Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google Maps offering to "map our locations"....concerns??

From: Drew Perry <aperry () MURRAYSTATE EDU>
Date: Tue, 17 Apr 2012 17:10:36 -0500
"Many Bothans died to bring you the fastest walking directions to the
student union."
Sponsored result: Thinking about gallactic rebellion? Hot
Topic<http://www.hottopic.com>has all your rebel clothing needs.

-Sorry, I couldn't resist.

Drew Perry
Security Analyst
Murray State University
(270) 809-4414
aperry () murraystate edu

***MSU Information Systems staff will *never* ask for your password or
other confidential information via email.***
*
*



On Tue, Apr 17, 2012 at 4:02 PM, Heath Barnhart <heath.barnhart () washburn edu

wrote:



 By passive scan, I mean the wireless adapter is looking at beacons for
networks to potentially connect to and nothing else, which every wireless
device does. You can get the BSSID information from the OS which doesn't
require a packet capture. The packet capture is just easier.


On 4/17/2012 2:04 PM, Justin Azoff wrote:

On Tue, Apr 17, 2012 at 01:21:45PM -0500, Heath Barnhart wrote:

 I agree with this as well. There's a difference between walking around with
your wifi adapter on and seeing what you see and actually capturing
information, which I believe if anyone of us got caught doing would land us in
a federal prison.

 There isn't a difference though.. unless by "see" you mean display to
the screen and "capture" you mean write to disk.


 I would suggest, if asked for opinion by administration, that a stipulation be
made that Google only be allowed to do passive scanning of the network only.
That way they can still gather their WiFi location data if they want but not
get user data.

 "passive scanning" confuses two different concepts.  What google did
originally that got them in trouble was completely passive data
collection and didn't even involve any type of scanning.

What google had intended on doing was to capture the unencrypted 802.11
beacon frames which contain the SSID and BSSID.  They accidentally
captured all 802.11 frames, including those from people using insecure
wireless networks.  The only reason why google every captured user data
was users were being stupid and broadcasting their data in the clear
into public areas.




--
*Heath Barnhart, CCNA*
Network Administrator
Information Systems Services
Washburn University
Topeka, KS
Previous By Date Next
Previous By Thread Next

Current thread: