nospam wrote:

>> *Do you think appending "_nomap" to your SSID stops it from being*
>> *uploaded by most phones to Google mothership tracking servers?*
>
> it's uploaded no matter what you call it.

Dead wrong, nospam.

You jump to unwarranted imaginary belief systems, which most people do.
But you "think" you know what clearly you have no clue about.

Steve and you and Jolly Roger just performed that same stupidity moments
ago with respect to comparing iOS MAC randomization privacy to Android.
*Privacy question about randomizing the MAC address of the iPhone per each AP connection*
<https://groups.google.com/g/misc.phone.mobile.iphone/c/4UKsKgmXLi0>

You "think" you understood what Apple wrote; but you didn't comprehend the
nuance in detail inherent in the adult comprehension of what Apple _said_.
*About Wi-Fi privacy using MAC address randomization*
<https://support.apple.com/guide/security/wi-fi-privacy-secb9cb3140c/web>

I was gentle with Carlos, nospam, because he was _trying_ to be helpful.
I'm not going to be gentle with you, nospam, because you are decidedly not.

*You are stupid nospam*
*Incredibly stupid*
*And Ignorant*

You have absolutely zero idea of what hiding the SSID actually does.
And yet, you're so incredibly stupid you will never comprehend why.

HINT: You're completely wrong on what you said about iOS randomizations.
You just don't comprehend the nuance in detail.

> all that does is flag it to not be publicly indexed, and only for
> google. other aggregators ignore it entirely.

Please see my patient and rather detailed for Carlos, nospam.
*Internal logs of Andorid (or ios? phones)*
<https://groups.google.com/g/comp.mobile.android/c/NC_e_g3u6dA/m/c1FiJHHhBQAJ>

Pointedly, I didn't rip into Carlos because he was _trying_ to be helpful.

I simply patiently explained that people incorrectly often assume that
hiding the SSID is for security when the reason I hide it is for privacy.

>> There's so much I don't know about SSID privacy
>
> ftfy

Every time you do ftfy stuff, nospam, you prove to own the brain of a child
(because you can't respond to the facts like a normal adult would do).

SO you _change_ the quoted text, like a small child erasing his F on his
redlined test & placing an A in its place hoping his parents won't notice.

The fact is that one post to Carlos explains more about SSID privacy than
you will _ever_ know in your entire sordid despicable life, nospam.

Your only goal is to defend all Apple's flaws to the death, nospam.
Like you did defending Apple's lack of MAC randomization privacy.
--
Posted out of the goodness of my heart to disseminate useful information
which, in this case, is to make sure nospam realizes that he's dead wrong.

On Tue, 7 Mar 2023 19:52:43 +0100, "Carlos E.R."
<robin_listas@es.invalid> wrote:

>On 2023-03-07 13:01, Andy Burnelli wrote:
>> nospam wrote:
>>
>>>> My home also has the SSID hidden, nospam, for privacy reasons.
>>>
>>> it's trivial to determine what a hidden ssid is.
>>
>> Jesus Christ nospam.

The answer to the question "What is nospam's full name?"

>> Every time you say something _that_ incredibly stupid,
>> I have to wonder if your brain is permanently stuck as that of a five year
>> old.
>>
>> I'd expect _that_ kind of ignorance to be from the mouth of Alan Browne,
>> not you, nospam.
>>
>> You're _supposed_ to know something about privacy. Yet you don't know
>> the most basic of the most fundamental things.
>>
>> Sheesh. This is how I know your IQ is far lower than normal, nospam.
>
><https://www.google.com/search?client=firefox-b-e&q=How+to+scan+hidden+SSID+WIFI%3F&sa=X&ved=2ahUKEwjVkcOsvMr9AhVJTaQEHXr5BeYQ3rMBegQIJhAC&biw=1113&bih=721>
>
>Is there an app to find hidden Wi-Fi networks?
>Use a WiFi scanner app: There are a number of WiFi scanner apps
>available on the Google Play Store, like WiFi Analyzer and Network
>Scanner. Once you've installed one of these apps, open it and scan for
>networks. The app will show you a list of all the WiFi networks in the
>area, including hidden ones.Nov 2, 2022
>
>How To See Hidden Wifi Networks On Android?
>Androidphonesoft
>https://www.androidphonesoft.com › blog › how-to-se...
>
>
><https://www.androidphonesoft.com/blog/how-to-see-hidden-wifi-networks-on-android/>
>
>
>How do I unhide wireless networks on Android?
>
>There are a few different ways to unhide wireless networks on Android:
>
>1. Use the Settings app to unhide networks.
>2. Use a third-party app to unhide networks.
>3. Use a custom ROM that includes the ability to unhide networks.
>
>...

In article <tu8a4f$4vum$1@paganini.bofh.team>, Andy Burnelli
<nospam@nospam.net> wrote:

> > all that does is flag it to not be publicly indexed, and only for
> > google. other aggregators ignore it entirely.
>
> Please see my patient and rather detailed for Carlos, nospam.
> *Internal logs of Andorid (or ios? phones)*

you don't have 'internal logs' of what google does with any information
it collects, or anyone else for that matter.

google definitely collects it. however, it's not publicly indexed.

it also doesn't matter since microsoft, apple, skyhook and other
geolocation databases also collect it, and unlike google, *will*
publicly index it.

nospam wrote:

>>> all that does is flag it to not be publicly indexed, and only for
>>> google. other aggregators ignore it entirely.
>>
>> Please see my patient and rather detailed for Carlos, nospam.
>> *Internal logs of Andorid (or ios? phones)*
>
> you don't have 'internal logs' of what google does with any information
> it collects, or anyone else for that matter.
>
> google definitely collects it. however, it's not publicly indexed.
>
> it also doesn't matter since microsoft, apple, skyhook and other
> geolocation databases also collect it, and unlike google, *will*
> publicly index it.

First, you show you have no clue what an SSID even is, nospam.
And now you're telling all of us what you "think" you know.

*Sans a single cite*

However...
Since I'm extremely well educated and rather intelligent, nospam, I will
simply ask you to back up your claims with credible factual cites.

*That's all I ask of you iKooks*

I promise...
If you can back up your claims with cites, I'll read & understand them.

Deal?

In comp.mobile.android, on Tue, 7 Mar 2023 09:12:19 +0100, "Carlos E.R."
<robin_listas@es.invalid> wrote:

>On 2023-03-06 14:23, micky wrote:
>> In comp.mobile.android, on Sun, 5 Mar 2023 12:17:10 +0000, Java Jive
>> <java@evij.com.invalid> wrote:
>>
>>> On 05/03/2023 02:31, micky wrote:
>>>>
>>>> OTOH, the trackers in the covid "vaccine" are inside you, so they give a
>>>> more precise location to those people who are tracking you.
>>>
>>> Dangerous anti-vax fake news reported to:
>>> a b u s e @ t w e a k n e w s . n l
>>
>> I guess I should have labeled it as sarcasm, but I thought that was
>> clear and I've found doing that ruins the humor.
>>
>> If you really did write to the newsserver, maybe they'll know it was
>> sarcasm.
>
>They will just garbage the letter.

I'm pretty sure you're right, but I think about 2 years ago there was a
guy, on this ng and maybe others, who outright lied about me, several
times, on the newsgroup, and shortly afterwards, my news server stopped
working. Just a coincidence? Only the Shadow knows.

I tried to enroll again, or I did enroll again, more than once, but it
never worked. Maybe they know user's IP address and if you continue to
use it they continue to keep you off?

So I changed news servers and almost** everything has been fine. **I
could read but not post to a moderated group, but after a year or two
that started working too.

BTW, you may have heard the crackpot notion that Italian satellites were
used to change the USA presidential vote in 2020, and that story had
something to do with Germany. I think Venezuela was part of another
alleged scheme to miscount the vote. But today, I don't remember the
specific people involved so I can't find a link about it, but so you
won't feel left out, Spain was included in another version of how the
vote was, they say, miscounted in favor of Joe Biden. Stay tuned.

On 2023-03-07 22:40, nospam wrote:
> In article <tu8a4f$4vum$1@paganini.bofh.team>, Andy Burnelli
> <nospam@nospam.net> wrote:
>
>>> all that does is flag it to not be publicly indexed, and only for
>>> google. other aggregators ignore it entirely.
>>
>> Please see my patient and rather detailed for Carlos, nospam.
>> *Internal logs of Andorid (or ios? phones)*
>
> you don't have 'internal logs' of what google does with any information
> it collects, or anyone else for that matter.
>
> google definitely collects it. however, it's not publicly indexed.
>
> it also doesn't matter since microsoft, apple, skyhook and other
> geolocation databases also collect it, and unlike google, *will*
> publicly index it.

His claim is that indexers (some? all?) do not collect wifis with hidden
SSIDs. And that is his privacy reason for setting ssid to hide.

I have no idea if this is true or not. It may be.

Now, someone may verify this be creating an AP with hidden SSID, close
to another with normal SSID, and wait (years?) to see which appear on
public access wifi databases.

Someone is willing? :-)

--
Cheers, Carlos.

On 2023-03-08 05:58, micky wrote:
> In comp.mobile.android, on Tue, 7 Mar 2023 09:12:19 +0100, "Carlos E.R."
> <robin_listas@es.invalid> wrote:
>
>> On 2023-03-06 14:23, micky wrote:
>>> In comp.mobile.android, on Sun, 5 Mar 2023 12:17:10 +0000, Java Jive
>>> <java@evij.com.invalid> wrote:
>>>
>>>> On 05/03/2023 02:31, micky wrote:
>>>>>
>>>>> OTOH, the trackers in the covid "vaccine" are inside you, so they give a
>>>>> more precise location to those people who are tracking you.
>>>>
>>>> Dangerous anti-vax fake news reported to:
>>>> a b u s e @ t w e a k n e w s . n l
>>>
>>> I guess I should have labeled it as sarcasm, but I thought that was
>>> clear and I've found doing that ruins the humor.
>>>
>>> If you really did write to the newsserver, maybe they'll know it was
>>> sarcasm.
>>
>> They will just garbage the letter.
>
> I'm pretty sure you're right, but I think about 2 years ago there was a
> guy, on this ng and maybe others, who outright lied about me, several
> times, on the newsgroup, and shortly afterwards, my news server stopped
> working. Just a coincidence? Only the Shadow knows.
>
> I tried to enroll again, or I did enroll again, more than once, but it
> never worked. Maybe they know user's IP address and if you continue to
> use it they continue to keep you off?
>
> So I changed news servers and almost** everything has been fine. **I
> could read but not post to a moderated group, but after a year or two
> that started working too.

Well, they don't bother to remove known spammers. We have to use our own
filters, instead of running them on the servers.

>
>
> BTW, you may have heard the crackpot notion that Italian satellites were
> used to change the USA presidential vote in 2020, and that story had
> something to do with Germany. I think Venezuela was part of another
> alleged scheme to miscount the vote. But today, I don't remember the
> specific people involved so I can't find a link about it, but so you
> won't feel left out, Spain was included in another version of how the
> vote was, they say, miscounted in favor of Joe Biden. Stay tuned.

LOL, some people will believe anything :-D

--
Cheers, Carlos.

In article <687mdjxd8t.ln2@Telcontar.valinor>, Carlos E.R.
<robin_listas@es.invalid> wrote:

> >>> all that does is flag it to not be publicly indexed, and only for
> >>> google. other aggregators ignore it entirely.
> >>
> >> Please see my patient and rather detailed for Carlos, nospam.
> >> *Internal logs of Andorid (or ios? phones)*
> >
> > you don't have 'internal logs' of what google does with any information
> > it collects, or anyone else for that matter.
> >
> > google definitely collects it. however, it's not publicly indexed.
> >
> > it also doesn't matter since microsoft, apple, skyhook and other
> > geolocation databases also collect it, and unlike google, *will*
> > publicly index it.
>
> His claim is that indexers (some? all?) do not collect wifis with hidden
> SSIDs. And that is his privacy reason for setting ssid to hide.

the geolocation database correlates bssid and location data, along with
other stuff such as signal strength.

the ssid is unimportant because it's not unique and can change at any
time. being hidden makes absolutely no difference whatsoever.

he also claims that adding _nomap will prevent collection. it does not.
all that does is stop it from being publicly indexed, and only by
google, not by others. it also requires the ssid to not be hidden, so
that _nomap can be 'seen'.

> I have no idea if this is true or not. It may be.

it's very much not true.

> Now, someone may verify this be creating an AP with hidden SSID, close
> to another with normal SSID, and wait (years?) to see which appear on
> public access wifi databases.

that was done 15 years ago when wifi geolocation first began, and
doesn't take years to verify either.

the geolocation database is typically updated within a day or two at
the most, many times less than that if it's in a busy area with a lot
of people.

nospam wrote:

> In article <687mdjxd8t.ln2@Telcontar.valinor>, Carlos E.R.
> <robin_listas@es.invalid> wrote:
>
>>>>> all that does is flag it to not be publicly indexed, and only for
>>>>> google. other aggregators ignore it entirely.
>>>>
>>>> Please see my patient and rather detailed for Carlos, nospam.
>>>> *Internal logs of Andorid (or ios? phones)*
>>>
>>> you don't have 'internal logs' of what google does with any information
>>> it collects, or anyone else for that matter.
>>>
>>> google definitely collects it. however, it's not publicly indexed.
>>>
>>> it also doesn't matter since microsoft, apple, skyhook and other
>>> geolocation databases also collect it, and unlike google, *will*
>>> publicly index it.
>>
>> His claim is that indexers (some? all?) do not collect wifis with hidden
>> SSIDs. And that is his privacy reason for setting ssid to hide.
>
> the geolocation database correlates bssid and location data, along with
> other stuff such as signal strength.
>
> the ssid is unimportant because it's not unique and can change at any
> time. being hidden makes absolutely no difference whatsoever.
>
> he also claims that adding _nomap will prevent collection. it does not.
> all that does is stop it from being publicly indexed, and only by
> google, not by others. it also requires the ssid to not be hidden, so
> that _nomap can be 'seen'.
>
>> I have no idea if this is true or not. It may be.
>
> it's very much not true.
>
>> Now, someone may verify this be creating an AP with hidden SSID, close
>> to another with normal SSID, and wait (years?) to see which appear on
>> public access wifi databases.
>
> that was done 15 years ago when wifi geolocation first began, and
> doesn't take years to verify either.
>
> the geolocation database is typically updated within a day or two at
> the most, many times less than that if it's in a busy area with a lot
> of people.

Hi Carlos,

My belief system, unlike nospam's, is based completely on facts.
In fact, I'll change my mind on a dime, if given reliable facts.
*That's what normal well educated intelligent people do*

While nospam is trying to lower the conversation to the kindergarten level,
I'm not even going refute all the fabricated strawmen nospam created above.

At first I said "Jesus Christ" because I was truly shocked how ignorant
nospam was, but as he fabricates strawmen above, I realize he's stupid too.
*It's clear nospam has no comprehension of how the SSID works*

Notwithstanding nospam's ignorance, I hope _you_ can comprehend facts.

Keeping in mind I've scoured the Internet so I'm aware of more than one URL
which is what I base my belief systems on, I value your time greatly.

Hence, here's only _one_ URL from one of the most respected wardrivers.
*Hidden networks and android*
<https://wigle.net/phpbb/viewtopic.php?t=1655>
Please take a look at that one URL and allow me to ask you _one_ question.

Q: *Do multiple admins say that hiding the SSID prevents Wigle seeing it?*
a. Yes
b. No
You must pick one.

Helpful but very casual definitions of keywords used are placed in the sig.
--
Note: WiGle will see _your_ own hidden network if you're _connected_ to it!
Beacon === the SSID is hidden or not
Promiscuiously === all traffic (whether hidden or not)
Probe === similar to promiscuious (gets everything hidden or not)
Android system framework == what Android feeds to the applications

In article <tuadji$gfac$1@paganini.bofh.team>, Andy Burnelli
<nospam@nospam.net> wrote:

> Q: *Do multiple admins say that hiding the SSID prevents Wigle seeing it?*
> a. Yes
> b. No
> You must pick one.

moving the goalposts as always.

In article <tu8395$496b$1@paganini.bofh.team>, Andy Burnelli
<nospam@nospam.net> wrote:
> *Do you think appending "_nomap" to your SSID stops it from being*
> *uploaded by most phones to Google mothership tracking servers?*
>
> a. Yes?
> b. No"
> You must pick one.

On 2023-03-08 06:13, Carlos E.R. wrote:
> On 2023-03-07 22:40, nospam wrote:
>> In article <tu8a4f$4vum$1@paganini.bofh.team>, Andy Burnelli
>> <nospam@nospam.net> wrote:
>>
>>>> all that does is flag it to not be publicly indexed, and only for
>>>> google. other aggregators ignore it entirely.
>>>
>>> Please see my patient and rather detailed for Carlos, nospam.
>>>   *Internal logs of Andorid (or ios? phones)*
>>
>> you don't have 'internal logs' of what google does with any information
>> it collects, or anyone else for that matter.
>>
>> google definitely collects it. however, it's not publicly indexed.
>>
>> it also doesn't matter since microsoft, apple, skyhook and other
>> geolocation databases also collect it, and unlike google, *will*
>> publicly index it.
>
> His claim is that indexers (some? all?) do not collect wifis with hidden
> SSIDs. And that is his privacy reason for setting ssid to hide.
>
> I have no idea if this is true or not. It may be.

Nobody knows what really happens when hidden SSID's are discovered in
the sense of data collection. Only that discovering them is somewhat
trivial - so they are likely saved in many databases.

> Now, someone may verify this be creating an AP with hidden SSID, close
> to another with normal SSID, and wait (years?) to see which appear on
> public access wifi databases.

I have several SSID's that are not hidden that I cannot find on various
publicly available lists. I do change the business SSID's about every
year and my home SSID's every couple/few years.

I also change my WiFi/routers every 3 - 5 years depending on the state
of support from the vendor (and to get higher performance).

10+ years ago I used hidden SSID's until I realized it's not useful.
Also maintained a bait SSID with the co. name for a bit. (An unused and
unconnected router - but got rid of that too after a while).

--
“Donald Trump and his allies and supporters are a clear and present
danger to American democracy.”
- J Michael Luttig - 2022-06-16
- Former US appellate court judge (R) testifying to the January 6
committee

On Wed, 8 Mar 2023 12:13:42 +0100, Carlos E.R. wrote:

> Now, someone may verify this be creating an AP with hidden SSID, close
> to another with normal SSID, and wait (years?) to see which appear on
> public access wifi databases.

Google makes it very hard to keep your location out of its databases.
https://www.businessinsider.com/unredacted-google-lawsuit-docs-detail-efforts-to-collect-user-location-2021-5

You can't turn the beacon off but you can remove the ssid from it.
https://lwn.net/Articles/468914/

If the beacon ssid ends with _nomap, google servers remove it.
https://www.computerworld.com/article/2471686/here-s-how-to-opt-out-of-google-s-wi-fi-snooping.html

Google "encourages" others like apple & microsoft to respect _nomap.
https://support.google.com/maps/answer/1725632?hl=en

If the beacon ssid does not end with nomap, it appears within days.
https://www.cnet.com/news/privacy/removing-your-wi-fi-network-from-googles-map/

This says microsoft does it too, in addition to apple & google.
https://www.howtogeek.com/788837/your-wi-fi-info-is-in-google-and-microsofts-databases-should-you-care/
When you use "location services," your devices are regularly sending lists
of nearby networks to the platform holder: Google, Microsoft, or Apple.

These say the entire industry does it the same way.
https://www.zdnet.com/article/how-google-and-everyone-else-gets-wi-fi-location-data/
"it's not just Google. Apple and Microsoft do the same thing with their
smartphones and tablets." "this isn't just how Google does it; it's how
everyone does it"

This personal opinion says that he doesn't think apple respects it.
https://lonesysadmin.net/2011/11/16/dear-google-im-not-changing-my-ssid/
"your hope that this is "adopted universally" is absurd. None of your
competitors are going to honor this. For example, Apple is using iOS 5 on
millions of handsets to build a "crowdsourced" database of access points
for their location database. Are they going care about _nomap? No."

Removing the beacon ssid does not add to your wi-fi security.
https://www.howtogeek.com/28653/debunking-myths-is-hiding-your-wireless-ssid-really-more-secure/

When the beacon ssid is removed, promiscuous probes can still see it.
https://www.acrylicwifi.com/en/blog/hidden-ssid-wifi-how-to-know-name-of-network-without-ssid/

But the android reporting framework doesn't report promiscuous probes.
https://lwn.net/Articles/468914/

Without the beacon ssid there is nothing to report to google servers.
https://developer.android.com/guide/topics/connectivity/wifi-scan

But if you remove the beacon ssid you need to do a few more things.
https://support.apple.com/en-au/HT202068
--
[I filter out Google Groups posts so if I don't reply, that may be why.]

nospam wrote:

>> Q: *Do multiple admins say that hiding the SSID prevents Wigle seeing it?*
>> a. Yes
>> b. No
>> You must pick one.
>
> moving the goalposts as always.

Hi nospam,

Please allow Carlos (who had tried to help) to answer the question.
Everyone knows you have absolutely zero knowledge nor intent to help.

BTW, let's assume I'm intelligent (for the moment).... :)
And, let's assume I'm knowledgeable on this topic (for the moment... :)
Because I care.

*Which means I've read _everything_ I can find on it.*
*You have not!*

That alone, already shows _why_ you are as ignorant as you clearly are.
*You are completely ignorant of what the SSID does wrt privacy*
*I'm not*

Having said that, the fact is that _most_ people are as ignorant as you.

To that point you can assume I'm extremely well aware almost everyone who
posts "security advice" for routers is _ignorant_ of what hiding the SSID
does for _privacy_ (which means they are just as ignorant as you are).

I know more than they do, nospam (hard as that is for you to believe).

Notice the clear point here that I'm intelligent so I can come up with
solutions that almost all others on the net can't even think of, nospam.

Clearly, you can't compete with me as you don't even own a normal IQ.
Let alone a high one. But I'm not competing with you.

I'm just telling you that you do NOT understand a thing about the SSID.
That's not saying I know everything about the SSID - just more than most.

I've scoured the net on my proposal and it is backed up by the facts.

Rest assured, I'll believe any _credible_ cite that shows that they
_understand_ the difference in _privacy_ from public servers of _hiding_
the SSID (but rest assured, most of the articles do not know this).

Here are the _credible_ facts, nospam (which I know you can't understand).
1. Your location is more than the SSID but for convenience, we'll refer to
your location in Google public servers _as_ the SSID alone (for now).

2. Android phones rudely set up are uploading your SSID if they get it.

3. Even ruder Android phones can get your SSID if they probe for it.

4. But all evidence (so far) shows the Android Location API doesn't.

Most people (you included, nospam) don't own the basic adult cognitive
skills to comprehend the implications of those four statements, nospam.

But I do.

However, since I'm a well educated scientist and engineer, I'm aware of
technical details which I will state when I don't know what they are.

I'm going to state the two fundamental sides of the open questions.
But I'm not playing kindergarten games with you nospam.

That means EVERY response from you fabricating denials requires a cite.

FUNDAMENTAL QUESTION #1:
Q: Does a rude Android/Apple phone upload your SSID when it's hidden?
A: So far, it seems the API used by the rude Android phone does not.
But we don't know about rude Apple phones yet. (See previous cites.)

This is the DEEPER question (which you've never even _thought_ of, nospam).
And yet, I have (because I'm intelligent and I know a lot about the SSID).

Assuming you do NOT use the _nomap on the SSID but it's still hidden...
Q: If a rude Android/Apple phone does upload your beacon without the SSID,
what does Google/Apple/Microsoft/Mozilla/etc. servers do with it?

Notice most people haven't even thought of these issues, least of all you.
And I already know you'll "answer" them without a single cite, which is BS.

In summary, I'm sure (based on research) that hiding the SSID is a clear
tell to (most of) the location gathering public databases, to have their
_devices_ (i.e., rude iPhones, rude Androids, rude laptops, etc.)
NOT (and I repeat the NOT!) upload _any_ information to their databases.

Notice that doesn't even require the _nomap, but adding the _nomap makes it
doubly clear to well-behaved public databases that you want your privacy.

Bear in mind Google has been sued (ala Marcus Milner's actions) so while
I'm not a lawyer, I suspect uploading HIDDEN networks would be a decent
argument to a prosecuting lawyer that Google/Apple/Microsoft went too far.

But if you know of (and can cite!) legal cases where a HIDDEN network is
_allowed_ in a public database (which it has to be uploaded to first), then
please cite those cites.
--
I'm well educated and nospam is not so I must make it clear to uneducated
people like nospam that their unsubstantiated guesses have no place here.

I'm extremely well aware that most people are stupid like nospam is.
But I'm trying to teach Carlos the facts - so that _he_ can benefit.

Alan Browne wrote:

> 10+ years ago I used hidden SSID's until I realized it's not useful.

For those who aren't aware of the genesis of Alan Browne's statement that
he used to hide his SSID's (for _security_ purposes), but no longer does...

You can find a million web articles saying the same thing...
a. People long ago thought hiding the SSID was useful for _security_...
b. But what happened in the interim was better tools for discovery came out
c. Such that it's no longer advised to hide the SSID for _security_.

Worse, given most people are stupid so they don't even know what happens
next, if you do hide your SSID, instantly you have to do more stuff for
privacy (I'm not even going to get into that as most people are stupid).

However...

The reason for hiding the SSID still remains valid for _privacy_.
Specifically, privacy from Apple/Google/Microsoft/Wigle/etc. public
databases (all of whom are dependent on the tools uploading the data).

I must repeat the salient observation that most people are stupid because I
will then say that even those stupid people (like nospam) now about _nomap.

But a problem with _nomap is your data is _still uploaded_ to the servers!
The goal here, is to prevent the _upload_ in the first place.

All evidence so far (see previous cites) shows the Android "Google Mobile
Services" (aka gms for short) does NOT (and I repeat, NOT!) report the
broadcasts if the SSID is hidden.

*This is _different_ behavior from promiscuous modes.*

If this is correct (where I'll read and understand any cite you provide if
you claim it's not correct), then it's a good first step for _privacy_ to
hide your SSID in the broadcast because that prevents the primary upload.

In summary, if you have a reliable cite that knows about _both_ the
security and privacy implications of hiding your SSID, I'll read it.

Otherwise, you're just as ignorant about the topic as nospam is.
--
Which is fine (most people are ignorant); but it means you can't help
anyone, let alone your own 'customers' (you and Alan Baker always claim to
have 'customers' whom, if you do, I feel sorry for, as you're an idiot).

On 08-03-2023 23:57 Andy Burnelli <nospam@nospam.net> wrote:

> Alan Browne wrote:
>
>> 10+ years ago I used hidden SSID's until I realized it's not useful.
>
> For those who aren't aware of the genesis of Alan Browne's statement that
> he used to hide his SSID's (for _security_ purposes), but no longer does...
>
> You can find a million web articles saying the same thing...
> a. People long ago thought hiding the SSID was useful for _security_...
> b. But what happened in the interim was better tools for discovery came out
> c. Such that it's no longer advised to hide the SSID for _security_.
>
> Worse, given most people are stupid so they don't even know what happens
> next, if you do hide your SSID, instantly you have to do more stuff for
> privacy (I'm not even going to get into that as most people are stupid).
>
> However...
>
> The reason for hiding the SSID still remains valid for _privacy_.
> Specifically, privacy from Apple/Google/Microsoft/Wigle/etc. public
> databases (all of whom are dependent on the tools uploading the data).
>
> I must repeat the salient observation that most people are stupid because I
> will then say that even those stupid people (like nospam) now about _nomap.
>
> But a problem with _nomap is your data is _still uploaded_ to the servers!
> The goal here, is to prevent the _upload_ in the first place.
>
> All evidence so far (see previous cites) shows the Android "Google Mobile
> Services" (aka gms for short) does NOT (and I repeat, NOT!) report the
> broadcasts if the SSID is hidden.
>
> *This is _different_ behavior from promiscuous modes.*
>
> If this is correct (where I'll read and understand any cite you provide if
> you claim it's not correct), then it's a good first step for _privacy_ to
> hide your SSID in the broadcast because that prevents the primary upload.
>
> In summary, if you have a reliable cite that knows about _both_ the
> security and privacy implications of hiding your SSID, I'll read it.
>
> Otherwise, you're just as ignorant about the topic as nospam is.

If these people you're trying to convince are as stupid as you say they
are, then you're never going to convince them with any number of facts.

You prolly need to find another forum.
One with people who are smarter than you.

On 2023-03-08 17:37, Andy Burnelli wrote:
> nospam wrote:
>
>> In article <687mdjxd8t.ln2@Telcontar.valinor>, Carlos E.R.
>> <robin_listas@es.invalid> wrote:
>>
>>>>>> all that does is flag it to not be publicly indexed, and only for
>>>>>> google. other aggregators ignore it entirely.
>>>>>
>>>>> Please see my patient and rather detailed for Carlos, nospam.
>>>>>   *Internal logs of Andorid (or ios? phones)*
>>>>
>>>> you don't have 'internal logs' of what google does with any information
>>>> it collects, or anyone else for that matter.
>>>>
>>>> google definitely collects it. however, it's not publicly indexed.
>>>>
>>>> it also doesn't matter since microsoft, apple, skyhook and other
>>>> geolocation databases also collect it, and unlike google, *will*
>>>> publicly index it.
>>>
>>> His claim is that indexers (some? all?) do not collect wifis with
>>> hidden SSIDs. And that is his privacy reason for setting ssid to hide.
>>
>> the geolocation database correlates bssid and location data, along with
>> other stuff such as signal strength.
>> the ssid is unimportant because it's not unique and can change at any
>> time. being hidden makes absolutely no difference whatsoever.
>>
>> he also claims that adding _nomap will prevent collection. it does not.
>> all that does is stop it from being publicly indexed, and only by
>> google, not by others. it also requires the ssid to not be hidden, so
>> that _nomap can be 'seen'.
>>> I have no idea if this is true or not. It may be.
>>
>> it's very much not true.
>>> Now, someone may verify this be creating an AP with hidden SSID,
>>> close to another with normal SSID, and wait (years?) to see which
>>> appear on public access wifi databases.
>>
>> that was done 15 years ago when wifi geolocation first began, and
>> doesn't take years to verify either.
>>
>> the geolocation database is typically updated within a day or two at
>> the most, many times less than that if it's in a busy area with a lot
>> of people.
>
> Hi Carlos,
>
> My belief system, unlike nospam's, is based completely on facts. In
> fact, I'll change my mind on a dime, if given reliable facts.
>   *That's what normal well educated intelligent people do*
>
> While nospam is trying to lower the conversation to the kindergarten level,
> I'm not even going refute all the fabricated strawmen nospam created above.
>
> At first I said "Jesus Christ" because I was truly shocked how ignorant
> nospam was, but as he fabricates strawmen above, I realize he's stupid too.
>   *It's clear nospam has no comprehension of how the SSID works*
>
> Notwithstanding nospam's ignorance, I hope _you_ can comprehend facts.
>
> Keeping in mind I've scoured the Internet so I'm aware of more than one URL
> which is what I base my belief systems on, I value your time greatly.
>
> Hence, here's only _one_ URL from one of the most respected wardrivers.
> *Hidden networks and android*
> <https://wigle.net/phpbb/viewtopic.php?t=1655>
>
> Please take a look at that one URL and allow me to ask you _one_ question.
>
> Q: *Do multiple admins say that hiding the SSID prevents Wigle seeing it?*
>   a. Yes
>   b. No
>      You must pick one.

I don't know if they are admins. Ah, you mean people that register as
admin to that forum site. There are two.

They say that the wigle tool does not record hidden ssids, except the
one of the phone where it is running, because the Android API doesn't
list them, I assume unless probing for them.

>
> Helpful but very casual definitions of keywords used are placed in the sig.

--
Cheers, Carlos.

On 2023-03-08 14:13, nospam wrote:
> In article <687mdjxd8t.ln2@Telcontar.valinor>, Carlos E.R.
> <robin_listas@es.invalid> wrote:
>
>>>>> all that does is flag it to not be publicly indexed, and only for
>>>>> google. other aggregators ignore it entirely.
>>>>
>>>> Please see my patient and rather detailed for Carlos, nospam.
>>>> *Internal logs of Andorid (or ios? phones)*
>>>
>>> you don't have 'internal logs' of what google does with any information
>>> it collects, or anyone else for that matter.
>>>
>>> google definitely collects it. however, it's not publicly indexed.
>>>
>>> it also doesn't matter since microsoft, apple, skyhook and other
>>> geolocation databases also collect it, and unlike google, *will*
>>> publicly index it.
>>
>> His claim is that indexers (some? all?) do not collect wifis with hidden
>> SSIDs. And that is his privacy reason for setting ssid to hide.
>
> the geolocation database correlates bssid and location data, along with
> other stuff such as signal strength.
>
> the ssid is unimportant because it's not unique and can change at any
> time. being hidden makes absolutely no difference whatsoever.

Ok, but it seems that if the SSID is hidden, the Android AP doesn't
register it at all, so neither will it register the BSSID.

>
> he also claims that adding _nomap will prevent collection. it does not.
> all that does is stop it from being publicly indexed, and only by
> google, not by others. it also requires the ssid to not be hidden, so
> that _nomap can be 'seen'.
>
>> I have no idea if this is true or not. It may be.
>
> it's very much not true.
>
>> Now, someone may verify this be creating an AP with hidden SSID, close
>> to another with normal SSID, and wait (years?) to see which appear on
>> public access wifi databases.
>
> that was done 15 years ago when wifi geolocation first began, and
> doesn't take years to verify either.

The google car takes years to pass again.

>
> the geolocation database is typically updated within a day or two at
> the most, many times less than that if it's in a busy area with a lot
> of people.

Ok, tell me how can I read the database that lists my own access point,
then I will add a guest AP with hidden SSID and I can search for it a
week later.

Unless the BSSID is the same as for the main SSID which is not hidden,
in the same hardware AP. In that case, I need to add a new or unused AP
to my house, near the street.

--
Cheers, Carlos.

On 2023-03-08 19:36, mike wrote:
> On 08-03-2023 23:57 Andy Burnelli <nospam@nospam.net> wrote:
>
>> Alan Browne wrote:
>>
>>> 10+ years ago I used hidden SSID's until I realized it's not useful.
>>
>> For those who aren't aware of the genesis of Alan Browne's statement that
>> he used to hide his SSID's (for _security_ purposes), but no longer
>> does...
>> You can find a million web articles saying the same thing... a. People
>> long ago thought hiding the SSID was useful for _security_...
>> b. But what happened in the interim was better tools for discovery
>> came out
>> c. Such that it's no longer advised to hide the SSID for _security_.
>>
>> Worse, given most people are stupid so they don't even know what happens
>> next, if you do hide your SSID, instantly you have to do more stuff for
>> privacy (I'm not even going to get into that as most people are stupid).
>>
>> However...
>> The reason for hiding the SSID still remains valid for _privacy_.
>> Specifically, privacy from Apple/Google/Microsoft/Wigle/etc. public
>> databases (all of whom are dependent on the tools uploading the data).
>>
>> I must repeat the salient observation that most people are stupid
>> because I
>> will then say that even those stupid people (like nospam) now about
>> _nomap.
>>
>> But a problem with _nomap is your data is _still uploaded_ to the
>> servers!
>> The goal here, is to prevent the _upload_ in the first place.
>>
>> All evidence so far (see previous cites) shows the Android "Google Mobile
>> Services" (aka gms for short) does NOT (and I repeat, NOT!) report the
>> broadcasts if the SSID is hidden.
>>     *This is _different_ behavior from promiscuous modes.*
>>
>> If this is correct (where I'll read and understand any cite you
>> provide if
>> you claim it's not correct), then it's a good first step for _privacy_ to
>> hide your SSID in the broadcast because that prevents the primary upload.
>>
>> In summary, if you have a reliable cite that knows about _both_ the
>> security and privacy implications of hiding your SSID, I'll read it.
>>
>> Otherwise, you're just as ignorant about the topic as nospam is.
>
> If these people you're trying to convince are as stupid as you say they
> are, then you're never going to convince them with any number of facts.
> You prolly need to find another forum.
> One with people who are smarter than you.

And start writing less and more concisely, and politely.

When I see pages of text mixed with how stupid or childish is someone, I
move on.

--
Cheers, Carlos.

Carlos E.R. wrote:

> I don't know if they are admins. Ah, you mean people that register as
> admin to that forum site. There are two.

Hi Carlos,

Thank you for answering, which means a lot to me, as what I'm trying to do
most people have never tried (one in a million perhaps) so there's not a
lot about it specifically on the Internet.

The reason that they are WiGle admins mattered is only because anyone can
say anything (witness the garbage from nospam, for example), but for an
admin to say it, and, for multiple admins to say it, and for nobody else to
contradict them, tells us (most likely) that it's the correct answer.

I only picked WiGle but I could have found similar answers elsewhere.
Yet I have NEVER found a credible cite which DENIED that hidden SSIDs were
omitted from the collection process. *That's important*.
*It's important because nospam denied that hidden SSIDs were omitted.*

But nospam just makes this stuff up.
I don't.
*I base my belief systems upon credible cites*.
> They say that the wigle tool does not record hidden ssids, except the
> one of the phone where it is running, because the Android API doesn't
> list them, I assume unless probing for them.

Thank you for understanding what the reliable cite said. Much appreciated.
(If only nospam could understand it, he might be able to help people out.)

>> Helpful but very casual definitions of keywords used are placed in the sig.

I should be clear, as I read the post from Michael and all his cites, that
the hidden SSID is actually zeroed out in the broadcast. I didn't know that
but it doesn't change anything in the concept of hiding the SSID for
privacy from being *UPLOADED* to the mothership servers by rude devices.

Rude devices include iOS, Android, macOS, Windows, Linux, etc.
Public servers include Google's, Apple's, Microsoft's, WiGle's, etc.

In summary, it's my belief (but I need more reliable cites to confirm),
that simply setting up your SSID to be hidden (i.e., zeroed out) in the
broadcast packets will _prevent uploading_ by rude devices to well-behaved
public databases (which we can presume Apple, Google & Microsoft are).

However, if anyone can provide a cite that either agrees or disagrees with
that, then please provide it as I can change my assessment on a dime if
reliable data is forthcoming.

On 2023-03-08 18:27, Michael wrote:
> On Wed, 8 Mar 2023 12:13:42 +0100, Carlos E.R. wrote:
>
>> Now, someone may verify this be creating an AP with hidden SSID, close
>> to another with normal SSID, and wait (years?) to see which appear on
>> public access wifi databases.
>
> Google makes it very hard to keep your location out of its databases.
> https://www.businessinsider.com/unredacted-google-lawsuit-docs-detail-efforts-to-collect-user-location-2021-5
>
> You can't turn the beacon off but you can remove the ssid from it.
> https://lwn.net/Articles/468914/
>
> If the beacon ssid ends with _nomap, google servers remove it.
> https://www.computerworld.com/article/2471686/here-s-how-to-opt-out-of-google-s-wi-fi-snooping.html
>
> Google "encourages" others like apple & microsoft to respect _nomap.
> https://support.google.com/maps/answer/1725632?hl=en
>
> If the beacon ssid does not end with nomap, it appears within days.
> https://www.cnet.com/news/privacy/removing-your-wi-fi-network-from-googles-map/

Where, exactly, is that list? I can not find a link there.

I want to find out if mine is there.

--
Cheers, Carlos.

Carlos E.R. wrote:

> And start writing less and more concisely, and politely.
>
> When I see pages of text mixed with how stupid or childish is someone, I
> move on.

Hi Carlos,
Thanks for the kind advice which I can tell is purposefully helpful.
You'll note I react differently to purposefully non-helpful posters.

However, to your advice, I'll try to be more succinct.
If I do better, let me know.

If Michael knows of a forum with smarter people, please let me know.
I _already_ have a long-standing XDA-Developers thread on this though.

Nobody on XDA disputed it.
But nobody on XDA proved it either.

Carlos E.R. wrote:

>> the geolocation database correlates bssid and location data, along with
>> other stuff such as signal strength.
>>
>> the ssid is unimportant because it's not unique and can change at any
>> time. being hidden makes absolutely no difference whatsoever.
>
> Ok, but it seems that if the SSID is hidden, the Android AP doesn't
> register it at all, so neither will it register the BSSID.

What's clear is Carlos understands the setup & action; nospam does not.
The issue is the AP location (unique) & the related BSSID (mostly unique).

Carlos understood what nospam did not understand, which is we are only
talking about the SSID because the mere action of _hiding_ that SSID
(reputedly) prevents the collection of the rest of the location stuff.

What Carlos understood but nospam can't is it has nothing per se to do with
hiding the SSID other than that mere act prevents the location collection!

And that's the whole point because it solves _two_ problems at once.
a. Well behaved mothership databases won't even get the data;
b. But also not-so-well-behaved mothership databases won't get it either.

That's how being smart helps people gain privacy.

>> that was done 15 years ago when wifi geolocation first began, and
>> doesn't take years to verify either.
>
> The google car takes years to pass again.

Google was sued and that's when they implemented the _nomap process.
However, that doesn't help with the not-so-well-behaved motherships.

Which is why being smart helps keep the AP location out of their hands.
One out of a million people is that smart though...
>> the geolocation database is typically updated within a day or two at
>> the most, many times less than that if it's in a busy area with a lot
>> of people.
>
> Ok, tell me how can I read the database that lists my own access point,
> then I will add a guest AP with hidden SSID and I can search for it a
> week later.

I'm not sure what answer nospam will give you but we covered in detail on
this very newsgroup the Google public API to query the database.

The problem with you or me doing it is that Google has to give you a key,
which they will provide for free, but we have to ask for it first.

Once we have the key, Google implemented two more "security" issues which
is that you can't get just one AP location if you only have one in hand.

You need two.

> Unless the BSSID is the same as for the main SSID which is not hidden,
> in the same hardware AP. In that case, I need to add a new or unused AP
> to my house, near the street.

While it's "possible" to have two distinct NICs with the same BSSID, it's
unlikely and, for the purposes of this thread, we'll consider that moot.

In summary, nospam doesn't understand any of this so he is concentrating on
the (meaningless) SSID where the whole point is to be intelligent about it.

It's my educated assessment (but I would love to prove or disprove this),
that the mere action of hiding the SSID tells well-behaved Android devices
to not collect the rest of the location information and that's the point.

If they don't collect it, they can't upload it to the mothership servers.
I'll betcha' only one in a million people know this...

On 2023-03-08 15:15, Carlos E.R. wrote:
> On 2023-03-08 18:27, Michael wrote:
>> On Wed, 8 Mar 2023 12:13:42 +0100, Carlos E.R. wrote:
>>
>>> Now, someone may verify this be creating an AP with hidden SSID, close
>>> to another with normal SSID, and wait (years?) to see which appear on
>>> public access wifi databases.
>>
>> Google makes it very hard to keep your location out of its databases.
>> https://www.businessinsider.com/unredacted-google-lawsuit-docs-detail-efforts-to-collect-user-location-2021-5
>>
>> You can't turn the beacon off but you can remove the ssid from it.
>> https://lwn.net/Articles/468914/
>>
>> If the beacon ssid ends with _nomap, google servers remove it.
>> https://www.computerworld.com/article/2471686/here-s-how-to-opt-out-of-google-s-wi-fi-snooping.html
>>
>> Google "encourages" others like apple & microsoft to respect _nomap.
>> https://support.google.com/maps/answer/1725632?hl=en
>>
>> If the beacon ssid does not end with nomap, it appears within days.
>> https://www.cnet.com/news/privacy/removing-your-wi-fi-network-from-googles-map/
>
> Where, exactly, is that list? I can not find a link there.
>
> I want to find out if mine is there.

Here is a publicly gathered list. Will not have Google or other
"corporate" data in it.

I believe you need to create an account in order to search by SSID.

--
“Donald Trump and his allies and supporters are a clear and present
danger to American democracy.”
- J Michael Luttig - 2022-06-16
- Former US appellate court judge (R) testifying to the January 6
committee

On 2023-03-08 15:15, Carlos E.R. wrote:
> On 2023-03-08 18:27, Michael wrote:
>> On Wed, 8 Mar 2023 12:13:42 +0100, Carlos E.R. wrote:
>>
>>> Now, someone may verify this be creating an AP with hidden SSID, close
>>> to another with normal SSID, and wait (years?) to see which appear on
>>> public access wifi databases.
>>
>> Google makes it very hard to keep your location out of its databases.
>> https://www.businessinsider.com/unredacted-google-lawsuit-docs-detail-efforts-to-collect-user-location-2021-5
>>
>> You can't turn the beacon off but you can remove the ssid from it.
>> https://lwn.net/Articles/468914/
>>
>> If the beacon ssid ends with _nomap, google servers remove it.
>> https://www.computerworld.com/article/2471686/here-s-how-to-opt-out-of-google-s-wi-fi-snooping.html
>>
>> Google "encourages" others like apple & microsoft to respect _nomap.
>> https://support.google.com/maps/answer/1725632?hl=en
>>
>> If the beacon ssid does not end with nomap, it appears within days.
>> https://www.cnet.com/news/privacy/removing-your-wi-fi-network-from-googles-map/
>
> Where, exactly, is that list? I can not find a link there.
>
> I want to find out if mine is there.

er ... here: https://wigle.net/

--
“Donald Trump and his allies and supporters are a clear and present
danger to American democracy.”
- J Michael Luttig - 2022-06-16
- Former US appellate court judge (R) testifying to the January 6
committee

On 2023-03-08 21:47, Alan Browne wrote:
> On 2023-03-08 15:15, Carlos E.R. wrote:
>> On 2023-03-08 18:27, Michael wrote:
>>> On Wed, 8 Mar 2023 12:13:42 +0100, Carlos E.R. wrote:
>>>
>>>> Now, someone may verify this be creating an AP with hidden SSID, close
>>>> to another with normal SSID, and wait (years?) to see which appear on
>>>> public access wifi databases.
>>>
>>> Google makes it very hard to keep your location out of its databases.
>>> https://www.businessinsider.com/unredacted-google-lawsuit-docs-detail-efforts-to-collect-user-location-2021-5
>>>
>>> You can't turn the beacon off but you can remove the ssid from it.
>>> https://lwn.net/Articles/468914/
>>>
>>> If the beacon ssid ends with _nomap, google servers remove it.
>>> https://www.computerworld.com/article/2471686/here-s-how-to-opt-out-of-google-s-wi-fi-snooping.html
>>>
>>> Google "encourages" others like apple & microsoft to respect _nomap.
>>> https://support.google.com/maps/answer/1725632?hl=en
>>>
>>> If the beacon ssid does not end with nomap, it appears within days.
>>> https://www.cnet.com/news/privacy/removing-your-wi-fi-network-from-googles-map/
>>
>> Where, exactly, is that list? I can not find a link there.
>>
>> I want to find out if mine is there.
>
>
> er ... here: https://wigle.net/
>

Ok, nice. It requires login to show data about points. Not sure if I
want to do that.

Amazing the precision of the map itself. From the national geographic
institute (of Spain), it is the first time I see it used in a site.

--
Cheers, Carlos.