Hi, Many people seem interested in a downloadable geolocation database, so that they can locate themselves without having to send any data over a network. I imagine this would not be the raw uploads, but something processed to contain 1 entry per wifi hotspot with its average location. If a hotspot had been seen in multiple locations it would not be included, as it probably a mobile phone or public transport and would not be useful.
This privacy risk from this is small, if eve is trying locate alice, she would need to know the BSSID of alice's hotspot, which probably means knowing its location. http://www.advogato.org/person/zeenix/diary/326.html gives an example where this is still a problem (though filtering out moving hotspots means that the new location would not be in the database, assuming that the old one was). The web API prevents these information leaks be requiring that a query contains multiple hotspots. Now to find a hotspot you need to know several other hotspots that it is nearby. I suggest that something similar is done with the database download, by only giving weak information about each hotspot. For example either its latitude or longitude (depending on something deterministic such as the last bit of the BSSID). Now an individual hotspot can't be located, but a group known to be close together can. There are a few alternatives, for example a hot spot could either be coarse (integer part of coordinates) or fine (fractional part of coordinates), but I am not sure this is any better. Sam _______________________________________________ dev-geolocation mailing list [email protected] https://lists.mozilla.org/listinfo/dev-geolocation
