Comment by simonw
5 months ago
Anyone understand why an apparently accurate latitude/longitude showed up in one of those traces despite location services not being enabled for the app in question?
5 months ago
Anyone understand why an apparently accurate latitude/longitude showed up in one of those traces despite location services not being enabled for the app in question?
Phones send out probe requests to get a list of open wifis. If you have a static access point, with a known geo location, software can be running on that point to remember a mac address of the phone from a probe and store it. Thus enabling real time tracking.
Im like 60% sure this is how they figured out who the Bomber was in Austin TX.
Not entirely... "Apple platforms use a randomized Media Access Control address (MAC address) when performing Wi-Fi scans when not associated with a Wi-Fi network." https://support.apple.com/guide/security/privacy-features-co...
This is also why some Chinese apps put everything inside a single app and request every permission there is, then track you through Wifi SSIDs seen by your device.
Almost no mobile apps need to know the mac addresses of anything, let alone SSID/BSSID. Why would OS give this info up to some app?
3 replies →
Probably Mozilla location services (which I happily block) which does pretty accurate passive location tracking.
A previous request maybe mapped their IP back to the geo, and that data was used subsequently, maybe?
Thanks for asking. Came here to ask since I was curious about this too. I don't find any of the replies here convincing:
- List of open wifis: AFAIK, and in my experience, apps need special permissions to do anything at the wifi level. And yes, iOS location services use wifi info but it's disabled, that's the point;
- IP back to geo: then why not send the IP itself directly?
- Mozilla location services: same as above, why not send the info you send to Mozilla directly to the data harvester which can call Mozilla itself?