Re: Google Maps offering to "map our locations"....concerns??

[Joel Rosenblatt <joel () COLUMBIA EDU>]

Hi,

I'm curious, who did Google approach to ask for permission to scan the campus?

Thanks,
Joel

--On Tuesday, April 17, 2012 3:04 PM -0400 Justin Azoff <JAzoff () ALBANY EDU> wrote:

> On Tue, Apr 17, 2012 at 01:21:45PM -0500, Heath Barnhart wrote:
> > I agree with this as well. There's a difference between walking around with
> > your wifi adapter on and seeing what you see and actually capturing
> > information, which I believe if anyone of us got caught doing would land us in
> > a federal prison.
>
> There isn't a difference though.. unless by "see" you mean display to
> the screen and "capture" you mean write to disk.
>
> > I would suggest, if asked for opinion by administration, that a stipulation be
> > made that Google only be allowed to do passive scanning of the network only.
> > That way they can still gather their WiFi location data if they want but not
> > get user data.
>
> "passive scanning" confuses two different concepts.  What google did
> originally that got them in trouble was completely passive data
> collection and didn't even involve any type of scanning.
>
> What google had intended on doing was to capture the unencrypted 802.11
> beacon frames which contain the SSID and BSSID.  They accidentally
> captured all 802.11 frames, including those from people using insecure
> wireless networks.  The only reason why google every captured user data
> was users were being stupid and broadcasting their data in the clear
> into public areas.
>
> --
> -- Justin Azoff
> -- Network Security & Performance Analyst



Joel Rosenblatt, Director Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3