Microsoft Opens Its WiFi Data Collection Source Code; Why Doesn't Google Do The Same?
from the important-questions dept
Google’s been facing a lot of difficulty lately due to its ridiculously dumb implementation of its WiFi access point data collection software. Lots of companies use such software to try to create a location map that can be used in the absence of GPS. Both Microsoft and Apple have similar projects, and yet it’s really only Google that’s gotten in trouble for theirs, mainly for the way it collected data. Now comes the news that Microsoft is releasing the source code of their WiFi data collection software, which only serves to raise more questions about why Apple and Google haven’t done the same.
Filed Under: data collection, open source, wifi
Companies: apple, google, microsoft
Comments on “Microsoft Opens Its WiFi Data Collection Source Code; Why Doesn't Google Do The Same?”
World upside down
Wow, Microsoft is being open and releasing their source code while Google sits back and hangs on to theirs. Seems almost backwards doesn’t it? What is the world coming to?
World upside down
No big deal, it’s written in VB.
Kismet
Google uses Kismet wrapped in GSLite(?) for the collection. Most of it is GPL already.
Kismet
Exactly!
It is really a moot point anyway. They were collecting UNENCRYPTED data that anyone can STILL collect.
This has been blown WAY out of proportion!
Google Hate
The reason why Google got prosecuted over the Wi-Fi data is because of all the Google hate out there, whipped up by Google competitors. They are desperate to get Google’s wings clipped somehow, so they will try anything. They think it is safe because they think Google will not prosecute them back, because of the “Don’t be evil” policy. Google should investigate things like “vexatious litigant” and “barratry”.
Why Doesn't Google Do The Same?
Because they are evil !!!!
(and they did not write it, so if they show it, the person who did write it will call foul….)
3. it would show how Google does not care about what they gather, or anything the would be considered due diligence.
Glenn Beck style
Why didnt glenn beck deny raping and killing that girl?
why doesnt google open source their code?
if you have nothing to hide…
World upside down
What is it comong to ?
It is simply are seeing of reality, as opposed to some dream world.
MS has been releasing huge amounts of freely available source code for years and years, with far less strings attached to them than for example FOSS puts on theirs.
So it is no real change, just a realisation of what is really happening and not what people ‘tell’ you what is happening. (to suit their own particular bias).
It also goes to the fact that as far as “open source” and google are concerned it means, “what we can use, as long as we do not have to put anything back, or pay any money”.
Google is one of (if not THE) most closed, proprietary IP and insular than any other company in the “IT” industry, (allthough you cannot call Google an IT company, as their business is advertising sales, not software or services)…
Patents
Maybe they are afraid the patent trolls will look at their code and take a shot at them?
?... with far less strings attached to them than for example FOSS puts on theirs.?
[citation needed]
Glenn Beck style
I don’t even get what the point of releasing the code would do, or how it would benefit Google to do so. It would only just show stuff we already know (that it collects wireless data in order to geolocate WiFi hotspots).
Don’t forget that this is code that Google spent time and money developing; why the hell should Google release that for free when it’d get absolutely nothing? Honestly the EFF should be teaching people how to secure their networks, not going after companies who look at publicly broadcasted data.
Could you imagine the ACLU going after civilians recording the police on their cellphones? I’m sorry, I like the EFF and what it does, but this was probably one of the more boneheaded statements it’s made.
World upside down
Here is some of the “relevant portions” of Google’s software.
http://www.kismetwireless.net/download.shtml
Why Doesn't Google Do The Same?
What about Sony? Should their theft of product functionality be called ‘due diligence’? How about their covering-up of the data breach? I’m pretty certain that’s not ‘due diligence’.
Or what about HBGary Federal?
Google Hate
Actually if google wanted to they could just go through the email going through their network. With how much routes through them they could have pretty much everyone from MS to facebook to everycell phone company by the short hairs.
But there is that whole do no evil thing. I feel sorry for the competition if they decide to be evil.
Glenn Beck style
I would appreciate Google releasing their source code related to WI-FI data collection. It would make me trust them more. I don’t think they should be forced, legally somehow, to reveal it.
The 3rd-party audit that Google had done on this code showed, to me, that Google didn’t have to collect the body of data frames for mapping WI-FI access points but they did anyway. The script used to control the code had a set of flags to use which determined which type of frames were collected (control, management, and data). You could either collect a type of frame or discard it without saving a copy. However, only for encrypted data frames was there a flag for discarding the body as opposed to header information. For unencrypted data frames, if you collected them there was no option to discard the frame body. That tells me that Google’s collection of this data was not accidental. I do not see any nefarious use of this information because it was partial. Google was not spending time monitoring any specific access point or host. It does show that Google was not very concerned about a perceived invasion of privacy. They should be, at the very least for the PR benefit.
http://static.googleusercontent.com/external_content/untrusted_dlcp/www.google.com/en//googleblogs/pdfs/friedberg_sourcecode_analysis_060910.pdf
Patents
More than likely, sadly.
who gives a shit?
They released “some” code, with high restrictions, and that code could be anything. Without the ENTIRE code, what they released is useless and doesn’t prove anything.
Wake up Mike, this is just another M$ PR/propaganda campaign. They try (and failed) to look better (for anyone who can code pretty much anything).
Geo location based upon wifi hub location seems tenuous at best. It’ more like a back up for plan B.
I suppose they have some statistical analysis which removes error caused by movement of the various transmitters (no one would ever move one of these things – right?)
The whole thing crashes if a new wifi std were to use some sort of frequency hopping or other obfuscation technique. The reason for obfuscation is obvious – right?
World upside down
That. So Google is collecting open wireless data. Fear it? Then please make your wireless protected with decent keys (WPA2 etc etc).
And I’d tend to believe Google is mostly based in open source rather than closed source (obviously they have to keep search and other similar algorithms safe from external eyes due to the fact that they are the source of the company revenues. But other than that they’ve been pretty open concerning their codes.
Still, M$ did it right this time. I personally like M$ for their outstanding customer support. Each with it’s own good points 😉
Kismet
Google is a major player. Some stuff got blown out of proportion with M$, Apple and other huge companies too. I didn’t know they were using GPL stuff for collection.
But as you said, the open wireless data they collected can be collected by any1 so why all the yelling about how evil Google is? The street view thing is another example. I can go to your neighborhood, take several pics of the street (public place, any1?) and post on my facebook account open to whoever wants to see. What’s the difference? None. But Street View is Google. Google is money, and in the US it’s a revenue stream through litigation. Lame.
Microsoft didn’t open their code, they only published whatever they claim are “relevent portions” for review. In fact that article you link you specifies clearly that they aren’t releasing anything with an open license. It’s some wierd “for reference only” license and it’s only portions of it.
Glenn Beck style
Sure everyone would appreciate it. But that would be completely missing the goddamn point. We already know that Google wasn’t snooping on us in order to gather passwords or private data, and given that the 3rd party audit seems quite thorough enough, Google releasing their code would just refocus attention on Google capturing public data, and turn away the focus from the fact that publicly broadcasted data is public.
The EFF focusing on Google’s code rather than defending Google from the obvious fact that WiFi is radio broadcast is just all kinds of stupid.
Google Hate
what,,, as opposed to the unconditional LOVE that MS feels ???
Why Doesn't Google Do The Same?
The very fact that you are talking about the data breach would imply to me at least that they did not cover it up..
You (and me) seem to be well aware of it.. so where is the cover up ?
And where is the failure in ‘due diligence’?
?... with far less strings attached to them than for example FOSS puts on theirs.?
Then go and learn some things !!!!
start with GPLv2 and go from there…
Then you can progress onto Stallmans so called 4 ‘freedoms’.
Which actually Stallmans 4 LAWS, then you can go into the viral nature of the GPL, and then look at the lgpl, and then GPLv1, then you can look at MS’s source code offerings.
Then if you are really keen you can examine the actual code itself, you know ! the C Source code that makes up the software.
Then you can do some functional analysis of said code, you can look at the overall quality of the code, how well containment is achieved, how structured it is, or how spagetti it is, you can examine consistency and the quality of documentation and support.
Then you will never have to ask for a citation again, asking for a citation says “im too lazy to think for myself, so tell me everything and feed me like a baby”.
Sorry, it is not my responsibility to teach you how to think..
?... with far less strings attached to them than for example FOSS puts on theirs.?
“asking for a citation says “im too lazy to think for myself, so tell me everything and feed me like a baby”. Sorry, it is not my responsibility to teach you how to think..”
In that case, please stop making unsupported statements as though there were fact.
?... with far less strings attached to them than for example FOSS puts on theirs.?
If you make a claim, it’s up to you to back it up.
Sorry it’s not up to others to do your research for you . . .
World upside down
You are correct that they are not releasing the code describing the behavior of the underlying libraries and system code which might already do a thorough capture of information. This is one reason to use Linux. Because knowing how the apps on it work (let’s assume) means possibly nothing since the underlying system (eg, Windows) can totally distort the actual behavior.
We also have experience of Microsoft selling one thing (even to the US government) and then pulling a switcharoo a short time later. Though, in this case, they already appear to be rather noncommittal in revealing all information.
?... with far less strings attached to them than for example FOSS puts on theirs.?
There is FOSS released with zero strings attached, and most FOSS allows almost unlimited use. Surely, Microsoft could also release some code under similar terms.
But the real value is what code do they release under what terms? They don’t release key code that is absolutely necessary to see in order to judge if something is safe or not. Meanwhile, the Linux ecosystem does release the code necessary to judge.
Re:
I tried to post a comment to the Microsoft page at http://blogs.technet.com/b/microsoft_on_the_issues/archive/2011/07/01/microsoft-shares-source-code-for-wi-fi-data-collection-software.aspx but I didn’t see the comment show up. Maybe it works like an email.
***
Hey. It would be great to get access to the entire library, OS, and build tool-chain code since without this source there is no other way to judge the security and privacy of the system (assuming you use off the shelf hardware with no prior collaboration with such hardware vendors). Can you give a price quote to have this information be made accessible to the entire public of peers?
No proof
If Google did release code, how would you know it was the code that was actually used? How do you know the code published by Microsoft is what they actually use? Seems like the code is useless as proof of anything.