Mapping Wifi/Bluetooth SSIDs and Cell Towers for GeoLocation

Mozilla is going to be dumping their “Mozilla Location Services” users. Retiring the Mozilla Location Service · Issue #2065 · mozilla/ichnaea · GitHub

This is a very big deal. the geoclue service it enabled is at the heart of most linux-based location services. Every distro, and the firefox browser itself, will need a replacement. Google Location Services, the runner up, is exactly what most MLS users want to avoid.

Wigle.net has a database of SSID sightings. I think OSM could work with Wigle to merge that data in to reduce shared costs and make it available for users to geolocate.

The idea is when your computer needs to know where it is to search for restaurants, etc, ip-lookup based geolcoation is very rough, and entirely useless if you’re using a vpn. Instead, your device can observe what SSIDs are around it and how close they are.

Then it can search for those SSIDs on a map, and make a very good guess of the laptop’s location if the map knows the SSIDs are all within a certain area your device is probably in the middle of it.

I have not noticed SSIDs on OSM though. Is there a rule against it?

I know there’s a point object for ‘wifi hotspot’ But it doesn’t have an SSID or mac address field, which it would need for this. A hotspot also doesn’t need to be open to help geolocate. if it’s merely visible/broadcasting then you can infer your location from it.

And if users are allowed to download/cache large areas of the map, then they can keep their exact location secret from the server itself.

Perhaps using geoiplocation or a prompt “what metro area or state are you in” you download all tiles of wifi/bluetooth ssids within 100 miles. Then your device can internally figure out where it is on those tiles! A laptop could reasonably cache all of a continent.

For public WIFIs there is tag internet_access:ssid
I don’t think it’s good idea to add SSIDs of private, especially residential WIFIs to OpenStreetMap.
That data is not trivial to verify. There are both privacy and legal concerns.
I think it’s better to keep such a data in separate project.

So that tag is applied to an existing business or building of some sort I take it?

What about APs on poles operated by the city or phone company? For instance in my area, the cable tv company has little APs on the wires between utility poles. You can see them glowing with LEDs at night, and they provide a sort of roaming internet access throughout much of the urban area of the city. They’re not part of any building, and not on any pole either

I think it would be prudent to have a field for the mac address of the AP, not just network name. And password if it is posted publicly. The Mac address isn’t likely to be typed by hand by a mapper, but I would expect this data to be gathered by script and the AP’s mac address 1) should be globally unique and 2) unchanging even if they rename their AP

So the mac is more consistent and searchable.

Also, I think a point for the AP antenna is more useful, than an attribute for the building. Especially with large buildings, it really does matter where the antenna is. or they may have multiple different APs in the same building. perhaps one in a neighboring building is actually closer to you for instance.

Must admit I had never thought of using WiFi to get a location.

If I’m away from home and want to find a pub or a supermarket then I am going to use OSMand on my mobile, which uses GPS. Not that I’m likely to connect a laptop to a strange WiFi network, I just use my mobile as a connection.

And that’s an excellent choice.

But some folks don’t like mobile phone companies tracking where they are and what they use their phone for. Or they live in tyranical countries where the government can solicit that data from a phone company in less than legitimate ways to mass-surveil the innocent, peaceful public.

At least with ‘strange wifi networks’ and mac address randomization on your laptop/phone you can connect to tor and use the internet unlimited, anonymously, and without using up a lot of the battery capacity of your phone, which is always in short supply in my experience.

Using wifi APs for get location is in my mind, like using light houses at sea. If you have a map of the light houses, and you know which ones you can see, you can put yourself on that map.

You can always walk into any supermarket/convienience shop and pay cash
for a SIM and top up with cash.

I think mapping SSIDs is fickle because if you simply observe the
presence of a SSID on your phone you don’t know whether that is mobile
or stationary, and you don’t know where exactly it is (only that you are
receiving a signal).

I would advise against mapping SSIDs based on “sightings” - I would only
map them if you know where the access point is.

I would therefore also be against an import of data from “Wigle.net”
even if it were possible. I had a brief look at Wigle.net and saw that
their standard dataset is only available for noncommercial use (and
therefore unsuitable for OSM since OSM data cannot be restricted to
noncommercial use); apparently the Wigle.net users have a choice of
allowing commercial use when they upload and Wigle.net then sells these
commercial-use licenses (to a subset of their data). Any import - which,
again, I would advise against - would have to be negotiated with
Wigle.net first and could only use the part of their data that is
commercially usable.

“any” Not necessarily. Not in all countries. And hardly in all shops.

And even if you did, that sure sounds like a lot more time and work and cost than clicking on NetworkManager in the right corner of your screen.

And even if it wasn’t, that sim card now links all your online activity to one sim card/esn/id unless you go through the additional process every day.

Mac address randomization is now default on a lot of network stacks. And doesn’t require walking into a 7-11.

Nothing’s perfect. I get that. But I want to work in the right direction at least.

Back to mapping related discussion… Self-geolocating with a map of Wi-Fi radios is the next best thing if you don’t have a gps receiver (most laptops still don’t for whatever reason).

But it looks like Wigle might best stand alone given their content licensing. or perhaps they could use osm for their map background. I wish Wigle was better run, more open, and I wish Mozilla wasn’t dumping their location services!!!

I’m working on BeaconDB, a new alternative to MLS that hopes to publish data dumps under a public domain license. I’ve received a pretty significant amount of data over the past few weeks and am researching how I can protect the privacy of both contributors and AP owners before I publish any data.

Mozilla wasn’t able to publish any of their WiFi data because MAC addresses/SSIDs are personal information - if I was to publish data dumps containing these identifiers, I would be making it extremely easy to track where WiFi networks move over time. I’ve been experimenting with different ways to obfuscate this data, such as hashing the MAC and truncating it, creating collisions on purpose. This means that one WiFi network maps to multiple possible locations, and the client has to know multiple physically nearby WiFi networks in order to estimate an accurate location.

I’ve recently been thinking about how I can help prevent contributors from leaking information such as where they live, and figured I’d ask here as OSM contributors have much more experience with this. I recently asked the BeaconDB community about their opinions on using an account system to ensure that WiFi networks had been seen by multiple contributors, but I’m still not sure that this is the best solution.

When mapping OSM, users are aware of what data they’re changing, but with BeaconDB, users are uploading their location and where they’ve been, so I want to make sure that this information is protected.

If I’m away from home and want to find a pub or a supermarket then I am going to use OSMand on my mobile, which uses GPS. Not that I’m likely to connect a laptop to a strange WiFi network, I just use my mobile as a connection.

Your phone would also be using nearby WiFi networks to estimate its location. GPS signals are hard to pick up when indoors or in dense cities, and your phone would be instead be estimating it’s location using WiFi data from Apple/Google’s proprietary database.

I feel APS available designed for some type of public use can be considered a recordable feature. They tend to stable and verifable. Either having no password or some process to gain access via a sign up mechanism. Even with those with restricted access but otherwise publicly broadcasted SSIDs should be reasonable to add. They can be treated as a location markers or a geofencw formed by a cluster of tranmiters.

BeaconDB is profoundly important work. Thank you Joel, for taking this on. I’ve installed NeoStumbler and set it up to your endpoint. I encourage all to do so.

This needs more visibility, now. Everyone please share this and help this project flourish. With MLS gone, BeaconDB is our best hope for an opensource location service!

The title mention Cell Towers but talks mostly about WiFi, so to add a few cents on the cell network side.

The OpenCellID project makes cell tower location available with an open license. It does not have the privacy and legal implications that WiFi data has.

As mentioned earlier the problem with this data is that you do not know where the sending unit is. When collecting this information OpenCellID merges several sightings from different persons and tries to calculate where the tower is. This is also later done “in reverse” by the client to approximate the position.

In normal operation a cell tower has several antennas, these are directional and use different frequencies. One can think of it like a central point with several triangles pointing out from the point, these are the cells. So one tower would probably need to have several datapoints with direction tag.

If you download the data from OpenCellID it can be used offline, it is also possible to use it in your own MLS service. So what is really needed is someone willing to import the data and run a new MLS service, maybe even run it by several independent people? Did I hear blockchain, Fediverse och Matrix as protocol?

With all that said, I don’t think this is a good match for data to be included in OpenStreetMap.