How did Malibu Media find the exact GPS LOCATION of an IP address 100% of the time WITHOUT contacting the ISP?

Carlos,

You lost me.

Ah yes, the old "I said 'a new web profile or computer user', but ment only 'computer user'" bait-and switch. :-(

Also, as whomt have you installed the browser ? I hope it wasn't as an Admin, otherwise your OS-maintained seperation of users is violated (the browser can grab the ID from the Admins account).

The same goes for Windows by the way.

Regards, Rudy Wieser

Please type your IP address into this lookup from Maxmind and let us know how accurate it seems to be (given my results were within a neighborhood).

Or simply visit this geolocation web site offered by Maxmind on the net.

The result is a latitude/longitude (which we can colloquially call "GPS" keeping in mind what Andy Burns brought up) which was within a half mile.

"Whether you're localizing content, implementing geofencing, or gathering data for security and analytics, you start with an IP address and hope for something like the latitude and longitude of the end-user."

They provide an overview of how they collect this geolocation data here.

Note that their "Precision" database includes what they call "Insights."

Delving into "Insights", it's further referred to as a "Precision Web Service" using "Traffic Analysis" compiled from "Data Points" on the net, & charges ranging from $0.0001 to $0.002 per query with volume discounts.

They say specifically "GeoIP2 geolocation data is never precise enough to identify or locate a specific household, individual, or street address"

And, surprisingly considering the merit of the aforementioned lawsuit... "we cannot geolocate the *person* who is using the IP address" because they say people can be using up to 5 different kinds of anonymizers VPNs, hosting providers, public proxies, residential proxies, and TOR exit nodes, and then they go on to say there are other anonymizers such as Apple iCloud Private Relay.

And their most accurate databases use a variety IP-intelligence data. IP Network Data Anonymizer and Proxy Data Business VPNs and Consumer Privacy Networks User Context Data

It says centre of London, with a claimed accuracy of 200km, which is

157km away from where I actually am, so it knows its limitations.

Andy Burns snipped-for-privacy@andyburns.uk wrote

How accurate is the Maxmind lookup for your IP address in the UK?

I use Google Maps on the phone where I also employ GPS spoofing software, as you're well aware (e.g., "Fake GPS") which produces interesting artifacts since Google Maps knows _both_ locations, fake & real, simultaneously (so it literally jumps back and forth between them).

This is due to the rude inconsiderate neighbors who don't hide their home router broadcasts and to the even more inconsiderate masses who upload them to the various NetStumbler, Mozilla, Wigle & Google AP-to-GPS databases.

Unfortunately, the vast majority of humans are the type who would kick a stray dog just to get it out of their way judging from this basic fact.

I wish more people would stop being rude & simply do 2 important things:

1. Set up the AP with _both_ hidden broadcasts & append "_nomap", and,
2. Set up the phone to _not_ upload broadcasts to the location databases.

Those simple steps aren't being done by 999,999 out of 1,000,000 cases. Hence it's the rude people surrounding us, who give our location away.

I don't know of GPS-spoofing freeware on Windows to prevent that. Do you?

Andy Burns snipped-for-privacy@andyburns.uk wrote

Thanks for running that test, where that's the free database, which even Rudy (or was it Mayayana?) noted has purposefully introduced inaccuracies.

In my case, the geolocation turned out to be within the same neighborhood; but that may be because of the particular way we obtain our IP addresses given there are no cable lines on the telephone poles out in the boonies.

Hence all our Internet access has to come from a few miles away LOS from an eclectically tiny set of IP providers - although with the T-Mobile 5G hotspots nowadays, many of us are switching to broadband over cellular.

BTW, does your PC really have GPS enabled on it? I've never encountered such a thing.

Mine is off by a few km and says I'm in the water, which is *NOT* good! :-)

No mine doesn't, but I've known PCs with 3G/4G/5G connectivity to provide GPS

For me, it says somewhere in Madrid, where I guess the offices of my current ISP are registered, which happens to be 4 Km of my actual location.

But google maps locates me much more accurately, and I am not logged in.

I did the experiment of starting Firefox under a new user, and google maps is off, it goes to the centre of Madrid. On my normal user (same laptop), its is quite accurate, it goes to my neighbourhood. So it must be using some other hints. Not the WiFi, though.

I have a /29 subnet, normally everything goes out with a single source IP addr, so I set up a specific NAT rule for this laptop to use a different IP, started a private browsing window, obviously not logged into google.

checked with whatsmyip.org that the NAT rule was taking effect, and google maps *still* knows which village I live in ...

Did you login with a new user?

"Carlos E. R." <robin snipped-for-privacy@es.invalid wrote

I'm interested in Andy's and Carlos' results where they get more accurate geolocation in Google Maps when they're logged in than when they're not...

But...

I would simply ask both to confirm when they report their test results whether or not they're using the Windows PC (which I presume they are).

As the Google maps (web or app) in Android/iOS uses different sensors.

Specifically, on Android it's darn nigh near impossible to turn off GPS geolocation from happening under the covers unless you go to great lengths.

And, once you figure out all the places you need to turn 'em off... they go back on again under a variety of common circumstances (e.g., using maps or clearing cache or accessing firebase, etc.)

Ask me how I know this...

I tested in Linux I was never logged in to google I used Firefox.

If I'm logged in to google, Google knows my home address, as I saved it, and I have location history intentionally active, and I correct the errors it makes so that the history is accurate >:-P

But I was not logged in Google.

I tried with my normal Linux user and with a new user. With the normal user it finds my correct neighbourhood. Obviously I have now and then done searches of places, shops, etc, near my location.

As easy as setting airplane mode, then activating the wifi.

More importantly, how do we all know exactly who you are no matter how much you nym shift?

Andy Burns snipped-for-privacy@andyburns.uk wrote

Oh my! "*Our stoooooopid neighbors threw us all under the bus*!"

etc.

You ask Google's database if one BSSID is at the location of another BSSID, and Google will tell you if your wife is at the hair salon or not, right? (As long as your wife has a hotspot enabled, which can easily be arranged.)

etc.

From that thread way back in January 2016 that Andy just referred to above. *Are we all handing to Google the SSID of our home routers?*

That was way back in Jan 29, 2016, when I didn't know what I know now.

The biggest problem then was as now; we can't control our stupid neighbors. Nor can we control the phone of the stupid people who drive by our house.

We can only control our stuff, so that we don't do stupid things too.

Most things only got worse since then... but the fix remains similar.

Privacy shortcuts (The only thing that got better are my screenshots, due to FOSS Paint.NET)

Note that "cloning the LAN BSSID" actually got easier over time, while most everything else got harder but what's bad is what you can do with LAN data (where Jeff Liebermann explained the Wi-Fi port is on the LAN, not WAN).

Essentially, if you have the key, you can do the lookup if you tell Google a few things, some of which you know already - so you can be malicious.

You can find if your wife's cellphone is at the hair parlor or not, if you know two things about her cellphone & a similar two things at the parlor.

But malicious lookups aside, people should do a few things (one of which almost everyone, if not everyone - doesn't understand & yet is so simple).

Note: The SSID isn't important - but the unique BSSID + GPS location is!

1. *Turn OFF your home router AP SSID broadcast (yes, turn it off).* Not for security - so don't tell me that NetStumbler can still see it. Why? Phones don't _upload_ (with well-behaved software) when you turn it off.

Note: The SSID isn't the point - it's the BSSID you don't want uploaded!

1. *Append "_nomap" to the home router AP SSID.*

Why? Well-behaved databases (e.g., Google/Mozilla) _remove_ opt-out items.

NOTE: See Andy Burns' caveat about "well-behaved" online databases.

We used to need to add "_optout" for Microsoft, but no longer (AFAIK). Don't get hung up on the SSID; it controls the unique BSSID upload!

1. *Set the client device (e.g., a phone or mobile PC) to NOT RECONNECT!* Why do you set "Reconnect=OFF" to a hidden-broadcast home AP SSID? Otherwise, it "screams out" (Andy's words) that it's looking for it.

1. *You can also randomize the BSSID automatically every time you connect.*

Why? Your old connection, if "screamed out", will contain a random BSSID.

1. *Jeff Liebermann suggests a blase SSID (e.g., NETGEAR or DEFAULT).*

Why? The combination of unique SSID & BSSID is even more unique than before.

However, then you might want to choose a really good passphrase since WPS2 rainbow hash tables exist on the Internet for dictionary lookups. Caveat: See Jeff Liebermann's clarification about Rainbow Tables.

Google do "age-out" BSSIDs that haven't been seen in some time, the original addresses I fed the API back then won't return a result now.

Andy Burns snipped-for-privacy@andyburns.uk wrote

Thank you for that thread, as there was a lot then that is apropos now. Yes. I know they age out, as I tested it myself by changing my SSID.

One thing I could not, for the life of me figure out then, and now, is how _you_ managed to _change_ your home router's MAC (BSSID) address, Andy.

1. Jeff Liebermann said you could not "normally" change the AP BSSID.
   formatting link
2. Not without Linux, anyway... (we're talking the outward-facing MAC!)
   formatting link
3. But you seem to have changed the router's AP MAC (but did you really)?
   formatting link
   "ifconfig wlan0 down ifconfig wlan0 hw ether 08:BD:43:XX:XX:XX ifconfig wlan0 up on mine to change the MAC for the 2.4GHz Atheros radio (as I'm SSH'ed over the 5.2GHz radio wlan1) and it seems to have taken the new address"

I don't understand how you changed the hard-coded AP MAC (BSSID) (which is what is seen by a wardriving car driving by your home).

Did you really change the outward-facing BSSID on your router? How?

"Carlos E. R." <robin snipped-for-privacy@es.invalid wrote

Linux may not be doing what the PC is doing, but just to be clear, Android is _definitely_ (by default) uploading these four things about each of those (hundred) access points that it can see at any given point in space.

1. The phone's GPS location (which is unique!)
2. The (hundred) Wi-Fi BSSIDs that it can see (all of which are unique!)
3. The _signal strength!_ to each of those (hundred) Wi-Fi access points
4. The SSID for each of those (hundred) Wi-Fi access points

More information is uploaded, but that's the main four characteristics. A. Notice they have the location of the phone B. And the signal strength (in dBm) of the (hundred) access points

From that Google can pretty easily figure out approximately how far each of those (hundred) APs are from your phone; and from doing that for hundreds of phones, almost exactly where each of those (hundred) APs are located.

Like it or not, it's miserable to turn all this Wi-Fi (and Bluetooth!) scanning off on today's Android phones if you happen to use Google Maps.

Privacy shortcuts

It can be done - but you have to be intelligent - and not stooopid. (HINT: Most people are incredibly stupid - which is why this stuff works.)

Notice none of this happens if you do two things (you only need the first). a. You append "_nomap" to the SSID (to remove it from the databases) b. You hide the broadcast (which prevents it from being uploaded at all)

At that time my router was running openWRT so I could have overridden the hardware MAC address, but don't actually think I did.

I have a feeling that the .json file I used contained some of my neighbours' BSSIDs rather than my own, however I'm using a different router now.

Andy Burns snipped-for-privacy@andyburns.uk wrote

Thanks for confirming, as I'm well aware all the platforms (Windows, Linux & Android) can change "their" connecting MAC address - but the one MAC address that is outward facing is the one in the home router itself.

I'm aware there is a CLI on every router but I don't know (yet) of any command that will clone/spoof/change the hard-coded outward facing MAC.

The problem with privacy from Google is in two ways (both because most people are stupid as I said back in 2016) that we have to protect against.

1. People who drive by our homes upload to Google our broadcast information
2. People next door broadcast their information (which is at our location)

It wasn't so bad when Google didn't force "precise location" scanning.

But now that Google forces that on smartphones, we're doomed as a result unless we can figure out a way to prevent this from happening to us.