1. Forum
  2. Newsgroups
  3. comp.sys.mac.system

  • Most people on iOS/Android are rudely allowing global tracking of you (not me - but you)

    From Marion@mariond@facts.com to misc.phone.mobile.iphone,comp.sys.mac.system,alt.internet.wireless on Sat Nov 8 10:32:20 2025
    From Newsgroup: comp.sys.mac.system

    Most people on iOS/Android are rudely allowing global tracking of you.
    Note this is two different things:
    a. Most people are rudely contributing to the tracking databases
    b. Most people are rudely being tracked by the tracking databases

    Note specifically that I'm intelligent & well informed & not rude.
    a. Hence, I am NOT contributing to the tracking databases
    b. And I am NOT being tracked by the tracking databases

    But you are.

    See references below:
    Outlets like The Register and Cybersecurity News reported that
    Apple's WPS could be abused to track people around the globe
    by tying their home routers' BSSIDs to precise GPS coordinates.
    <https://www.theregister.com/2024/05/23/apple_wifi_positioning_system/>
    While the published work focused on Apple's system, Google's operates
    on the same principle as Android devices upload BSSIDs + GPS coordinates,
    so the same vulnerabilities apply.

    I repeat for effect: Your BSSID is you (by name even) & address.
    If you take your router or bluetooth devices with you, they followed.

    Note the references below where the "good guys" proved how unprotected
    Apple's system is, but they said, by extension, Google's system is similar.

    Apple's Wi-Fi Positioning System abuse
    (2024, University of Maryland)
    Researchers showed that Apple's crowdsourced Wi-Fi database
    could be exploited to track Wi-Fi access points and their
    owners globally. By querying the system, they amassed a worldwide
    snapshot of BSSID geolocations in just days, proving that an
    attacker could surveil households at scale.
    <https://cybersecuritynews.com/apples-wi-fi-positioning-system/>

    "Surveilling the Masses with Wi-Fi-Based Positioning Systems"
    (2024, University of Maryland)
    This academic paper demonstrated that Wi-Fi positioning systems
    can be abused to create a global privacy threat. They showed how
    an unprivileged attacker could harvest millions of BSSID-location
    pairs and use them to track movements or identify households
    <https://arxiv.org/html/2405.14975v1>

    Specifically: <https://arxiv.org/pdf/2405.14975>
    1. Researchers Erik Rye and Dave Levin demonstrated that Apple's
    Wi-Fi Positioning System (WPS) could be queried at scale to
    harvest hundreds of millions of BSSID-location pairs worldwide.
    2. They showed that an attacker could map and track Wi-Fi access
    points globally, even if the owners never used Apple devices
    themselves.
    3. The paper explicitly warns that this enables mass surveillance
    of households, since each BSSID is tied to a fixed home location.

    Deanonymization research
    (NDSS Symposium, 2021)
    Work presented at the Network and Distributed System Security Symposium
    showed how device identities can be deanonymized via side-channel
    attacks on wireless protocols, including Wi-Fi. While not focused
    solely on Google's database, it highlighted how BSSIDs can be
    leveraged to track and identify users <https://www.ndss-symposium.org/ndss-paper/deanonymizing-device-identities-via-side-channel-attacks-in-exclusive-use-iots-mitigation/>

    Researcher Erik Rye presented how he was able to map hundreds of
    millions of access points in days using Apple's API, without
    needing special privileges.

    This proved that the system could be exploited by anyone with
    developer access to Apple's geolocation services.
    <https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide>

    REFERENCES:
    <https://cybersecuritynews.com/apples-wi-fi-positioning-system/>
    <https://arxiv.org/html/2405.14975v1>
    <https://www.darkreading.com/endpoint-security/apple-geolocation-api-exposes-wi-fi-access-points-worldwide>
    <https://www.ndss-symposium.org/ndss-paper/deanonymizing-device-identities-via-side-channel-attacks-in-exclusive-use-iots-mitigation/>
    <https://www.theregister.com/2024/05/23/apple_wifi_positioning_system/>
    --
    The real problem is the combination that almost all iOS & Android users are incredibly rude people, coupled with Google & Apple hoovering your privacy.
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Brock McNuggets@brock.mcnuggets@gmail.com to alt.internet.wireless,comp.sys.mac.system,misc.phone.mobile.iphone on Sat Nov 8 18:07:46 2025
    From Newsgroup: comp.sys.mac.system

    On Nov 8, 2025 at 10:32:20 AM MST, "Marion" wrote <10enur4$1ar5$1@nnrp.usenet.blueworldhosting.com>:

    Most people on iOS/Android are rudely allowing global tracking of you.

    Most people are allowing tracking of me? Um, they can't track me so how can they allow others to?

    Note this is two different things:
    a. Most people are rudely contributing to the tracking databases
    b. Most people are rudely being tracked by the tracking databases

    Note specifically that I'm intelligent & well informed & not rude.

    Intelligent. Maybe.
    Well informed. Maybe, but certainly not as much as you think.
    Not rude: Not as rude as some but hardly lacking in that trait.

    a. Hence, I am NOT contributing to the tracking databases
    b. And I am NOT being tracked by the tracking databases

    But you are.

    We all are.

    If you thin Google and MS and FB do not have you in their databases then you are delusional.
    --
    It's impossible for someone who is at war with themselves to be at peace with you.
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Marion@mariond@facts.com to alt.internet.wireless,comp.sys.mac.system,misc.phone.mobile.iphone on Sat Nov 8 14:32:21 2025
    From Newsgroup: comp.sys.mac.system

    Brock McNuggets wrote:
    Most people on iOS/Android are rudely allowing global tracking of you.

    Most people are allowing tracking of me?

    The concept is that OTHER PEOPLE are constantly violating your privacy.

    Unless they're intelligent & knowledgeable about devices. Like I am.
    Then they aren't violating your privacy.

    It's an important point about being intelligent with your phone setup.

    Um, they can't track me so how can they allow others to?

    While both default iOS and default Android each violate your privacy, intelligent people on Android can at least violate your privacy less.

    I wrote up this thread that explains the technical issues better.
    From: Marion <mariond@facts.com>
    misc.phone.mobile.iphone,comp.mobile.android,alt.internet.wireless
    FACTS about Apple/Google crowd-sourced Wi-Fi & Cellular location tracking
    Date: Sat, 8 Nov 2025 12:48:11 -0700
    Message-ID: <10eo6pq$20q4$1@nnrp.usenet.blueworldhosting.com>

    Note this is two different things:
    a. Most people are rudely contributing to the tracking databases
    b. Most people are rudely being tracked by the tracking databases

    Note specifically that I'm intelligent & well informed & not rude.

    Intelligent. Maybe.
    Well informed. Maybe, but certainly not as much as you think.
    Not rude: Not as rude as some but hardly lacking in that trait.

    Well, I think it's rude for people to upload your private information to Google's and Apple's public databases, but you might not think it rude.

    a. Hence, I am NOT contributing to the tracking databases
    b. And I am NOT being tracked by the tracking databases

    But you are.

    We all are.

    Not me.

    1. My phone does NOT upload anybody's private finterprint to the databases.
    2. Yours does.

    If you thin Google and MS and FB do not have you in their databases then you are delusional.

    Not me.

    1. My router is not in Google's or Apple's databases.
    2. Yours is.
    --
    The advantage of being born with intelligence is being able to understand.
    --- Synchronet 3.21a-Linux NewsLink 1.2