Worried About Skyhook Mapping Your Wifi Router To a GeoLocation?

September 12, 2008

by — Posted in Technology

Picture from here

I was reading a story on slashdot about how Skyhook Wireless has been wardriving the United States mapping MAC addresses from the wireless routers it detects to your geographic location.   Now first for those paranoid, they probably are not going to get your exact physical address but it will be “close” – close is defined as within 500 feet.

Following the discussions on the slashdot posting, you can see that some geeks are freaked out.  They are worried about getting spam to their physical location (my email address has nothing to do with my physical location).  They are stating to change your mac address so it obsoletes the database.   While this is doable, there is another better scenario for this. If you should find your MAC address on this database or you wish to preemptively strike against this mapping when it comes to your MAC address, you are going to have to change your mac address.

Most wireless routers allow you to change the MAC Address on your wifi segment.   If your router does not allow you to do this please purchase a new router if you wish to proceed.  While a MAC address needs to be unique on a network segment (so the computers can talk to each other) they do not have to be unique in the universe, in the world, in the country, in the state, or even in the same town.  If the signals are weak and shielded enough to prevent interference you could have duplicate MAC addresses in the same apartment building, though I wouldn’t recommend that and it would negate this exercise anyways.

Now you are all ready to change your MAC address, what do you change it to?  How about  the same as the McDonald’s in times square?  Your friend can snag you one the from the Panera Bread in Anchorage, Alaska.   Maybe you want your house to have the same MAC address as the wifi routers in Disney World.  If you want to be boring go up to your local Best Buy look at what their MAC address is set to, though it would still be local to you somewhat then.  I’m not going to go through and state how to get these MAC addresses, but most people that would actually bother to do this already know how.   If you need further instruction drop me a comment and I may go into it.

By changing the MAC address you have now poisoned the Geo-Location database that Skyhook Wireless has saved about you.   Even if they grab your MAC address after you have changed it, which MAC Geo location is going to take precedence – Times Square or Podunk, Iowa?  There is a chance if Skyhook doesn’t have it’s weighting algorithms correct and all those people at McDonalds in Times Square would have their location showing as Podunk Iowa – though it would be amusing to use the API and have it say that there are 300 people currently in your house.

You can get more documentation on the API from here and here.

Sometimes people over think the problem when a simpler and more elegant solution can be utilized.   If in the end Skyhook data can’t be trusted, it will not be used.

Image from here

13 thoughts on “Worried About Skyhook Mapping Your Wifi Router To a GeoLocation?

  1. When you change you MAC to fool Skhhook you are just one of hundreds of APs in your neighborhood. Considering that many people still don't change the default admin settings on their router, your bit of subversion is only as effective as the radius of your AP.

  2. Isn't that the point though – I wasn't going through stating that everyone should change and break the skyhook API – just if your worried about the geolocation information of your own API.

  3. I don't nec. disagree with you – it took me much longer to write the article then it would have been to come up with the idea of doing this and make the change.

    In theory my one AP is newer and prob. is not in the database, if my other API's are in the database it will probably say the wrong state depending on when they passed through – pre or post move to my current location.

    Either way – I can change, I know how to change, and if I am inclined I can do it in under a minute.

    What the real point of this article was everyone was going WAY overboard and overthinking this issue and solutions to remove their own AP's from teh database. If they don't like the database or have a grudge against, my solution is simple and sweet. The geo loc. data they get from your MAC is wrong – but like you pointed out if they want the information they can just walk down the street and pick up a different one.

    There is no reason I have to be altruistic and give out my geo loc. information just because someone didn't buy a device with a GPS in it. That's really the issue though right? When geo location applications become more refined we will just be using GPS chips in all of our devices anyways? At that point the skyhook database should eventually die off. It's a stop gap until the GPS chip itself takes over.

  4. Okay, so… I'm reading all this hype about geolocation by MAC address and I just HAVE to ask… “so what?” The chances of pinpointing an exact location seems a bit far-fetched. And, supposing you did locate my residence, what benefit does it give you other than knowing you spent all the this time to find plain ole jane?

  5. I've got a better idea. Why don't we ALL set our MAC addresses to one that originates around the Skyhook corporate office? I could set mine, and dozens of friends, and together we make everyone point to one MAC address.

  6. Well that’s not correct reasoning.  It doesn’t matter how many people counterfeit their location as long as they don’t do it en masse.  Random
    noise will be cancelled out and the true location will still show.
    Write needs some classes in information theory

  7. Actually the information theory is sound if you realize that it about an individual removing their Mac address from the database. Since it isn’t about people doing it collectively in a neighborhood, the assisted GPS database would still function perfectly fine for someone that was using the service.

    We do run into the part that I didn’t touch upon, that if Skyhook can handle duplicate Mac
    Addresses or not. If they can you would have to check the frequency they patrol an area before your MAC is back in the database – then you would have to change it again.

    Also this is about routers and not about tracking laptops or phones – which would be a completely different discussion.

Leave a Reply