access point SSIDs as keyword
> > filtering is not done on those foreign Android phones).
> >
> > It's just as well known that setting your own phone to that hidden
> > SSID will generally cause your own phone to continually broadcast
> > that SSID in an attempt to connect with the hidden SSID that it knows
> > about.
> >
> > It's also well known that it's advantageous to security to have a
> > unique SSID (coupled with a non-dictionary passphrase) such that your
> > hash won't (hopefully) be found in butterfly hash tables available
> > throughout the net.
> >
> > It's a catch-22 that you can't win but you can perhaps ameliorate
> > somehow.
> > 1... If you don't hide your SSID it gets uploaded to Google servers
> > 2... If you hide your SSID it gets broadcast by your phone looking for
> > it
> >
> > How do you ameliorate that second problem of your own phone seeking it?
> > (assuming you hide it to keep your SSID from being uploaded to Google)
> >
> > Is there an app which will turn off the WiFi based on no connection to
> > the AP SSID for a given period of time (perhaps for a quarter of an hour)?
>
> The numbers nailed to your house do not affect your security or privacy
> whether you are home or not. An SSID is just a string of characters,
> but often are memorable to the owner of the wifi router, like to show
> the SSIDs are for their wifi router, and which one is for 2.4 GHz and
> 5.0 GHz bands. You don't operate an open (non-passworded) wifi router,
> do you? Even with a phone scanning for and reporting what SSIDs it
> found within its range, that won't provide access to those that are
> locked (passworded). Do you use short and weak wifi passkeys?
>
> In addition, devices that connect to your router are still going to
> present their MAC address. So, configure your wifi router to accept
> connects only from MAC addresses for *your* devices. Change MAC
> filtering mode from Allow-All to Allow, and specify the MAC addresses
> you allow connects to your router.

mac address filtering is a waste of time since mac addresses are easily
spoofed.

> Presumably you already disabled WAN-side remote access to your router,
> and changed the login password to something other than the default, like
> a long strong password.
>
> Don't know which phone you use. Mine doesn't broadcast any SSIDs that
> it found before nor those that are configured for auto-reconnect.

yes it does. that's how auto-reconnect works.

it's possible to capture those broadcasts and many times, identify
someone based on what wifi networks they've previously used.

> My
> phone scans for SSIDs, not broadcast them. The only reason I attempt to
> use unique SSIDs for the 2.4 and 5.0 bands of my wifi router is so that
> *I* recognize they are for my router. My phone sees all the SSIDs in
> the nearby neighborhood homes. I don't know their passkeys nor would I
> be in the MAC filtering lists.

both 2.4 & 5 ghz should use the same ssid so the phone can switch
between them automatically as needed, and your neighbors are likely not
using mac filtering.

> Uploading of your SSID would be worthless. Whoever got it, like Google,
> won't be within range of connecting to that SSID. Only those driving
> around your home will find your SSID *and* could possible use your wifi
> router if you didn't specify a long strong passkey *and* you allowed
> every MAC to connect to your wifi router.

false. there are several well known databases of ssids with their gps
coordinates, which is how wifi geolocation works.

> Unclear if your concern is about an attack vector through your router,
> or if you are worried about someone tracking your location under the 100
> meter range of wifi by your phone by looking for your home's SSID and
> the phone announcing its MAC address. Security and privacy are separate
> issues. Do you lie to everyone that walks up to you to ask your name?

he keeps changing his name on usenet, so he probably does that in real
life too.

> To eliminate someone from tailing you by keeping close enough to monitor
> your phone's wifi transmission means you have some nefarious reason for
> not wanting someone to know where you are. So, change your home
> router's SSID to some random character string that has nothing to
> identify you, and change its SSID everytime you leave home. There are
> costs to hiding and being paranoid.

that will just add additional entries to the database.

> Of course, if you are that paranoid or nefarious and want to eliminate
> anyone trailing you, just turn off wifi on your phone.

that's not his concern, at least in this post.

> Also of course,
> you better configure your phone to NOT auto-reconnect to previously
> found wifi hotspots when your wifi is on, because scammers can use SSIDs
> of anyplace, like the Starbucks you visited before whos SSID is all of
> "starbucks".

and does so by broadcasting ssids

> As for tracking your without having someone trail you
> physically by monitoring your wifi broadcasts, a gov't would have deep
> enough pockets to place thousands of "snoopy" devices that are within
> wifi range of each other to catch your phone's wifi transmissions,
> report what they caught in their range back to a database, and track you
> as you move around with your phone ... *if* you leave wifi on even when
> you have no intent of connecting to any hotspot while travelling.

or they could use the existing cellular network, who will gladly hand
over someone's location data for little to no cost, and someone doesn't
need to be government to obtain it either.

Re: Hidden SSID broadcast

<ifuo37F8n05U2@mid.individual.net>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15456&group=comp.mobile.android#15456

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@andyburns.uk (Andy Burns)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 07:55:33 +0100
Lines: 8
Message-ID: <ifuo37F8n05U2@mid.individual.net>
References: <s7cia8$1tf1$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net WSPjyJPGZ/tCkoF2tIzgXAEA0+ICKN62sqR8TOvfz+yH/xe1fA
Cancel-Lock: sha1:ieXFzFfNNmiJNwV/M7MYeD+tR3Y=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.10.1
In-Reply-To: <s7cia8$1tf1$1@gioia.aioe.org>
Content-Language: en-GB
 by: Andy Burns - Tue, 11 May 2021 06:55 UTC

paul wrote:

> Is there an app which will turn off the WiFi based on no connection to
> the AP SSID for a given period of time (perhaps for a quarter of an hour)?

I should imagine Tasker could do it ...

Re: Hidden SSID broadcast

<s7dbr6$53f$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15458&group=comp.mobile.android#15458

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 09:30:49 +0200
Organization: Aioe.org NNTP Server
Lines: 260
Message-ID: <s7dbr6$53f$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Tue, 11 May 2021 07:30 UTC

VanguardLH wrote on 10.05.2021 22:51

>> How do you automatically turn off your WiFi broadcast when away from
>> home?
>
> https://play.google.com/store/apps/details?id=de.j4velin.wifiAutoOff
>
> There are apps that will toggle wifi on/off based on your phone's
> connection with a particular cell tower, its GPS location, time of day,
> and so on.

Thanks for that j4velin WiFiAutoOff app as it seems to do what I want which
is turn off the phone's WiFi when I leave the house (so that the phone
doesn't constantly shout out that it's looking for my unique hidden SSID).
https://play.google.com/store/apps/details?id=de.j4velin.wifiAutoOf

There seemed to be a similar app I saw next to it of the name AutoWifi
https://play.google.com/store/apps/details?id=tech.edie.autowifi
But that kicked off a Google Play Protect warning so I didn't install it.
"Blocked by Play Protect... AutoWiFI... This app may be harmful"

While I was looking at that app I also saw this one which is different:
https://play.google.com/store/apps/details?id=com.alivezoned.autowifi
(It turns off the wifi when the screen blanks out - or based on a data
limit, or time limit configurable by the user.)

There were also apps that turned off the wifi on a schedule such as
https://play.google.com/store/apps/details?id=com.vlab.tools.wifiauto

I think the best idea is for the WiFi to be turned off when a given cellular
tower is no longer visible as that wouldn't require the GPS always to be on.

>> Is there an app which will turn off the WiFi based on no connection to
>> the AP SSID for a given period of time (perhaps for a quarter of an hour)?
>
> The numbers nailed to your house do not affect your security or privacy
> whether you are home or not. An SSID is just a string of characters,
> but often are memorable to the owner of the wifi router, like to show
> the SSIDs are for their wifi router, and which one is for 2.4 GHz and
> 5.0 GHz bands.

I appreciate the further details about what an SSID is but the unique part
is the BSSID and the location itself of your home which is part of the data
that is uploaded by almost every Android phone to many public servers (not
just Google servers).

Control access point inclusion in Google's Location services
https://support.google.com/maps/answer/1725632

The AP BSSID is unique as are your GPS coordinates, both of which are
uploaded by most Android phones to Mozilla, Google, Wigle, Kismet,
& other servers if you broadcast your SSID. https://wigle.net/
https://play.google.com/store/apps/details?id=net.wigle.wigleandroid
https://play.google.com/store/apps/details?id=org.prowl.wifiscanner

> You don't operate an open (non-passworded) wifi router, do you?

The AP is passphrase protected. WPA2-PSK. Standard stuff.

> Even with a phone scanning for and reporting what SSIDs it
> found within its range, that won't provide access to those that are
> locked (passworded). Do you use short and weak wifi passkeys?

Long and unique (as much as I can make them long & unique anyway).

> In addition, devices that connect to your router are still going to
> present their MAC address. So, configure your wifi router to accept
> connects only from MAC addresses for *your* devices. Change MAC
> filtering mode from Allow-All to Allow, and specify the MAC addresses
> you allow connects to your router.

I'm not trying to prevent access to my home router by others because hiding
the broadcast doesn't really hide it from anyone determined to connect.
https://www.accessagility.com/blog/why-ssid-hiding-is-not-secure

I hide my SSID broadcast because I'm trying to stop people from uploading my
BSSID & GPS coordinates to Wigle, Google, Mozilla and other public servers.
https://www.zdnet.com/article/how-google-and-everyone-else-gets-wi-fi-location-data/

Even adding _nomap does NOT stop that from happening (Google says they'll
delete it but there are more public servers than just Google out there).
https://www.tomshardware.com/news/Google-Maps-Wi-Fi-Location-SSID,14000.html

> Presumably you already disabled WAN-side remote access to your router,
> and changed the login password to something other than the default, like
> a long strong password.

I can't make the router admin password longer than 8 characters though.
At least not on my router I can't.
It will accept a longer password but it stops checking at 8 characters.
> Don't know which phone you use. Mine doesn't broadcast any SSIDs that
> it found before nor those that are configured for auto-reconnect.

AFAIK, all phones with WiFi do this query for "hidden" SSIDs AFAIK (at least
if you don't want to type in the long SSID every time you connect).

So do all Windows PCs.
It's how WiFi works when your SSID broadcast from the AP is disabled.

> My phone scans for SSIDs, not broadcast them.

If you connected to a hidden SSID (that was set to be remembered) then the
phone would have to ask "are you there" which is a different kind of
broadcast. https://www.alphr.com/should-broadcast-wifi-ssid/

You don't do this for security; you do it for privacy.
And even then it's a catch 22 (as I mentioned in the opening post).
https://apple.stackexchange.com/questions/244171/ios-10-warning-using-a-hidden-network-can-expose-personally-identifiable-inform

> The only reason I attempt to
> use unique SSIDs for the 2.4 and 5.0 bands of my wifi router is so that
> *I* recognize they are for my router.

A unique AP SSID helps keep you out of public butterfly hash tables.
https://www.ethicalhackx.com/wpa-psk-rainbow-tables-download/

The idiots who designed WPA-PSK screwed up the salting process by making it
based on the SSID itself.
https://www.tomshardware.com/reviews/wireless-security-hack,2981-5.html

> My phone sees all the SSIDs in the nearby neighborhood homes.

No it doesn't. Not by default anyway.

Your Android phone doesn't normally display the hidden AP SSIDs by default
(although there are plenty of 3rd party Android WiFi utilities which will
show the BSSID & signal strength for those hidden AP SSIDs).
https://play.google.com/store/apps/details?id=de.teamusec.ssidsnooper

> I don't know their passkeys nor would I be in the MAC filtering lists.

You could hack into WPA2-PSK if you knew how to use the butterfly hash
tables which are published on the net.

> Uploading of your SSID would be worthless. Whoever got it, like Google,
> won't be within range of connecting to that SSID.

It's a public database. Just like Wigle and Mozilla and God knows how many
others are out there. Do you trust all of them?

And why should they have your AP SSID/BSSID/GPS/SignalStrength anyway in a
public database without your express consent?

The only way to stop it is to hide the AP SSID broadcast as there is no
filtering on the phones that prevents your AP SSID from being uploaded even
if it ends with _nomap.

> Only those driving
> around your home will find your SSID *and* could possible use your wifi
> router if you didn't specify a long strong passkey *and* you allowed
> every MAC to connect to your wifi router.

You don't do it for security; you do it for privacy.
On principle alone if for no other reason.

Why should your AP SSID be in a public database on the Internet without
anyone ever asking for your permission to do that?
> Unclear if your concern is about an attack vector through your router,
> or if you are worried about someone tracking your location under the 100
> meter range of wifi by your phone by looking for your home's SSID and
> the phone announcing its MAC address.

It's a privacy issue on principle.
Why should your AP SSID be in a public database when nobody asked for your
permission to put it there?

BTW, you can also be tracked but let's not go there because most people
don't understand how these public lookups work and I don't feel like
explaining it because being tracked isn't my concern for this purpose.
https://developers.google.com/maps/documentation/geolocation/overview

Just know that it can be done (and if you want to argue about it, look it up
first because it can be done - but you have to know some bits of data about
the phone to do it).

> To eliminate someone from tailing you by keeping close enough to monitor
> your phone's wifi transmission means you have some nefarious reason for
> not wanting someone to know where you are.

You don't have any idea how these public databases can be abused to track
someone but that's not my main issue so when you educate yourself on how
they can be abused then tell me about tracking. (I don't want to go there.)

> So, change your home
> router's SSID to some random character string that has nothing to
> identify you, and change its SSID everytime you leave home. There are
> costs to hiding and being paranoid.

Of course there are costs to privacy.
Nobody said there wasn't.

And changing your SSID every time you leave home is more work than just
automatically shutting off the WiFi on the phone every time you leave home.


Click here to read the complete article
Re: Hidden SSID broadcast

<s7dcu9$m1k$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15459&group=comp.mobile.android#15459

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 09:49:32 +0200
Organization: Aioe.org NNTP Server
Lines: 40
Message-ID: <s7dcu9$m1k$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <ifuo37F8n05U2@mid.individual.net>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Tue, 11 May 2021 07:49 UTC

Andy Burns wrote on 11.05.2021 08:55

>> Is there an app which will turn off the WiFi based on no connection to
>> the AP SSID for a given period of time (perhaps for a quarter of an hour)?
>
> I should imagine Tasker could do it ...

I hadn't thought of that but it's a great idea since other people have!
https://tasker.joaoapps.com/userguide/en/loctears.html

An advantage of using cell towers is that GPS doesn't need to be on
(although in later Android that might not always be the case anymore).

2011 Android �V Turn WIFI On and Off Automatically with Tasker
https://photoframd.com/2011/03/09/android-turn-wifi-on-and-off-automatically-with-tasker/

2012 [Tasker] setting up a 'Wifi At Home' profile
https://androidforums.com/threads/tasker-setting-up-a-wifi-at-home-profile.481604/

2013 Tasker (4.0u1m) Turn off unconnected Wifi
https://forum.xda-developers.com/t/tasker-4-0u1m-turn-off-unconnected-wifi.2237645/

2014 HOW TO: Automate Wifi with Tasker (Android)
https://techaeris.com/2014/07/08/how-to-automate-wifi-with-tasker-android/

2018 Automatically Toggle WiFi based on Location without GPS (via Tasker)
https://101android.com/automatically-toggle-wifi-based-on-location-without-gps-tasker/

2020 Managing Android Wifi with Tasker
https://pig-monkey.com/2020/12/tasker-wifi/

The smart network switch may also be of use perhaps?

How to Enable / Disable Smart Network Switch on Android
https://appuals.com/enable-disable-smart-network-switch-android/

But some people apparently hate that Samsung smart network switch

How to Disable Samsung's Smart Network Switch
https://www.howtogeek.com/256663/how-to-disable-samsungs-smart-network-switch-to-avoid-too-much-data-usage/

Re: Hidden SSID broadcast

<110520210836103980%nospam@nospam.invalid>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15463&group=comp.mobile.android#15463

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: nos...@nospam.invalid (nospam)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 08:36:10 -0400
Organization: A noiseless patient Spider
Lines: 45
Message-ID: <110520210836103980%nospam@nospam.invalid>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <s7dbr6$53f$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="af2a393173ad0abc89899bc029360e33";
logging-data="5225"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19C+F3ph+o2uW05Vddi6z0w"
User-Agent: Thoth/1.9.0 (Mac OS X)
Cancel-Lock: sha1:gEXRzYO2Q91FBAlXsj9UQMzac7k=
 by: nospam - Tue, 11 May 2021 12:36 UTC

In article <s7dbr6$53f$1@gioia.aioe.org>, paul <nospam@nospam.invalid>
wrote:

> Why should your AP SSID be in a public database on the Internet without
> anyone ever asking for your permission to do that?

they don't need your permission.

you are broadcasting into public airspace.

> You need to educate yourself on how you can be tracked by the information in
> these public databases. Google tries to limit the amount of abuse by
> requiring a key and a limited number of queries - but under some
> circumstances you _can_ be tracked quite easily from afar.

*you* need to educate yourself on how it works because what you said is
false.

> That is someone in Russia (for just an example) can track you in the United
> States if they know a bit of data about you and your phone (technically
> they're tracking your phone). Again you need to educate yourself because you
> don't know this is possible and I'm not saying it's likely nor am I saying
> that it's what I'm worried about - but you can't go on saying people can't
> track you when they can (under certain circumstances) using this database.
> https://developers.google.com/maps/documentation/geolocation/overview

no.

> Again, I'm not saying that is what I'm trying to prevent (because it's not).
> I'm just saying it's possible under certain circumstances to track you.

it isn't.

> The only thing I'm trying to do is not have people upload my MAC address and
> SSID and GPS location to public servers on the Internet.

the only way to prevent that is by turning your home wifi completely
off.

it's also pointless since it's not in any way nefarious.

Re: Hidden SSID broadcast

<s7e4li$g2b$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15465&group=comp.mobile.android#15465

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 16:34:30 +0200
Organization: Aioe.org NNTP Server
Lines: 71
Message-ID: <s7e4li$g2b$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <s7dbr6$53f$1@gioia.aioe.org> <110520210836103980%nospam@nospam.invalid>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Tue, 11 May 2021 14:34 UTC

nospam wrote on 11.05.2021 14:36

>> Why should your AP SSID be in a public database on the Internet without
>> anyone ever asking for your permission to do that?
>
> they don't need your permission.
> you are broadcasting into public airspace.

I'm only answering your unhelpful comments because the details I bothered
to add below (details which you never add because you don't intend on being
helpful) may help others understand that which you are incapable of.

People driving by your house don't need your permission to post your
children's pictures & phone numbers & email addresses on the Internet either
but it is also similarly rude if and when people do that too.

*Once it's on the Internet the potential for abuse increases dramatically.*
"From an intelligence perspective, once I put a name to a MAC address,
I can cross reference logs from many places and track you in any places
that I can listen - and you will never know. I can drive past your house,
listen for any probe requests and log those. If I see your MAC address
anywhere else, I know exactly where you live as well as the data about
what you do while in my buildings."
https://www.crc.id.au/tracking-people-via-wifi-even-when-not-connected/
"Thankfully, the solution to stop this tracking is simple. Turn off WiFi
and Bluetooth unless you are actually using it. Not only will it give
you a longer battery life for your phone, laptop or tablet device
you literally disappear from the radar."

Even without privacy being the goal it's still a useful question of how to
automatically control WiFi even if for no other reason than battery savings.
https://apple.stackexchange.com/questions/244171/ios-10-warning-using-a-hidden-network-can-expose-personally-identifiable-inform
"Now as to why this is a privacy issue:
1... Should I point out the irony of broadcasting an SSID in the direct
vicinity of the access point trying to hide it? Except instead of only
having the AP broadcasting it, every client in range does.
Then the AP responds to each of those clients with the SSID anyway.

2... Instead of limiting SSIDs to the vicinity of their respective APs
(like in the case of visible networks), your phone goes and broadcasts
those hidden SSIDs to everyone near you, everywhere you go.
Worse, SSIDs may include first and/or last names, which I've seen
people use in network names.

3... Your set of preferred hidden SSIDs acts as a signature that may
uniquely identify you. Let's say for instance that my neighbor uses
the hidden SSID My Secret SSID. Now if I sniff a broadcast beacon
containing My Secret SSID at Starbucks, I can infer that a member
of his household is nearby, or one of his guests. Based on the other
hidden SSIDs among that person's broadcast beacons, I may be able to
determine exactly who I'm dealing with. Conversely, I could walk up to
that person, recognize them, then assign a face to their unique set
of hidden SSIDs.

4... Let's say you carry your phone with you everywhere you go.
Someone with a large-enough network of radio receivers could know where
you are at any given time, figure out where you work, where you spend
your time, whether you're home, etc."

Even so the question is only asking how to automatically turn off WiFI
when you leave the house. It's a simple question but may have many answers.

Everyone but you focused on answering the question where I'm testing the
proposed solutions and I will report back when those tests are completed.

https://play.google.com/store/apps/details?id=de.j4velin.wifiAutoOff
https://play.google.com/store/apps/details?id=tech.edie.autowifi
https://play.google.com/store/apps/details?id=com.alivezoned.autowifi
https://play.google.com/store/apps/details?id=com.vlab.tools.wifiauto
https://play.google.com/store/apps/details?id=net.dinglisch.android.taskerm
https://www.gizmochina.com/2019/11/12/best-android-apps-to-automate-tasks/

Re: Hidden SSID broadcast

<s7e5ev$tb2$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15466&group=comp.mobile.android#15466

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 16:48:03 +0200
Organization: Aioe.org NNTP Server
Lines: 20
Message-ID: <s7e5ev$tb2$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Tue, 11 May 2021 14:48 UTC

nospam wrote on 11.05.2021 06:50

> mac address filtering is a waste of time since mac addresses are easily
> spoofed.

You're infamous for making unsubstantiated statements like that but let's
assume for once you actually know what you're talking about - shall we?

Tell us how we can "easily spoof" a home router's AP broadcast MAC address.

Tell us.
Please.

The unfortunate fact is that this is actually extremely difficult to do.
(at least I don't know how to do it so if you do - tell us how - please)

If you feel an AP broadcast BSSID is so easily spoofed on our home routers
(Netgear, Cisco, TPLink, etc.) then please just tell us all how to do it.

I for one would _love_ to be able to spoof my router's AP broadcast BSSID.

Re: Hidden SSID broadcast

<110520211152268290%nospam@nospam.invalid>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15468&group=comp.mobile.android#15468

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: nos...@nospam.invalid (nospam)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 11:52:26 -0400
Organization: A noiseless patient Spider
Lines: 36
Message-ID: <110520211152268290%nospam@nospam.invalid>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7e5ev$tb2$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="af2a393173ad0abc89899bc029360e33";
logging-data="3056"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19PEvjeHUHK2xWjcdQc96Ds"
User-Agent: Thoth/1.9.0 (Mac OS X)
Cancel-Lock: sha1:rkwL3EYikIOQaZsCSpbE4cospGw=
 by: nospam - Tue, 11 May 2021 15:52 UTC

In article <s7e5ev$tb2$1@gioia.aioe.org>, paul <nospam@nospam.invalid>
wrote:

>
> > mac address filtering is a waste of time since mac addresses are easily
> > spoofed.
>
> You're infamous for making unsubstantiated statements like that but let's
> assume for once you actually know what you're talking about - shall we?

if you insist.

> Tell us how we can "easily spoof" a home router's AP broadcast MAC address.

that's not what's being spoofed.

what's being spoofed is the mac address of the *client* *device* to a
mac address that is in the base station's allowed list, thereby gaining
access when it otherwise would be blocked due to mac address filtering.

spoofing mac addresses is trivial, which means bypassing mac address
filter is also trivial.

the best way to lock down a wifi base station is use an impossible to
guess passphrase, or better yet, use radius authentication, which is
overkill for a home network but nevertheless an option.

it's possible to spoof the bssid of a base station, depending on which
one, but that is entirely pointless.

> The unfortunate fact is that this is actually extremely difficult to do.
> (at least I don't know how to do it so if you do - tell us how - please)

you don't know how to do a lot of things.

that doesn't mean they're difficult, it just means you don't know how.

Re: Hidden SSID broadcast

<s7efnm$2uh$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15472&group=comp.mobile.android#15472

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 19:43:22 +0200
Organization: Aioe.org NNTP Server
Lines: 28
Message-ID: <s7efnm$2uh$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7e5ev$tb2$1@gioia.aioe.org> <110520211152268290%nospam@nospam.invalid>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Tue, 11 May 2021 17:43 UTC

nospam wrote on 11.05.2021 10:52

>> Tell us how we can "easily spoof" a home router's AP broadcast MAC address.
>
> that's not what's being spoofed.

I knew you couldn't spoof the one MAC address that this thread is all about.

> spoofing mac addresses is trivial, which means bypassing mac address
> filter is also trivial.

Spoofing "some" MAC addresses is indeed trivial but spoofing the one AP
broadcast BSSID that is clearly the main subject of this thread is decidedly
not even close to trivial on most of our typical common home routers.

>> The unfortunate fact is that this is actually extremely difficult to do.
>> (at least I don't know how to do it so if you do - tell us how - please)
>
> you don't know how to do a lot of things.
> that doesn't mean they're difficult, it just means you don't know how.

I'm different than you are in that I readily admit I don't know how to
change the MAC address of the AP broadcast (which is why I hide it instead).

I don't know of ANYONE (certainly not you!) who knows how to "easily spoof"
the one AP broadcast BSSID that matters for the purpose of this thread.

If that person exists - then I'd be grateful if they could show us how.

Re: Hidden SSID broadcast

<110520211358583836%nospam@nospam.invalid>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15473&group=comp.mobile.android#15473

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: nos...@nospam.invalid (nospam)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 13:58:58 -0400
Organization: A noiseless patient Spider
Lines: 37
Message-ID: <110520211358583836%nospam@nospam.invalid>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7e5ev$tb2$1@gioia.aioe.org> <110520211152268290%nospam@nospam.invalid> <s7efnm$2uh$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="af2a393173ad0abc89899bc029360e33";
logging-data="23163"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/ddmtcQScXaoFsAr7eebg9"
User-Agent: Thoth/1.9.0 (Mac OS X)
Cancel-Lock: sha1:fFIwAfJUF8t5uCKvUZvYgpq9kjw=
 by: nospam - Tue, 11 May 2021 17:58 UTC

In article <s7efnm$2uh$1@gioia.aioe.org>, paul <nospam@nospam.invalid>
wrote:

> > spoofing mac addresses is trivial, which means bypassing mac address
> > filter is also trivial.
>
> Spoofing "some" MAC addresses is indeed trivial but spoofing the one AP
> broadcast BSSID that is clearly the main subject of this thread is decidedly
> not even close to trivial on most of our typical common home routers.

nope.

someone claimed that the various wifi networks in the neighborhood
would be using mac address filtering for security. that's extremely
rare, and if they did, it's trivial to bypass.

nothing was said about spoofing a bssid, which is both pointless and
stupid.

> >> The unfortunate fact is that this is actually extremely difficult to do.
> >> (at least I don't know how to do it so if you do - tell us how - please)
> >
> > you don't know how to do a lot of things.
> > that doesn't mean they're difficult, it just means you don't know how.
>
> I'm different than you are in that I readily admit I don't know how to
> change the MAC address of the AP broadcast (which is why I hide it instead).

hiding the ssid doesn't do what you might hope, i.e., it does nothing.

google, apple, microsoft, etc., who have wifi location databases don't
care whether the ssid is hidden or not.

anyone who wants to find out what the ssid actually is can easily do
so, although they do need to be nearby.

Re: Hidden SSID broadcast

<s7ejv0$s48$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15474&group=comp.mobile.android#15474

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: notonyou...@no.no.no.no (Alan Baker)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 11:55:28 -0700
Organization: A noiseless patient Spider
Lines: 9
Message-ID: <s7ejv0$s48$1@dont-email.me>
References: <s7cia8$1tf1$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 11 May 2021 18:55:28 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="d3e5ba7a47494dda950fbf15b347c5fc";
logging-data="28808"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19XzL8axoe+pU112mklLS72cuRIcg9tUts="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0)
Gecko/20100101 Thunderbird/78.10.1
Cancel-Lock: sha1:BjMr6lDRJwuqBpV8vVHA9V/PpW0=
In-Reply-To: <s7cia8$1tf1$1@gioia.aioe.org>
Content-Language: en-US
 by: Alan Baker - Tue, 11 May 2021 18:55 UTC

On 2021-05-10 5:15 p.m., paul wrote:
> How do you automatically turn off your WiFi broadcast when away from home?
>
> It's well known...

...whereby "well known", you mean "I read in some blog somewhere".

Carry on.

Re: Hidden SSID broadcast

<s7f9k2$pob$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15481&group=comp.mobile.android#15481

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: kel...@privacy.invalid (kelown)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Tue, 11 May 2021 20:05:05 -0500
Organization: A noiseless patient Spider
Lines: 7
Message-ID: <s7f9k2$pob$1@dont-email.me>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh>
<110520210050265863%nospam@nospam.invalid> <s7e5ev$tb2$1@gioia.aioe.org>
<110520211152268290%nospam@nospam.invalid> <s7efnm$2uh$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 12 May 2021 01:05:06 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="88ecc7efe685e45b606caedfc6273709";
logging-data="26379"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX192KOc4EpqLfeTuEMFyrJQk"
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:4.8) Goanna/20210402
Interlink/52.9.7762
Cancel-Lock: sha1:jc64jv2rjEIQkVoZvLEj3yv4yUc=
In-Reply-To: <s7efnm$2uh$1@gioia.aioe.org>
Content-Language: en-US
 by: kelown - Wed, 12 May 2021 01:05 UTC

> Spoofing "some" MAC addresses is indeed trivial but spoofing the one AP
> broadcast BSSID that is clearly the main subject of this thread is decidedly
> not even close to trivial on most of our typical common home routers.

The Kali Linux penetration tester will instantly display all nearby
SSIDs whether they're hidden or not.

Re: Hidden SSID broadcast

<s7fm7c$1c6u$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15484&group=comp.mobile.android#15484

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 06:40:16 +0200
Organization: Aioe.org NNTP Server
Lines: 58
Message-ID: <s7fm7c$1c6u$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7e5ev$tb2$1@gioia.aioe.org> <110520211152268290%nospam@nospam.invalid> <s7efnm$2uh$1@gioia.aioe.org> <s7f9k2$pob$1@dont-email.me>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Wed, 12 May 2021 04:40 UTC

kelown wrote on 12.05.2021 03:05

>> Spoofing "some" MAC addresses is indeed trivial but spoofing the one AP
>> broadcast BSSID that is clearly the main subject of this thread is decidedly
>> not even close to trivial on most of our typical common home routers.
>
> The Kali Linux penetration tester will instantly display all nearby
> SSIDs whether they're hidden or not.

Let's not lose sight of what the goal is - which is to NOT have Google,
Kismet, Wigle, Mozilla (etc) servers on the net get our home AP BSSIDs.

The problem is how best to do that - where one method is to hide broadcast.

Keep in mind even if you add "_nomap" to your AP broadcast SSID your unique
BSSID information is _still_ uploaded to those public servers by most phones
because the phones can still easily "see" the broadcast BSSID information.

However when you turn off the AP broadcast then it's my understanding most
phones will not automatically upload your AP unique BSSID & GPS location to
these public servers.

That solves one problem but in reality it morphs to another problem which is
that your phone is constantly broadcasting all the access points in its
history. On Android (but not on iOS) you can clear this history on a case by
case basis but then you have to set up the connection anew each time you
wish to reconnect.

Perhaps better to shut off Android Wi-Fi automatically when you leave home.
And then to automatically turn your phone's Wi-Fi back on when you return.

Whether or not you decide to broadcast your home router AP BSSID, as Glennn
at Sensepost said at time point 53:15 in the QA of that Blackhat Asia 2014
conference Vanguard kindly suggested said, you really have only two options.
https://youtu.be/GvrB6S_O0BE?t=3200
a. *Turn off your wifi when you're not at home* (with SSID broadcast or not)
b. Delete your network lists (but then your AP has to broadcast the SSID)
Android 11 Settings > Connections > longpress Wi-Fi > threedots >
Advanced > Manage networks > longpress on any network > delete

The whole point of this thread is to do exactly what Glenn at Sensepost said
to do but do to it automatically when you go out of range of your home AP.

Given GPS location is problematic it's likely best to turn off the Wi-Fi
automatically when out of range of the home cellular tower if possible.

Interestingly others also want to automatically turn the phone Wi-Fi off
when they leave the house & then turn back on when they return (usually
based on signal from a known local cellular tower as shown below).

*Using Tasker*
https://photoframd.com/2011/03/09/android-turn-wifi-on-and-off-automatically-with-tasker/

*Using IFTTT*
https://www.ghacks.net/2017/03/20/top-ifttt-recipes-improve-android/

*Using Llama*
https://www.howtogeek.com/142186/use-llama-to-automatically-change-your-android-phones-settings-based-on-your-location/

Re: Hidden SSID broadcast

<s7fp60$aee$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15486&group=comp.mobile.android#15486

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 07:30:44 +0200
Organization: Aioe.org NNTP Server
Lines: 47
Message-ID: <s7fp60$aee$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7e5ev$tb2$1@gioia.aioe.org> <110520211152268290%nospam@nospam.invalid> <s7efnm$2uh$1@gioia.aioe.org> <110520211358583836%nospam@nospam.invalid>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Wed, 12 May 2021 05:30 UTC

nospam wrote on 11.05.2021 19:58

> someone claimed that the various wifi networks in the neighborhood
> would be using mac address filtering for security. that's extremely
> rare, and if they did, it's trivial to bypass.

Fair enough. Plenty of people think hiding the BSSID or MAC filtering is
good security but it's just like putting a towel over your belongings at the
beach - it just hides stuff from the people who wouldn't take it anyway.

Given that was the focus of your response to Vanguard, I apologize for
challenging you to show us how to change the AP broadcast BSSID which is
designed to be both unique & permanent (which is also why you don't want
your unique BSSID & GPS to be uploaded into a public database by almost
every phone that happens to pass by your house that is badly set up).

None of this is being done for security - it's being done for privacy.
And on principle.

It's not much different in principle than if people were snapping photos of
your kids playing outside and then their phones would be so badly configured
that they were automatically uploading those photos of your kids with your
GPS location to public databases that anyone anywhere in the world can
easily search on for whatever it is they wish to search for.

It's better (IMHO) for me to configure my home access point and my own
cellphone such that my unique SSID/BSSID/GPS/(+strength) isn't uploaded
by (almost) every (badly configured) phone that passes by my home.

At this point in time I have more potential free ad free Android solutions
than I need so I'm combing through the two fundamental ways of automatically
turning off Wi-Fi when you leave home and automatically turning that Wi-Fi
back on when returning home (using cellular towers most likely, not GPS).

*Dedicated free ad free Wi-Fi automation apps*
WiFi Automatic (de.j4velin.wifiAutoOff)
Wifi Auto (com.theanykey.wifiauto)
Wifi Auto (com.vlab.tools.wifiauto)
Auto-Wifi (com.alivezoned.autowifi)

*General purpose free ad free automation apps*
IFTTT (com.ifttt.ifttt)
Automate (com.llamalab.automate)

I'll test these out and report back when/if I am successful in setting up
cell tower based automation (sans GPS) to turn the phone WiFi off when
leaving home and to turn the phone WiFi back on when returning home.

Re: Hidden SSID broadcast

<s7goep$2h4$2@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15493&group=comp.mobile.android#15493

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: hugyb...@gmx.ch (Joerg Lorenz)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 16:24:25 +0200
Organization: A noiseless patient Spider
Lines: 8
Message-ID: <s7goep$2h4$2@dont-email.me>
References: <s7cia8$1tf1$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 12 May 2021 14:24:25 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="49c78772bf29ec82e0c0cf6b733090d5";
logging-data="2596"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19wSDOTib1UbR+sR5YRjmnhcmgEu3R7NOg="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0)
Gecko/20100101 Thunderbird/78.10.1
Cancel-Lock: sha1:kLwHSIC38oDgiAl8icavikMu1x0=
In-Reply-To: <s7cia8$1tf1$1@gioia.aioe.org>
Content-Language: de-CH
 by: Joerg Lorenz - Wed, 12 May 2021 14:24 UTC

Am 11.05.21 um 02:15 schrieb paul:
> How do you automatically turn off your WiFi broadcast when away from home?

This is completely unnecessary.
You proved already in other threads that you have no clue what
encryption really means.

Re: Hidden SSID broadcast

<120520211035285089%nospam@nospam.invalid>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15494&group=comp.mobile.android#15494

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: nos...@nospam.invalid (nospam)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 10:35:28 -0400
Organization: A noiseless patient Spider
Lines: 15
Message-ID: <120520211035285089%nospam@nospam.invalid>
References: <s7cia8$1tf1$1@gioia.aioe.org> <s7goep$2h4$2@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="afeaa9d85164d3198da9cbc58ee129ca";
logging-data="19460"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18eZGLHpP4UiUTlKCUuP17D"
User-Agent: Thoth/1.9.0 (Mac OS X)
Cancel-Lock: sha1:rbCKDT/QTHPb2WGiI1xXpCMPZvU=
 by: nospam - Wed, 12 May 2021 14:35 UTC

In article <s7goep$2h4$2@dont-email.me>, Joerg Lorenz <hugybear@gmx.ch>
wrote:

> Am 11.05.21 um 02:15 schrieb paul:
> > How do you automatically turn off your WiFi broadcast when away from home?
>
> This is completely unnecessary.

yep

> You proved already in other threads that you have no clue what
> encryption really means.
>

the last four words should be removed for a more accurate statement.

Re: Hidden SSID broadcast

<s7gpgo$r47$1@dont-email.me>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15495&group=comp.mobile.android#15495

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: hugyb...@gmx.ch (Joerg Lorenz)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 16:42:32 +0200
Organization: A noiseless patient Spider
Lines: 44
Message-ID: <s7gpgo$r47$1@dont-email.me>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh>
<110520210050265863%nospam@nospam.invalid>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 12 May 2021 14:42:32 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="49c78772bf29ec82e0c0cf6b733090d5";
logging-data="27783"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/2HvqQhzyP9cCLjW6BoXKd8J5mV23/iM0="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0)
Gecko/20100101 Thunderbird/78.10.1
Cancel-Lock: sha1:ngjzfJOHN1QXbZ9D7TQK2S9OBg4=
In-Reply-To: <110520210050265863%nospam@nospam.invalid>
Content-Language: de-CH
 by: Joerg Lorenz - Wed, 12 May 2021 14:42 UTC

Am 11.05.21 um 06:50 schrieb nospam:
> he wants to switch off his home base station when away, not the phone.

For what purpose? He can easily stop that forever on the router.

> mac address filtering is a waste of time since mac addresses are easily
> spoofed.

SIC

> yes it does. that's how auto-reconnect works.
>
> it's possible to capture those broadcasts and many times, identify
> someone based on what wifi networks they've previously used.

So what?

> both 2.4 & 5 ghz should use the same ssid so the phone can switch
> between them automatically as needed, and your neighbors are likely not
> using mac filtering.

Modern routers let you chose whether you want switching or not.

> false. there are several well known databases of ssids with their gps
> coordinates, which is how wifi geolocation works.

Why should anyone want to prevent this?

> he keeps changing his name on usenet, so he probably does that in real
> life too.

He shares his e-mail with you dear. *ROTFLSTC*

> that will just add additional entries to the database.

SIC

> or they could use the existing cellular network, who will gladly hand
> over someone's location data for little to no cost, and someone doesn't
> need to be government to obtain it either.
It unclear what this person called "paul" who is probably Arlen Holder
alias Ragnussen alias I don't know wants to achieve or ask.

Re: Hidden SSID broadcast

<120520211218205368%nospam@nospam.invalid>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15496&group=comp.mobile.android#15496

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: nos...@nospam.invalid (nospam)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 12:18:20 -0400
Organization: A noiseless patient Spider
Lines: 61
Message-ID: <120520211218205368%nospam@nospam.invalid>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7gpgo$r47$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="afeaa9d85164d3198da9cbc58ee129ca";
logging-data="7664"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19EMLWmtyygiajMeqRqf4Jx"
User-Agent: Thoth/1.9.0 (Mac OS X)
Cancel-Lock: sha1:vDrLz+zEjW3eKMgafEvJkLBkCt8=
 by: nospam - Wed, 12 May 2021 16:18 UTC

In article <s7gpgo$r47$1@dont-email.me>, Joerg Lorenz <hugybear@gmx.ch>
wrote:

> > he wants to switch off his home base station when away, not the phone.
>
> For what purpose? He can easily stop that forever on the router.

his stated goal is to prevent his wifi network from being included in
various databases, and the only way to do that is by switching it off.

> > mac address filtering is a waste of time since mac addresses are easily
> > spoofed.
>
> SIC
>
> > yes it does. that's how auto-reconnect works.
> >
> > it's possible to capture those broadcasts and many times, identify
> > someone based on what wifi networks they've previously used.
>
> So what?

it's possible to identify people based on their ssid broadcasts.

it's also paranoia.

> > both 2.4 & 5 ghz should use the same ssid so the phone can switch
> > between them automatically as needed, and your neighbors are likely not
> > using mac filtering.
>
> Modern routers let you chose whether you want switching or not.

it needs the same ssid to switch.

> > false. there are several well known databases of ssids with their gps
> > coordinates, which is how wifi geolocation works.
>
> Why should anyone want to prevent this?

they shouldn't.

such databases are extremely useful for geolocation without using gps.

> > he keeps changing his name on usenet, so he probably does that in real
> > life too.
>
> He shares his e-mail with you dear. *ROTFLSTC*

not a valid one.

> > that will just add additional entries to the database.
>
> SIC
>
> > or they could use the existing cellular network, who will gladly hand
> > over someone's location data for little to no cost, and someone doesn't
> > need to be government to obtain it either.
> It unclear what this person called "paul" who is probably Arlen Holder
> alias Ragnussen alias I don't know wants to achieve or ask.

it is indeed arlen, who has babbled about the very same thing.

Re: Hidden SSID broadcast

<s7h4me$kab$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15499&group=comp.mobile.android#15499

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 19:53:23 +0200
Organization: Aioe.org NNTP Server
Lines: 63
Message-ID: <s7h4me$kab$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7gpgo$r47$1@dont-email.me> <120520211218205368%nospam@nospam.invalid>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Wed, 12 May 2021 17:53 UTC

nospam wrote on 12.05.2021 19:18

> his stated goal is to prevent his wifi network from being included in
> various databases, and the only way to do that is by switching it off.

While that's an excellent summary I will characterize the principle as being
one and the same with all of us not wanting photos of our kids playing in
the front yard and their associated names & GPS coordinates being constantly
uploaded to who-knows-how-many public databases by (almost) every person who
drives by our house (with a badly configured cellphone in their pocket).

The goal is to add value to our capabilities (whereas for people like nospam
& Joerg - their goal is to waste everyone's time & energy it seems).

>>> it's possible to capture those broadcasts and many times, identify
>>> someone based on what wifi networks they've previously used.
>>
>> So what?
>
> it's possible to identify people based on their ssid broadcasts.
> it's also paranoia.

It's no more paranoid on principle than the example I provide of having
photos of your children with their names & GPS coordinates being uploaded.

> such databases are extremely useful for geolocation without using gps.

To be clear the goal is to prevent the _upload_ of the information given the
filtering (of _nomap) is not done on the phone (as far as any of us know).

The filtering is done back at the public Internet server for the reputable
servers (of which Google & Mozilla are known to be respecting the _nomap).

But who knows what filtering Kismet & Wigle & Apple & OpenBmap & OpenWifi
(and whatever other organizations who provide SSIDs to the public) perform.
https://www.mylnikov.org/archives/1170
https://www.skyhook.com/
https://wigle.net/
https://osintcurio.us/2019/01/15/tracking-all-the-wifi-things/
etc.

As far as anyone has ever stated in this thread, the easiest (and most
effective) way to stay out of all those databases is to hide the SSID.

I realize people like Joerg Lorenz don't have the mental capacity to
comprehend that goal, and I further realize people like nospam don't have
the intention to ever contribute meaningfully to any technical conversation,
but I'm appreciative of the others (like vanguard, kelown & Andy) who helped
me come up with workable solutions that will work for anyone on Android.

I've already tested all the wifi apps listed and all failed in some way or
another so I'm currently working on the Android automation apps.

The goal is to add value to our capabilities (whereas for people like nospam
& Joerg - their goal is to waste everyone's time & energy it seems).

Never once have either added on topic technical value to any topic.
They can't.

And they don't want to.
Because they don't care about anybody but themselves.

Meanwhile I'll keep working solutions to add to our combined capabilities.

Re: Hidden SSID broadcast

<s7h5pa$150f$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15500&group=comp.mobile.android#15500

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 20:11:59 +0200
Organization: Aioe.org NNTP Server
Lines: 58
Message-ID: <s7h5pa$150f$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <s7goep$2h4$2@dont-email.me> <120520211035285089%nospam@nospam.invalid>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Wed, 12 May 2021 18:11 UTC

nospam wrote on 12.05.2021 16:35

> In article <s7goep$2h4$2@dont-email.me>, Joerg Lorenz <hugybear@gmx.ch>
> wrote:
>
>> Am 11.05.21 um 02:15 schrieb paul:
>>> How do you automatically turn off your WiFi broadcast when away from home?
>>
>> This is completely unnecessary.
>
> yep
>
>> You proved already in other threads that you have no clue what
>> encryption really means.
>>
>
> the last four words should be removed for a more accurate statement.

Purposefully unhelpful people like Joerg & nospam always are of like mind.

Unfortunately it's often that both Joerg Lorenz & nospam prove incapable of
understanding even basic merits of the topic at hand in most conversations.

Worse - each proves - each time - they have no intention of being helpful.
Why?
Probably because they don't care about anyone but themselves (most likely).

What's sad isn't so much that Joerg is a moron but that nospam isn't.
Of all the supremely unhelpful people who post - nospam "can" help out.

*Nospam has technical capabilities such that he _can_ understand the topic!*
Joerg doesn't.

*It's clear Joerg is - in fact - an idiot - but nospam isn't an idiot.*

Nospam isn't well educated (which is easily shown by how he devolves into
childishness whenever confronted with facts he was completely unaware of)...

But nospam isn't stupid (while Joerg proves to be incomprehensively stupid).
Joerg can't add value to any technical topic but nospam (paradoxically) can.

Nospam understands what the question is asking (although at first he didn't
but that's my fault for not being clearer for him about the goal & problem).

The goal is to prevent _upload_ of our personal information (just as it
would be if people were uploading names & photos & GPS of our kids) to the
public database servers.

*Notice the goal is preventing the _upload_ of the personal data.*

Given the only known proposed solution is to turn off the router broadcast
of the SSID this presents a solvable technical problem for Android phones.

That technical problem is how to configure an Android phone such that it
doesn't shout out the same identifiable personal information away from home.

Only vanguard, kelown and Andy contributed to our overall combined knowledge
where I will write up a working solution once I have it more fully tested.

Re: Hidden SSID broadcast

<120520211719223614%nospam@nospam.invalid>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15501&group=comp.mobile.android#15501

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: nos...@nospam.invalid (nospam)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 17:19:22 -0400
Organization: A noiseless patient Spider
Lines: 48
Message-ID: <120520211719223614%nospam@nospam.invalid>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7gpgo$r47$1@dont-email.me> <120520211218205368%nospam@nospam.invalid> <s7h4me$kab$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="afeaa9d85164d3198da9cbc58ee129ca";
logging-data="8036"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19vHnHUkuNxYtntkonh938D"
User-Agent: Thoth/1.9.0 (Mac OS X)
Cancel-Lock: sha1:FlFrLwTW/rQmKpbiBAPm/WFRs9o=
 by: nospam - Wed, 12 May 2021 21:19 UTC

In article <s7h4me$kab$1@gioia.aioe.org>, paul <nospam@nospam.invalid>
wrote:

>
> > his stated goal is to prevent his wifi network from being included in
> > various databases, and the only way to do that is by switching it off.
>
> While that's an excellent summary I will characterize the principle as being
> one and the same with all of us not wanting photos of our kids playing in
> the front yard and their associated names & GPS coordinates being constantly
> uploaded to who-knows-how-many public databases by (almost) every person who
> drives by our house (with a badly configured cellphone in their pocket).

two totally different and unrelated things.

> >>> it's possible to capture those broadcasts and many times, identify
> >>> someone based on what wifi networks they've previously used.
> >>
> >> So what?
> >
> > it's possible to identify people based on their ssid broadcasts.
> > it's also paranoia.
>
> It's no more paranoid on principle than the example I provide of having
> photos of your children with their names & GPS coordinates being uploaded.

two totally different and unrelated things, plus your example
demonstrates even more paranoia.

> > such databases are extremely useful for geolocation without using gps.
>
> To be clear the goal is to prevent the _upload_ of the information given the
> filtering (of _nomap) is not done on the phone (as far as any of us know).

you can't, other than shutting off the wifi base station.

you are broadcasting a signal into public airspace. anyone can legally
detect its presence and do whatever they want with that information.

what's not legal is cracking the passcode to gain access without
authorization, which isn't what any of the databases are doing.

>
> As far as anyone has ever stated in this thread, the easiest (and most
> effective) way to stay out of all those databases is to hide the SSID.

that does absolutely nothing and anyone who said it would is wrong.

Re: Hidden SSID broadcast

<120520211719253747%nospam@nospam.invalid>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15502&group=comp.mobile.android#15502

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: nos...@nospam.invalid (nospam)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 17:19:25 -0400
Organization: A noiseless patient Spider
Lines: 8
Message-ID: <120520211719253747%nospam@nospam.invalid>
References: <s7cia8$1tf1$1@gioia.aioe.org> <s7goep$2h4$2@dont-email.me> <120520211035285089%nospam@nospam.invalid> <s7h5pa$150f$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="afeaa9d85164d3198da9cbc58ee129ca";
logging-data="8036"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/nr9Z6BxI9wBTvUhF8WZ4y"
User-Agent: Thoth/1.9.0 (Mac OS X)
Cancel-Lock: sha1:OiT8jNbztxT674eoTj2uMHkvDxs=
 by: nospam - Wed, 12 May 2021 21:19 UTC

In article <s7h5pa$150f$1@gioia.aioe.org>, paul <nospam@nospam.invalid>
wrote:

> That technical problem is how to configure an Android phone such that it
> doesn't shout out the same identifiable personal information away from home.

broadcasting ssids is not 'identifiable personal information' unless
one or more of your ssids contains such information.

Re: Hidden SSID broadcast

<s7hikt$qq2$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=15504&group=comp.mobile.android#15504

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!aioe.org!l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org.POSTED!not-for-mail
From: nos...@nospam.invalid (paul)
Newsgroups: comp.mobile.android
Subject: Re: Hidden SSID broadcast
Date: Wed, 12 May 2021 23:51:31 +0200
Organization: Aioe.org NNTP Server
Lines: 85
Message-ID: <s7hikt$qq2$1@gioia.aioe.org>
References: <s7cia8$1tf1$1@gioia.aioe.org> <rdqan0ywusvw$.dlg@v.nguard.lh> <110520210050265863%nospam@nospam.invalid> <s7gpgo$r47$1@dont-email.me> <120520211218205368%nospam@nospam.invalid> <s7h4me$kab$1@gioia.aioe.org> <120520211719223614%nospam@nospam.invalid>
NNTP-Posting-Host: l1HbLb4CmHueyQHYc/q7yg.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: ForteAgent/8.00.32.1272
X-Notice: Filtered by postfilter v. 0.9.2
 by: paul - Wed, 12 May 2021 21:51 UTC

nospam wrote on 12.05.2021 16:19

>> While that's an excellent summary I will characterize the principle as being
>> one and the same with all of us not wanting photos of our kids playing in
>> the front yard and their associated names & GPS coordinates being constantly
>> uploaded to who-knows-how-many public databases by (almost) every person who
>> drives by our house (with a badly configured cellphone in their pocket).
>
> two totally different and unrelated things.

How is it different in that in both cases your unique names and location
information is uploaded to public Internet databases by phones
(whose _only_ relationship to you is they drove past your house).

>> It's no more paranoid on principle than the example I provide of having
>> photos of your children with their names & GPS coordinates being uploaded.
>
> two totally different and unrelated things, plus your example
> demonstrates even more paranoia.

It's rude.

You don't put a sign outside your house saying "*It's rude to take pictures*
*of my kids & to then upload their unique names & GPS location to the net*"
(just because you happened to drive by my house when the kids were playing).

It's exactly the same in principle.

>>> such databases are extremely useful for geolocation without using gps.
>>
>> To be clear the goal is to prevent the _upload_ of the information given the
>> filtering (of _nomap) is not done on the phone (as far as any of us know).
>
> you can't, other than shutting off the wifi base station.

There are two values of "you can't" which even you should be well aware of.

The first is that most Android phones are configured by default not to.
The second is that anyone can configure their phone to upload hidden SSIDs.

So you can. At least for the normal person you can. (Which is most people.)

>
> you are broadcasting a signal into public airspace. anyone can legally
> detect its presence and do whatever they want with that information.

Android (at least) but I'm not sure about how iPhones do it) is at least
configured to respect the "sign" you have outside your AP saying essentially
*"It's rude to take snapshots of my Wi-Fi & to then upload their unique*
*names & GPS location to the net*" (just because you happened to drive by my
house when the APs were playing).

>
> what's not legal is cracking the passcode to gain access without
> authorization, which isn't what any of the databases are doing.

And yet even you have enough intelligence to comprehend those public
databases facilitate doing exactly what you say they're not doing.

If your SSID is sufficiently rare (or even unique) that rare/unique
information is then more easily found and hence more easily automatically
added to butterfly hash tables whose exitence - in and of itself -
facilitates that illegal cracking into your network you speak of.

>
>>
>> As far as anyone has ever stated in this thread, the easiest (and most
>> effective) way to stay out of all those databases is to hide the SSID.
>
> that does absolutely nothing and anyone who said it would is wrong.

Maybe that's what happens with iPhones but it doesn't happen on Android.

To be clear since you appear to be ignorant of the salient facts (as usual),
I'm well aware that disabling AP SSID broadcast doesn't stop Android owners
who are uploading hidden SSID information *on purpose* - but most people on
Android aren't adding software to sniff out & upload hidden AP SSID data.

If you have even a single cite that backs up your claim that most phones are
automatically uploading AP SSID information even when it's hidden under
default software circumstances (i.e., the owners didn't expressly load and
configure software to perform that task) - then back up your statement with
that cite.

Without a cite backing up your statement you have absolutely no credibility.

Pages:12345
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor