From Newsgroup: comp.mobile.android

Discussion:
How to set up your mobile devices & home router for privacy/security.

For those wishing to know more about this topic, most people have their
router Wi-Fi AP set to broadcast the SSID, which means it's uploaded to world-wide publicly accessible databases whether they like it or not.
a. The (unique) GPS location (of the phone uploading it) is uploaded
b. The signal strength (of the signal to the phone) is uploaded
c. The (unique) BSSID (MAC address) is uploaded - which is essentially you
d. The (normally non-unique) SSID is uploaded (with or without _nomap)

Every mobile device owned by ignorant/rude people is uploading that privacy
to the world-wide publicly accessible databases (which have been abused).

That means my mobile devices don't ever upload your privacy.
But your mobile device almost certainly tries to upload mine.

What I do to prevent the upload is I set my SSID to not broadcast.
a. This prevents a passive upload by rude/ignorant people.
I also opt out by adding _optout_ & _nomap to the SSID.
b. This (supposedly) removes my privacy information from the servers
In addition, I set the mobile device to not connect automatically.
c. This stops the mobile device from shouting out "are you there?"

In addition, due to the ubiquitous existence of WPA2 SSID-salted rainbow
hash tables (& reusable butterfly WPA2-handshake hashcat tables), I use a (hopefully) unique SSID (since it's the WPA2 encryption salt) in addition
to a (hopefully) non-dictionary passphrase (both of which are required to
stay out of those pre-computed and re-used cryptographic hash tables).
1. Rainbow tables: Precomputed WPA2 hash databases based on SSID
2. Butterfly hash tables: Optimization structures used in WPA2 cracking

Furthermore, iOS mobile devices can be set to randomize the MAC per SSID, while Android mobile devices can be set to randomize the MAC per instance.

If you own a new'ish router, you can upgrade to WPA3, which replaces WPA2's vulnerable handshake with SAE (so it's resistant to dictionary attacks).

Of course, you should always disable Wi-Fi Protected Setup (WPS). Duh.
And, keep your firmware updated (duh), & isolate the guest network (duh). Disable remote administration to your router (duh) & use HTTPS for login.

You "can" restrict connections by MAC, but if you're randomizing the MAC address, it's going to be impossible (as is static IP addresses set at the router level - they now have to be set at the mobile device level instead).

Also enable and check the router log (duh) for intrusions, but if you've
ever done that, you'll know already you're being attacked constantly.

Disable UPnP (duh), and firewall inbound traffic (duh) and enable DNS encryption (DoH/DoT), which seems easy, but I've found it to be a PITA.
A. DoH (DNS over HTTPS) wraps DNS queries inside HTTPS traffic
B. DoT (DNS over TLS) sends DNS queries over a TLS-encrypted channel

You enable iOS 14 & up DoH using Settings > Wi-Fi > DNS & you enable
Android 9+ DoT with Settings > Network & Internet > Advanced > Private DNS.

You enable DoH on Windows in Settings > Network & Internet > Change adapter options > DNS settings where Windows 11 is still DoH but the GUI is better.

On Android devices, you can add a system-wide firewall such as NetGuard.
It can block Wi-Fi/CellularData access per app. Not available on iOS.

I don't have much experience with RethinkDNS, but it's a FOSS Android app
that combines encrypted DNS (DoH/DoT/DNSCrypt) with a system-wide firewall.
i. RethinkDNS = firewall + encrypted DNS (DoH/DoT/DNSCrypt) + blocklists
ii. NetGuard = firewall + per-app blocking + ad/tracker blocklists

You'll never have any privacy/security on iOS, which sucks at both (and
anyone thinking it doesn't suck, clearly doesn't know anything about iOS).

While we're at it, it's probably a good idea to put smart TVs, cameras, and IoT gadgets on a separate VLAN or guest SSID, and it goes without saying further that you should change the rude/ignorant default iOS/Android setup.

If your neighbor's Wi-Fi is open, Windows can BLOCK accidental connections:
@echo off
netsh wlan show filters
echo Blocking unwanted Wi-Fi networks...
REM Replace these with the SSIDs you want to hide
netsh wlan add filter permission=block ssid="SSID1" networktype=infrastructure
netsh wlan add filter permission=block ssid="SSID2" networktype=infrastructure
netsh wlan add filter permission=block ssid="SSID3" networktype=infrastructure
echo Done! The specified SSIDs are now blocked.
netsh wlan show filters
pause

What did I miss?
--
I invest energy in responding to Usenet posts because I care about people getting full & complete information so we move tribal knowledge forward.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-01 18:50:18 +0000, Marian said:

Discussion:
How to set up your mobile devices & home router for privacy/security.

<snip the usual load of utter bollocks>

The moron troll has changed name yet again. :-\



--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-01 19:50, Marian wrote:

Discussion:
How to set up your mobile devices & home router for privacy/security.

For those wishing to know more about this topic, most people have their router Wi-Fi AP set to broadcast the SSID, which means it's uploaded to world-wide publicly accessible databases whether they like it or not.
a. The (unique) GPS location (of the phone uploading it) is uploaded

Not a problem.

b. The signal strength (of the signal to the phone) is uploaded

Not a problem.

c. The (unique) BSSID (MAC address) is uploaded - which is essentially you

Not a problem.

d. The (normally non-unique) SSID is uploaded (with or without _nomap)

Not a problem.

Next.

...

Of course, you should always disable Wi-Fi Protected Setup (WPS). Duh.

Okay. Basically the same as not using it.

And, keep your firmware updated (duh),

My ISP does it automatically if there is a new firmware, which there is not.

& isolate the guest network (duh).

Not all routers can, or do it partially.

Disable remote administration to your router (duh) & use HTTPS for login.

That removes the warranty. Seriously. My router is remotely managed by
my ISP. Not via plain ssh login, they have their own dedicated channel.

You "can" restrict connections by MAC, but if you're randomizing the MAC address, it's going to be impossible (as is static IP addresses set at the router level - they now have to be set at the mobile device level instead).

Also enable and check the router log (duh) for intrusions, but if you've
ever done that, you'll know already you're being attacked constantly.

The very verbose log in my router does not appear to include external intrusions, or hits on the firewall.

Disable UPnP (duh), and firewall inbound traffic (duh) and enable DNS encryption (DoH/DoT), which seems easy, but I've found it to be a PITA.
A. DoH (DNS over HTTPS) wraps DNS queries inside HTTPS traffic
B. DoT (DNS over TLS) sends DNS queries over a TLS-encrypted channel

Pse.

You enable iOS 14 & up DoH using Settings > Wi-Fi > DNS & you enable
Android 9+ DoT with Settings > Network & Internet > Advanced > Private DNS.

You enable DoH on Windows in Settings > Network & Internet > Change adapter options > DNS settings where Windows 11 is still DoH but the GUI is better.

On Android devices, you can add a system-wide firewall such as NetGuard.
It can block Wi-Fi/CellularData access per app. Not available on iOS.

I don't have much experience with RethinkDNS, but it's a FOSS Android app that combines encrypted DNS (DoH/DoT/DNSCrypt) with a system-wide firewall.
i. RethinkDNS = firewall + encrypted DNS (DoH/DoT/DNSCrypt) + blocklists
ii. NetGuard = firewall + per-app blocking + ad/tracker blocklists

You'll never have any privacy/security on iOS, which sucks at both (and anyone thinking it doesn't suck, clearly doesn't know anything about iOS).

While we're at it, it's probably a good idea to put smart TVs, cameras, and IoT gadgets on a separate VLAN or guest SSID, and it goes without saying further that you should change the rude/ignorant default iOS/Android setup.

Not viable.

If your neighbor's Wi-Fi is open, Windows can BLOCK accidental connections:
@echo off
netsh wlan show filters
echo Blocking unwanted Wi-Fi networks...
REM Replace these with the SSIDs you want to hide
netsh wlan add filter permission=block ssid="SSID1" networktype=infrastructure
netsh wlan add filter permission=block ssid="SSID2" networktype=infrastructure
netsh wlan add filter permission=block ssid="SSID3" networktype=infrastructure
echo Done! The specified SSIDs are now blocked.
netsh wlan show filters
pause

What did I miss?

--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian <marianjones@helpfulpeople.com> wrote:

Discussion:
How to set up your mobile devices & home router for privacy/security.

Correction: "privacy/security" translates to "self-aggrandising ultra-paranoids".

For those wishing to know more about this topic, most people have their router Wi-Fi AP set to broadcast the SSID, which means it's uploaded to world-wide publicly accessible databases whether they like it or not.
a. The (unique) GPS location (of the phone uploading it) is uploaded
b. The signal strength (of the signal to the phone) is uploaded
c. The (unique) BSSID (MAC address) is uploaded - which is essentially you

A router is not a person. At worst it represents a household in the same
way a postal address does.

d. The (normally non-unique) SSID is uploaded (with or without _nomap)

Every mobile device owned by ignorant/rude people is uploading that privacy to the world-wide publicly accessible databases (which have been abused).

No they haven't. A theoretical observation has been made. There's no
evidence of "abuse".

While you're at it, the equally rude satellites, google cars, the post
office and census collectors are also sharing extremely private information regarding everyone's houses, where they are and what they look like.

I STRONGLY recommend first wrapping your house in tinfoil (hopefully that
will smother your *outgoing* connections), then radar opaque paint and, finally, camouflage netting.

For extra privacy go live in the woods.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:

Disable remote administration to your router (duh) & use HTTPS for login.

That removes the warranty. Seriously. My router is remotely managed by
my ISP. Not via plain ssh login, they have their own dedicated channel.

Hi Carlos,

Thanks for adding the missing information that the router may be managed by
the ISP, which, of course, somewhat changes what you can and cannot do to effect better privacy/security.

I'm actually surprised, Carlos, that the ISP manages "the router", where I would NOT be surprised if the ISP manages "the modem" (even as I'm well
aware that router:modem combinations exist (which may be what you have).

In my case, I don't have a modem since I get my Internet from a dozen miles away over the air via WISP, but my "rooftop transceiver" is managed by the
WISP (although he gives me his password so that I can make changes).

Most people in the USA don't have a transceiver like I do; they have a
modem, and some people have a modem which is combined into a router.

I am unfamiliar with that setup personally, since I've never owned a modem,
but I've bought them for my kids when they moved into apartments, so I'm familiar with the concept that you seem to be speaking about.

Thanks for adding the extra value so that everyone on the team benefits.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

For those wishing to know more about this topic, most people have their
router Wi-Fi AP set to broadcast the SSID, which means it's uploaded to
world-wide publicly accessible databases whether they like it or not.
a. The (unique) GPS location (of the phone uploading it) is uploaded
b. The signal strength (of the signal to the phone) is uploaded
c. The (unique) BSSID (MAC address) is uploaded - which is essentially you

A router is not a person. At worst it represents a household in the same
way a postal address does.

Hi Chris,

If you move from one home to another, and if you take your router with you, then the "bad guy" can trace your movements exactly as to time & location.

They know your exact location & exactly when you changed locations.

d. The (normally non-unique) SSID is uploaded (with or without _nomap)

Every mobile device owned by ignorant/rude people is uploading that privacy >> to the world-wide publicly accessible databases (which have been abused).

No they haven't. A theoretical observation has been made. There's no
evidence of "abuse".

I know what you're talking about, but most people reading this won't know
that the Apple system (versus the Google system) is atrociously designed.

The way Apple does it is Apple allows hundreds upon hundreds of access
point location information to be downloaded in a single instance by anyone
on the planet, while Google's system is far more constrained in terms of
abuse potential.

You & I can delve deeper (much deeper) than that astute summary, but that
quick overview of the huge differences between the highly insecure Apple
system and the lousy Google system (more secure, but it still sucks in
terms of privacy) should suffice for most people here unless they ask for further details.

While you're at it, the equally rude satellites, google cars, the post
office and census collectors are also sharing extremely private information regarding everyone's houses, where they are and what they look like.

What you're saying I've heard a lot from people who don't own the knowledge that I own, which is you're acting like a person who has already
surrendered.

It's normal for people to surrender their privacy, just as it's normal for people to be slaves, since you must fight to retain your privacy, and you
must be intelligent about it (since Apple/Google/Microsoft don't advertise
that they're trying to destroy your privacy).

Privacy is like personal hygiene. You never stop washing your hands.

I STRONGLY recommend first wrapping your house in tinfoil (hopefully that will smother your *outgoing* connections), then radar opaque paint and, finally, camouflage netting.

For extra privacy go live in the woods.

These are the exact words of sklavin, Chris.

Many people in history have decided to be a slave; but I'm not one of them.
And more to the point, I do not advocate that people become slaves.

You advocate slavery. I advocate freedom.

The way to freedom is to follow & improve upon the simple steps that we outlined in the OP for the benefit of the entire team who reads this.

Correction: "privacy/security" translates to "self-aggrandising ultra-paranoids".

It's classic of the Apple trolls to consider any discussion of taking
ownership control of your privacy or security as "ultra paranoia".

Apple trolls have long ago become slaves.

I, for one, do not intend to be a slave even as you advocate it.

I suggest people consider doing the simple steps outlined in the OP to eliminate the chance of being uploaded into the public AP databases, and to reduce the chance of their phone throwing all their neighbors under the
bus.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:

Many states have their own computer crime statutes that prohibit
unauthorized access to networks. For example, Florida and Michigan have
prosecuted individuals for unauthorized Wi-Fi use under state computer
crime laws.

But how do you know it is not authorized?

Hi Carlos,

I understand your point of view, where I also would have considered an
"open" Wi-Fi (which we must assume the OP is using as he'd need a
passphrase otherwise) to be considered de-facto authorized for use.

Especially if that open Wi-Fi didn't have a subsequent authorization screen like those I see in my doctor's office or at the local Starbucks or hotel.

Of course, a neighbor's open Wi-Fi access point wouldn't likely have an authorization screen, but I was surprised when I looked at case law in they
USA (see prior post) that NONE of the references I cited had subsequent authorization screens, and all were prosecuted by the police successfully.

Having said that, Windows sure does make it easy to accidentally connect to open Wi-Fi access points, which is why I had suggested the BLOCK command,
which will instantly solve the problem of accidental connection (once the
OP is aware of the access point being accidentally connected to of course).

By default, a phone will connect to an open WiFi without asking. At
least, it was so several years ago, I don't know currently because the configuration is cloned from one phone to the next.
And Windows I think does the same, which is, I understand, what happened
to the OP.

As far as I'm aware, by default, iOS and Android devices do not
automatically connect to random open Wi-Fi networks unless the user has previously joined them. However, once the user manually connects to an open access point, the device may attempt to reconnect automatically in the
future. To stop this, we can adjust Wi-Fi settings on both iOS and Android
to disable auto-join or auto-connect for specific open networks.

Windows also does not automatically connect to unknown open Wi-Fi networks
by default. It only auto-connects to networks we've previously joined if
the 'Connect automatically' option was enabled. To stop this, we can
disable auto-connect for specific networks or delete their saved profiles.

For Windows, I would suggest the BLOCK command that I previously posted.
netsh wlan add filter permission=block ssid="SSID" networktype=infrastructure

I take that "looking" inside the network is not legal. But using a WiFi
that is open? I know some people that intentionally left their WiFi open
to any one that wanted. That was the view.

I agree with you, but the law (in they USA) doesn't seem to agree (AFAIK).

Personally, I know a neighbor who advocates everyone having an open Wi-Fi
so that anyone anywhere can have Internet access, but I live in a hilltop
rural area where there is no cable or fiber so we all get our Internet over
the air.

As a side note, I keep advising that neighbor that someone could do
nefarious things on his IP address but he's not worried about that.

But then, USA people are quite paranoid about private property, and can shoot an intruder without asking.

In my town, that's never happened to my knowledge, but in a country of 350 million people, murders occur daily, but doorstep murder is rather rare.
<https://www.fbi.gov/file-repository/reports-and-publications/2024-active-shooter-report>

Here, some people were taken to court for "illegally downloading
movies". In their defence, they said that it was not them, but somebody
else using their WiFi, and the reverse could not be proven. They kept
their WiFi open. They won. :-D

Yes. In the USA, the prosecution must prove YOU did it, as it's not
sufficient that "anyone" could have done it based on our Constitution.

As for movies, they're generally torrented, which is a special legal
situation since US copyright law requires tenets that torrenting avoids.

In fact, we've had this legal-torrenting discussion on the Apple newsgroups
for years (since iOS is so brain dead that it can't torrent even as macOS
can torrent), where there's never been a single successful USA case (see caveat) where ANYONE in the USA has been found guilty of torrenting
mainstream movies if they decided to fight the case in court.

Plenty of people paid the fees asked of them by the copyright owners'
lawyers, but NOBODY in the USA has ever been convicted of torrenting
mainstream movies in the history of the USA who fought the charges.

Caveat: The Maple Media Porn Cases were an egregious example where the
lawyers themselves were serving the torrents & they were disbarred.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 12/2/25 9:26 AM, Marian wrote:

I'm actually surprised, Carlos, that the ISP manages "the router", where I >would NOT be surprised if the ISP manages "the modem" (even as I'm well
aware that router:modem combinations exist (which may be what you have).

My router/modem is owned and operated by my ISP. It's part of the service.
Further unless turned off it's also a hotspot for all the other ISP's
customers (their password required) who are in WiFi range and might want to
use it. When mine failed awhile back I used my neighbors hotspot until it
was fixed (at no charge, part of the service). Great for us none-tech
customers whom I suspect most are...


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

AJL <noemail@none.com> wrote:

On 12/2/25 9:26 AM, Marian wrote:

I'm actually surprised, Carlos, that the ISP manages "the router", where I >would NOT be surprised if the ISP manages "the modem" (even as I'm well >aware that router:modem combinations exist (which may be what you have).

My router/modem is owned and operated by my ISP. It's part of the service.
Further unless turned off it's also a hotspot for all the other ISP's
customers (their password required) who are in WiFi range and might want to
use it. When mine failed awhile back I used my neighbors hotspot until it
was fixed (at no charge, part of the service). Great for us none-tech
customers whom I suspect most are...

The modem/router may be *owned* by your ISP and the *modem* part is
indeed likely to be operated and managed by your ISP. But the *router*
part can not be 'operated' (managed?) by your ISP, at least not fully, otherwise they could mess up your part (your 'LAN'), change your
password, access your LAN, etc.. *If* they could 'operate'/manage the
router part, you could never be hold liable for what happens on your end/network, because it wouldn't be your network.

FWIW, my (cable) ISP indeed manages the modem part, I manage the rest
(for example the WiFi password, set fixed IP addresses, etc.).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

For those wishing to know more about this topic, most people have their >>> router Wi-Fi AP set to broadcast the SSID, which means it's uploaded to >>> world-wide publicly accessible databases whether they like it or not.
a. The (unique) GPS location (of the phone uploading it) is uploaded
b. The signal strength (of the signal to the phone) is uploaded
c. The (unique) BSSID (MAC address) is uploaded - which is essentially you >>

A router is not a person. At worst it represents a household in the same
way a postal address does.

Hi Chris,

If you move from one home to another, and if you take your router with you, then the "bad guy" can trace your movements exactly as to time & location.

They know your exact location & exactly when you changed locations.

Great. Saves sending all those "we have moved" messages.

d. The (normally non-unique) SSID is uploaded (with or without _nomap)

Every mobile device owned by ignorant/rude people is uploading that privacy
to the world-wide publicly accessible databases (which have been abused). >>

No they haven't. A theoretical observation has been made. There's no
evidence of "abuse".

I know what you're talking about,

No you don't. You said you could track me "if you were a bad guy". I gave
you permission and you could do nothing. Your paranoia is baseless.

but most people reading this won't know
that the Apple system (versus the Google system) is atrociously designed.

You don't "know" it either. All you have is FUD.

The way Apple does it is Apple allows hundreds upon hundreds of access
point location information to be downloaded in a single instance by anyone
on the planet, while Google's system is far more constrained in terms of abuse potential.

You & I can delve deeper (much deeper) than that astute summary, but that quick overview of the huge differences between the highly insecure Apple system and the lousy Google system (more secure, but it still sucks in
terms of privacy) should suffice for most people here unless they ask for further details.

They are no different. They will give anyone with access to the API
location information based on their wifi AP databases.

While you're at it, the equally rude satellites, google cars, the post
office and census collectors are also sharing extremely private information >> regarding everyone's houses, where they are and what they look like.

What you're saying I've heard a lot from people

You've heard it a lot because you're a crackpot.

Privacy is like personal hygiene. You never stop washing your hands.

Soap is sufficient for 99% of people. You're using bleach driven by fear.

I STRONGLY recommend first wrapping your house in tinfoil (hopefully that
will smother your *outgoing* connections), then radar opaque paint and,
finally, camouflage netting.

For extra privacy go live in the woods.

These are the exact words of sklavin, Chris.

Many people in history have decided to be a slave; but I'm not one of them. And more to the point, I do not advocate that people become slaves.

You're a slave to your dogmatic obsession.

You advocate slavery. I advocate freedom.

Hardly. You have less freedom then I do.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 12/2/25 12:35 PM, Frank Slootweg wrote:

AJL <noemail@none.com> wrote:

On 12/2/25 9:26 AM, Marian wrote:

I'm actually surprised, Carlos, that the ISP manages "the router", where I >> >would NOT be surprised if the ISP manages "the modem" (even as I'm well
aware that router:modem combinations exist (which may be what you have).

My router/modem is owned and operated by my ISP. It's part of the service. >> Further unless turned off it's also a hotspot for all the other ISP's
customers (their password required) who are in WiFi range and might want to >> use it. When mine failed awhile back I used my neighbors hotspot until it >> was fixed (at no charge, part of the service). Great for us none-tech
customers whom I suspect most are...

The modem/router may be *owned* by your ISP and the *modem* part is
indeed likely to be operated and managed by your ISP. But the *router*
part can not be 'operated' (managed?) by your ISP, at least not fully, >otherwise they could mess up your part (your 'LAN'), change your
password, access your LAN, etc.. *If* they could 'operate'/manage the
router part, you could never be hold liable for what happens on your >end/network, because it wouldn't be your network.

All Greek to me. Bottom line for me is I plug in the device's AC cord, screw
on the cable, enter a password, and bingo I have WiFi and I'm online...

FWIW, my (cable) ISP indeed manages the modem part, I manage the rest
(for example the WiFi password, set fixed IP addresses, etc.).

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/2 16:26:18, Marian wrote:

Carlos E.R. wrote:

Disable remote administration to your router (duh) & use HTTPS for login. >>

That removes the warranty. Seriously. My router is remotely managed by
my ISP. Not via plain ssh login, they have their own dedicated channel.

Hi Carlos,

Thanks for adding the missing information that the router may be managed by the ISP, which, of course, somewhat changes what you can and cannot do to effect better privacy/security.

I'm actually surprised, Carlos, that the ISP manages "the router", where I would NOT be surprised if the ISP manages "the modem" (even as I'm well> aware that router:modem combinations exist (which may be what you have).

In my case, I don't have a modem since I get my Internet from a dozen miles away over the air via WISP, but my "rooftop transceiver" is managed by the WISP (although he gives me his password so that I can make changes).

Most people in the USA don't have a transceiver like I do; they have a
modem, and some people have a modem which is combined into a router.

I am unfamiliar with that setup personally, since I've never owned a modem, but I've bought them for my kids when they moved into apartments, so I'm familiar with the concept that you seem to be speaking about.

Thanks for adding the extra value so that everyone on the team benefits.

I don't know about the USA, but in the UK, a lot of users have _one_
whitish box, which connects to the 'phone line, and contains the MoDem,
router, hub, wifi, ... you name it, it's in that box. Common parlance - including from the ISPs who usually supply the box - is to (mis)name
that box the "router".
They usually (since the ISP supplies them) have a version of the
manufacturer's software, tweaked to suit the ISP. I'm not _aware_ of any
that are remote-flashed by the ISPs, but it wouldn't surprise me.
I don't _think_ most ISP contracts say you _have_ to use their "router",
though there may be some that do; however, the majority of users _do_,
since it's generally supplied "free" by the ISP, and also if anything
goes wrong - or is _suspected_ of going wrong - the ISP's support desk
(which aren't great at the best of times) are likely to tell you you're
on your own if you're not using their "router".
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

From Newsgroup: comp.mobile.android

On 2 Dec 2025 19:35:36 GMT, Frank Slootweg wrote:

AJL <noemail@none.com> wrote:

[quoted text muted]
customers (their password required) who are in WiFi range and might want to
use it. When mine failed awhile back I used my neighbors hotspot until it
was fixed (at no charge, part of the service). Great for us none-tech
customers whom I suspect most are...

The modem/router may be *owned* by your ISP and the *modem* part is
indeed likely to be operated and managed by your ISP. But the *router*
part can not be 'operated' (managed?) by your ISP, at least not fully, otherwise they could mess up your part (your 'LAN'), change your
password, access your LAN, etc.. *If* they could 'operate'/manage the
router part, you could never be hold liable for what happens on your end/network, because it wouldn't be your network.

My ISP has the ability to reach into "my" router -- i.e. that portion
of the combined modem/router that they supply as part of their
service -- and make changes; they did it once in 2020 during a
telephone call when I was having a problem with router settings. It
would be a very bad business decision to change passwords or
otherwise mess with usability, but as far as I know they do have the
ability to do those things.

It may be different in Europe, where consumer protection laws are
still enforced.
--
"The power of accurate observation is frequently called cynicism by
those who don't have it." --George Bernard Shaw
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Stan Brown wrote:

My ISP has the ability to reach into "my" router -- i.e. that portion
of the combined modem/router that they supply as part of their
service -- and make changes;

In the UK (and I assume wider within Europe) many ISPs do remote
provisioning using TR-069 protocol.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-02 17:26, Marian wrote:

Carlos E.R. wrote:

Disable remote administration to your router (duh) & use HTTPS for login. >>

That removes the warranty. Seriously. My router is remotely managed by
my ISP. Not via plain ssh login, they have their own dedicated channel.

Hi Carlos,

Thanks for adding the missing information that the router may be managed by the ISP, which, of course, somewhat changes what you can and cannot do to effect better privacy/security.

I'm actually surprised, Carlos, that the ISP manages "the router", where I would NOT be surprised if the ISP manages "the modem" (even as I'm well
aware that router:modem combinations exist (which may be what you have).

It has a direct fibre port, integrating what previously was a separate
gadget called ONT (Optical network terminal). That may qualify as a modem.

They do some maintenance. We can call the technical service when we have
a problem, and they can login remotely to assist in our problem. Saves
them a trip. I understand they have some kind of management platform,
where they enter client data and get connected to our router. That
platform is the same for the dozens of router models they install.

I assume they apply updates, but I have no proof of this.

I can change the login password and do my own management (I do), but
they keep another port for that remote management they do. That's the
one that would break the support contract.

In my case, I don't have a modem since I get my Internet from a dozen miles away over the air via WISP, but my "rooftop transceiver" is managed by the WISP (although he gives me his password so that I can make changes).

Most people in the USA don't have a transceiver like I do; they have a
modem, and some people have a modem which is combined into a router.

I am unfamiliar with that setup personally, since I've never owned a modem, but I've bought them for my kids when they moved into apartments, so I'm familiar with the concept that you seem to be speaking about.

Thanks for adding the extra value so that everyone on the team benefits.

--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-02 21:35, J. P. Gilliver wrote:

On 2025/12/2 16:26:18, Marian wrote:

Carlos E.R. wrote:

Disable remote administration to your router (duh) & use HTTPS for login. >>>

That removes the warranty. Seriously. My router is remotely managed by
my ISP. Not via plain ssh login, they have their own dedicated channel.

Hi Carlos,

Thanks for adding the missing information that the router may be managed by >> the ISP, which, of course, somewhat changes what you can and cannot do to
effect better privacy/security.

I'm actually surprised, Carlos, that the ISP manages "the router", where I >> would NOT be surprised if the ISP manages "the modem" (even as I'm well
aware that router:modem combinations exist (which may be what you have).

In my case, I don't have a modem since I get my Internet from a dozen miles >> away over the air via WISP, but my "rooftop transceiver" is managed by the >> WISP (although he gives me his password so that I can make changes).

Most people in the USA don't have a transceiver like I do; they have a
modem, and some people have a modem which is combined into a router.

I am unfamiliar with that setup personally, since I've never owned a modem, >> but I've bought them for my kids when they moved into apartments, so I'm
familiar with the concept that you seem to be speaking about.

Thanks for adding the extra value so that everyone on the team benefits.

I don't know about the USA, but in the UK, a lot of users have _one_
whitish box, which connects to the 'phone line, and contains the MoDem, router, hub, wifi, ... you name it, it's in that box. Common parlance - including from the ISPs who usually supply the box - is to (mis)name
that box the "router".

Absolutely.

It also connects to the TV decoder. The configuration of the router is
complex and not documented (!). It has settings to handle TV and phone service. When I call for service I know they get in during the call and
check or do things

They usually (since the ISP supplies them) have a version of the manufacturer's software, tweaked to suit the ISP. I'm not _aware_ of any
that are remote-flashed by the ISPs, but it wouldn't surprise me.

I highly suspect mine do, but not 100% certain.

I don't _think_ most ISP contracts say you _have_ to use their "router", though there may be some that do; however, the majority of users _do_,
since it's generally supplied "free" by the ISP, and also if anything
goes wrong - or is _suspected_ of going wrong - the ISP's support desk
(which aren't great at the best of times) are likely to tell you you're
on your own if you're not using their "router".

Oh, absolutely.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-02 08:40, Marian wrote:

Chris wrote:

For those wishing to know more about this topic, most people have their
router Wi-Fi AP set to broadcast the SSID, which means it's uploaded to
world-wide publicly accessible databases whether they like it or not.
a. The (unique) GPS location (of the phone uploading it) is uploaded
b. The signal strength (of the signal to the phone) is uploaded
c. The (unique) BSSID (MAC address) is uploaded - which is essentially you

A router is not a person. At worst it represents a household in the same
way a postal address does.

Hi Chris,

If you move from one home to another, and if you take your router with you, then the "bad guy" can trace your movements exactly as to time & location.

Except no one ever does that.

The internet facing hardware is (almost) always, owned by the ISP you use.

They know your exact location & exactly when you changed locations.

d. The (normally non-unique) SSID is uploaded (with or without _nomap) >>>
Every mobile device owned by ignorant/rude people is uploading that privacy >>> to the world-wide publicly accessible databases (which have been abused). >>

No they haven't. A theoretical observation has been made. There's no
evidence of "abuse".

I know what you're talking about, but most people reading this won't know that the Apple system (versus the Google system) is atrociously designed.

The way Apple does it is Apple allows hundreds upon hundreds of access
point location information to be downloaded in a single instance by anyone
on the planet, while Google's system is far more constrained in terms of abuse potential.

Cite, please!
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On Tue, 12/2/2025 3:35 PM, J. P. Gilliver wrote:

They usually (since the ISP supplies them) have a version of the manufacturer's software, tweaked to suit the ISP. I'm not _aware_ of any
that are remote-flashed by the ISPs, but it wouldn't surprise me.

Some networking devices, they have "auto-flash capability".
The locked-down config you cannot see, has two URLs.

https://... NAND Flash image

https://... Configuration file

and this is supposed to allow "secure push" from the ISP.
I've even had one unlocked box I bought, get flashed by
the ISP (by some trickery, as the two URLs weren't loaded
as I later found them). They can have the capability to
take over a box (maybe it's just one of those 12345
type passwords :-) ).

And the Alcatel ADSL1 modem-only box, had remote flash too, because
a university analysis of the box found there were exploitable
features, and the ADSL modem would come to your home, and
they would flash them up once the box was online. That's how
some of the known exploits would be removed. They would do that,
rather than have a warehouse full of modems and some poor individual
go around, open the boxes, and flash them.

ISP grade boxes, can have multi-level passwords, and if you use
the web interface on the ISP-provided box, all you get is the
slick background image and no controls at all to use. When you
buy the same box unlocked, the boxes still are not as feature
complete as a DLink would be. For example, the unlocked box
I've got, to program the damn Firewall, is a hundred lines of
crap in a text file (no GUI!). It's four lines of text per rule.

Paul


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

AJL wrote:

The modem/router may be *owned* by your ISP and the *modem* part is >>indeed likely to be operated and managed by your ISP. But the *router*
part can not be 'operated' (managed?) by your ISP, at least not fully, >>otherwise they could mess up your part (your 'LAN'), change your
password, access your LAN, etc.. *If* they could 'operate'/manage the >>router part, you could never be hold liable for what happens on your >>end/network, because it wouldn't be your network.

All Greek to me. Bottom line for me is I plug in the device's AC cord, screw
on the cable, enter a password, and bingo I have WiFi and I'm online...

While most people don't "play" with the ISP's equipment, as I mentioned, my WISP (who gives me my Internet for forever free since I often work for him
by helping neighbors with their WISP connections) gives me the
login/password to all the neighbors' radios, so I can run neat stuff on
their rooftop radios just as this spectrum analysis built into Ubiquiti transceivers. <https://i.postimg.cc/QxF3sXpm/java2.jpg>

Most people probably don't have access to the ISP's equipment like I do,
but I love *learning* how things work, so that I can run site surveys such
as this one which looks at the Android phone emissions using adb & my PC.
<https://i.postimg.cc/jSBfSgRC/baseapk.jpg>

I can log into any neighbors' rooftop transceiver and run a site survey.
<https://i.postimg.cc/8krQvmf8/longtime.jpg>

I'm sure I can do more than that, but I have no interest in spying on my neighbors, and, in fact, I do all that I can to not throw them under the
bus (which is partially the topic of this thread, after all, is it not).

Just to add value, there are many tools on Android which show Wi-Fi &
cellular data where it's good to run a site survey every once in a while.
<https://i.postimg.cc/4xgmTTgm/wifi01.jpg>
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:

Thanks for adding the missing information that the router may be managed by >> the ISP, which, of course, somewhat changes what you can and cannot do to
effect better privacy/security.

I'm actually surprised, Carlos, that the ISP manages "the router", where I >> would NOT be surprised if the ISP manages "the modem" (even as I'm well
aware that router:modem combinations exist (which may be what you have).

It has a direct fibre port, integrating what previously was a separate gadget called ONT (Optical network terminal). That may qualify as a modem.

They do some maintenance. We can call the technical service when we have
a problem, and they can login remotely to assist in our problem. Saves
them a trip. I understand they have some kind of management platform,
where they enter client data and get connected to our router. That
platform is the same for the dozens of router models they install.

I assume they apply updates, but I have no proof of this.

I can change the login password and do my own management (I do), but
they keep another port for that remote management they do. That's the
one that would break the support contract.

Hi Carlos,

That's useful additional technical information as, being on WISP for
decades, I haven't been physically exposed myself to how cable/fiber works.

As I mentioned, my WISP (who gives me my Internet for forever free since I often work for him by helping neighbors with their WISP connections) gives
me the login/password to all the neighbors' radios, so I can run neat stuff
on their rooftop radios just as spectrum analysis built into Ubiquiti transceivers. <https://i.postimg.cc/QxF3sXpm/java2.jpg>

However, I set up my kids, long ago, when they moved into apartments, for a "cable modem" which I bought at Costco for a hundred & fifty bucks (or so)
to save them the $10/month "forever rental fee" (now probably $20/month).
<https://www.costco.com/p/-/tp-link-ac3200-wi-fi-tri-band-router-and-docsis-16x4-30-cable-modem/100319814>

In those days, the only coax "spec" you needed was Docsys 3.0 (now 3.1 and
even 4.0) supported by major ISPs like Comcast Xfinity, Spectrum, and Cox.
<https://www.business.att.com/learn/articles/docsis-vs-fiber-why-knowing-the-difference-matters.html>

Nowadays, there's "fiber" such as from Frontier, which apparently doesn't
use a "modem" per se, but which uses an ONT (Optical Network Terminal).
<https://dongknows.com/fiber-vs-cable-internet-docsis-modem-vs-ont/>

In those days, and even today, I'd recommend a *separate* router for all
the advantages that a separate router has for the technically inclined.

But I'm well aware that modem:router (and ONT:router) combo's are widely
used nowadays, and generally provided free or via a rental from the ISP.
<https://techbullion.com/fiber-vs-cable-internet-equipment-guide-what-you-actually-need/>

My main argument, which all my kids learned in spades, was that paying $150
up front once, immediately reduced the long-term costs by thousands of
dollars since it instantly saved the $50 (probably now $75 or more) "installation fee" that cable companies charged, and, of course, it
eliminates the $10/month (now likely $20/month) plus taxes to rent it.
<https://www.costco.com/routers-networking.html>

If the modems I bought my kids when they first moved into apartments during their college days ever does go bad, it's *still cheaper* to buy a new one
than to rent forever from they cable companies.

What's interesting is the cable companies have no problem accessing the
Costco modems (the one I bought years ago was a Motorola one, I think).

So the cable company still manages the modem no matter where you got it
from, while you manage the router. As Frank and others have said, many
units today are combination units, but still, there's a modem part and a
router part (or, I presume, for fiber, an ONT part & a router part).

Some day they'll string either coax cable or fiber into our power poles
above Silicon Valley and Santa Cruz in the Santa Cruz Mountains and I can
begin to enjoy all the delights of not having to get my WISP over the air!
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

The way Apple does it is Apple allows hundreds upon hundreds of access
point location information to be downloaded in a single instance by anyone >> on the planet, while Google's system is far more constrained in terms of
abuse potential.

You & I can delve deeper (much deeper) than that astute summary, but that
quick overview of the huge differences between the highly insecure Apple
system and the lousy Google system (more secure, but it still sucks in
terms of privacy) should suffice for most people here unless they ask for
further details.

They are no different. They will give anyone with access to the API
location information based on their wifi AP databases.

As I said, I can delve far deeper where let's just let others make their
own assessments of the absurdly sophomoric system Apple chose to employ.

Here is a copy-and-pasted reply that shows, for the umpteenth time, that
Apple only "advertises" privacy when it's the worst platform out there.

Cybernews: *Anyone can tap into your WiFi location data to track you*
explains how Apple's WPS can be exploited for mass surveillance.
<https://cybernews.com/privacy/apple-beams-wifi-location-data-privacy-risk/>

Cybersecurity News: *Hackers Can Abuse Apple¢s Wi-Fi Positioning System* details the University of Maryland study showing global tracking risks.
<https://cybersecuritynews.com/apples-wi-fi-positioning-system/>

Dark Reading: *Apple Geolocation API Exposes Wi-Fi Access Points Worldwide* notes that researchers could query hundreds of millions of APs in days.
<https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide>

Krebs on Security: *Why Your Wi-Fi Router Doubles as an Apple AirTag*
describes how Apple¢s data was used to track billions of devices globally
<https://krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag/>

Register: *Apple Wi-Fi Positioning System open to global tracking abuse*
covers the academic paper "Surveilling the Masses with Wi-Fi-Based
Positioning Systems" by Erik Rye and Dave Levin
<https://www.theregister.com/2024/05/23/apple_wifi_positioning_system/>

Privacy Risk: Even people who don't use Apple devices can be tracked if
their Wi-Fi router is within range of Apple devices.

Exposure Scale: Because queries can return 400 APs at once, attackers can efficiently build massive location datasets.

Potential misuse: Surveillance of vulnerable populations, journalists, or
even military movements is possible.

In short: Apple's Wi-Fi Positioning System allows bulk queries of access
point data (400 at a time) and researchers have shown this can be abused
for global surveillance.

Apple trolls *hate* the truth about Apple products, but the fact is the
Apple trolls know absolutely nothing about anything. Who is that stupid?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Note that the mere use of a HIDDEN BROADCAST prevents upload by Mozilla!

Mozilla Location Service (MLS) was an open geolocation system that mapped positions using publicly observable radio transmitters, including Wi-Fi
access points identified by BSSID, and it ran from 2013 until its closure
in 2024 where MLS had collected more than 44.43 million unique cell
networks and 1450 million unique WiFi networks.

https://en.wikipedia.org/wiki/Mozilla_Location_Service

The mobile app Mozilla Stumbler for Android could be used to contribute
signals of cellular networks and Wi-Fi access points at the device's GPS position. It was available in the Google Play store and F-Droid from
November 2014 to February 2021 after which it was officially retired.[10][11][12]

It was noted that contributions from Firefox for Android users "completely overwhelm[ed] the contributions made by the dedicated Stumbler app."[13]
Other apps, such as Tower Collector, were also available for the same purpose,[14][15] although they were limited to collecting information
related to cellular networks, except for NeoStumbler an Android application capable of collecting locations of cell towers, Wi-Fi access points and Bluetooth beacons.

Mozilla's client applications do not collect information about WiFi access points whose SSID is hidden or ends with the string "_nomap" (e.g. "Simpson-family-wifi_nomap").[19]

Note that the mere use of a HIDDEN BROADCAST prevents upload!
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

Note that the mere use of a HIDDEN BROADCAST prevents upload by Mozilla!

Note also that a HIDDEN BROADCAST (now) prevents upload by a specific
Android app based on christianrowlands/android-network-survey repository
<https://github.com/christianrowlands/android-network-survey/issues/91>

The bug report isn't clear how it's implemented though, so we don't know
from the bug report if it's like Mozilla MLS in that hidden networks are automatically discarded by the client scanner BEFORE upload to servers.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

Note that the mere use of a HIDDEN BROADCAST prevents upload by Mozilla!

Note also that a HIDDEN BROADCAST (now) prevents upload

Note the SSID cannot be obtained, as far as I'm aware, without an ACTIVE spoofing of a client request, which passive scanners likely don't do.
<https://labex.io/tutorials/kali-discover-a-hidden-ssid-using-airodump-ng-594438>

The reason this is extremely important is I can't find any documentation
(yet) that proves Google/Apple don't *upload* the SSID/BSSID/GPS/dBm/etc.
of your "hidden broadcast" access point, but if they do, they likely don't
have the SSID.

Does anyone know if Google/Apple WPS databases have BSSID entries sans an associated SSID?

The reason it matters is almost every router in the world has the feature
of hiding the broadcast, and we all know that the hidden broadcast packet,
if no client is currently connected, won't have the SSID associated with
it, so the question is what does Google/Apple do about hidden broadcasts?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

Does anyone know if Google/Apple WPS databases have BSSID entries sans an associated SSID?

It's important to understand that passive capture by mobile devices cannot recover the SSID if no such frames are sent while that device is listening.
<https://arista.my.site.com/AristaCommunity/s/article/working-of-a-hidden-ssid>

Of course, 802.11 beacon and probe frames expose the AP's MAC (the BSSID)
and other radio metadata even when the SSID element is omitted or blank.
That makes the BSSID observable by passive scanners without active client spoofing. But not the SSID.

Almost every router has the option of hiding the SSID for a reason, since setting the AP to a hidden SSID means the SSID string is not broadcast in beacons unless or until a client connects to it. The SSID appears only in
other management frames such as probe responses or association requests
from a client that already knows about the SSID/BSSID pairing. If no client ever sends those pairing frames while the passing mobile device is
passively scanning, there's no SSID for the passive capture to extract.

Hence, whether a BSSID without an SSID ends up in a vendor database is a policy/implementation question we need to find out for Apple/Google WPS.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-03 00:39, Marian wrote:

Carlos E.R. wrote:

...

My main argument, which all my kids learned in spades, was that paying $150 up front once, immediately reduced the long-term costs by thousands of dollars since it instantly saved the $50 (probably now $75 or more) "installation fee" that cable companies charged, and, of course, it eliminates the $10/month (now likely $20/month) plus taxes to rent it.
<https://www.costco.com/routers-networking.html>

It is not a rental here. We can buy a router, the monthly fee doesn't
change a cent. The advantage is (probably) a more feature rich router
and more control. The disadvantage is that you have to work out the configuration, which is a pain (AFAIK they don't publish it), and that
if something breaks you have no support. They'll help, sure, depending
on who you manage to talk with, but no support.

When I was on ADSL I had their router, but I bought my own. The
configuration was simpler back then, but the router had a wizard: I just
told it what Telco it was, and it configured itself. I have not seen
this feature announced with fibre.

...
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/3 12:47:9, Carlos E.R. wrote:

On 2025-12-03 00:39, Marian wrote:

Carlos E.R. wrote:

...

My main argument, which all my kids learned in spades, was that paying $150 >> up front once, immediately reduced the long-term costs by thousands of
dollars since it instantly saved the $50 (probably now $75 or more)
"installation fee" that cable companies charged, and, of course, it
eliminates the $10/month (now likely $20/month) plus taxes to rent it.
<https://www.costco.com/routers-networking.html>

It is not a rental here. We can buy a router, the monthly fee doesn't
change a cent. The advantage is (probably) a more feature rich router
and more control. The disadvantage is that you have to work out the configuration, which is a pain (AFAIK they don't publish it), and that
if something breaks you have no support. They'll help, sure, depending
on who you manage to talk with, but no support.

When I was on ADSL I had their router, but I bought my own. The configuration was simpler back then, but the router had a wizard: I just told it what Telco it was, and it configured itself. I have not seen
this feature announced with fibre.

...

As I've said before, here in UK most users who are connected to a copper
'phone line have one box, containing MoDem, router, hub, and wifi base,
which box is generally referred to as a "router"; AIUI those with an
actual fibre connection to the home still have a similar-_looking_ box,
still referred to as a "router", but one additional box that connects to
the fibre, and to which the "router" connects, usually by an ethernet cable.

The "router" is in most cases provided "free" by the ISP (or, at least,
any monthly rental is included in the about 25 pounds a month you pay
for service access - which is _not_ reduced if you buy your own
"router"). There's no "installation charge" for the router as such; if
you get broadband where there was none before, there is usually a
startup charge, but that's regardless of whether you use the provided
router or not - it's to cover equipment setup at the exchange AIUI.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

We must, of course, ensure that we display no bias. The bias I worry
about most is the bias against understanding.
- Nick Robinson, RT 2017/4/8-14
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Andy Burns <usenet@andyburns.uk> wrote:

Stan Brown wrote:

My ISP has the ability to reach into "my" router -- i.e. that portion
of the combined modem/router that they supply as part of their
service -- and make changes;

In the UK (and I assume wider within Europe) many ISPs do remote provisioning using TR-069 protocol.

Do you know the extent of that "provisioning", i.e. what they can and
can not do?

As I mentioned, my (cable) ISP (Ziggo) can access the modem part of
the modem/router combo and can do things like quality of service
measurements (when they do, they send an e-mail with a good/not-good indication). And they probably can access the telephone part of the
modem (connects to a normal phone), which uses a seperate communication channel. But AFAIK, they can't access/change anything in the router
part.

Over time (some 20+ years), my modem/router devices have either been installed by an on-site technician (probably two times) or by myself,
i.e. they ship a replacement modem/router (sometimes with things like
cables, adapters, outlets, etc.) and I install it (probably three or
more times).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. <robin_listas@es.invalid> wrote:

On 2025-12-03 00:39, Marian wrote:

Carlos E.R. wrote:

...

My main argument, which all my kids learned in spades, was that paying $150 >> up front once, immediately reduced the long-term costs by thousands of
dollars since it instantly saved the $50 (probably now $75 or more)
"installation fee" that cable companies charged, and, of course, it
eliminates the $10/month (now likely $20/month) plus taxes to rent it.
<https://www.costco.com/routers-networking.html>

It is not a rental here.

Nor in the UK. You may get charged a smallish "setup" fee on some (short) contracts if you take their supplied router. Otherwise the monthly fee is simply for internet access.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Frank Slootweg wrote:

Andy Burns wrote:

In the UK (and I assume wider within Europe) many ISPs do remote
provisioning using TR-069 protocol.

Do you know the extent of that "provisioning", i.e. what they can and
can not do?

quite likely change all settings and do firmware updates, reboots

Over time (some 20+ years), my modem/router devices have either been installed by an on-site technician (probably two times) or by myself,
i.e. they ship a replacement modem/router (sometimes with things like
cables, adapters, outlets, etc.) and I install it (probably three or
more times).

I generally start with the ISP's device, then migrate to my own device,
but the I've stayed with same ISP since 2004
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:

It is not a rental here. We can buy a router, the monthly fee doesn't
change a cent.

Hi Carlos,

I need to be clear. I never said what you apparently thought I said.
It's not the "router", per se, that people rent out here.
It's the modem.

Sure, they "can" rent a router (or a router/modem combo) out here too.
But most here rent the "modem" & then buy their own router (AFAIK).

The advantage is (probably) a more feature rich router
and more control. The disadvantage is that you have to work out the configuration, which is a pain (AFAIK they don't publish it), and that
if something breaks you have no support. They'll help, sure, depending
on who you manage to talk with, but no support.

Thank you for that point of view. I disagree but I'm technical.

So I know that the modem *must* be set up by the cable company.
But not the router.

I have no problem setting up a router. And most people I know are similar.
But I'm in the Silicon Valley surrounds, where everyone is well educated.

I would never recommend renting a router given they're so cheap and you can always get a better router than the cost of renting one forever out here.

Stores are filled with routers out here.
Modems are harder to find, but Costco/Amazon sells them.


And setting up a modem is trivial.
1. You buy it & plug the coax cable into the back & power it up.
2. Then you call the cable company who sets it up over the coax

When I was on ADSL I had their router, but I bought my own.

As far as I recall, when I was on ISDN, the phone company managed the ISDN terminal adapter for ISDN, which is a DSL modem for ADSL.

Telecom providers often call these devices Customer Premises Equipment
(CPE). If it combines modem + router + Wi-Fi, it's often marketed as a
gateway or home hub. But it's the "same thing" as what we're discussing.

The
configuration was simpler back then, but the router had a wizard: I just told it what Telco it was, and it configured itself. I have not seen
this feature announced with fibre.

In general, in the USA, the company selling you the service sets up their devices over the air (for my WISP) or over the telephone lines (for
ISDN/ASDL) or over the coax (for cable) or over the fiber (for fiber).

They generally set up what we might collectively refer to as "the modem".
But we generally set up what we call the 'router'.

They can't set up the router the way you want it to be set up.
Only you can do that.

Hell, I flash DD-WRT on my routers. They would never do that.
But I won't disagree that some people don't set up their own routers.

However, as you noted, a "wizard" often pops up when you first boot up a
router on the Internet and it asks you questions as to how you want it.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 12/3/25 7:27 AM, J. P. Gilliver wrote:

As I've said before, here in UK most users who are connected to a copper >'phone line have one box, containing MoDem, router, hub, and wifi base,
which box is generally referred to as a "router";

My ISP supplied "modem" does all that but is cable supplied. It also can
supply wired phone service (my old house is wired for landline) which I
used for years before quitting when my cell got WiFi calling. It also has a
backup battery that will keep me online in a power failure. The ISP usually
picks the middle of the night to update it so there's very little down time
for my use. My ISP does allow outside modems but for me that would be a
PITA. Others MMV though...


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Andy Burns <usenet@andyburns.uk> wrote:

Frank Slootweg wrote:

Andy Burns wrote:

In the UK (and I assume wider within Europe) many ISPs do remote
provisioning using TR-069 protocol.

Do you know the extent of that "provisioning", i.e. what they can and can not do?

quite likely change all settings and do firmware updates, reboots

Also of the router part, i.e. router settings, passwords, IP settings,
etc.?

If so, how is the user's ('LAN') still his/hers and still secure? How
about the user being liable for any abuse/misuse from the ISP's side/
personel?

Over time (some 20+ years), my modem/router devices have either been installed by an on-site technician (probably two times) or by myself,
i.e. they ship a replacement modem/router (sometimes with things like cables, adapters, outlets, etc.) and I install it (probably three or
more times).

I generally start with the ISP's device, then migrate to my own device,
but the I've stayed with same ISP since 2004

Over time, I have used two of my own routers. The first one was
needed, because the modem only had one hardwired connection. The second, because the first was too slow (bps). After that, I've used the ISP's
built-in routers because they offered sufficient functionality. And yes,
also since about that time (March 2003 actually).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

Hence, whether a BSSID without an SSID ends up in a vendor database is a policy/implementation question we need to find out for Apple/Google WPS.

Legal issues:

I should be clear that I think it would/should be LEGALLY untenable for the random iOS/Android device to be querying client packets to obtain the SSID
of an access point whose beacon frames do not contain that SSID.

It's a POLICY DECISION whether or not random phones upload the BSSID.
But it's a technical impossibility to "passively" obtain the SSID.

Beacon frames always contain the BSSID (i.e., the AP's MAC address) but if
the SSID is set to "hidden", then the beacon frame SSID field is blank or
set to null. So a passive scanner (like a random android/ios phone) can
always see the BSSID, but it can never see the SSID in a beacon frame.

However, if the scanner is active, it can "wait long enough" outside your
home to learn the SSID by sniffing specific authenticated client traffic.
a. When a client device that already knows the SSID tries to connect,
it sends a directed probe request with the SSID in cleartext.
b. The AP responds with a probe response containing the SSID.
c. Association/authentication frames also reveal the SSID.

Hence, an active scanner, if it "waits long enough" and if it captures authentication traffic, can capture these frames and learn the SSID but
only if a client connects, as if no client connects, a passive scanner will only know the BSSID, not the SSID of the router's access point.

It's important to note that if the connection from my Windows PC to my
router access point never drops, then that SSID may not be observable for
hours or even days after the initial encrypted connection had been
established.

From a legal standpoint, it seems untenable, to me, that a random
iOS/Android device will "wait long enough" to "capture client traffic".
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Frank Slootweg wrote:

quite likely change all settings and do firmware updates, reboots

Also of the router part, i.e. router settings, passwords, IP settings, etc.?

If so, how is the user's ('LAN') still his/hers and still secure? How
about the user being liable for any abuse/misuse from the ISP's side/ personel?

I agree with anyone who presents a logically sensible statement, no matter
who they are, where I'm incredulous that the ISP will be "messing with" the router since, as Frank astutely noted, that's the purview of the LAN owner.

In my case, my rooftop transceiver (which we can call a "modem") is
maintained by my WISP where he never touches my router. I have, oh, I don't count them, but maybe a dozen routers connected to his service, and I
maintain them all (some are set up as access points, others as bridges, and others as repeaters). I maintain them for many of my neighbors also.

What ISP will be willing to do all that to the home owners specifications?
<https://i.postimg.cc/5t4Nhkwx/transceiver01.jpg>

Over time (some 20+ years), my modem/router devices have either been
installed by an on-site technician (probably two times) or by myself,
i.e. they ship a replacement modem/router (sometimes with things like
cables, adapters, outlets, etc.) and I install it (probably three or
more times).

I generally start with the ISP's device, then migrate to my own device,
but the I've stayed with same ISP since 2004

Over time, I have used two of my own routers. The first one was
needed, because the modem only had one hardwired connection. The second, because the first was too slow (bps). After that, I've used the ISP's built-in routers because they offered sufficient functionality. And yes,
also since about that time (March 2003 actually).

Where I live we have 40-acre zoning, so every property has to be a minimum
of 40 acres, where if you don't have a bunch of radios scattered about, you won't be able to use the Internet at a barn or stable or at the pool, etc.
<https://i.postimg.cc/RZXNZBCQ/transceiver02.jpg>

While rooftop/treetop radios are common here in the Santa Cruz Mountains
above Silicon Valley/Santa Cruz, I can't imagine we're the only people who
need to use our Internet many hundreds of feet from the incoming feed.

I can't imagine any ISP/WISP willing to do all that private LAN setup.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-03 19:53, Marian wrote:

I can't imagine any ISP/WISP willing to do all that private LAN setup.

No, they do the generic setup, and if something breaks (tv not working,
phone not working) they can get in and have a look, and perhaps, change
what is wrong. Hopefully writing down in a log.


Initially the client had access to a remote web page to setup his own
router. Advanced users asked to learn the password, and access the
router local web page for admin. I did that long ago.

Instead, the current router has a very simple admin page with password (printed in a label underneath the router) and help pages, and an
advanced setup that asks "are you sure"? but has the same password and
no help pages. And a complex setup.


Wifi (ssid/pass), typeof security, and channel
WiFi+
WiFi for guests (ssid/pass, type of security

Ports to open to what local machine

LAN map
LAN config (gateway, mask, dhcp on/off, range, dns1 dns2)

Config is multiple (with NAT) or single post (transparent router)

IPv6 (dhcp mode, ports, filter)

router password

Firmware updates

Other (write/read profile, factory reset, wifi factory reset, firewall disable, universal UPnP enable/disable.

Help

Advnced.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-03 17:19, Marian wrote:

Carlos E.R. wrote:

It is not a rental here. We can buy a router, the monthly fee doesn't
change a cent.

Hi Carlos,

I need to be clear. I never said what you apparently thought I said.
It's not the "router", per se, that people rent out here.
It's the modem.

Where I say router I mean a single box that is ONT/modem/router/switch.

And it handles Internet, Landline, TV "signal", using several VLANs. Not documented.

...
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/3 18:53:32, Marian wrote:
[]

Where I live we have 40-acre zoning, so every property has to be a minimum
of 40 acres, where if you don't have a bunch of radios scattered about, you

[]
So hugely different outlooks! I've never heard (though I'm sure you're
right) of a _minimum_ property size before.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

From Newsgroup: comp.mobile.android

J. P. Gilliver wrote:

Marian wrote:

Where I live we have 40-acre zoning, so every property has to be a minimum >> of 40 acres

So hugely different outlooks! I've never heard (though I'm sure you're
right) of a _minimum_ property size before.

I had heard of the phrase <https://en.wiktionary.org/wiki/back_forty>

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-03 12:47, Andy Burns wrote:

J. P. Gilliver wrote:

Marian wrote:

Where I live we have 40-acre zoning, so every property has to be a
minimum
of 40 acres

So hugely different outlooks! I've never heard (though I'm sure you're
right) of a _minimum_ property size before.

I had heard of the phrase <https://en.wiktionary.org/wiki/back_forty>

While that explains the origin of the "forty"...

...I have huge doubts about Arlen stating the whole truth about anything.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-03 15:27, J. P. Gilliver wrote:

On 2025/12/3 12:47:9, Carlos E.R. wrote:

On 2025-12-03 00:39, Marian wrote:

Carlos E.R. wrote:

...

My main argument, which all my kids learned in spades, was that paying $150 >>> up front once, immediately reduced the long-term costs by thousands of
dollars since it instantly saved the $50 (probably now $75 or more)
"installation fee" that cable companies charged, and, of course, it
eliminates the $10/month (now likely $20/month) plus taxes to rent it.
<https://www.costco.com/routers-networking.html>

It is not a rental here. We can buy a router, the monthly fee doesn't
change a cent. The advantage is (probably) a more feature rich router
and more control. The disadvantage is that you have to work out the
configuration, which is a pain (AFAIK they don't publish it), and that
if something breaks you have no support. They'll help, sure, depending
on who you manage to talk with, but no support.

When I was on ADSL I had their router, but I bought my own. The
configuration was simpler back then, but the router had a wizard: I just
told it what Telco it was, and it configured itself. I have not seen
this feature announced with fibre.

...

As I've said before, here in UK most users who are connected to a copper 'phone line have one box, containing MoDem, router, hub, and wifi base,
which box is generally referred to as a "router"; AIUI those with an
actual fibre connection to the home still have a similar-_looking_ box,
still referred to as a "router", but one additional box that connects to
the fibre, and to which the "router" connects, usually by an ethernet cable.

The "router" is in most cases provided "free" by the ISP (or, at least,
any monthly rental is included in the about 25 pounds a month you pay
for service access - which is _not_ reduced if you buy your own
"router"). There's no "installation charge" for the router as such; if
you get broadband where there was none before, there is usually a
startup charge, but that's regardless of whether you use the provided
router or not - it's to cover equipment setup at the exchange AIUI.

Yes, same here.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-03 21:48:52 +0000, Carlos E.R. said:

On 2025-12-03 15:27, J. P. Gilliver wrote:

On 2025/12/3 12:47:9, Carlos E.R. wrote:

On 2025-12-03 00:39, Marian wrote:

Carlos E.R. wrote:

...

My main argument, which all my kids learned in spades, was that paying $150
up front once, immediately reduced the long-term costs by thousands of >>>> dollars since it instantly saved the $50 (probably now $75 or more)
"installation fee" that cable companies charged, and, of course, it
eliminates the $10/month (now likely $20/month) plus taxes to rent it. >>>> <https://www.costco.com/routers-networking.html>

It is not a rental here. We can buy a router, the monthly fee doesn't
change a cent. The advantage is (probably) a more feature rich router
and more control. The disadvantage is that you have to work out the
configuration, which is a pain (AFAIK they don't publish it), and that
if something breaks you have no support. They'll help, sure, depending
on who you manage to talk with, but no support.

When I was on ADSL I had their router, but I bought my own. The
configuration was simpler back then, but the router had a wizard: I just >>> told it what Telco it was, and it configured itself. I have not seen
this feature announced with fibre.

...

As I've said before, here in UK most users who are connected to a copper
'phone line have one box, containing MoDem, router, hub, and wifi base,
which box is generally referred to as a "router"; AIUI those with an
actual fibre connection to the home still have a similar-_looking_ box,
still referred to as a "router", but one additional box that connects to
the fibre, and to which the "router" connects, usually by an ethernet cable. >>
The "router" is in most cases provided "free" by the ISP (or, at least,
any monthly rental is included in the about 25 pounds a month you pay
for service access - which is _not_ reduced if you buy your own
"router"). There's no "installation charge" for the router as such; if
you get broadband where there was none before, there is usually a
startup charge, but that's regardless of whether you use the provided
router or not - it's to cover equipment setup at the exchange AIUI.

Yes, same here.

Pretty much the same in New Zealand for most providers. The term
contract plans include a "free" modem or on the open term plans can
have the ISP's modem added at additional cost or use your own.

Cooper lines are being phased out here by 2030 and is already done in
many of the main population areas. That means people have to use fibre, cellular (including "home wireless"), or one of the expensive satellite services.


--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Andy Burns wrote:

J. P. Gilliver wrote:

Marian wrote:

Where I live we have 40-acre zoning, so every property has to be a minimum >>> of 40 acres

So hugely different outlooks! I've never heard (though I'm sure you're
right) of a _minimum_ property size before.

I had heard of the phrase <https://en.wiktionary.org/wiki/back_forty>

What I love about Usenet is we all work together as a team, where each individual brings a completely different perspective to each discussion.

I didn't know about the "back forty" etymology, so I guess across the pond
it would be called the "back fifteen" (given 40 acres is 15 hectares). :)

Why 40 acres?

They don't want anyone living in the mountains out here, so they make unrealistic zoning so that you can only put one house every 40 acres.
<https://plandev.santaclaracounty.gov/codes-and-policies/zoning-ordinance>
HS (Hillside District) = 40-acre minimum parcel size
AR (Agricultural Ranchlands District) -> 40-acre minimum parcel size

Both are codified in Chapter 2.40 of the County Ordinance Code at Section 2.40.110 (HS District). The verbatim wording of Section 2.40.110 (HS – Hillside District) in the Santa Clara County Zoning Ordinance explicitly establishes the 40‑acre minimum parcel size.

Section 2.40.110 - HS Hillside District "The HS (Hillside) district is
intended to preserve the natural character of the hillsides and to limit development to large parcels. The minimum parcel size in the HS district
shall be forty (40) acres.

So if you have 79 acres, you can only put a single house on that land.

The point is that we have such large parcels that we use Wi-Fi to reach hundreds of feet, which is easy for us since our radios go for miles.

I get my Internet from a mountain across from me, which is, oh, I don't
know, maybe 20 miles by driving but only a few miles line of sight between
us. I can see maybe fifty miles (I never calculated the distance though).

WISP is what we do up here in the mountains above Silicon Valley. :)
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On Wed, 12/3/2025 4:18 PM, Alan wrote:

On 2025-12-03 12:47, Andy Burns wrote:

J. P. Gilliver wrote:

Marian wrote:

Where I live we have 40-acre zoning, so every property has to be a minimum >>>> of 40 acres

So hugely different outlooks! I've never heard (though I'm sure you're
right) of a _minimum_ property size before.

I had heard of the phrase <https://en.wiktionary.org/wiki/back_forty>

While that explains the origin of the "forty"...

...I have huge doubts about Arlen stating the whole truth about anything.

That makes sense for agricultural land. 40 is a quarter of a 160 property.
And hobby farms here are 40. The zoning likely prevents chopping a title
into smaller chunks. You can't turn Ag land into subdivisions, without
the right zoning. And a higher level of government draws lines around productive farmland and prevents that sort of thing. If they didn't do
that, all the farms would be sad looking subdivisions.

For hobby farming, you have to be careful to not lose your tax status.
The easiest way to "meet the farming requirement", is to rent out 30 acres
for hay production, a neighbour comes in and harvests hay several times
per year. And that income is then taxed (somehow) at a farm rate. If
you just sit on the land, some tax becomes hella expensive. That's
what I've overheard from people doing this. There is an incentive to
"make it look like it's a farm". That's how the scheme works here.

A few people, will run their property like an actual farm.

Even inheritance of the property is a huge liability.

Paul
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Paul wrote:

...I have huge doubts about Arlen stating the whole truth about anything.

That makes sense for agricultural land. 40 is a quarter of a 160 property. And hobby farms here are 40. The zoning likely prevents chopping a title
into smaller chunks. You can't turn Ag land into subdivisions, without
the right zoning. And a higher level of government draws lines around productive farmland and prevents that sort of thing. If they didn't do
that, all the farms would be sad looking subdivisions.

For hobby farming, you have to be careful to not lose your tax status.
The easiest way to "meet the farming requirement", is to rent out 30 acres for hay production, a neighbour comes in and harvests hay several times
per year. And that income is then taxed (somehow) at a farm rate. If
you just sit on the land, some tax becomes hella expensive. That's
what I've overheard from people doing this. There is an incentive to
"make it look like it's a farm". That's how the scheme works here.

A few people, will run their property like an actual farm.

Even inheritance of the property is a huge liability.

Paul

Hi Paul,

802.11 reality:

Nobody reads anything Alan Baker ever says because his IQ is actually at
the retard level (roughly no better than about 40 IQ).

He denies everything he can't comprehend - which - is everything.

One look at the Hillside (HS) zoning in unincorporated Santa Clara County
would show the idiot that 40-acre zoning is the norm for Hillsides.
<https://plandev.santaclaracounty.gov/codes-and-policies/zoning-ordinance>
HS (Hillside District) = 40-acre minimum parcel size
AR (Agricultural Ranchlands District) -> 40-acre minimum parcel size

Specifically Santa Clara County Ordinance Code Zoning Ordinance, Chapter
2.40, Section 2.40.110 (HS - Hillside District): "The minimum parcel size
in the HS district shall be forty (40) acres" and Section 2.40.120 (AR Agricultural Ranchlands District) also requires 40 acres minimum.

Since most people out here have far more than 40 acres, they apparently get
a tax break if they can justify agricultural use, but I don't bother. í° <https://morganhilltimes.com/after-public-outcry-santa-clara-county-supervisors-order-revisions-to-rural-zoning-proposal/>

As for Alan Baker, he disputes everything he can't comprehend.
Which is everything.

It's not worth responding to him since his IQ is at the retarded level.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-03 17:44, Marian wrote:

Paul wrote:

...I have huge doubts about Arlen stating the whole truth about anything. >>

That makes sense for agricultural land. 40 is a quarter of a 160 property. >> And hobby farms here are 40. The zoning likely prevents chopping a title
into smaller chunks. You can't turn Ag land into subdivisions, without
the right zoning. And a higher level of government draws lines around
productive farmland and prevents that sort of thing. If they didn't do
that, all the farms would be sad looking subdivisions.

For hobby farming, you have to be careful to not lose your tax status.
The easiest way to "meet the farming requirement", is to rent out 30 acres >> for hay production, a neighbour comes in and harvests hay several times
per year. And that income is then taxed (somehow) at a farm rate. If
you just sit on the land, some tax becomes hella expensive. That's
what I've overheard from people doing this. There is an incentive to
"make it look like it's a farm". That's how the scheme works here.

A few people, will run their property like an actual farm.

Even inheritance of the property is a huge liability.

Paul

Hi Paul,

802.11 reality:

Nobody reads anything Alan Baker ever says because his IQ is actually at
the retard level (roughly no better than about 40 IQ).

He denies everything he can't comprehend - which - is everything.

One look at the Hillside (HS) zoning in unincorporated Santa Clara County would show the idiot that 40-acre zoning is the norm for Hillsides.
<https://plandev.santaclaracounty.gov/codes-and-policies/zoning-ordinance>
HS (Hillside District) = 40-acre minimum parcel size
AR (Agricultural Ranchlands District) -> 40-acre minimum parcel size

Did you catch the subtle shift there?

From, "Where I live we have 40-acre zoning, so EVERY property has to be
a minimum of 40 acres"

To, "40-acre zoning is the norm for Hillsides"

"the norm" implies that there are exceptions, where "every property" explicitly means there aren't.

From looking at the "Zoning Atlas" linked at the "Zoning Ordinance"
page Arlen linked above, we can see that he omits that "HS" and "AR" are
just two (2) zoning districts...

...out of a total 33 different districts.

And if you look at that map...

<https://stgenpln.blob.core.windows.net/document/zoning_atlas.pdf>

...you'll see that the vast majority of the area of Santa Clara County
is not zoned HS, or AR.

So, just as I suspect, Arlen wasn't telling the whole story.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On Dec 3, 2025 at 10:41:50 PM EST, "Alan" <nuh-uh@nope.com> wrote:

On 2025-12-03 17:44, Marian wrote:

Paul wrote:

...I have huge doubts about Arlen stating the whole truth about anything. >>>

That makes sense for agricultural land. 40 is a quarter of a 160 property. >>> And hobby farms here are 40. The zoning likely prevents chopping a title >>> into smaller chunks. You can't turn Ag land into subdivisions, without
the right zoning. And a higher level of government draws lines around
productive farmland and prevents that sort of thing. If they didn't do
that, all the farms would be sad looking subdivisions.

For hobby farming, you have to be careful to not lose your tax status.
The easiest way to "meet the farming requirement", is to rent out 30 acres >>> for hay production, a neighbour comes in and harvests hay several times
per year. And that income is then taxed (somehow) at a farm rate. If
you just sit on the land, some tax becomes hella expensive. That's
what I've overheard from people doing this. There is an incentive to
"make it look like it's a farm". That's how the scheme works here.

A few people, will run their property like an actual farm.

Even inheritance of the property is a huge liability.

Paul

Hi Paul,

802.11 reality:

Nobody reads anything Alan Baker ever says because his IQ is actually at
the retard level (roughly no better than about 40 IQ).

He denies everything he can't comprehend - which - is everything.

One look at the Hillside (HS) zoning in unincorporated Santa Clara County
would show the idiot that 40-acre zoning is the norm for Hillsides.
<https://plandev.santaclaracounty.gov/codes-and-policies/zoning-ordinance> >> HS (Hillside District) = 40-acre minimum parcel size
AR (Agricultural Ranchlands District) -> 40-acre minimum parcel size

Did you catch the subtle shift there?

From, "Where I live we have 40-acre zoning, so EVERY property has to be
a minimum of 40 acres"

To, "40-acre zoning is the norm for Hillsides"

"the norm" implies that there are exceptions, where "every property" explicitly means there aren't.

From looking at the "Zoning Atlas" linked at the "Zoning Ordinance"
page Arlen linked above, we can see that he omits that "HS" and "AR" are
just two (2) zoning districts...

...out of a total 33 different districts.

And if you look at that map...

<https://stgenpln.blob.core.windows.net/document/zoning_atlas.pdf>

...you'll see that the vast majority of the area of Santa Clara County
is not zoned HS, or AR.

So, just as I suspect, Arlen wasn't telling the whole story.

Wait. So Arlen was lying? Again?

AND the link he provides does not support his claim?

SHOCKING.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/4 0:43:14, Marian wrote:

[]

What I love about Usenet is we all work together as a team, where each individual brings a completely different perspective to each discussion.

This "minimum size" thing is certainly a different perspective! I don't
_think_ anywhere in the UK has a minimum property size rule. (I vaguely remember - some decades ago - some people wanting to hinder development
in some area sold off a field in square-yard patches, ideally to people
abroad, thus making it difficult for any potential developer to even
_contact_ all the owners, and something might have been done to prevent
_that_, but we're talking many orders of magnitude different here!)

[]

The point is that we have such large parcels that we use Wi-Fi to reach hundreds of feet, which is easy for us since our radios go for miles.

Whereas here the matter is more likely _preventing_ access by others,
either accidentally or deliberately!

In the UK, we limit building on agricultural land by what is generally
referred to as planning permission, planning regulations, etc.; to a
first approximation you need planning permission for any building work, anywhere (and in extremis if you build without it, you can be forced to
take it down again, and probably fined too). There are exceptions and variations: you are allowed a certain amount of extension to existing buildings, and farmers need _less_ bureaucracy to erect agricultural
buildings (e. g. barns) than dwelling-houses. In certain areas even the
_type_ (style) of things is controlled, to preserve the character of the
area; this may (and is!) sometimes seen as draconian, but the converse
argument is that it is the character of the area that attracted you to
it in the first place, and if you wanted to build a lot of concrete or
tin boxes, you should have bought land somewhere else. But I'm getting
off topic even from our off topic: basically, agricultural land is
protected from being built on, basically on the basis that we need to
preserve what ag. land we've got, at least where it's _good_ ag. land.
(Also AONBs - areas of outstanding natural beauty - and national parks -
even if not actually _good_ ag. land.)
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

Cricket was the most English invention imaginable. As if a prep school
teacher had tried to demonstrate eternity.
- Douglas Adams arr. James Goss, 'Doctor Who and the Krikkitmen', 2018
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-04 12:20, J. P. Gilliver wrote:

On 2025/12/4 0:43:14, Marian wrote:

[]

What I love about Usenet is we all work together as a team, where each
individual brings a completely different perspective to each discussion.

This "minimum size" thing is certainly a different perspective! I don't _think_ anywhere in the UK has a minimum property size rule. (I vaguely remember - some decades ago - some people wanting to hinder development
in some area sold off a field in square-yard patches, ideally to people abroad, thus making it difficult for any potential developer to even _contact_ all the owners, and something might have been done to prevent _that_, but we're talking many orders of magnitude different here!)

Selling a field in square-yard patches? Really? Wow. The cost of the
paperwork would be more than the land!

Do you remember where this was? It is an idea, when the people want an
area not to be developed.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/4 11:48:22, Carlos E.R. wrote:

On 2025-12-04 12:20, J. P. Gilliver wrote:

On 2025/12/4 0:43:14, Marian wrote:

[]

What I love about Usenet is we all work together as a team, where each
individual brings a completely different perspective to each discussion.

This "minimum size" thing is certainly a different perspective! I don't
_think_ anywhere in the UK has a minimum property size rule. (I vaguely
remember - some decades ago - some people wanting to hinder development
in some area sold off a field in square-yard patches, ideally to people
abroad, thus making it difficult for any potential developer to even
_contact_ all the owners, and something might have been done to prevent
_that_, but we're talking many orders of magnitude different here!)

Selling a field in square-yard patches? Really? Wow. The cost of the paperwork would be more than the land!

Do you remember where this was? It is an idea, when the people want an > area not to be developed.

Sorry, no - as I said, it was decades ago. I think some of the sales
were to Americans who liked the idea of owning a bit of the old country.
And those buying - whether Americans for that reason, or those who
agreed with the opposition to development - were willing to pay over the
odds, i. e. more than the land was _practically_ worth. I _think_
something was done to get over the requirement to contact all owners
(e. g. when "compulsory purchase" was involved), but I don't remember
any details, or even where it was (other than I'm pretty sure it was in Britain, probably England).


(Gonna be hard to google, too: I just tried, but all I found were the
opposite - discussion of people buying "micro-plots" as investment
[unlikely to work as you'd need all owners to agree if development _did_ happen], plus mention of "ransom strips" [bought in order to deny access
unless bought back at excessive price].)
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

From Newsgroup: comp.mobile.android

Tyrone wrote:

AND the link he provides does not support his claim?

Why is it that the Apple trolls don't understand anything about anything?
They dispute zoning laws, for example, which are known public records.

Having gone to the best schools in the country and having worked for
decades in Silicon Valley for startups, I've never met people that stupid.

How could Apple trolls pass a single college-level exam being that stupid?
Alan Baker
Alan Browne
Chris (may actually own rudimentary critical-thinking skills)
Haemactylus
-hh (also shows he owns at least rudimentary cognitive skills)
Jeorg Lorenz
JF Mezei
Jolly Roger
Lewis
nospam
Tom Elam
Tyrone
Your Name
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

J. P. Gilliver wrote:

What I love about Usenet is we all work together as a team, where each
individual brings a completely different perspective to each discussion.

This "minimum size" thing is certainly a different perspective! I don't _think_ anywhere in the UK has a minimum property size rule. (I vaguely remember - some decades ago - some people wanting to hinder development
in some area sold off a field in square-yard patches, ideally to people abroad, thus making it difficult for any potential developer to even _contact_ all the owners, and something might have been done to prevent _that_, but we're talking many orders of magnitude different here!)

I love that people around the world, from the US to the UK and the EU and
even to New Zealand in this thread have contributed their experiences.

The router culture, for example, appears to be more hands-on in the USA
than, for example, in the case of the UK and mainland Europe for "modems".

The point is that we have such large parcels that we use Wi-Fi to reach
hundreds of feet, which is easy for us since our radios go for miles.

Whereas here the matter is more likely _preventing_ access by others,
either accidentally or deliberately!

I wish there was more we could do to "prevent" abuse of our radio transmissions, where making the SSID hidden should help a bit since it
prevents purely passive connections like the one Micky (elsewhere) had.

When the broadcast beacon has a hidden SSID, unless a client is
simultaneously probing/authenticating at that very moment a vehicle drives
by, it's impossible for the random iOS/Android device to obtain the SSID.

They can get the BSSID, but it's my understanding that they legally have an issue uploading that BSSID, so it's my understanding they don't upload it.

Of course, even when not hidden, and hence it's already uploaded, appending "_nomap" to the SSID is your legal declaration that you do not wish the well-behaved public databases from making it available to the world.

In the UK, we limit building on agricultural land by what is generally referred to as planning permission, planning regulations, etc.; to a
first approximation you need planning permission for any building work, anywhere (and in extremis if you build without it, you can be forced to
take it down again, and probably fined too). There are exceptions and variations: you are allowed a certain amount of extension to existing buildings, and farmers need _less_ bureaucracy to erect agricultural buildings (e. g. barns) than dwelling-houses.

We have plenty of rules like that also, where we can't pollute streams, for example, of which there are many in our Santa Cruz mountains. And living on
the fault line, we have plenty of earthquake codes to meet. And retaining
wall codes, since we have fragile Franciscan melange chert sediments.

In certain areas even the
_type_ (style) of things is controlled, to preserve the character of the area; this may (and is!) sometimes seen as draconian, but the converse argument is that it is the character of the area that attracted you to
it in the first place, and if you wanted to build a lot of concrete or
tin boxes, you should have bought land somewhere else.

That reminds me. We have "albido" codes! Yup. Albido. If a house is on the mountain, it can't be "too visible" from the valley. The albido is a paint requirement that every home must meet so that it doesn't reflect too much.

But I'm getting
off topic even from our off topic: basically, agricultural land is
protected from being built on, basically on the basis that we need to preserve what ag. land we've got, at least where it's _good_ ag. land.
(Also AONBs - areas of outstanding natural beauty - and national parks -
even if not actually _good_ ag. land.)

I understand agricultural land being protected, & vice versa since
fertilizer runoff could be dangerous if homes are built in the drainage.

Here's the local Silicon Valley zoning which contains what we have.
<https://stgenpln.blob.core.windows.net/document/ZonOrd.pdf>

Page 61 begins "HS" (hillside) zoning, which all the mountains are, where,
in some areas, apparently, the lot size can be as small as 20 acres (8 hectares) when subdivisions occur. But where I am, they don't want any more people so there will never be more homes than there are currently here.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-04 08:08, Marian wrote:

J. P. Gilliver wrote:

In certain areas even the
_type_ (style) of things is controlled, to preserve the character of the
area; this may (and is!) sometimes seen as draconian, but the converse
argument is that it is the character of the area that attracted you to
it in the first place, and if you wanted to build a lot of concrete or
tin boxes, you should have bought land somewhere else.

That reminds me. We have "albido" codes! Yup. Albido. If a house is on the mountain, it can't be "too visible" from the valley. The albido is a paint requirement that every home must meet so that it doesn't reflect too much.

The word is "albEdo" with an "e":

Another example of your supposed education at work...

But I'm getting
off topic even from our off topic: basically, agricultural land is
protected from being built on, basically on the basis that we need to
preserve what ag. land we've got, at least where it's _good_ ag. land.
(Also AONBs - areas of outstanding natural beauty - and national parks -
even if not actually _good_ ag. land.)

I understand agricultural land being protected, & vice versa since
fertilizer runoff could be dangerous if homes are built in the drainage.

Here's the local Silicon Valley zoning which contains what we have.
<https://stgenpln.blob.core.windows.net/document/ZonOrd.pdf>

I love the way you feel this need to mention "Silicon Valley" every time.

Page 61 begins "HS" (hillside) zoning, which all the mountains are, where,
in some areas, apparently, the lot size can be as small as 20 acres (8 hectares) when subdivisions occur. But where I am, they don't want any more people so there will never be more homes than there are currently here.

"Here" is completely redundant in that last sentence.

"But where I am, they don't want any more people[sic] so there will
never be more homes than there are currently here."

Means precisely the same thing as:

"But where I am, they don't want any more people[sic] so there will
never be more homes than there are currently."


But far more germane:

Page 61 does not "begin[] HS".

It begins with the remaining text regarding "AR Districts" from the
previous page.

Specifically, the text that reads "Lot Size Reduction. A subdivision may include a lot or lots as small as 20 acres" is Section C of "2.020.060,
AR Districts: Specific Subdivision and Road Provisions".

After you get to "2.020.070 HS Districts: Supplemental Development
Standards", one of the very first things it says is:

"A. Setbacks–Substandard Named Subdivisions. Setbacks may be reduced on
lots less than one acre..."

Ergo, HS zoning MUST allow lots of far less than the 40 acres you first claimed applied to "every property".


I'm wondering where you got the degrees you claim to have that you
cannot follow such a simple flow of text?

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-03 16:43, Marian wrote:

Andy Burns wrote:

J. P. Gilliver wrote:

Marian wrote:

Where I live we have 40-acre zoning, so every property has to be a minimum >>>> of 40 acres

So hugely different outlooks! I've never heard (though I'm sure you're
right) of a _minimum_ property size before.

I had heard of the phrase <https://en.wiktionary.org/wiki/back_forty>

What I love about Usenet is we all work together as a team, where each individual brings a completely different perspective to each discussion.

I didn't know about the "back forty" etymology, so I guess across the pond
it would be called the "back fifteen" (given 40 acres is 15 hectares). :)

Why 40 acres?

They don't want anyone living in the mountains out here, so they make unrealistic zoning so that you can only put one house every 40 acres.
<https://plandev.santaclaracounty.gov/codes-and-policies/zoning-ordinance>
HS (Hillside District) = 40-acre minimum parcel size
AR (Agricultural Ranchlands District) -> 40-acre minimum parcel size

Both are codified in Chapter 2.40 of the County Ordinance Code at Section 2.40.110 (HS District). The verbatim wording of Section 2.40.110 (HS – Hillside District) in the Santa Clara County Zoning Ordinance explicitly establishes the 40‑acre minimum parcel size.

Section 2.40.110 - HS Hillside District "The HS (Hillside) district is intended to preserve the natural character of the hillsides and to limit development to large parcels. The minimum parcel size in the HS district shall be forty (40) acres.

So if you have 79 acres, you can only put a single house on that land.

I have that document downloaded to my Mac right now.

Article 2, Section 2.40 deals with (and this is right on the first page):

"Commercial and Industrial Base Districts (CN, CG, OA, ML, MH)"

Article 2, Section 2.20 deals with:

"Rural Base Districts (A, AR, HS, RR)"

So you're either reading off an older version of the document you'd
previously acquired...

...or the supposed degree man cannot read!

Furthermore, there is not "Section 2.40.110", nor does 2.20.110 (section
2.20 having already been established as the section regarding the HS
zoning district)...

...and the words "natural character" appear NOWHERE in the entire
document, regardless of section.=

Oops.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

Why 40 acres?

It's a quarter of a quarter of a square mile.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-04 11:20:38 +0000, J. P. Gilliver said:

On 2025/12/4 0:43:14, Marian wrote:

[]

What I love about Usenet is we all work together as a team, where each
individual brings a completely different perspective to each discussion.

This "minimum size" thing is certainly a different perspective! I don't _think_ anywhere in the UK has a minimum property size rule. (I vaguely remember - some decades ago - some people wanting to hinder development
in some area sold off a field in square-yard patches, ideally to people abroad, thus making it difficult for any potential developer to even _contact_ all the owners, and something might have been done to prevent _that_, but we're talking many orders of magnitude different here!)

[]

There are minimum land sizes for residential development in New
Zealand. The actual figure depends on which regional city council it is
as well as what the area is designated as (high density housing, low
density housing, 'life-style block', etc.).

I can't find any similar rules in the UK, but there is a minimum house
size rule (depending on how many bedrooms, e.g. 37sqm for one bedroom
house), and there is a quasi-rule as to how much land is required for a
house (roughly 1.5 to 2 times the size of the house).

The point is that we have such large parcels that we use Wi-Fi to reach
hundreds of feet, which is easy for us since our radios go for miles.

Whereas here the matter is more likely _preventing_ access by others,
either accidentally or deliberately!

In the UK, we limit building on agricultural land by what is generally referred to as planning permission, planning regulations, etc.; to a
first approximation you need planning permission for any building work, anywhere (and in extremis if you build without it, you can be forced to
take it down again, and probably fined too). There are exceptions and variations: you are allowed a certain amount of extension to existing buildings, and farmers need _less_ bureaucracy to erect agricultural buildings (e. g. barns) than dwelling-houses. In certain areas even the _type_ (style) of things is controlled, to preserve the character of the area; this may (and is!) sometimes seen as draconian, but the converse argument is that it is the character of the area that attracted you to
it in the first place, and if you wanted to build a lot of concrete or
tin boxes, you should have bought land somewhere else. But I'm getting
off topic even from our off topic: basically, agricultural land is
protected from being built on, basically on the basis that we need to preserve what ag. land we've got, at least where it's _good_ ag. land.
(Also AONBs - areas of outstanding natural beauty - and national parks -
even if not actually _good_ ag. land.)

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On Dec 4, 2025 at 2:16:14 PM EST, "Alan" <nuh-uh@nope.com> wrote:

On 2025-12-04 08:08, Marian wrote:

J. P. Gilliver wrote:

In certain areas even the
_type_ (style) of things is controlled, to preserve the character of the >>> area; this may (and is!) sometimes seen as draconian, but the converse
argument is that it is the character of the area that attracted you to
it in the first place, and if you wanted to build a lot of concrete or
tin boxes, you should have bought land somewhere else.

That reminds me. We have "albido" codes! Yup. Albido. If a house is on the >> mountain, it can't be "too visible" from the valley. The albido is a paint >> requirement that every home must meet so that it doesn't reflect too much.

The word is "albEdo" with an "e":

Another example of your supposed education at work...

But I'm getting
off topic even from our off topic: basically, agricultural land is
protected from being built on, basically on the basis that we need to
preserve what ag. land we've got, at least where it's _good_ ag. land.
(Also AONBs - areas of outstanding natural beauty - and national parks - >>> even if not actually _good_ ag. land.)

I understand agricultural land being protected, & vice versa since
fertilizer runoff could be dangerous if homes are built in the drainage.

Here's the local Silicon Valley zoning which contains what we have.
<https://stgenpln.blob.core.windows.net/document/ZonOrd.pdf>

I love the way you feel this need to mention "Silicon Valley" every time.

Page 61 begins "HS" (hillside) zoning, which all the mountains are, where, >> in some areas, apparently, the lot size can be as small as 20 acres (8
hectares) when subdivisions occur. But where I am, they don't want any more >> people so there will never be more homes than there are currently here.

"Here" is completely redundant in that last sentence.

"But where I am, they don't want any more people[sic] so there will
never be more homes than there are currently here."

Means precisely the same thing as:

"But where I am, they don't want any more people[sic] so there will
never be more homes than there are currently."

But far more germane:

Page 61 does not "begin[] HS".

It begins with the remaining text regarding "AR Districts" from the
previous page.

Specifically, the text that reads "Lot Size Reduction. A subdivision may include a lot or lots as small as 20 acres" is Section C of "2.020.060,
AR Districts: Specific Subdivision and Road Provisions".

After you get to "2.020.070 HS Districts: Supplemental Development Standards", one of the very first things it says is:

"A. Setbacks–Substandard Named Subdivisions. Setbacks may be reduced on lots less than one acre..."

Ergo, HS zoning MUST allow lots of far less than the 40 acres you first claimed applied to "every property".

Haven't you learned yet? We are not supposed to actually read the links that Arlen provides. We are supposed to just accept that the link says what Arlen claims it says.

I'm wondering where you got the degrees you claim to have that you
cannot follow such a simple flow of text?

I'm guessing from online "colleges". Or a local junior college.

Maybe Arlen can provide a link that he will claim proves that he has degrees.
He will assume that no one will read it. But when we read it, it will of course say no such thing.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On Wed, 3 Dec 2025 20:25:49 +0100, "Carlos E.R."
<robin_listas@es.invalid> wrote:

Instead, the current router has a very simple admin page with password >(printed in a label underneath the router) and help pages, and an
advanced setup that asks "are you sure"? but has the same password and
no help pages. And a complex setup.

Wifi (ssid/pass), typeof security, and channel
WiFi+
WiFi for guests (ssid/pass, type of security

Ports to open to what local machine

LAN map
LAN config (gateway, mask, dhcp on/off, range, dns1 dns2)

Config is multiple (with NAT) or single post (transparent router)

IPv6 (dhcp mode, ports, filter)

router password

Firmware updates

Other (write/read profile, factory reset, wifi factory reset, firewall >disable, universal UPnP enable/disable.

Help

Advnced.

I don't see anything complex there, but we don't all have the same
background.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

Hence, an active scanner, if it "waits long enough" and if it captures authentication traffic, can capture these frames and learn the SSID but
only if a client connects, as if no client connects, a passive scanner will only know the BSSID, not the SSID of the router's access point.

It's nearly impossible to find the official iOS/Android stance on whether
the BSSID of a hidden access point is "collected" or "uploaded" to
Apple/Google servers, but we can look at when the SSID is sent in the
clear.

1. For an average dumbshit user, he has his router set to defaults,
so the SSID is sent in cleartext in the beacon frames from the AP.
This happens "periodically" (perhaps every 100ms or so).
However, if the SSID is hidden, the beacon SSID field is blank.

2. If a random scanner passes by, it often sends wildcard probe requests.
The access points set up by dumbshits respond with a probe response
that includes their SSID in cleartext but not if the SSID is hidden.

3. An access point set up to be hidden will never include the SSID in the
probe response, and, depending on the firmware, it will either stay
silent or it will reply with a probe response with a blank SSID field.

4. The only way an AP reveals the SSID in the clear is if the client sends
a directed probe request (with the SSID filled in) because then the AP
will respond with a probe response that includes the SSID in the clear.

If no client ever sends out a directed probe request, then the SSID will
never be found in any packet that can be sniffed by any nearby scanner.

What happens in the case of a hidden SSID with auto-reconnect turned off is
a. ONLY when you physically manually initiate a connection to a hidden SSID
b. The client sends a directed probe request containing the hidden SSID.
c. The access point repeats the hidden SSID in the directed probe response
d. The client sends an association request containing the hidden SSID
e. The AP sends an association response containing the hidden SSID
f. Encrypted authentication handshakes & encrypted traffic follow

While the BSSID remains visible in all subsequent frames, the SSID is no
longer exposed in later frames, whether or not the AP SSID is hidden.

The only time re-association could occur is if you manually disconnect from
one AP and then manually connect to another AP with the same hidden SSID.

If a random iOS/Android phone is sitting outside your house, and if your
phone manually connects during that hour to the hidden SSID access point,
the random phone outside can see the hidden SSID in cleartext. It will
appear in the probe request, probe response, association request, and association response frames. After the connection is established, the SSID disappears from later traffic, but by then the random phone has already captured it.

But wait, there's more.

Wi-Fi frames are only visible to a sniffer if it is tuned to the same RF channel as the AP at the moment those frames are exchanged. And that
exchange typically takes only about a second to complete. So the window in which the hidden SSID is in the clear is extremely short, especially for
the 5GHz range since there are more channels the sniffer has to scan.

The probability of capture depends on channel scanning behavior where a
random phone scanning all channels may miss it, but a dedicated sniffer
locked to the AP's channel will always catch it instantly.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-04 14:20, Tyrone wrote:

On Dec 4, 2025 at 2:16:14 PM EST, "Alan" <nuh-uh@nope.com> wrote:

On 2025-12-04 08:08, Marian wrote:

J. P. Gilliver wrote:

In certain areas even the
_type_ (style) of things is controlled, to preserve the character of the >>>> area; this may (and is!) sometimes seen as draconian, but the converse >>>> argument is that it is the character of the area that attracted you to >>>> it in the first place, and if you wanted to build a lot of concrete or >>>> tin boxes, you should have bought land somewhere else.

That reminds me. We have "albido" codes! Yup. Albido. If a house is on the >>> mountain, it can't be "too visible" from the valley. The albido is a paint >>> requirement that every home must meet so that it doesn't reflect too much. >>

The word is "albEdo" with an "e":

Another example of your supposed education at work...

But I'm getting
off topic even from our off topic: basically, agricultural land is
protected from being built on, basically on the basis that we need to
preserve what ag. land we've got, at least where it's _good_ ag. land. >>>> (Also AONBs - areas of outstanding natural beauty - and national parks - >>>> even if not actually _good_ ag. land.)

I understand agricultural land being protected, & vice versa since
fertilizer runoff could be dangerous if homes are built in the drainage. >>>
Here's the local Silicon Valley zoning which contains what we have.
<https://stgenpln.blob.core.windows.net/document/ZonOrd.pdf>

I love the way you feel this need to mention "Silicon Valley" every time.

Page 61 begins "HS" (hillside) zoning, which all the mountains are, where, >>> in some areas, apparently, the lot size can be as small as 20 acres (8
hectares) when subdivisions occur. But where I am, they don't want any more >>> people so there will never be more homes than there are currently here.

"Here" is completely redundant in that last sentence.

"But where I am, they don't want any more people[sic] so there will
never be more homes than there are currently here."

Means precisely the same thing as:

"But where I am, they don't want any more people[sic] so there will
never be more homes than there are currently."


But far more germane:

Page 61 does not "begin[] HS".

It begins with the remaining text regarding "AR Districts" from the
previous page.

Specifically, the text that reads "Lot Size Reduction. A subdivision may
include a lot or lots as small as 20 acres" is Section C of "2.020.060,
AR Districts: Specific Subdivision and Road Provisions".

After you get to "2.020.070 HS Districts: Supplemental Development
Standards", one of the very first things it says is:

"A. Setbacks–Substandard Named Subdivisions. Setbacks may be reduced on
lots less than one acre..."

Ergo, HS zoning MUST allow lots of far less than the 40 acres you first
claimed applied to "every property".

Haven't you learned yet? We are not supposed to actually read the links that Arlen provides. We are supposed to just accept that the link says what Arlen claims it says.

I'm wondering where you got the degrees you claim to have that you
cannot follow such a simple flow of text?

I'm guessing from online "colleges". Or a local junior college.

Maybe Arlen can provide a link that he will claim proves that he has degrees.
He will assume that no one will read it. But when we read it, it will of course say no such thing.

Isn't interesting that Arlen replied to another post which was a reply
to one of mine...

...but not the one with the actual substance rebutting his bullshit.

No wait!

Not "interesting" at all.

Rather "utterly predictable"!
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

If no client ever sends out a directed probe request, then the SSID will never be found in any packet that can be sniffed by any nearby scanner.

Now we need to look at what frames the random iOS/Android phone scans.

We need to keep in mind that collecting client frames and subsequent
Client/AP association traffic would expose user behavior (when/where
someone connects) which would be a privacy violation.

On each channel that the AP is set to be on...
a. beacon frame (AP sends out every 100ms, does not contain a hidden SSID)
b. wildcard probe request (client request will not contain the hidden SSID)
b. directed probe request (client request will contain the hidden SSID)
c. wildcard probe response (AP response will not contain the hidden SSID)
c. directed probe response (AP response will contain the hidden SSID)
d. association request (client request will contain the hidden SSID)
e. association response (AP response will contain the hidden SSID)

We have to assume, logically (if not legally) that Apple/Google rely on
a. beacon frame (AP sends out every 100ms, does not contain a hidden SSID)
c. wildcard probe response (AP response will not contain the hidden SSID)
c. directed probe response (AP response will contain the hidden SSID)
Because, we may assume, collecting client frames and access-point
association frames would likely raise huge privacy/security concerns.

So there are only three ways for a random phone to learn your SSID:
1. The random phone can passively listen to AP beacon frames
2. The random phone can passively listen to AP probe responses
3. The random phone can itself actively send a wildcard probe request
(to which the AP will respond but without the hidden SSID included)
The random phone can hear client activity and association activity, but we
must assume Google/Apple do not collect them for legal/privacy reasons.

In summary, what Apple/Google WPS most likely rely on are
a. AP beacons (AP broadcast every 100ms or so but the SSID is hidden)
c. AP probe responses (wildcard or directed)
Where the hidden SSID is only contained in directed AP probe responses once
per connection.

Given that reality check, if your phone is set to not automatically
reconnect, and if your access point is set to hidden, the "window" that a random iOS/Android phone has to sniff out your SSID is vanishingly small.

The only time your SSID is in any of the access point packets is at the
time of the initial connection, which could have happened a month ago.

So the question that needs to be answered given that even if the SSID is hidden, the BSSID + channel + RSSI + GPS + timestamp are still available in
the access point beacons and probe responses, what is Google/Apple policy
for how they have set, by default, the random iOS/Android phone to do?

Do they follow Mozilla precedent to NOT "collect" BSSIDs of hidden APs?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

No you don't. You said you could track me "if you were a bad guy". I gave
you permission and you could do nothing. Your paranoia is baseless.

https://github.com/darkosancanin/apple_bssid_locator

Let's say someone walks into the store to buy a router, and I watch them, knowing the router BSSID is printed on the box (so I write it down).

Until they retire that router, I can find where they installed that router,
and it will be most likely where they live.

darkosancanin/apple_bssid_locator (GitHub)

Python tool to look up AP
locations from Apple¢s WPS.

Queries by BSSID and returns
coordinates.

Shows how App'e¢s API can return results without SSID values.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-05 06:06, Char Jackson wrote:

On Wed, 3 Dec 2025 20:25:49 +0100, "Carlos E.R."
<robin_listas@es.invalid> wrote:

Instead, the current router has a very simple admin page with password
(printed in a label underneath the router) and help pages, and an
advanced setup that asks "are you sure"? but has the same password and
no help pages. And a complex setup.


Wifi (ssid/pass), typeof security, and channel
WiFi+
WiFi for guests (ssid/pass, type of security

Ports to open to what local machine

LAN map
LAN config (gateway, mask, dhcp on/off, range, dns1 dns2)

Config is multiple (with NAT) or single post (transparent router)

IPv6 (dhcp mode, ports, filter)

router password

Firmware updates

Other (write/read profile, factory reset, wifi factory reset, firewall
disable, universal UPnP enable/disable.

Help

Advnced.

I don't see anything complex there, but we don't all have the same background.

Because that is the simple setup mode. You don't see there the virtual networks (VLANS) it has, for instance.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-05 02:05, Marian wrote:

Chris wrote:

No you don't. You said you could track me "if you were a bad guy". I gave
you permission and you could do nothing. Your paranoia is baseless.

https://github.com/darkosancanin/apple_bssid_locator

Let's say someone walks into the store to buy a router, and I watch them, knowing the router BSSID is printed on the box (so I write it down).

From a label where the MAC address is typically written in tiny type...
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-05, Alan <nuh-uh@nope.com> wrote:

On 2025-12-05 02:05, Marian wrote:

Chris wrote:

No you don't. You said you could track me "if you were a bad guy". I gave >>> you permission and you could do nothing. Your paranoia is baseless.

https://github.com/darkosancanin/apple_bssid_locator

Let's say someone walks into the store to buy a router, and I watch them,
knowing the router BSSID is printed on the box (so I write it down).

From a label where the MAC address is typically written in tiny type...

I just ran this script with the BSSID of my WiFi access point, and it
couldn't locate it:

Searching for location of bssid: [redacted]
The bssid was not found.

Another nothing burger from little Arlen. YAWN...
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/5 17:37:43, Jolly Roger wrote:

E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

I'm guessing that was composed when Google Groups was still operating?
If it was, maybe you might want to amend it ...
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

You need 10 wise men to get back a rock thrown in a lake by an idiot
- Romanian proverb (tweeted by Ovidiu S @plount_os 2023-2-6)
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

No you don't. You said you could track me "if you were a bad guy". I gave
you permission and you could do nothing. Your paranoia is baseless.

https://github.com/darkosancanin/apple_bssid_locator

Let's say someone walks into the store to buy a router, and I watch them, knowing the router BSSID is printed on the box (so I write it down).

Until they retire that router, I can find where they installed that router, and it will be most likely where they live.

So you can only track me if you physically sell me the router in a shop and write down the MAC address?

I think I'll cope with that very serious potential privacy risk.
Fortunately it's not the 1990s anymore.

It still just boils down to knowing my home address. Which is already
public knowledge.

darkosancanin/apple_bssid_locator (GitHub)

Python tool to look up AP
locations from Apple’s WPS.

Queries by BSSID and returns
coordinates.

Shows how App'e’s API can return results without SSID values.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-05, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 17:37:43, Jolly Roger wrote:

E-mail sent to this address may be devoured by my ravenous SPAM
filter. I often ignore posts from Google. Use a real news client
instead.

I'm guessing that was composed when Google Groups was still operating?
If it was, maybe you might want to amend it ...

The last person who bitched about this signature is a resident troll, so
it stays.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-05, Chris <ithinkiam@gmail.com> wrote:

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

No you don't. You said you could track me "if you were a bad guy". I gave >>> you permission and you could do nothing. Your paranoia is baseless.

https://github.com/darkosancanin/apple_bssid_locator

Let's say someone walks into the store to buy a router, and I watch them,
knowing the router BSSID is printed on the box (so I write it down).

Until they retire that router, I can find where they installed that router, >> and it will be most likely where they live.

So you can only track me if you physically sell me the router in a shop and write down the MAC address?

Even then it's not guaranteed to work. I just ran the script and plugged
my BSSID in and got nothing. 😉
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/5 19:56:5, Jolly Roger wrote:

On 2025-12-05, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 17:37:43, Jolly Roger wrote:

E-mail sent to this address may be devoured by my ravenous SPAM
filter. I often ignore posts from Google. Use a real news client
instead.

I'm guessing that was composed when Google Groups was still operating?>> If it was, maybe you might want to amend it ...

The last person who bitched about this signature is a resident troll, so
it stays.

I wasn't bitching - just suggesting you might not want to appear
out-of-date (how long is it now since Google Groups posts ceased
appearing?); it doesn't _bother_ me.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

From Newsgroup: comp.mobile.android

Jolly Roger wrote:

From a label where the MAC address is typically written in tiny type...

I just ran this script with the BSSID of my WiFi access point, and it couldn't locate it:

Searching for location of bssid: [redacted]
The bssid was not found.

Which "script" did you run?
On what platform?

I ran the python script using Windows 10 but I had to add the protobuf
5.29.4 archive to get it to work. Did you run it on the macOS and which
version of Python did you run if you ran that Python Github script?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

It still just boils down to knowing my home address. Which is already
public knowledge.

Hi Chris,

You're smarter than that.

I get it that all the Apple trolls are desperate to minimize the privacy implications of what has widely been reported as a privacy nightmare.

You Apple trolls always defend everything Apple to the death.
No matter what.

So it's natural that you and Jolly Roger claim that Apple's invasion of our privacy is, in the words of Jolly Roger "a nothing burger".

But you need to realize privacy professionals out there disagree with you.
*Why Your Wi-Fi Router Doubles as an Apple AirTag*
<https://krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag/>

For you Apple trolls to claim the security professionals are wrong is your
own way of defending everything Apple does, to the death, no matter what.
*Surveilling the Masses with Wi-Fi-Based Positioning Systems*
<https://par.nsf.gov/servlets/purl/10540853>

Luckily, of all the Apple trolls, you're one who sometimes can exercise critical thinking processes, so allow me to give you a local example.

Since WaveDigger has a special query mode where you can enter a single SSID
or BSSID, and instead of just returning that access point's location, it
also pulls in the surrounding access points that Apple's Wi-Fi Positioning System has observed in the same area.... just... try this...

Windows:
1. Press Win+R
2. Type: cmd
3. In the command prompt, type:
netsh wlan show networks mode=bssid
4. Look for your SSID name
5. Under it, find "BSSID" lines
6. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

Linux:
1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

MacOS:
1. Open a terminal
2. Type: airport -s
3. Find your SSID in the list
4. Copy the BSSID shown (format: AA:BB:CC:DD:EE:FF)

Once you have the BSSID, you can paste it into WaveDigger lookup tool.
1. Open the WaveDigger site:
https://wavedigger.networksurvey.app/?tab=bssid
2. In the "BSSID" field, type your MAC address:
11:22:33:AA:BB:CC
3. Click the "Lookup" or "Search" button.
4. The map will show the location of that access point.
If you enable "include surrounding access points",
it will also list nearby BSSIDs Apple has observed.

Once you have the BSSID of all your neighbors, if one of them moves to a
new house, you can track them if they use their router at the new home.
--
Privacy takes intelligence to understand, but most people give up.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-05 16:49, Marian wrote:

Chris wrote:

It still just boils down to knowing my home address. Which is already
public knowledge.

Hi Chris,

You're smarter than that.

I get it that all the Apple trolls are desperate to minimize the privacy implications of what has widely been reported as a privacy nightmare.

You Apple trolls always defend everything Apple to the death.
No matter what.

So it's natural that you and Jolly Roger claim that Apple's invasion of our privacy is, in the words of Jolly Roger "a nothing burger".

But you need to realize privacy professionals out there disagree with you.
*Why Your Wi-Fi Router Doubles as an Apple AirTag*
<https://krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag/>

For you Apple trolls to claim the security professionals are wrong is your own way of defending everything Apple does, to the death, no matter what.
*Surveilling the Masses with Wi-Fi-Based Positioning Systems*
<https://par.nsf.gov/servlets/purl/10540853>

Luckily, of all the Apple trolls, you're one who sometimes can exercise critical thinking processes, so allow me to give you a local example.

Since WaveDigger has a special query mode where you can enter a single SSID or BSSID, and instead of just returning that access point's location, it
also pulls in the surrounding access points that Apple's Wi-Fi Positioning System has observed in the same area.... just... try this...

Windows:
1. Press Win+R
2. Type: cmd
3. In the command prompt, type:
netsh wlan show networks mode=bssid
4. Look for your SSID name
5. Under it, find "BSSID" lines
6. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

Linux:
1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

MacOS:
1. Open a terminal
2. Type: airport -s
3. Find your SSID in the list
4. Copy the BSSID shown (format: AA:BB:CC:DD:EE:FF)

Once you have the BSSID, you can paste it into WaveDigger lookup tool.
1. Open the WaveDigger site:
https://wavedigger.networksurvey.app/?tab=bssid
2. In the "BSSID" field, type your MAC address:
11:22:33:AA:BB:CC
3. Click the "Lookup" or "Search" button.
4. The map will show the location of that access point.
If you enable "include surrounding access points",
it will also list nearby BSSIDs Apple has observed.

Once you have the BSSID of all your neighbors, if one of them moves to a
new house, you can track them if they use their router at the new home.

Except you won't know WHICH of the BSSIDs that are returned belong to
your neighbours.

From WaveDigger (the site you didn't know about until I told you):

"Access points shown may be 1-2km away from your click location."

So?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On Fri, 5 Dec 2025 11:06:25 +0100, "Carlos E.R."
<robin_listas@es.invalid> wrote:

On 2025-12-05 06:06, Char Jackson wrote:

<snip>

I don't see anything complex there, but we don't all have the same
background.

Because that is the simple setup mode. You don't see there the virtual >networks (VLANS) it has, for instance.

In the early 2000s I used to think that dd-wrt router firmware was
complex, but the fog clears over time. It includes vlans, among many
other things.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 6/12/2025 11:11 am, J. P. Gilliver wrote:

On 2025/12/5 19:56:5, Jolly Roger wrote:

On 2025-12-05, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 17:37:43, Jolly Roger wrote:

E-mail sent to this address may be devoured by my ravenous SPAM
filter. I often ignore posts from Google. Use a real news client
instead.

I'm guessing that was composed when Google Groups was still operating?
If it was, maybe you might want to amend it ...

The last person who bitched about this signature is a resident troll, so
it stays.

I wasn't bitching - just suggesting you might not want to appear
out-of-date (how long is it now since Google Groups posts ceased
appearing?); it doesn't _bother_ me.

I'm guessing 10'ish months since Google cut UseNet lose!!
--
Daniel70
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-06 05:59, Char Jackson wrote:

On Fri, 5 Dec 2025 11:06:25 +0100, "Carlos E.R."
<robin_listas@es.invalid> wrote:

On 2025-12-05 06:06, Char Jackson wrote:

<snip>

I don't see anything complex there, but we don't all have the same
background.

Because that is the simple setup mode. You don't see there the virtual
networks (VLANS) it has, for instance.

In the early 2000s I used to think that dd-wrt router firmware was
complex, but the fog clears over time. It includes vlans, among many
other things.

When I say that my ISP setup of the router is complex, I mean things
like that the setup includes 3 active VLANs, and more things. If I buy
my own router, first I have to decode out the entire setup of the old
router, and then replicate it in the new router. Ie, create again those
3 VLANs, and every other thing they did, which are not documented. You
have to reverse engineer the setup of the provided router.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-06 02:18, Alan wrote:

On 2025-12-05 16:49, Marian wrote:

Chris wrote:

Since WaveDigger has a special query mode where you can enter a single
SSID
or BSSID, and instead of just returning that access point's location, it
also pulls in the surrounding access points that Apple's Wi-Fi
Positioning
System has observed in the same area.... just... try this...

Linux:

1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

iwlist scan | grep "Address:\|SSID"

...

Once you have the BSSID, you can paste it into WaveDigger lookup tool.
1. Open the WaveDigger site:
    https://wavedigger.networksurvey.app/?tab=bssid
2. In the "BSSID" field, type your MAC address:
    11:22:33:AA:BB:CC
3. Click the "Lookup" or "Search" button.
4. The map will show the location of that access point.
    If you enable "include surrounding access points",
    it will also list nearby BSSIDs Apple has observed.

Once you have the BSSID of all your neighbors, if one of them moves to a
new house, you can track them if they use their router at the new home.

Except you won't know WHICH of the BSSIDs that are returned belong to
your neighbours.

From WaveDigger (the site you didn't know about until I told you):

"Access points shown may be 1-2km away from your click location."

So?

It showed mine just 20 or 30 metres to the west. At the other side of
the street.

May be 1-2 km away... doesn't mean they all are off. Just that there is
no warranty that it is accurate.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

It still just boils down to knowing my home address. Which is already
public knowledge.

Hi Chris,

You're smarter than that.

You're not, though.

I get it that all the Apple trolls are desperate to minimize the privacy implications of what has widely been reported as a privacy nightmare.

Only you are making out that it is a privacy nightmare and it drives you to change your behaviour.

It has no negative impact on ordinary people.

We now know from your inability to come up with a way to actually track me
that what is required is knowledge of a WAP's MAC address. This is only
known by being in direct contact with the WAP (to read the sticker) or connected to it. Both of which mean you'll find out the location when you
are AT THE LOCATION.

You're a moron if you think this is a problem.

You Apple trolls always defend everything Apple to the death.
No matter what.

Incorrect. You're pushing an invalid narrative, which needs to be
addressed.

So it's natural that you and Jolly Roger claim that Apple's invasion of our privacy is, in the words of Jolly Roger "a nothing burger".

But you need to realize privacy professionals out there disagree with you.
*Why Your Wi-Fi Router Doubles as an Apple AirTag*
<https://krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag/>

That's a clickbait article. Nowhere does it explain how a domestic, mains powered router is like a battery powered device that fits on a keychain.

To many people Airtags and the like are a *good* thing. Mullins have been
sold.

The only real scenario they demonstrate as being a genuine risk is being in
a warzone like Ukraine and Gaza. Again, of no relevance to 99.999% of
people. Am pretty sure the Santa Cruz mountains aren't awarzone.

For you Apple trolls to claim the security professionals are wrong

Incorrect. No-one is saying that. We're saying you're wrong. As per usual.

is your
own way of defending everything Apple does, to the death, no matter what.
*Surveilling the Masses with Wi-Fi-Based Positioning Systems*
<https://par.nsf.gov/servlets/purl/10540853>

Luckily, of all the Apple trolls, you're one who sometimes can exercise critical thinking processes, so allow me to give you a local example.

Since WaveDigger has a special query mode where you can enter a single SSID or BSSID, and instead of just returning that access point's location, it
also pulls in the surrounding access points that Apple's Wi-Fi Positioning System has observed in the same area.... just... try this...

Windows:
1. Press Win+R
2. Type: cmd
3. In the command prompt, type:
netsh wlan show networks mode=bssid
4. Look for your SSID name
5. Under it, find "BSSID" lines
6. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

Untested.

Linux:
1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

"enp0s1 Interface doesn't support scanning"

MacOS:
1. Open a terminal
2. Type: airport -s
3. Find your SSID in the list
4. Copy the BSSID shown (format: AA:BB:CC:DD:EE:FF)

"zsh: command not found: airport"

Looks like chatgpt has let you down again. lol.

For someone who claims to test so many things on a daily basis and is a self-proclaimed expert you don't half fail an awful lot.

Amazon should ask for their money back for your "reviews". Oh wait they
can't, because you give away your time to a multi-billion dollar company
for free!! What an utter moron.

Once you have the BSSID, you can paste it into WaveDigger lookup tool.
1. Open the WaveDigger site:
https://wavedigger.networksurvey.app/?tab=bssid

Crashes Firefox in my ubuntu VM. <sigh>

2. In the "BSSID" field, type your MAC address:
11:22:33:AA:BB:CC
3. Click the "Lookup" or "Search" button.
4. The map will show the location of that access point.
If you enable "include surrounding access points",
it will also list nearby BSSIDs Apple has observed.

Once you have the BSSID of all your neighbors, if one of them moves to a
new house, you can track them if they use their router at the new home.

My neighbours are in their 70s and 80s. They aren't moving anywhere with
their routers. Given I get on with my neighbours they would *tell* me where they're going anyway with no need for any subterfuge.

Honestly, your world sounds *exhausting*.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-06 13:58, Chris wrote:

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

Linux:
1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

"enp0s1 Interface doesn't support scanning"

This Linux command is correct, except that it tries all network
interfaces, including some that work for the purpose and some that do
not. And on those it prints that informative error message.

XXX:~ # iwlist scan
lo Interface doesn't support scanning.

eth0 Interface doesn't support scanning.

wlan1 Scan completed :
Cell 01 - Address: AA:BB:CC:DD:EE:FF
Channel:116
Frequency:5.58 GHz (Channel 116)
Quality=70/70 Signal level=-28 dBm
Encryption key:on
ESSID:"Some name"
...
...
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. <robin_listas@es.invalid> wrote:

On 2025-12-06 13:58, Chris wrote:

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

Linux:
1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

"enp0s1 Interface doesn't support scanning"

This Linux command is correct, except that it tries all network
interfaces, including some that work for the purpose and some that do
not. And on those it prints that informative error message.

XXX:~ # iwlist scan
lo Interface doesn't support scanning.

eth0 Interface doesn't support scanning.

wlan1 Scan completed :
Cell 01 - Address: AA:BB:CC:DD:EE:FF
Channel:116
Frequency:5.58 GHz (Channel 116)
Quality=70/70 Signal level=-28 dBm
Encryption key:on
ESSID:"Some name"
...
...

Ah, thanks. That'll be because in the VM there isn't a wlan.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:

Except you won't know WHICH of the BSSIDs that are returned belong to
your neighbours.

From WaveDigger (the site you didn't know about until I told you):

"Access points shown may be 1-2km away from your click location."

So?

It showed mine just 20 or 30 metres to the west. At the other side of
the street.

May be 1-2 km away... doesn't mean they all are off. Just that there is
no warranty that it is accurate.

Where I live, it's so accurate as to make my heart palpitate in shock.

However, I see what Alan Baker wrote based on your inclusion of his post,
but he's dead wrong (as always), but I can't fault Alan Baker for being
dead wrong about everything as his IQ is well below anything normal.

For people like you, Chris, I can point out that when I look at the
database, given our homes are far apart, it's trivial to identify the exact neighbor with the exact BSSID.

So while you must be aware I don't advocate tracking your neighbors, one
answer to your question of how I could track YOU is if you were one of my neighbors.

If YOU were one of my neighbors, that query would show me exactly where YOU live and exactly what your BSSID is, which I could use to track you for as
long as you use that particular router.

For example, if you moved away, but if you re-used your router, then I
would know EXACTLY where you lived, if you moved to another sparse location such as mine is.

I did NOT check for access points in the middle of Los Angeles though,
where I'd suspect Alan Baker's comment is more apropos given the density of access points would be far greater than it is out here in the boonies.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

Only you are making out that it is a privacy nightmare and it drives you to change your behaviour.

<https://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf>
"In this work, we show that Apples WPS implementation
can easily be abused to create a serious privacy threat
on a global scale."

It has no negative impact on ordinary people.

I get it that you Apple trolls always defend Apple to the death, no matter what, but all I will ask of you (given the listing above) is for you to...

*Find even a single security researcher who agrees with you.*

<https://www.govinfosecurity.com/surveillance-risk-apples-wifi-based-positioning-system-a-25330>
"The attack risk stems from Apple's WiFi-based Positioning System"

We now know from your inability to come up with a way to actually track me that what is required is knowledge of a WAP's MAC address. This is only
known by being in direct contact with the WAP (to read the sticker) or connected to it. Both of which mean you'll find out the location when you
are AT THE LOCATION.

Notice that, where I live, in the mountains high above Silicon Valley, the query we discussed prior shows EXACTLY the EXACT BSSID of all my neighbors.

It's EXACT, Chris.
It's horrifyingly exact, Chris.

I almost had a heart attack when I saw how clearly I could identify each
and every one of my neighbors by their exact location and BSSID, Chris.

What's worse, since Apple's WPS database has no security control
whatsoever, anyone in the world can do easily what I just did, Chris.

All of us can be tracked. And it's not just me saying it.
Read the papers, Chris. Read them.

*Find even a single security researcher who agrees with you.*

<https://arxiv.org/abs/2405.14975>
"In this work, we show that Apple's flawed WPS can too easily be abused"

You're a moron if you think this is a problem.

It's a given you Apple trolls defend everything Apple does, to the death,
no matter what. And, all you Apple trolls attack the person carrying the
news, because you can't actually attack the news.

So you call me a "moron" only because you hate what Apple did, Chris.

Yet, all I'm asking you to do, Chris... is...
*Find even a single security researcher who agrees with you.*

<https://www.bizcommunity.com/article/apple-may-have-turned-wi-fi-routers-into-a-privacy-threat-239637a>
"Researchers from the University of Maryland have uncovered a
significant privacy vulnerability in Apple's Wi-Fi-based
Positioning System (WPS). This vulnerability enables attackers
to track devices globally by exploiting the way Apple's WPS
operates, raising serious privacy concerns."

You Apple trolls always defend everything Apple to the death.
No matter what.

Incorrect. You're pushing an invalid narrative, which needs to be
addressed.

You Apple trolls defend Apple to the death, no matter what.
And you call all security narratives "invalid" becuase you hate that
Apple did what Apple did, which you hate. So you call me a "moron".

And you call all security concerns "invalid".
And yet, you can't find a single security professional who agrees with you.

<https://www.theregister.com/2024/05/23/apple_wifi_positioning_system/>
"The threat applies even to users that do not own devices
for which the WPSes are designed - individuals who own no Apple
products, for instance, can have their AP in Apple's WPS merely
by having Apple devices come within Wi-Fi transmission range."

But you need to realize privacy professionals out there disagree with you. >> *Why Your Wi-Fi Router Doubles as an Apple AirTag*
<https://krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag/>

That's a clickbait article. Nowhere does it explain how a domestic, mains powered router is like a battery powered device that fits on a keychain.

Well, Brian Krebs is a well-known well-respected researcher, is he not?

And besides, it's not just Bran Krebs making the points that you hate. <https://cybernews.com/privacy/apple-beams-wifi-location-data-privacy-risk/>
"Anyone can exploit Apple's flawed WiFi-based positioning system (WPS)*

To many people Airtags and the like are a *good* thing. Mullins have been sold.

Well, you defend everything Apple does to the death, Chris.
So it's natural that you'll try to dismiss the severity of this issue.

But you can't find a single security professional who agrees with you.
<https://securityboulevard.com/2024/05/apple-wi-fi-location-privacy-richixbw/>
"An unrestricted Apple API endpoint allows for easy tracking."

The only real scenario they demonstrate as being a genuine risk is being in
a warzone like Ukraine and Gaza. Again, of no relevance to 99.999% of
people. Am pretty sure the Santa Cruz mountains aren't awarzone.

Well, again, since you're an Apple troll, you are desperate to minimize the adverse impact of everything that Apple does that you internally hate.

But the fact is you can't find any security pros who agree with you.
<https://www.macworld.com/article/2343297/apple-wi-fi-network-wps-vulnerability-location-services-leak.html>
"Researchers have discovered a crucial vulnerability
in the way only Apple's location services work"

For you Apple trolls to claim the security professionals are wrong

Incorrect. No-one is saying that. We're saying you're wrong. As per usual.

Again, since you're an Apple troll, you defend everything Apple does,
to the death, no matter what, even to the point of attacking me.

You Apple trolls attack me because you hate the truth about Apple.
You hate that Apple never does what Apple "says" it does.

Hence, I take it in stride that you hate me for quoting the truth.

*Find even a single security researcher who agrees with you.*

<https://9to5mac.com/2024/05/24/apple-location-services-vulnerability/>
"We need to understand Apple devices figure out locations differently"
"There is one crucial difference between the way in which
Apple and Google devices carry out this task
and that's exactly where the privacy issue arises."

Amazon should ask for their money back for your "reviews". Oh wait they can't, because you give away your time to a multi-billion dollar company
for free!! What an utter moron.

Well, I take it in stride that you Apple trolls hate your lack
of intelligence, so you attack me because you hate that I'm not
like you.

In fact, I've told you many times to not make the mistake of
ever thinking that you Apple trolls are anything like I am.

The very fact Amazon selected me, where they only choose the top
half million or so reviewers to invite to Vine, says something.

Honestly, your world sounds *exhausting*.

It's hard for me to respond to that feeling other than to understand
your lack of IQ in a sympathetic way that fosters compassion.

You feel that the effort to remain private is exhausting.
And I can sympathize with you.

But the effort to remain free from slavery is also exhausting.
I don't own the mentality of the Sklaven.

In this case, Apple has violated ethical privacy concerns.
It's a legal and moral issue.

I fight for those.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

The very fact Amazon selected me, where they only choose the top
half million or so reviewers to invite to Vine, says something.

I should clarify that Amazon chooses only thousands of people
for the Amazon Vine program where they allow us to order any
item of any cost (up to eight items every single day) as long
as we review 80% of them every half year evaluation period.
<https://amazon.com/vine/about>

On reddit and elsewhere, they've estimated Amazon chooses to invite perhaps only one out of every half million reviewer of products on their site.

Amazon doesn't publish those numbers, but I've asked everyone on these
groups and so far only I have been invited so that shows selectivity.

My only point for clarifying this is that the Apple trolls, who defend everything Apple does, to the death, always love to attack the person.

For example, Chris calls me "a moron" simply for quoting what security professionals wrote. There's no other reason. I posted the truth.

Hence, to Apple trolls like Chris, anyone posting the truth is
"a moron"

So be it.
None of us on Usenet have such a thin skin as to be put off by actions by
these Apple trolls who are desperate to control the narrative on Apple.

They actually hate that Apple does all these things.
But they can't logically find any other way to defend Apple to the death.

But defend Apple to the death they must do.
So, they get personal.

They call anyone speaking the truth about Apple, "a moron".
So be it.

If that's their best defense to the truth about Apple,
then that defense alone tells us what they think about Apple.

Anyone telling the truth about Apple, is, to them, "a moron".
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian <marianjones@helpfulpeople.com> wrote:

Carlos E.R. wrote:

Except you won't know WHICH of the BSSIDs that are returned belong to
your neighbours.

From WaveDigger (the site you didn't know about until I told you):

"Access points shown may be 1-2km away from your click location."

So?

It showed mine just 20 or 30 metres to the west. At the other side of
the street.

May be 1-2 km away... doesn't mean they all are off. Just that there is
no warranty that it is accurate.

Where I live, it's so accurate as to make my heart palpitate in shock.

However, I see what Alan Baker wrote based on your inclusion of his post,
but he's dead wrong (as always), but I can't fault Alan Baker for being
dead wrong about everything as his IQ is well below anything normal.

For people like you, Chris,

Again, you're replying to Carlos. Read your own posts, why don't you?

I can point out that when I look at the
database, given our homes are far apart, it's trivial to identify the exact neighbor with the exact BSSID.

So while you must be aware I don't advocate tracking your neighbors, one answer to your question of how I could track YOU is if you were one of my neighbors.

You would do better actually looking out the window. You would then see if
the lights are on or not. That's more useful information than knowing my
MAC.

If YOU were one of my neighbors, that query would show me exactly where YOU live and exactly what your BSSID is, which I could use to track you for as long as you use that particular router.

Can you genuinely not see how ridiculous this sounds?

You're trying claim that using an internet database of anonymous
information is a more serious risk than looking out of your own window.
You're claiming that the telephone books we all used to have are a serious privacy risk worth of a class action suit. LMAO.

For example, if you moved away, but if you re-used your router, then I
would know EXACTLY where you lived, if you moved to another sparse location such as mine is.

That's a lot of "ifs".

I did NOT check for access points in the middle of Los Angeles though,
where I'd suspect Alan Baker's comment is more apropos given the density of access points would be far greater than it is out here in the boonies.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-06 04:24, Carlos E.R. wrote:

On 2025-12-06 02:18, Alan wrote:

On 2025-12-05 16:49, Marian wrote:

Chris wrote:

Since WaveDigger has a special query mode where you can enter a
single SSID
or BSSID, and instead of just returning that access point's location, it >>> also pulls in the surrounding access points that Apple's Wi-Fi
Positioning
System has observed in the same area.... just... try this...

Linux:

1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

iwlist scan | grep "Address:\|SSID"

...

Once you have the BSSID, you can paste it into WaveDigger lookup tool.
1. Open the WaveDigger site:
    https://wavedigger.networksurvey.app/?tab=bssid
2. In the "BSSID" field, type your MAC address:
    11:22:33:AA:BB:CC
3. Click the "Lookup" or "Search" button.
4. The map will show the location of that access point.
    If you enable "include surrounding access points",
    it will also list nearby BSSIDs Apple has observed.

Once you have the BSSID of all your neighbors, if one of them moves to a >>> new house, you can track them if they use their router at the new home.

Except you won't know WHICH of the BSSIDs that are returned belong to
your neighbours.

 From WaveDigger (the site you didn't know about until I told you):

"Access points shown may be 1-2km away from your click location."

So?

It showed mine just 20 or 30 metres to the west. At the other side of
the street.

May be 1-2 km away... doesn't mean they all are off. Just that there is
no warranty that it is accurate.

Which means you cannot trust that any information returned is accurate.

Makes for a pretty bad way to track someone...

...assuming you had some way to associate someone's identity with the
BSSID of their WiFi in the first place.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On Sat, 6 Dec 2025 13:08:19 +0100, "Carlos E.R."
<robin_listas@es.invalid> wrote:

On 2025-12-06 05:59, Char Jackson wrote:

On Fri, 5 Dec 2025 11:06:25 +0100, "Carlos E.R."
<robin_listas@es.invalid> wrote:

On 2025-12-05 06:06, Char Jackson wrote:

<snip>

I don't see anything complex there, but we don't all have the same
background.

Because that is the simple setup mode. You don't see there the virtual
networks (VLANS) it has, for instance.

In the early 2000s I used to think that dd-wrt router firmware was
complex, but the fog clears over time. It includes vlans, among many
other things.

When I say that my ISP setup of the router is complex, I mean things
like that the setup includes 3 active VLANs, and more things. If I buy
my own router, first I have to decode out the entire setup of the old >router, and then replicate it in the new router. Ie, create again those
3 VLANs, and every other thing they did, which are not documented. You
have to reverse engineer the setup of the provided router.

I don't see anything complex about setting up consumer networking gear,
but I'll take your word for it.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

I also opt out by adding _optout_ & _nomap to the SSID.
b. This (supposedly) removes my privacy information from the servers

Here is how to opt out of the following databases with your location.
1. Apple
2. Google
3. WiGLE
4. Mozilla
5. OSM
6. Skyhook
7. Microsoft

Since this is designed to help everyone get out of the location databases,
it's important to get them all in a single list. What's missing still?

Apple documents the use of "_nomap" at the end of an SSID to opt out:
<https://support.apple.com/en-us/102515>
"The owner of a Wi-Fi access point can opt it out of
Apple's Location Services ¡X which prevents its location
from being sent to Apple to include in Apple's crowd-sourced
location database ¡X by changing the access point's SSID (name)
to end with '_nomap.' For example, 'Access_Point' would be
changed to 'Access_Point_nomap.'"

Google documents the use of "_nomap" at the end of an SSID to opt out:
<https://support.google.com/maps/answer/1725632>
"To opt out, change the SSID (name) of your Wi-Fi access point
(your wireless network name) so that it ends with '_nomap.'
For example, if your SSID is '12345,' you would change it
to '12345_nomap.'"

WiGLE documents the use of "_nomap" or "_optout" at the end of an SSID.
<https://wigle.net/phpbb/viewtopic.php?t=2330>
"WiGLE automatically hides networks... with these _nomap
and/or _optout tags in the ssid."

Mozilla documented the use of "_nomap" at the end of an SSID to opt out. They're the only ones who documented the hidden option to opt out.
Mozilla Location Service
<https://en.wikipedia.org/wiki/Mozilla_Location_Service>
"Mozilla's client applications do not collect information
about WiFi access points whose SSID is hidden or ends with
the string '_nomap' (e.g. 'Simpson-family-wifi_nomap')."

OpenWLANMap documented the use of "_nomap" at the end of an SSID:
<https://github.com/openwifi-su/OpenWLANMap-App>
"The app includes the following functionalities:
- Scanning the wifi in the surrounding and
filtering out those wifis _nomap"

Skyhook (now Qualcomm) documented their optout policy here:
<https://www.qualcomm.com/site/privacy/skyhookprivacy>
"MAC Addresses: If users wish to opt out of Skyhook's use
of the Wi-Fi access point's MAC address to provide location,
users may opt-out by clicking here.
<https://www.qualcomm.com/site/privacy/qualcommtpsoptout>
If users choose to opt out, Skyhook will blacklist that MAC address
to not use that MAC address information in the future.

IP Addresses: If users wish to opt out of Skyhook¡¦s use
of the home IP address, users may opt-out by clicking here.
<https://www.qualcomm.com/site/privacy/qualcommtpsoptout>
If you choose to opt out, Skyhook will blacklist that IP address
to not use that IP address in the future

Microsoft does not use the _nomap suffix. Instead, you must provide the MAC address of your Wi-Fi access point to Microsoft¡¦s block list. <https://account.microsoft.com/privacy/location-services-opt-out>
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

Only you are making out that it is a privacy nightmare and it drives you to >> change your behaviour.

<https://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf>
"In this work, we show that Apples WPS implementation
can easily be abused to create a serious privacy threat
on a global scale."

As you well know the scenarios shown are disasters or warzones. Which
aren't of relevance to civilians as they have far more serious issues to
worry about.

They also report that 0.06% of all APs moved month to month. That's a
really poor hit rate for "tracking" people.

It has no negative impact on ordinary people.

I get it that you Apple trolls always defend Apple to the death, no matter what, but all I will ask of you (given the listing above) is for you to...

*Find even a single security researcher who agrees with you.*

<https://www.govinfosecurity.com/surveillance-risk-apples-wifi-based-positioning-system-a-25330>
"The attack risk stems from Apple's WiFi-based Positioning System"

We now know from your inability to come up with a way to actually track me >> that what is required is knowledge of a WAP's MAC address. This is only
known by being in direct contact with the WAP (to read the sticker) or
connected to it. Both of which mean you'll find out the location when you
are AT THE LOCATION.

Notice that, where I live, in the mountains high above Silicon Valley, the query we discussed prior shows EXACTLY the EXACT BSSID of all my neighbors.

It's EXACT, Chris.
It's horrifyingly exact, Chris.

I almost had a heart attack when I saw how clearly I could identify each
and every one of my neighbors by their exact location and BSSID, Chris.

That is the exact point of it. It would be a pretty terrible service if it couldn't identify unique buildings within 40 acre plots. lol.

What's worse, since Apple's WPS database has no security control
whatsoever, anyone in the world can do easily what I just did, Chris.

All of us can be tracked. And it's not just me saying it.
Read the papers, Chris. Read them.

Literally says 0.06% of APs move . That's nowhere near "all of us".

*Find even a single security researcher who agrees with you.*

<https://arxiv.org/abs/2405.14975>
"In this work, we show that Apple's flawed WPS can too easily be abused"

You're a moron if you think this is a problem.

It's a given

You remove context and distort.

But you need to realize privacy professionals out there disagree with you. >>> *Why Your Wi-Fi Router Doubles as an Apple AirTag*
<https://krebsonsecurity.com/2024/05/why-your-wi-fi-router-doubles-as-an-apple-airtag/>

That's a clickbait article. Nowhere does it explain how a domestic, mains
powered router is like a battery powered device that fits on a keychain.

Well, Brian Krebs is a well-known well-respected researcher, is he not?

Argument to authority. Invalidates everything else you say.

Please explain how the title isn't clickbait?





--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Frank Slootweg <this@ddress.is.invalid> wrote:

Andy Burns <usenet@andyburns.uk> wrote:

Frank Slootweg wrote:

Andy Burns wrote:

In the UK (and I assume wider within Europe) many ISPs do remote
provisioning using TR-069 protocol.

Do you know the extent of that "provisioning", i.e. what they can and
can not do?

quite likely change all settings and do firmware updates, reboots

They only have to access to WAN side settings or global things like
firmware updates or full resets.

Also of the router part, i.e. router settings, passwords, IP settings, etc.?

If so, how is the user's ('LAN') still his/hers and still secure? How
about the user being liable for any abuse/misuse from the ISP's side/ personel?

The LAN is still yours and separate.

Over time (some 20+ years), my modem/router devices have either been
installed by an on-site technician (probably two times) or by myself,
i.e. they ship a replacement modem/router (sometimes with things like
cables, adapters, outlets, etc.) and I install it (probably three or
more times).

I generally start with the ISP's device, then migrate to my own device,
but the I've stayed with same ISP since 2004

Over time, I have used two of my own routers. The first one was
needed, because the modem only had one hardwired connection. The second, because the first was too slow (bps). After that, I've used the ISP's built-in routers because they offered sufficient functionality. And yes,
also since about that time (March 2003 actually).

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

Here is how to opt out of the following databases

Going chinese? You've swapped into charset="big5" and the weird italic
font that usually uses.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Char Jackson wrote:

In the early 2000s I used to think that dd-wrt router firmware was
complex, but the fog clears over time. It includes vlans, among many
other things.

When I say that my ISP setup of the router is complex, I mean things
like that the setup includes 3 active VLANs, and more things. If I buy
my own router, first I have to decode out the entire setup of the old >>router, and then replicate it in the new router. Ie, create again those
3 VLANs, and every other thing they did, which are not documented. You >>have to reverse engineer the setup of the provided router.

I don't see anything complex about setting up consumer networking gear,
but I'll take your word for it.

I agree with Char Jackson, who has helped me over the years to set up old Linksys & Netgear routers on DD-WRT as bridges (and as bridge repeaters).

As Char Jackson noted, working with routers is something we've done since,
oh, I don't know, about 2002 when the first Linksys WRT-54G was released.
<https://en.wikipedia.org/wiki/Linksys_WRT54G_series>

In the early days the WRT-54G had enough memory to flash DD-WRT on it
so we learned a lot when we retired the router & repurposed them as a
wireless client bridge repeater or access point wired or wireless repeater.

Over those two decades of constantly flashing routers, "the fog clears over time", such that we don't consider router setup to be difficult (and, in
fact, we flash our own routers with DD-WRT whenever we can).

In all those years, I haven't explicitly run into VLANs but implicitly many guest networks and repeater bridges make use of VLANs as far as I'm aware.

Moving forward, I'm sure many IoT devices can be placed on their own VLAN
to minimize security risks. Parental controls may involve VLANs also.

Apparently some ISPs configure VLANs automatically for services like IPTV
or VoIP. And, from looking it up just now, in prosumer/enterprise routers (Ubiquiti, MikroTik, Cisco, etc.), VLANs are often part of the setup.

However, in my experience, in a basic home setup, we probably don't need to explicitly worry about VLANs as our router implicitly handles it invisibly (e.g., the guest network).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian wrote:

In the early days the WRT-54G had enough memory to flash DD-WRT on it

Still have one kicking around ... not powerful enough for anything
useful these days.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-06, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 19:56:5, Jolly Roger wrote:

On 2025-12-05, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 17:37:43, Jolly Roger wrote:

E-mail sent to this address may be devoured by my ravenous SPAM
filter. I often ignore posts from Google. Use a real news client
instead.

I'm guessing that was composed when Google Groups was still operating?
If it was, maybe you might want to amend it ...

The last person who bitched about this signature is a resident troll, so
it stays.

I wasn't bitching

It's not about you.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-07 17:51, Marian wrote:

Char Jackson wrote:

In the early 2000s I used to think that dd-wrt router firmware was
complex, but the fog clears over time. It includes vlans, among many
other things.

When I say that my ISP setup of the router is complex, I mean things
like that the setup includes 3 active VLANs, and more things. If I buy
my own router, first I have to decode out the entire setup of the old
router, and then replicate it in the new router. Ie, create again those
3 VLANs, and every other thing they did, which are not documented. You
have to reverse engineer the setup of the provided router.

I don't see anything complex about setting up consumer networking gear,
but I'll take your word for it.

I agree with Char Jackson, who has helped me over the years to set up old Linksys & Netgear routers on DD-WRT as bridges (and as bridge repeaters).

It is simple if someone takes the effort of describing what you have to configure in the new router. Not that easy if you have to reverse
engineer the old router and it has no comments nor help. Just the
obscure short name of a setting.


...

In all those years, I haven't explicitly run into VLANs but implicitly many guest networks and repeater bridges make use of VLANs as far as I'm aware.

Nothing implicit. One VLAN is for the phone land line, another is for
TV, another is for internet (my guess).

This is just a small part of what my router calls:

Network Setting
Bridging Setup
Bridging
Filtering
Marking

https://paste.opensuse.org/pastes/7c7fef46eaef https://paste.opensuse.org/pastes/9acdc9974acd https://paste.opensuse.org/pastes/88d9c37538af https://paste.opensuse.org/1aece5657e7a
https://paste.opensuse.org/872479cefbdb
https://paste.opensuse.org/a827cc71d713


just try to explain what that does. A mistake, and my phone stops
working. And there are maybe hundreds of screens like that.


No, I am not actually interested. It is just an example of why I say
that the setup of my router by the ISP is complex.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-07 01:10, Alan wrote:

On 2025-12-06 04:24, Carlos E.R. wrote:

On 2025-12-06 02:18, Alan wrote:

On 2025-12-05 16:49, Marian wrote:

Chris wrote:

Since WaveDigger has a special query mode where you can enter a
single SSID
or BSSID, and instead of just returning that access point's
location, it
also pulls in the surrounding access points that Apple's Wi-Fi
Positioning
System has observed in the same area.... just... try this...

Linux:

1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

iwlist scan | grep "Address:\|SSID"

...

Once you have the BSSID, you can paste it into WaveDigger lookup tool. >>>> 1. Open the WaveDigger site:
    https://wavedigger.networksurvey.app/?tab=bssid
2. In the "BSSID" field, type your MAC address:
    11:22:33:AA:BB:CC
3. Click the "Lookup" or "Search" button.
4. The map will show the location of that access point.
    If you enable "include surrounding access points",
    it will also list nearby BSSIDs Apple has observed.

Once you have the BSSID of all your neighbors, if one of them moves
to a
new house, you can track them if they use their router at the new home. >>>

Except you won't know WHICH of the BSSIDs that are returned belong to
your neighbours.

 From WaveDigger (the site you didn't know about until I told you):

"Access points shown may be 1-2km away from your click location."

So?

It showed mine just 20 or 30 metres to the west. At the other side of
the street.

May be 1-2 km away... doesn't mean they all are off. Just that there
is no warranty that it is accurate.

Which means you cannot trust that any information returned is accurate.

Makes for a pretty bad way to track someone...

Much better than looking on the entire world. That's pretty good, actually.

...assuming you had some way to associate someone's identity with the
BSSID of their WiFi in the first place.

--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-07 11:54, Carlos E.R. wrote:

On 2025-12-07 01:10, Alan wrote:

On 2025-12-06 04:24, Carlos E.R. wrote:

On 2025-12-06 02:18, Alan wrote:

On 2025-12-05 16:49, Marian wrote:

Chris wrote:

Since WaveDigger has a special query mode where you can enter a
single SSID
or BSSID, and instead of just returning that access point's
location, it
also pulls in the surrounding access points that Apple's Wi-Fi
Positioning
System has observed in the same area.... just... try this...

Linux:

1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

iwlist scan | grep "Address:\|SSID"

...

Once you have the BSSID, you can paste it into WaveDigger lookup tool. >>>>> 1. Open the WaveDigger site:
    https://wavedigger.networksurvey.app/?tab=bssid
2. In the "BSSID" field, type your MAC address:
    11:22:33:AA:BB:CC
3. Click the "Lookup" or "Search" button.
4. The map will show the location of that access point.
    If you enable "include surrounding access points",
    it will also list nearby BSSIDs Apple has observed.

Once you have the BSSID of all your neighbors, if one of them moves >>>>> to a
new house, you can track them if they use their router at the new
home.

Except you won't know WHICH of the BSSIDs that are returned belong
to your neighbours.

 From WaveDigger (the site you didn't know about until I told you):

"Access points shown may be 1-2km away from your click location."

So?

It showed mine just 20 or 30 metres to the west. At the other side of
the street.

May be 1-2 km away... doesn't mean they all are off. Just that there
is no warranty that it is accurate.

Which means you cannot trust that any information returned is accurate.

Makes for a pretty bad way to track someone...

Much better than looking on the entire world. That's pretty good, actually.

Except you first have to find a way to associate the BSSID with a
particular individual.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/7 17:38:11, Jolly Roger wrote:

On 2025-12-06, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 19:56:5, Jolly Roger wrote:

On 2025-12-05, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 17:37:43, Jolly Roger wrote:

E-mail sent to this address may be devoured by my ravenous SPAM
filter. I often ignore posts from Google. Use a real news client
instead.

I'm guessing that was composed when Google Groups was still operating? >>>> If it was, maybe you might want to amend it ...

The last person who bitched about this signature is a resident troll, so >>> it stays.

I wasn't bitching

It's not about you.

In that case, I don't understand your comment.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

"Scheisse," said Pooh, trying out his German.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025/12/7 16:6:36, Andy Burns wrote:

Marian wrote:

Here is how to opt out of the following databases

Going chinese? You've swapped into charset="big5" and the weird italic
font that usually uses.

I did wonder; his posts are appearing here (in Thunderbird) in a
different font to everyone else's. It's not italic, and I think it is monospaced; other than that it looks maybe a bit like Times but
stretched vertically.
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()ALIS-Ch++(p)Ar++T+H+Sh0!:`)DNAf

From Newsgroup: comp.mobile.android

On 2025-12-07 21:47, Alan wrote:

On 2025-12-07 11:54, Carlos E.R. wrote:

On 2025-12-07 01:10, Alan wrote:

On 2025-12-06 04:24, Carlos E.R. wrote:

On 2025-12-06 02:18, Alan wrote:

On 2025-12-05 16:49, Marian wrote:

Chris wrote:

Since WaveDigger has a special query mode where you can enter a
single SSID
or BSSID, and instead of just returning that access point's
location, it
also pulls in the surrounding access points that Apple's Wi-Fi
Positioning
System has observed in the same area.... just... try this...

Linux:

1. Open a terminal
2. Type: sudo iwlist scan
3. Find your SSID in the output
4. Look for "Address:" lines
5. Copy the MAC address (format: AA:BB:CC:DD:EE:FF)

iwlist scan | grep "Address:\|SSID"

...

Once you have the BSSID, you can paste it into WaveDigger lookup
tool.
1. Open the WaveDigger site:
    https://wavedigger.networksurvey.app/?tab=bssid
2. In the "BSSID" field, type your MAC address:
    11:22:33:AA:BB:CC
3. Click the "Lookup" or "Search" button.
4. The map will show the location of that access point.
    If you enable "include surrounding access points",
    it will also list nearby BSSIDs Apple has observed.

Once you have the BSSID of all your neighbors, if one of
them moves to a new house, you can track them if they use
their router at the new home.

Except you won't know WHICH of the BSSIDs that are returned belong
to your neighbours.

 From WaveDigger (the site you didn't know about until I told you): >>>>>
"Access points shown may be 1-2km away from your click location."

So?

It showed mine just 20 or 30 metres to the west. At the other side
of the street.

May be 1-2 km away... doesn't mean they all are off. Just that there
is no warranty that it is accurate.

Which means you cannot trust that any information returned is accurate.

Makes for a pretty bad way to track someone...

Much better than looking on the entire world. That's pretty good,
actually.

Except you first have to find a way to associate the BSSID with a
particular individual.

Sure.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-07, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/7 17:38:11, Jolly Roger wrote:

On 2025-12-06, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 19:56:5, Jolly Roger wrote:

On 2025-12-05, J. P. Gilliver <G6JPG@255soft.uk> wrote:

On 2025/12/5 17:37:43, Jolly Roger wrote:

E-mail sent to this address may be devoured by my ravenous SPAM
filter. I often ignore posts from Google. Use a real news client
instead.

I'm guessing that was composed when Google Groups was still operating? >>>>> If it was, maybe you might want to amend it ...

The last person who bitched about this signature is a resident troll, so >>>> it stays.

I wasn't bitching

It's not about you.

In that case, I don't understand your comment.

Not sure what to tell you.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-07 22:11, J. P. Gilliver wrote:

On 2025/12/7 16:6:36, Andy Burns wrote:

Marian wrote:

Here is how to opt out of the following databases

Going chinese? You've swapped into charset="big5" and the weird italic
font that usually uses.

I did wonder; his posts are appearing here (in Thunderbird) in a
different font to everyone else's. It's not italic, and I think it is monospaced; other than that it looks maybe a bit like Times but
stretched vertically.

No, the font used is chosen locally by your client, which I take to be Thunderbird. TB can use a different font for each different charset.

Content-Type: text/plain; charset="big5"
Content-Transfer-Encoding: 8bit
Content-Language: en-GB

I'm not familiar with this choice.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:

Which means you cannot trust that any information returned is accurate. >>>>
Makes for a pretty bad way to track someone...

Much better than looking on the entire world. That's pretty good,
actually.

Except you first have to find a way to associate the BSSID with a
particular individual.

Sure.

I just want the people here to understand that when your BSSID is in
Apple's database, and if you live in a rural area (such as I do),
then your GPS coordinates returned to 8 decimal places... is you.

If you move, then they can track where you moved.

For example, an enterprising coder could query the Apple WPS database for
all routers that moved between locations to put them into a database.

Then they could sell that database to professionals who target people who
just moved. That's only one example, as I'm not that type of person.

It could be more nefarious in that with Apple's insecure WPS database, you
can *target* individuals, which again, I don't advocate but it can be done.

But the fact is you can be tracked anywhere in the world if you use the
same router, which very often people who have moved will easily do.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

You're trying claim that using an internet database of anonymous
information is a more serious risk than looking out of your own window.

I get it you are desperate to defend Apple to the death, no matter what.

You're claiming that the telephone books we all used to have are a serious privacy risk worth of a class action suit. LMAO.

Why is it that you disagree with all the security professionals, Chris?

For example, if you moved away, but if you re-used your router, then I
would know EXACTLY where you lived, if you moved to another sparse location >> such as mine is.

That's a lot of "ifs".

It's only one if, which is if you re-use your router, you are tracked.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

As you well know the scenarios shown are disasters or warzones. Which
aren't of relevance to civilians as they have far more serious issues to worry about.

I get it that you defend Apple to the death, no matter what.
So I understand why you're so desperate to minimize this security flaw.

They also report that 0.06% of all APs moved month to month. That's a
really poor hit rate for "tracking" people.

Any imaginative person can think of many instances where having a database
of all the people who moved and exact where from and to, is useful.

Let's just say California wanted to find all the people who moved from California to Florida who retired to ask them to pay their 401K taxes.

It would be trivial, using Apple's WPS system, to find everyone in any
given county in Florida who recently moved there from California.

I almost had a heart attack when I saw how clearly I could identify each
and every one of my neighbors by their exact location and BSSID, Chris.

That is the exact point of it. It would be a pretty terrible service if it couldn't identify unique buildings within 40 acre plots. lol.

I get it that you are desperate to claim always that Apple is perfect.
But the fact I can be tracked to 8 decimal places can't be excused.

I already provided plenty of quotes from security professionals on this.

If you want to continue your absurd desperate attempt to defend everything Apple does, to the death, no matter what, please find at least one security professional on record for agreeing with your dismissal of the problem set.

All of us can be tracked. And it's not just me saying it.
Read the papers, Chris. Read them.

Literally says 0.06% of APs move . That's nowhere near "all of us".

If I was a Sheriff in a county of California that wanted to track all the people who moved from a different county of California, I could track them.

I'm not advocating tracking, as you must know, but what I'm pointing out to
you is that I understand that you defend Apple to the death, no matter
what, using absurd arguments that are so nonsensical as to be ridiculous.

Why don't you find a security pro who agrees with your point of view?
(Even all the Apple-centric publications decried Apple for this.)
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Andy Burns wrote:

Marian wrote:

In the early days the WRT-54G had enough memory to flash DD-WRT on it

Still have one kicking around ... not powerful enough for anything
useful these days.

Hi Andy,

I just checked. I've still got two "kicking around" (but currently unused).
<https://i.postimg.cc/qMhQRkJN/linksys-wrt-54g.jpg>

Over time, the "old" router becomes the "last used" router, in which case
the venerable Linksys WRT-54G that we cut out teeth on, is "really old".

My point to whomever it was that decried the complexity of setting up a
router, is that we all went through that learning curve many years ago.

We've all likely "bricked" a router, and, in my neighborhood, people give
me perfectly good routers that they bricked & I use TFTP to unbrick 'em.
<https://i.postimg.cc/5t4Nhkwx/transceiver01.jpg>

Whenever people retire their WISP, they give me their Ubiquiti Rocket M5
radios also, so I must have a dozen of them sprinkled around the yard.
<https://i.postimg.cc/RZXNZBCQ/transceiver02.jpg>

Some of my radios are so powerful they can connect to Wi-Fi 10 miles away.

They're all the same when it comes to router setup, although the
professional equipment has a bunch of neat tools for spectrum analysis.

The point being I agreed with those who said that we all overcame the "complexity" over the decades since we've been setting up routers forever.

BTW, the only time I "explicitly" ran into "virtual interfaces" was when setting up an old router on DD-WRT as a bridge repeater & client bridge.

I needed that because my Windows desktop from 2009 doesn't have a Wi-Fi
card, so I used an Ethernet cable to connect the eth0 port of the Windows
PC to the old WNR834Bv2 router which connected wirelessly to the AP.

I forget if it was set up as a client bridge or as a bridge repeater, but
the advantage was that I got an "extra" access point out of the deal.
<https://i.postimg.cc/rpw270T5/virtual-interfaces.jpg>

Note the "_nomap" on that image which is years old, as all my SSIDs have
_nomap on them, except for the virtual LANs, it turned out, but that's
because I couldn't figure out how to adjust the DD-WRT software for it.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:

I agree with Char Jackson, who has helped me over the years to set up old
Linksys & Netgear routers on DD-WRT as bridges (and as bridge repeaters).

It is simple if someone takes the effort of describing what you have to configure in the new router. Not that easy if you have to reverse
engineer the old router and it has no comments nor help. Just the
obscure short name of a setting.

I must exclaim that I AGREE with Carlos, since I never disagree with
anyone, no matter who they are, who presents a logically sensible view.

We've all struggled to understand what a given switch meant when setting up
a router, where I remember, I even struggled when I moved into the
mountains to figure out which port of a POE goes to the radio versus
router. After scores of POEs, over time, we forget we had to learn it.

However...

There is one really good thing that came up only in the last year or so.
You can now ask AI/LLM how to set up your router & it will help you do it.

In all those years, I haven't explicitly run into VLANs but implicitly many >> guest networks and repeater bridges make use of VLANs as far as I'm aware.

Nothing implicit. One VLAN is for the phone land line, another is for
TV, another is for internet (my guess).

This is just a small part of what my router calls:

Network Setting
Bridging Setup
Bridging
Filtering
Marking

https://paste.opensuse.org/pastes/7c7fef46eaef https://paste.opensuse.org/pastes/9acdc9974acd https://paste.opensuse.org/pastes/88d9c37538af https://paste.opensuse.org/1aece5657e7a https://paste.opensuse.org/872479cefbdb https://paste.opensuse.org/a827cc71d713

just try to explain what that does. A mistake, and my phone stops
working. And there are maybe hundreds of screens like that.

No, I am not actually interested. It is just an example of why I say
that the setup of my router by the ISP is complex.

The RTF8225VW Router Smart WiFi 6 Go is Movistar's latest
Askey-manufactured router whose configuration guide is here.
<https://itigic.com/movistar-router-smart-wifi-6-manual-configuration-guide/>

The bridge mode support apparently lets you connect a neutral router (like TP-Link or Asus) to manage your network, avoiding double NAT.
<https://algoentremanos.com/como-configurar-router-movistar-smart-wifi-6-go-rtf8225vw-modo-bridge/>

Moviestart can push the firmware updates if you don't want to do it.
<https://comunidad.movistar.es/discussions/soporte-fibra-optica/ultimo-firmware-router-smart-wifi-go-router-askey-rtf8225vw/5181231>

You appear to be using bridge mode which is optional.
a. Advanced Settings > Internet > Bridge Mode.
b. Then connect your home router to the RTF8225VW.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

For example, if you moved away, but if you re-used your router, then I
would know EXACTLY where you lived, if you moved to another sparse location >> such as mine is.

That's a lot of "ifs".

I just realized why you and I are so tremendously different, Chris.
You have no imagination.

You can't take apart a situation.
You can't analyze that situation.

You have no tools in your brain for figuring out what isn't explicitly said (where you can't figure out even how easy it is to abuse public databases).

There's only one "if" in this scenario, for example.

Assume this is the problem set:
Someone wants to know all the people who moved to his town
in the last year from Gillette Wyoming, including renters.

How hard do you think it would be for him to get that data out of the
highly insecure Apple WPS database, Chris (keeping in mind you get 400
access point BSSIDs in every query according to security researchers).

HINT: Security researchers proved it already.
<https://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf>
"In this work, we show that Apples WPS implementation
can easily be abused to create a serious privacy threat
on a global scale."
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:> No, the font used is chosen locally by your client,
which I take to be

Thunderbird. TB can use a different font for each different charset.

Content-Type: text/plain; charset="big5"
Content-Transfer-Encoding: 8bit
Content-Language: en-GB

I'm not familiar with this choice.

Andy found a flaw in my newsreader, which is a custom unique newsreader.

In that newsreader, there's one thing I've never figured out, which is how fonts work in Usenet (since most lines in my header are completely random).

As you know, I have a unique newsreader which is simply telnet with gVim.
The scripts don't care what fonts are used. It's just a line to telnet.

The header lines not added by the nntp server are added by my scripts.
But they're essentially random.

I got the lines, long ago, from scraping Usenet for header lines.
So some newsreaders tended to have one set of font lines, while other newsreaders tended to have a different set of font lines. It's random.

They change whenever I flip a switch to the next dictionary lookup.
I'll do that right now so that you can see different header lines.

I have no idea how the header lines look to the recipient though.
Nor how the fonts are interpreted as they're always sent the same.

But nothing has changed in that I'm still using telnet with gVim.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Andy Burns wrote:

Here is how to opt out of the following databases

Going chinese? You've swapped into charset="big5" and the weird italic
font that usually uses.

Hi Andy,

Maybe you can explain what happens with fonts as I've never understood how
they show up for people like you who are on the receiving end of my posts.

I write the content in gVim and I send it off with telnet.
Everything in the header related to the newsreader is essentially random.

Specifically, whatever the header "says" about fonts, is random.
It's not "completely" random as the header lines are "scraped".

That is, long ago I created a dictionary of headers which themselves were scraped from existing posts randomly selected across the Usenet spectrum.

Whenever I want to change the headers for privacy reasons, I just flip a
switch and a different set of (essentially random) headers is inserted.

Given telnet is doing the sending, I have no idea how the "fonts" show up.
Can you explain how the system of fonts works?

Does the random header described above affect how YOU see my fonts?
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-08 03:14, Marian wrote:

Carlos E.R. wrote:

I agree with Char Jackson, who has helped me over the years to set up old >>> Linksys & Netgear routers on DD-WRT as bridges (and as bridge repeaters). >>>

It is simple if someone takes the effort of describing what you have to
configure in the new router. Not that easy if you have to reverse
engineer the old router and it has no comments nor help. Just the
obscure short name of a setting.

I must exclaim that I AGREE with Carlos, since I never disagree with
anyone, no matter who they are, who presents a logically sensible view.

We've all struggled to understand what a given switch meant when setting up
a router, where I remember, I even struggled when I moved into the
mountains to figure out which port of a POE goes to the radio versus
router. After scores of POEs, over time, we forget we had to learn it.

However...

There is one really good thing that came up only in the last year or so.
You can now ask AI/LLM how to set up your router & it will help you do it.

In all those years, I haven't explicitly run into VLANs but implicitly many >>> guest networks and repeater bridges make use of VLANs as far as I'm aware. >>

Nothing implicit. One VLAN is for the phone land line, another is for
TV, another is for internet (my guess).

This is just a small part of what my router calls:

Network Setting
Bridging Setup
Bridging
Filtering
Marking

https://paste.opensuse.org/pastes/7c7fef46eaef
https://paste.opensuse.org/pastes/9acdc9974acd
https://paste.opensuse.org/pastes/88d9c37538af
https://paste.opensuse.org/1aece5657e7a
https://paste.opensuse.org/872479cefbdb
https://paste.opensuse.org/a827cc71d713


just try to explain what that does. A mistake, and my phone stops
working. And there are maybe hundreds of screens like that.


No, I am not actually interested. It is just an example of why I say
that the setup of my router by the ISP is complex.

The RTF8225VW Router Smart WiFi 6 Go is Movistar's latest
Askey-manufactured router whose configuration guide is here.
<https://itigic.com/movistar-router-smart-wifi-6-manual-configuration-guide/>

That's the normal user setup (which I already know), it doesn't explain anything about the non documented setup of things like those in the
photos I posted above. There are hundreds of non documented settings
needed to adapt a generic router to work for them.

The bridge mode support apparently lets you connect a neutral router (like TP-Link or Asus) to manage your network, avoiding double NAT.
<https://algoentremanos.com/como-configurar-router-movistar-smart-wifi-6-go-rtf8225vw-modo-bridge/>

Sure.

Moviestart can push the firmware updates if you don't want to do it.
<https://comunidad.movistar.es/discussions/soporte-fibra-optica/ultimo-firmware-router-smart-wifi-go-router-askey-rtf8225vw/5181231>

You appear to be using bridge mode which is optional.
a. Advanced Settings > Internet > Bridge Mode.
b. Then connect your home router to the RTF8225VW.

No, I am not using bridge mode. I'm using the normal default mode as it
comes out of the box, prepared to work with telefónica, then added a few things, like my SSID/Password, dhcp range to use, what ports I want translated, etc.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

They also report that 0.06% of all APs moved month to month. That's a
really poor hit rate for "tracking" people.

Any imaginative person can think of many instances where having a database
of all the people who moved and exact where from and to, is useful.

Not people. WAPs.

Let's just say California wanted to find all the people who moved from California to Florida who retired to ask them to pay their 401K taxes.

It would be trivial, using Apple's WPS system, to find everyone in any
given county in Florida who recently moved there from California.

Go on then. If it's so trivial, why don't you do it?

Show us with step by step instructions how many *people* - as you claim -
moved to FL from CA in the last six months.

You have a week. If you can't then I call bullshit.

I know what will happen, however. You won't even try. You will cry, shout
and stomp your feet blaming everyone else apart from yourself. Just like a
big baby.

You'll not hear from me until next week so as to not direct you from this important privacy risk study.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Andy Burns wrote:

Marian wrote:

Maybe you can explain what happens with fonts as I've never understood
how
they show up for people like you who are on the receiving end of my
posts.

The receiver controls the font, but modified based on certain charsets,
e.g. Chinese tend to use "big5" and Thunderbird will use either a YaHei
or SimSun font for that, which always looks like a low quality scratchy
font on my machines ... someone else described it as "stretched
vertically Times Roman"

<https://fontsgeek.com/fonts/SimSun-Regular>

I write the content in gVim and I send it off with telnet.
Everything in the header related to the newsreader is essentially random.

Specifically, whatever the header "says" about fonts, is random.
It's not "completely" random as the header lines are "scraped".

Maybe any scraped sample headers that you randomly include into postings should exclude those with charset big5, or koi8 (similar for russian)
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-08 03:32, Marian wrote:

Carlos E.R. wrote:> No, the font used is chosen locally by your client, which I take to be

Thunderbird. TB can use a different font for each different charset.

Content-Type: text/plain; charset="big5"
Content-Transfer-Encoding: 8bit
Content-Language: en-GB

I'm not familiar with this choice.

Andy found a flaw in my newsreader, which is a custom unique newsreader.

In that newsreader, there's one thing I've never figured out, which is
how fonts work in Usenet (since most lines in my header are completely random).

As you know, I have a unique newsreader which is simply telnet with gVim.
The scripts don't care what fonts are used. It's just a line to telnet.

The header lines not added by the nntp server are added by my scripts.
But they're essentially random.

I got the lines, long ago, from scraping Usenet for header lines.
So some newsreaders tended to have one set of font lines, while other newsreaders tended to have a different set of font lines. It's random.

They change whenever I flip a switch to the next dictionary lookup.
I'll do that right now so that you can see different header lines.

I have no idea how the header lines look to the recipient though.
Nor how the fonts are interpreted as they're always sent the same.

But nothing has changed in that I'm still using telnet with gVim.

But you have to be careful about what your random headers do to us. You
should not use random headers in things like the charset.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-08 00:10, Marian wrote:

Carlos E.R. wrote:

Which means you cannot trust that any information returned is accurate. >>>>>
Makes for a pretty bad way to track someone...

Much better than looking on the entire world. That's pretty good,
actually.

Except you first have to find a way to associate the BSSID with a
particular individual.

Sure.

I just want the people here to understand that when your BSSID is in
Apple's database, and if you live in a rural area (such as I do),
then your GPS coordinates returned to 8 decimal places... is you.

If you move, then they can track where you moved.

Sure.

For example, an enterprising coder could query the Apple WPS database for
all routers that moved between locations to put them into a database.

Then they could sell that database to professionals who target people who just moved. That's only one example, as I'm not that type of person.

It could be more nefarious in that with Apple's insecure WPS database, you can *target* individuals, which again, I don't advocate but it can be done.

But the fact is you can be tracked anywhere in the world if you use the
same router, which very often people who have moved will easily do.

Considering that here the router is often provided by the Telco, when
you move you have to hand over the old router, and get a new one with
the new contract at the new destination.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

On 2025-12-08 08:54, Chris wrote:

Marian <marianjones@helpfulpeople.com> wrote:

Chris wrote:

They also report that 0.06% of all APs moved month to month. That's a
really poor hit rate for "tracking" people.

Any imaginative person can think of many instances where having a database >> of all the people who moved and exact where from and to, is useful.

Not people. WAPs.

Let's just say California wanted to find all the people who moved from
California to Florida who retired to ask them to pay their 401K taxes.

It would be trivial, using Apple's WPS system, to find everyone in any
given county in Florida who recently moved there from California.

Go on then. If it's so trivial, why don't you do it?

Show us with step by step instructions how many *people* - as you claim - moved to FL from CA in the last six months.

You have a week. If you can't then I call bullshit.

I know what will happen, however. You won't even try. You will cry, shout
and stomp your feet blaming everyone else apart from yourself. Just like a big baby.

You'll not hear from me until next week so as to not direct you from this important privacy risk study.

His point is correct, though. An interested party could dig out this information, even if Arlen doesn't come out with code to do it.
--
Cheers, Carlos.
ES🇪🇸, EU🇪🇺;
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Andy Burns wrote:

Maybe you can explain what happens with fonts as I've never understood
how
they show up for people like you who are on the receiving end of my
posts.

The receiver controls the font, but modified based on certain charsets,
e.g. Chinese tend to use "big5" and Thunderbird will use either a YaHei
or SimSun font for that, which always looks like a low quality scratchy
font on my machines ... someone else described it as "stretched
vertically Times Roman"

<https://fontsgeek.com/fonts/SimSun-Regular>

Hi Andy,

Thanks for your help, now, and over the years as I respect your acumen.

I really have no idea how fonts are handled since I don't overtly do
anything other than randomize the headers scraped from Usenet posts.

However...

I think I have an idea what happened, since the post you said was in
Chinese fonts was no different, on my side, than any other post from me.

But...

I very often copy-and-paste from documents.

In that case, the characters pasted can include em-dashes, curly quotes, non-breaking hyphens, non-breaking spaces, and other crazy characters.

Some show up as crazy inside of gVim so I have a chance to fix them.
Others don't.

Maybe one of those crazy unicode funky characters showed up that is not in
the 95 characters found on a normal US/UK/EU QWERTY keyboard perhaps?

I write the content in gVim and I send it off with telnet.
Everything in the header related to the newsreader is essentially random. >>>
Specifically, whatever the header "says" about fonts, is random.
It's not "completely" random as the header lines are "scraped".

Maybe any scraped sample headers that you randomly include into postings should exclude those with charset big5, or koi8 (similar for russian)

Here is a script that removes many of the "funky" characters which creep up when I copy and paste from a published source (web pages or research docs).

It uses Notepad++ shortcuts.xml to convert funky characters to 7-bit ASCII.

<Macro name="ASCII" Ctrl="yes" Alt="no" Shift="no" Key="66">
<!-- Normalize dashes -->
<Action type="3" message="1601" sParam="&#x2010;" /><Action type="3" message="1602" sParam="-" />
<Action type="3" message="1601" sParam="&#x2012;" /><Action type="3" message="1602" sParam="-" />
<Action type="3" message="1601" sParam="&#x2013;" /><Action type="3" message="1602" sParam="-" />
<Action type="3" message="1601" sParam="&#x2014;" /><Action type="3" message="1602" sParam="-" />
<Action type="3" message="1601" sParam="&#x2212;" /><Action type="3" message="1602" sParam="-" />

<!-- Normalize quotes -->
<Action type="3" message="1601" sParam="&#x2018;" /><Action type="3" message="1602" sParam="&apos;" />
<Action type="3" message="1601" sParam="&#x2019;" /><Action type="3" message="1602" sParam="&apos;" />
<Action type="3" message="1601" sParam="&#x201C;" /><Action type="3" message="1602" sParam="&quot;" />
<Action type="3" message="1601" sParam="&#x201D;" /><Action type="3" message="1602" sParam="&quot;" />
<Action type="3" message="1601" sParam="`" /><Action type="3" message="1602" sParam="&apos;" />

<!-- Invisible characters ? strip -->
<Action type="3" message="1601" sParam="&#x200C;" /><Action type="3" message="1602" sParam="" />
<Action type="3" message="1601" sParam="&#x200B;" /><Action type="3" message="1602" sParam="" />
<Action type="3" message="1601" sParam="&#xFEFF;" /><Action type="3" message="1602" sParam="" />

<!-- Symbols -->
<Action type="3" message="1601" sParam="&#x2192;" /><Action type="3" message="1602" sParam="->" />
<Action type="3" message="1601" sParam="&#x00B0;" /><Action type="3" message="1602" sParam="deg" />
<Action type="3" message="1601" sParam="&#x00A9;" /><Action type="3" message="1602" sParam="(C)" />
<Action type="3" message="1601" sParam="&#x2122;" /><Action type="3" message="1602" sParam="(TM)" />
<Action type="3" message="1601" sParam="&#x00AE;" /><Action type="3" message="1602" sParam="(R)" />
</Macro>
--
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Carlos E.R. wrote:

But nothing has changed in that I'm still using telnet with gVim.

But you have to be careful about what your random headers do to us. You should not use random headers in things like the charset.

Hi Carlos,

I appreciate that you explained that the charset header, which I've never really ever looked at in earnest, may affect what it does to your
newsreader.

I have a dictionary for every header line, where it's a mix-and-match
affair to pair the character-set header line with the rest of the header.

What is a good single character set line that will be friendly to you?
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit

MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit

MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

etc.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: comp.mobile.android

Chris wrote:

Any imaginative person can think of many instances where having a database >> of all the people who moved and exact where from and to, is useful.

Not people. WAPs.

My AP BSSID is me. It's nobody else. It's me. To 8 decimal places, it's me. They have my name. My address. Everything. My BSSID is me.

Why do you think I redacted my BSSID in the screenshots I provided you?
<https://i.postimg.cc/C5Pcb6RQ/decimal.jpg>

I even published a tutorial for how you can track BSSID's, Chris.
I published that tutorial on Saturday. To prove the point it's easy.

Let's just say California wanted to find all the people who moved from
California to Florida who retired to ask them to pay their 401K taxes.

It would be trivial, using Apple's WPS system, to find everyone in any
given county in Florida who recently moved there from California.

Go on then. If it's so trivial, why don't you do it?

Show us with step by step instructions how many *people* - as you claim - moved to FL from CA in the last six months.

You have a week. If you can't then I call bullshit.

You are nuts. It's so trivial that you must be nuts to not realize it is.
I did it already. I already wrote the code. I already published the code.

I published the code on Saturday already.
It takes any number of BSSIDs and tracks them.

I am a bit dismayed that your argument defending Apple to the death,
no matter what, is so baseless, that I already published the code.

I know what will happen, however. You won't even try. You will cry, shout
and stomp your feet blaming everyone else apart from yourself. Just like a big baby.

You are nuts. I already posted the code long ago to this very newsgroup.
I wrote the tutorial for God's sake. You're nuts, Chris. Seriously. Nuts.

You claim I won't do what I already did for God's sake. You're nuts Chris.

You'll not hear from me until next week so as to not direct you from this important privacy risk study.

I've concluded you completely lack fundamental imagination skills, Chris.
You have no concept of how this code can be used to track people, do you?

From: Marian <marianjones@helpfulpeople.com>
Newsgroups: alt.comp.os.windows-10,alt.internet.wireless,alt.comp.microsoft.windows,alt.comp.os.windows-11
Subject: Tutorial: Query the Apple database with Python for your access point BSSID
Date: Sat, 6 Dec 2025 10:55:40 -0700
Message-ID: <10h1qmr$2alo$1@nnrp.usenet.blueworldhosting.com>
--- Synchronet 3.21a-Linux NewsLink 1.2