Comment by zamadatix
5 hours ago
I was wondering if there was more Microsoft has said/used to say about this feature because it leaves a gap between "connect to your organizations Wi-Fi" and "will show you're connected to Starbucks/Home and what that SSID is".
I followed several articles and the tree I found seems to end with this Neowin article https://www.neowin.net/news/microsoft-delays-controversial-l... but it doesn't actully clear up the sourcing. I.e. the quote in the article is the same roadmap item, yet the article talks directly to that as if it's the home SSID which will be put into Teams - where is that information in the quote it's describing? I'm not sure if they just didn't source that bit or if it's plain confusion about whether it's really limited to "connecting to your organizations Wi-Fi" which is then being picked up as a hot story.
Yeah, I couldn't find any sources that weren't rage-bait either.
Honestly, to me the feature seems so incredibly low-functionality that I'm surprised they're pushing it forward after all of the controversy it's generated. Like, sure, it might be nice to see if someone was out to lunch or in Building 17 or whatever without needing to message them, but at the cost of the whole "teams is spying on you" narrative and yuck-factor it pushes, I'm surprised they haven't pushed harder on either clarifying the functionality or just pulling it.
I think I agree. Of all things MS does, this is relatively small potatoes. It a soft creep, but also a gentle reminder that I need to somehow get out of my position, do wfh where I control my environment better ( likely my own business ), or try to convince bosses that we should move away from Windows ( as impossible as sell now as it ever was ).
Hell, if you're using Teams PSTN calling, your location has to be pulled in by Teams for e911 compliance anyways down to the building. It updates automatically already, even!
Sure, and your corporate IT also have the roaming logs from their APs and the access logs from the VPN (and maybe your location from MDM anyway), but it doesn't get shown to your boss and coworkers in real time, probably, unless your company is structured really weirdly.
What happens if you deny location permissions? Why doesn't every other VOIP app require your live location, and instead are fine with a random address you manually entered?
1 reply →
Is the answer to buy a travel router and give it the same SSID as another network, either work or home? Or is this doing something more sophisticated than SSID snooping?
More on this here https://news.ycombinator.com/item?id=46827756 but the short of it is where is this talk of SSIDs even originating and, if it is really the approach, how does it work right at all?
That aside, if it is SSIDs it's dead simple to fake. If it's BSSIDs it's a little more difficult and not every AP may expose a way to spoof it (but it's not too difficult to find ones which will).
Nobody knows, as far as I can tell; I haven't found any actual sources and I don't think the code is present in a public release anywhere for anyone to look at. I'm assuming it must work off of MAC at a minimum, since most offices have the same SSID across buildings. It doesn't really seem "designed" as a spyware/audit feature, since it would be a terrible flimsy one, but it also just doesn't seem that useful compared to the "yuck" factor it generates and the potential for abuse by crappy employers/managers.