1

My question relates to this question: How does Google know where I am? and ask a similar question to this (but that accepted answer doesn't pertain to BSSIDs).

The chosen answer in my first linked question describes a large database of previously saved geolocation information (GPS, cell towers) mapped to BSSIDs.

The reason for wanting to construct such a database must mean that BSSID can be retrieved at their (database maintainers, such as Google) end and then matched to their saved location. Is that correct? If that is correct, I wonder why BSSID would need to be sent beyond the Access Point?

Thanks

Sheepwall
  • 13
  • 2

2 Answers2

2

You access point is not sending your BSSID anywhere on the internet. It is just broadcasting the BSSID locally so that any WiFi devices nearby can see it (and connect to it if they want and have the credentials).

These WiFi devices might have a known location (for example determined using GPS) and thus can create a mapping between the known location and the visibility (and strength) of the BSSID around this location. These WiFi devices (and not the access point) then can upload this mapping to some central place where these information gets accumulated into a central database. Such central mapping then could be queried later to map visibility of specific BSSID's back to a location.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • Very insightful answer. Based on this, it wouldn't be surprising if the public IP of the access point gets mapped to the location as well. Then, the location is known for anyone who connects to the access point (regardless of the device they are using) based on the public IP of the access point. This would explain how sites that you've never visited before are able to determine your location, even if your device does not advertise its location. – mti2935 Oct 26 '19 at 17:31
  • @mti2935: I doubt that the public IP is mapped too for multiple reasons: First, it is useless in most cases since most of the AP are on consumer internet connections (i.e. cable, DSL, FFTH) and it is common that these connections regularly get a new public IP address, if they get a public IP at all (DSLite). Also neither private nor public IP can be determined by just scanning for AP (which is enough to get the BSSID). Instead the client must actually connect to the AP which usually requires authentication (WPA password) unknown to the client. – Steffen Ullrich Oct 26 '19 at 18:03
  • The public IP of my consumer ISP service (Comcast) has not changed in over a year. The same is true for many others that I know who use broadband ISP service in the US from other providers. Also, the context of my comment was *after* the user connects to the AP and then starts 'surfing' the web. In any case, I agree with your answer (and upvoted). – mti2935 Oct 26 '19 at 18:08
1

The reason for wanting to construct such a database must mean that BSSID can be retrieved at their (database maintainers, such as Google) end

No. There's more ways to retrieve information about wireless networks. Google drives around taking photos for Street view. I would be surprised if those cars don't log WiFi networks seen as well.

Google also happens to make software for gadgets with a GPS receiver and WiFi Receiver. It seems they use these gadgets, commonly referred to as phones to gather data as well.

You also have crowsourced databases such as Wigle.

and then matched to their saved location. Is that correct? If that is correct, I wonder why BSSID would need to be sent beyond the Access Point?

Applications may send it, but that's data sent by the device, on purpose. It's not included at the network level. If you wonder, fire up a packet logger, such as Wireshark and watch what leaves your computer.

vidarlo
  • 12,850
  • 2
  • 35
  • 47