Stories with Tag geolocation

• Everyone knows your location, Part 2: try it yourself and share the results

  permalink

  Posted: 2025-04-17 13:41:27

  Verbose tl;dr

  The blog post encourages readers to experiment with a provided Python script that demonstrates how easily location can be estimated using publicly available Wi-Fi network data and the Wigle.net API. By inputting the BSSIDs (unique identifiers) of nearby Wi-Fi networks, even without connecting to them, the script queries Wigle.net and returns a surprisingly accurate location estimate. The post highlights the privacy implications of this accessible technology, emphasizing how readily available information about wireless networks can be used to pinpoint someone's location with a simple script, regardless of whether location services are enabled on a device. This reinforces the previous post's message about the pervasiveness of location tracking.

  This blog post, titled "Everyone Knows Your Location, Part 2: Try It Yourself and Share the Results," serves as a follow-up to a previous entry discussing the surprising ease with which location information can be inadvertently leaked online. The author, Tim, expands upon the initial exploration by providing readers with a practical, hands-on exercise designed to demonstrate the potential vulnerability of seemingly innocuous online interactions.

  The core of the post revolves around a self-guided experiment involving the creation and sharing of a specifically crafted HTML file. This file incorporates embedded JavaScript code that, when opened in a web browser, leverages the browser's geolocation API. This API, designed to allow websites to access a user's location for legitimate purposes like providing localized content or directions, can be exploited to subtly extract location data without explicit user consent if not handled cautiously.

  The author meticulously details the steps involved in creating this HTML file, providing clear and concise instructions along with explanations of the underlying code. This careful breakdown empowers readers, even those without extensive technical knowledge, to replicate the experiment themselves and witness firsthand how their location information can be obtained. The provided JavaScript code includes functionality to send the retrieved location data to a designated web server controlled by the author, effectively simulating a scenario where an unwitting user might inadvertently disclose their location.

  Furthermore, the post emphasizes the importance of responsible data handling and highlights the ethical implications of this potential vulnerability. By encouraging readers to participate in the experiment and subsequently share their anonymized results, the author aims to foster a broader understanding of the prevalence and potential impact of location tracking in the digital age. The explicit request for anonymized results underscores the author's commitment to privacy and ethical data collection practices. The overall goal is to raise awareness and promote informed discussions about the trade-offs between convenience and privacy in the context of location-based services and online interactions. The post implicitly suggests that increased awareness can lead to better practices by both developers and users when dealing with location data.

  • location tracking
  • privacy
  • geolocation
  • IP address
  • Wi-Fi
  • cellular triangulation
  • metadata
  • Online Security
  • digital footprint
  • surveillance
  • experiment
  • Data Collection
  • User Data
  • Location Services
  • Mapping

  Summary of Comments ( 50 )
  https://news.ycombinator.com/item?id=43716704

  Verbose tl;dr

  Hacker News users generally agreed with the article's premise, expressing concern over the ease with which location can be approximated or even precisely determined using readily available data and relatively simple techniques. Several commenters shared their own experiences replicating the author's methods, often with similar success in pinpointing locations. Some highlighted the chilling implications for privacy, particularly in light of data breaches and the potential for malicious actors to exploit this vulnerability. A few offered suggestions for mitigating the risk, such as VPN usage or scrutinizing browser extensions, while others debated the feasibility and effectiveness of such measures. Some questioned the novelty of the findings, pointing to prior discussions on similar topics, while others emphasized the importance of continued awareness and education about these privacy risks.

  The Hacker News post titled "Everyone knows your location, Part 2: try it yourself and share the results" generated a moderate amount of discussion with a mix of reactions and insights related to the original article's claims about location tracking.

  Several commenters shared their own experiences attempting the location tracking techniques described in the article, with varying degrees of success. Some reported being able to pinpoint locations with surprising accuracy, while others found the methods less effective or inconsistent. This led to a discussion about the reliability and practicality of these techniques in real-world scenarios.

  A key point of discussion revolved around the ethical implications of readily accessible location tracking methods. Commenters debated the potential for misuse and the need for greater awareness and control over personal location data. Some argued for stricter regulations and increased transparency from companies collecting and utilizing location information.

  Technical details of the tracking methods were also examined. Commenters discussed the specifics of IP address geolocation, WiFi positioning, and other techniques, including their limitations and potential vulnerabilities. Some commenters with expertise in networking and security offered insights into the accuracy and feasibility of these methods, pointing out factors that could influence the results.

  The conversation touched upon the trade-offs between convenience and privacy in the context of location-based services. Commenters acknowledged the benefits of location services for navigation, personalized recommendations, and other applications, but also expressed concerns about the potential for surveillance and data breaches.

  Some commenters also discussed potential mitigations and defenses against unwanted location tracking. Suggestions included using VPNs, disabling location services on devices, and being mindful of the permissions granted to apps.

  Finally, a few commenters questioned the overall novelty of the information presented in the article, suggesting that the methods described were already well-known within the security and privacy community. However, they acknowledged the value in raising public awareness about these issues and making them accessible to a wider audience.

• BPS is a GPS alternative that nobody's heard of

  permalink

  Posted: 2025-04-13 01:31:38

  Verbose tl;dr

  Jeff Geerling's blog post highlights Beidou Position System (BPS), China's independently developed global navigation satellite system, as a lesser-known alternative to GPS. He details its development, global coverage, and increasing accuracy, emphasizing its potential as a backup or even primary navigation system, particularly for those needing to operate independently of US-controlled infrastructure. Geerling shares his experience testing BPS receivers, noting its comparable performance to GPS in his basic experiments and the growing availability of BPS-compatible devices. He concludes by advocating for greater awareness of BPS as a viable option in the GNSS landscape.

  In a fascinating exploration of obscure navigational technologies, Jeff Geerling's blog post, "BPS is a GPS alternative that nobody's heard of," delves into the intricacies of the Beidou Precise Point Positioning (BPS) system, a Chinese satellite navigation system that offers a compelling, albeit lesser-known, alternative to the ubiquitous Global Positioning System (GPS). Geerling meticulously details his personal journey of discovery, beginning with the unexpected observation of BPS signals being received by his recently acquired U-blox ZED-F9P receiver module, a highly sensitive piece of hardware capable of discerning signals from various global navigation satellite systems (GNSS). Initially perplexed by these unfamiliar signals, Geerling embarked upon a comprehensive investigation, utilizing online resources and technical documentation to unravel the mystery. He elucidates the origins and development of Beidou, highlighting its evolution from a regional system serving primarily the Asia-Pacific region to its current global reach, achieved through the strategic deployment of numerous satellites in medium Earth orbit (MEO), inclined geosynchronous orbit (IGSO), and geostationary Earth orbit (GEO). The article further elaborates on the technical underpinnings of BPS, comparing and contrasting it with other precise point positioning services, such as the GPS-based PPP, emphasizing the distinct advantages offered by Beidou, particularly in terms of accuracy and availability in certain regions. Geerling meticulously documents his experimental setup, describing the hardware and software employed to capture and analyze BPS signals, including the specific configurations and parameters necessary to achieve optimal results. He shares his experiences with integrating the ZED-F9P module with a Raspberry Pi single-board computer, demonstrating the practical feasibility of utilizing BPS for real-world applications. Furthermore, the blog post delves into the potential implications of BPS for the future of navigation, speculating on its possible role in a world increasingly reliant on precise location information, and acknowledging the potential geopolitical ramifications of adopting a Chinese-developed system. Finally, Geerling concludes with a thoughtful reflection on the surprising prevalence of this relatively unknown technology and encourages further exploration of its capabilities and potential.

  • BPS
  • GPS
  • Positioning System
  • Navigation
  • alternative navigation
  • geolocation
  • Beidou
  • GNSS
  • Satellite Navigation
  • Location Services

  Summary of Comments ( 111 )
  https://news.ycombinator.com/item?id=43669308

  Verbose tl;dr

  HN commenters discuss the viability and practicality of BPS, noting it's largely theoretical and faces significant hurdles. Several point out the immense infrastructure investment required for terrestrial positioning systems like BPS, especially compared to the established satellite-based GPS. Some question the accuracy claims and highlight potential interference issues in dense urban environments. Others express skepticism about BPS's resistance to jamming and spoofing, crucial for critical infrastructure. A few comments mention Loran-C as a more mature terrestrial alternative, although it has its limitations. Overall, there's a consensus that while intriguing, BPS lacks the development and backing to become a serious competitor to GPS in the foreseeable future.

  The Hacker News comments section for the post "BPS is a GPS alternative that nobody's heard of" (linking to Jeff Geerling's blog post about Beidou Position System) contains a robust discussion with various perspectives on the viability and implications of BPS.

  Several commenters point out that BPS isn't exactly "nobody's heard of," particularly outside the US. Some users from Asian countries mention its widespread adoption in their regions for various applications, including ride-hailing services and personal navigation. They highlight that phones and devices often support both GPS and BPS concurrently, leading to improved accuracy and availability, especially in urban areas with potential GPS signal obstruction.

  A recurring theme in the comments is the geopolitical aspect of BPS. Commenters discuss its role as a strategic alternative to the US-controlled GPS, offering nations more independence and potentially reducing reliance on American infrastructure. Some express concerns about the potential for data privacy issues and government surveillance with a system controlled by China. This leads to a discussion about the trade-offs between national security concerns and technological benefits.

  Technical details of BPS are also discussed, with commenters mentioning its dual-frequency civilian signal and comparing its accuracy and coverage to GPS. Some users share their personal experiences using devices with BPS support, noting its performance in different environments. There's also a discussion about the integration of BPS into various devices and software platforms, with some commenters pointing out challenges in its adoption outside of China due to existing GPS infrastructure and industry standards.

  The concept of combining multiple satellite navigation systems (GNSS) like GPS, BPS, Galileo, and GLONASS is brought up, with commenters emphasizing the benefits of increased accuracy and resilience by leveraging multiple constellations. This leads to a discussion of the future of global navigation and the potential for a more multi-polar system with less reliance on any single provider.

  Finally, several comments focus on the blog post itself, with some users critiquing the author's characterization of BPS as "unknown" and suggesting that the title is misleading. Others appreciate the introduction to BPS and the subsequent discussion it generated. The comment section, overall, provides valuable insights into the current state and future potential of BPS, going beyond the initial premise of the blog post.

• OpenStreetMap Calendar

  permalink

  Posted: 2025-02-09 19:32:57

  Verbose tl;dr

  OSMCal is a comprehensive, crowdsourced calendar of OpenStreetMap-related events worldwide. It aggregates conferences, workshops, mapathons, social gatherings, and other activities relevant to the OSM community, allowing users to browse events by location, date, and keywords. The calendar aims to facilitate connection and collaboration within the OSM ecosystem by providing a central resource for discovering and promoting these events. Users can submit their own events for inclusion, ensuring the calendar stays up-to-date and reflects the vibrant activity of the OpenStreetMap community.

  The OpenStreetMap Calendar, hosted at osmcal.org, serves as a centralized, publicly accessible platform for discovering and promoting events related to the OpenStreetMap (OSM) project. It aims to provide a comprehensive overview of gatherings, workshops, conferences, mapathons, and other activities relevant to the OSM community worldwide. The calendar facilitates connection and collaboration within the OSM ecosystem by enabling users to easily find events happening near them or online. Furthermore, it helps individuals and organizations spread awareness of their OSM-related initiatives by providing a simple and effective method for event announcement and promotion.

  The website features a clean, user-friendly interface that displays events in a variety of formats, including a list view, a monthly calendar view, and a geographical map view. This allows users to browse events based on their preferred method of navigation and quickly identify relevant events based on location, date, or topic. Event details typically include information such as the event name, date, time, location (physical or virtual), a brief description, and links to external websites or registration pages for further information.

  Organizers can add their events to the OSM Calendar through a submission process. This process likely involves providing the necessary details about the event, ensuring accuracy and completeness of the information. The centralized nature of the calendar allows for better coordination and avoids duplication of effort in promoting OSM events, contributing to a more informed and connected OSM community. The calendar likely uses established data standards and formats for interoperability with other mapping and calendar applications. This may include support for iCalendar subscriptions, allowing users to integrate the OSM Calendar with their personal calendaring tools.

  • OpenStreetMap
  • OSM
  • calendar
  • Events
  • geolocation
  • Mapping
  • Open Source
  • Community
  • Conference
  • Workshop
  • Meetup
  • Hackathon
  • GIS

  Summary of Comments ( 2 )
  https://news.ycombinator.com/item?id=42993044

  Verbose tl;dr

  Hacker News users discussed the usefulness of the OpenStreetMap Calendar (OSMCal) for discovering local mapping events. Several commenters expressed appreciation for the resource, finding it valuable for connecting with the OSM community and learning about contributing. Some highlighted the importance of in-person events for fostering collaboration and knowledge sharing within the OSM ecosystem. Others wished for improved filtering or search capabilities to refine event discovery, particularly by region or specific interests. The calendar's role in promoting OSM and coordinating community efforts was generally seen as positive. A few users also mentioned alternative or supplementary resources, such as weeklyOSM and the OSM forum, for staying informed about OpenStreetMap activities.

  The Hacker News post titled "OpenStreetMap Calendar" (https://news.ycombinator.com/item?id=42993044) has a modest number of comments, generating a brief discussion around the linked OpenStreetMap Calendar website. While not a highly active thread, several commenters express their appreciation for the resource.

  One commenter highlights the value of the calendar for discovering local OpenStreetMap events, mentioning they hadn't been aware of such gatherings in their area. This points to the calendar's success in surfacing relevant information that might otherwise be difficult to find.

  Another commenter focuses on the technical aspect, inquiring about the backend implementation of the calendar. They specifically ask if the calendar utilizes the Indico platform, showcasing a curiosity about the underlying technology driving the project. This technical query isn't answered within the visible comments.

  A further comment expresses a desire for an iCalendar subscription feed for the displayed events. This suggests a practical need for integrating the OpenStreetMap Calendar data with personal scheduling tools, highlighting a potential area for improvement or expansion of the calendar's functionality. This commenter also notes the absence of an "export to iCal" option, which reinforces their point about the desired integration.

  Finally, one commenter draws attention to a separate project, "OSMCha", and suggests it could be a valuable addition to the calendar. This implies that the commenter sees synergy between the two tools and believes including OSMCha-related events would enrich the calendar's offerings for the OpenStreetMap community. This suggestion also implicitly compliments the usefulness of the OpenStreetMap Calendar by proposing further additions.

  While the discussion is not extensive, the comments present demonstrate a positive reception of the OpenStreetMap Calendar, highlighting its utility in discovering local events and expressing desires for enhanced functionality like iCalendar integration and the inclusion of related projects. The comments also briefly touch upon the technical implementation, illustrating a curiosity about the platform powering the calendar.

• Everyone knows your location: tracking myself down through in-app ads

  permalink

  Posted: 2025-02-02 17:07:31

  Verbose tl;dr

  Tim investigated the precision of location data used for targeted advertising by requesting his own data from ad networks. He found that location information shared with these networks, often through apps on his phone, was remarkably precise, pinpointing his location to within a few meters. He successfully identified his own apartment and even specific rooms within it based on the location polygons provided by the ad networks. This highlighted the potential privacy implications of sharing location data with apps, demonstrating how easily and accurately individuals can be tracked even without explicit consent for precise location sharing. The experiment revealed a lack of transparency and control over how this granular location data is collected, used, and shared by advertising ecosystems.

  In a detailed blog post titled "Everyone knows your location: tracking myself down through in-app ads," author Tim Schneeberger meticulously documents his personal investigation into the precision and potential invasiveness of location tracking within mobile advertising networks. He begins by establishing the premise that while most users are vaguely aware of being tracked for advertising purposes, the granular accuracy of this tracking often remains unappreciated. He then embarks on a self-experiment designed to illuminate the extent of this tracking by deliberately attempting to identify himself within the anonymized location data streams used by advertisers.

  Schneeberger outlines his methodology, beginning with the selection of a highly specific and uncommon location: a secluded cabin nestled in the Swiss Alps, accessible only by a private road. He hypothesizes that the uniqueness of this location, coupled with the temporal element of his presence there, would make it identifiable within the aggregated location data available to ad networks. He then utilizes a custom-built Android application programmed to intercept and analyze bid requests – the process by which advertising networks auction off ad space within apps based on user demographics and location.

  Over several days, Schneeberger meticulously records the bid requests generated by his device while at the cabin. He analyzes the geographic coordinates included in these requests, noting the remarkable precision with which his location is pinpointed, often within a few meters. He also observes fluctuations in the density of bid requests, speculating on potential correlations with his movements and activities within the cabin's vicinity.

  The author then proceeds to demonstrate how this precise location data could be used to identify an individual. He posits that by cross-referencing the anonymized location data with publicly available information like property records or social media posts that might mention a stay at a remote cabin, it becomes increasingly feasible to de-anonymize the data and identify the individual associated with those coordinates. This, he argues, highlights a significant privacy concern, as even seemingly anonymized location data can be exploited to reveal sensitive information about an individual's whereabouts and activities.

  Furthermore, Schneeberger explores the mechanics of location tracking within mobile apps, explaining how GPS coordinates, Wi-Fi network information, and cellular tower triangulation are utilized to determine a user's location. He also delves into the role of advertising identifiers, unique codes assigned to each device, which allow advertisers to track user behavior across different apps and websites. He emphasizes how this combination of precise location data and persistent identifiers creates a comprehensive profile of an individual's movements and preferences.

  The blog post concludes with a discussion of the potential implications of this granular location tracking, highlighting the risks associated with data breaches, government surveillance, and the potential for discriminatory targeting. Schneeberger underscores the importance of greater transparency and user control over the collection and use of location data, advocating for stronger privacy regulations and increased awareness among mobile device users about the extent to which their movements are being monitored.

  • location tracking
  • privacy
  • mobile advertising
  • in-app advertising
  • ad tech
  • Data Privacy
  • geolocation
  • Mobile Apps
  • user tracking
  • digital privacy
  • surveillance
  • personal data
  • Data Collection
  • advertising networks
  • online tracking

  Summary of Comments ( 146 )
  https://news.ycombinator.com/item?id=42909921

  Verbose tl;dr

  HN commenters generally agreed with the article's premise that location tracking through in-app advertising is pervasive and concerning. Some highlighted the irony of privacy policies that claim not to share precise location while effectively doing so through ad requests containing latitude/longitude. Several discussed technical details, including the surprising precision achievable even without GPS and the potential misuse of background location data. Others pointed to the broader ecosystem issue, emphasizing the difficulty in assigning blame to any single actor and the collective responsibility of ad networks, app developers, and device manufacturers. A few commenters suggested potential mitigations like VPNs or disabling location services entirely, while others expressed resignation to the current state of surveillance. The effectiveness of "Limit Ad Tracking" settings was also questioned.

  The Hacker News post "Everyone knows your location: tracking myself down through in-app ads" generated a moderate amount of discussion with several insightful comments. Many commenters affirmed the author's findings, sharing their own experiences and concerns with the pervasive nature of location tracking in mobile advertising.

  A recurring theme is the acknowledgment that this kind of precise targeting isn't news to those working in the ad tech industry or those technically savvy, but the article serves as a good illustration of the mechanics for a wider audience. Several users pointed out that while the author focuses on the "creepiness" factor, the real issue is the potential for abuse and the lack of meaningful control users have over their data. One commenter highlights this by suggesting that the ability to precisely target individuals opens doors for malicious actors to deliver personalized scams or disinformation campaigns.

  Some comments delve into the technical details, explaining how techniques like bidstream data, precise location coordinates, and device fingerprinting enable this level of tracking. They discuss the role of data brokers and the complex ecosystem that facilitates the buying and selling of user data. One commenter, seemingly familiar with the ad tech industry, explains how these practices are often obscured by complex and opaque terminology, making it difficult for average users to understand the extent of data collection.

  Another line of discussion focuses on the limitations of current privacy regulations like GDPR and CCPA. Commenters argue that these regulations, while well-intentioned, are insufficient to address the core issue of pervasive tracking. They point out the loopholes and workarounds employed by ad tech companies, including obtaining "consent" through confusing and misleading prompts.

  Some users propose potential solutions, ranging from stricter regulations and enforcement to the adoption of privacy-focused technologies. One commenter suggests using a VPN or disabling location services, though acknowledges that these are imperfect solutions and can negatively impact the functionality of certain apps. Another commenter promotes the use of open-source operating systems and ad blockers as more robust methods to mitigate tracking.

  Finally, a few comments express a sense of resignation, accepting this level of tracking as the inevitable price of "free" apps and services. However, even within this sentiment, there's an undercurrent of unease about the long-term implications of such pervasive surveillance.