Snooping Google
Is it just me that thinks Google should be thanked for pointing out that some people persist to have unsecured wireless networks? The continuing story is that of Google, who, whilst gathering images for their amazing Street View service, accidentally recorded some data that wireless networks were transmitting at the time their van was passing. Ok, accidentally may be the wrong word. Somebody somewhere had to include the code in the system that grabbed then recorded the data. As a software engineer myself I can see the lure of just adding that little bit of code to see what happens. I can also see how easy it would be to forget it was there! I am prepared to believe this story, personally.
But the point here is that the only data that is of any interest is that from an insecure network. What do I mean insecure? Well, when you connect to a wireless network, data to and from your computer is transmitted via a radio signal. As you can imagine, anyone in range of that signal would be able to pick it up. Those in the know would be perfectly capable of capturing and reading any of that data that you are sending and receiving to/from your computer.
So modern routers, the box you connect to your phone line, come with wireless security. The current system is known as WPA (now WPA2). Basically it ensures that everything that you transmit from your computer and everything that is transmitted back to your computer from the router, is encrypted. Anyone in range of the radio signal can still receive what is being transmitted, but would not be able to read it. To read it, one would need the ‘key’. This can be a string of random characters or just a nice long phrase. When you connect a new computer to your ‘wifi’, it asks you for the key. You will either know it or it will be printed on the bottom of your router on a sticker (Sky, Talktalk, BT etc.)
Personally I can not believe that there can be many routers out there old enough not to have some security, even if it’s the older WEP type. Way back, a router used to come with security built-in, but switched off. You would have to be fairly familiar with router configuration to be able to enable it, choose a key etc etc. Now though it is bog standard, switched on and the key is often randomly set and printed on the bottom of the router.
Why were Google even ‘listening’ to wifi data in the first place? Well every wireless network has a label to differentiate it from others around it. This label is known as the mac address. Google were legitimately recording the mac address of each network as they passed by. Coupled with position data from a GPS receiver, that information is then useful for ‘Geo-location’. It means, wherever you are, if your laptop/ipod/phone/device is picking up a wireless network, it can look up your position in a database that relates network mac addresses to gps locations and say ‘You are here’ on a map!! I was amazed the first time I came across this concept. You do not have to be connected to a wifi network, just in range of one so that a mac address can be read. Mind you, I am not quite sure how your device would then look up details in a database if you’re not connected to a network! I suppose if it’s a smartphone you have the 3g connection for that… I digress…
Perhaps Google could just pay a nationwide IT company to go to those addresses where it discovered an insecure network and switch the security on for free. That would placate a lot of those who are moaning, wouldn’t it? The way I see it is, if you have an insecure router, you can EXPECT to be hacked or listened to by someone eventually. Most likely your network-savvy neighbour, but criminals only have to park outside and gather data on their laptop or even their iPod Touch these days. Better Google than a snooping neighbour.
So Google, thanks for all the great services, and thanks for highlighting that some people need to be reviewing their wireless security – URGENTLY!