Aren’t the first two kind of dependent on how many cell towers or wifi hotspots you’re within range of? I mean, they’re both basically identifying transmitters of known range, deriving a range based on signal strength, and overlapping those range circles and seeing where they all overlap. Seems to me that to a certain extent, more is better.
It was an example which was why I made sure to note that it was in an urban area, but all three are doing that and GPS is way more accurate.
And the position information from WiFi will be far more precise than 100 feet. Heck, a lot of transmitters don’t even have a range that long.
With wifi or bluetooth you need to have several transmitters in range, and you need to know exactly where they are. I read up on it and due to noise and imprecise measurements of signal strength from the radios in phones and other devices, you only get within about 1-2 meters of accuracy.
Like everything, far more accuracy is possible if you are willing to pay more for the components.
Great post, I’ve learned a lot about phone GPS!
@Askyourmom: Re: your running app’s accuracy
There is a definitely a difference between apps. I cycle and was using “Map My Cycle” app for iOS. One route takes me along a river and the app would frequently map me as being along the opposite side of the river for large stretches, maybe 50m from where I was (zigzagging over the water). I frequently do the same routes and found there was roughly a 10% variation in the length it told me I’d traveled.
The final straw was when I was once cycling along an oceanside bike trail. For about 500m it tracked me as being about 50m off shore! I emailed them to see if there was something I could change in my settings and only received a form email back, so I stopped using the app out of frustration.
I assumed these GPS issues were endemic to iPhones and was complaining to friends when they suggested I try Strava. I couldn’t be happier. I’ve found it be very consistent in the mapping and distance tracking. If I zoom in I can even see where I’ve swerved to go around road construction.
And 1-2 meters is, indeed, far more precise than 100 feet.
In the iPhone (at least, other mobile OSs way do the same) there are several levels of location services that an app can request. The levels differ in accuracy and frequency, and I think you can also specify whether you need gps accuracy or if WiFi/cell position is enough. It’s all to allow developers to make a trade off between battery life and maybe how much info their app generates. Sounds like the devs of the first app you were using made the wrong choice.
The main limiter on Wi-Fi accuracy on most databases is not due to the limitations of the technique but rather the rather large step size of the surveys.
Google and Mozilla often collect data by driving vehicles down roads and some databases will harvest data from your phone but in general they cannot drive their collection vehicles through your living room in a grid tight enough to reach the accuracy limits of the technology.
Even in projects like the Mozilla Location Service which crowdsource data collection with cell phone apps cannot exceed the accuracy of other data source that they use to actually build the data sets.
https://wiki.mozilla.org/B2G/QA/Geolocation#MLS_.2F_Wifi
As SBAS/WAAS is required to get current GNSS services within 1M of maximum accuracy, the 1-2 meters possible by Wi-Fi technology is just not practical to achieve in real world conditions. In general, with the systems I have information about, these databases consider a PDOP >= 4 as acceptable. Even at an optimistic PDOP of ~1.7 with a H/V DOP of 1.1/0.9 without SBAS you will have a 95% horizontal accuracy of about 60’. As the database simply doesn’t have accurate enough data to approach the limits of the technology, the technology is not the limiting factor in this case.
You are conflating the accuracy and precision of the underlying technology with the practicable accuracy and precision of a service.
Most driving apps will also assume that you’re on a mapped road absent strong evidence to the contrary. So if the GPS puts you five meters to the side of the road, it’ll say that you’re on the road. But of course, that wouldn’t work for bicycling, since you might be crossing a field, and even if you’re on a trail, the trails are less likely to be on the maps.
Accurate GPS coordinates for every US state and federal legislative chamber are readily available. Think about what you’re suggesting: that bad people have refrained from doing bad things to legislative bodies primarily because they’re not quite sure where state capitols are.
They know. Everyone knows. The precise location of state legislative chambers is not a secret. Even if it were, calculating the actual coordinates based on distance from some other landmark is trivial. Those coordinates aren’t a secret partly because they can’t be a secret.
Even so, depending upon that kind secrecy is a terrible idea. The term of art in the security world is “security through obscurity,” and anyone who suggests it instantly outs themselves as someone who doesn’t understand security. See also: “security theater.”
There’s nothing wrong with asking questions, of course, but it’s best not to get too agitated about any particular threat until after one has thought it through.
When I was in high school (and for many years before that) parents would occasionally participate in a moral panic over The Anarchist’s Cookbook because, if they got their hands on that book, teenagers/terrorists/boogeymen would then be able to make bombs (or something). But those parents somehow didn’t notice that our teachers were feeding us all the information we needed to make bombs. These stealthy classes in mayhem studies were called “high school chemistry” and “high school physics.”
The people who secure state capitols almost certainly consider the possibility of GPS-guided vehicles and how to defend against them. Keeping the precise location of the capitols a secret is not on their list of countermeasures. Besides, any bomb big enough to kill an entire state legislature isn’t depending on pinpoint accuracy to be effective.
Anyone who wants to know more about how security entities prioritize threats and how they decide to act (both for the sake of appearance and to guard against genuine threats) could do worse than picking up one of Bruce Schneier’s books. His understanding of security is formidable and his capacity to explain it is extraordinary.
Note that for individuals, the security implication of Wi-Fi locations is greater then that of GPS.
When a cell phone is non-associated with an AP it will actually announce the names of the networks it is trying to join. If you have the Network Name (SSID), and that SSID is in the databases and fairly unique it is trivial to find were those networks are located.
In other words, if you have to have a meeting with a stalker leave your phone at home or at least shut off the Wi-Fi.
I think the premise is not that the attackers don’t know where the target is, but that they don’t know where their drone/missile/weapon is, at least not well enough, because GPS is insufficiently precise.
It’s still a silly fear, though, because even if GPS and other location-finding electronics weren’t precise enough, you could just put a camera on the drone and have a human pilot fly it in to the precise target by remote control.
In a modern context yes, the concern is making sure the signal you are using is reliable and authentic although many of those were originally reserved to the PPS service.
But to your point, I don’t doubt that the availability of digital imagery was one factor
when the US disabled GPSs Selective Availability (SA) “to make GPS more responsive to civil and commercial users”
Obviously in 1978 when they did the first launch digital imagery wasn’t around though. The new versions of the GPS satellites don’t even have the SA feature at all.
I agree, but the poster I was responding to specifically mentioned “accurate GPS coordinates for a state legislature’s chamber,” which is pretty unambiguously worded. Still, yes, the poster was likely thinking of the premise you mentioned even if the post reads differently.
As you point out, GPS accuracy is not a barrier to this sort of attack, whether we’re talking about exact target coordinates or receiver precision/accuracy. But many people feel an impulse to lock down neutral or “bad”-but-broadly-known information they imagine to be threatening, as with The Anarchist’s Cookbook. GPS coordinates are both neutral and very broadly known information at this point and can’t be effectively locked down.
The poster asked—reasonably—whether accurate location information (manifested via GPS) represents a security threat. The answer is, essentially, “no, not really.” We’ve got plenty of actual, substantial threats to focus on without frightening ourselves with imagined ones.
As usual, Dopers have gone above and beyond the call of duty in response to my questions, and I just want to say that I appreciate all of your very informative responses.