this post was submitted on 17 Aug 2024
649 points (97.4% liked)
Privacy
31799 readers
329 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I was under the impression that BSSID scanning was entirely passive, and that a phone that scans for beacons doesn't actually reveal itself to anyone.
It was in response to the Naomi Brockwell post she did on Twitter about businesses using WiFi, Bluetooth and Location Services to track you in public locations. You can Google it directly "NBTV Advice from Defcon" or this link: https://nbtv.substack.com/p/advice-from-defcon-turn-off-bluetooth
I get how it works with wifi connections, and Bluetooth scanning (since that's a peer to peer protocol that needs to broadcast its availability), and obviously the OS-level location services, but I'm still not seeing how seeing wifi beacons would reveal anything. For one, pretty much every mobile device OS now uses MAC randomization so that your wifi activity on one network can't be correlated with another. And for another, I think the BSSID scanning protocol is listen only for client devices.
Happy to be proven wrong, and to learn more, but the article linked doesn't seem to explain anything on this particular supposed threat.
This is my understanding as well, but also not an expert.