Location Privacy

By dougt | Published: October 26, 2009

A month ago, I was at the MetaPlaces conferences on a panel on Privacy. Dev, the moderator, asked a really interesting question: “what are you most scared about”. It is a very interesting question. Sitting next to me was the head lawyer of the CDT, someone who has giving me tons of grief about the w3c’s approach of geolocation on the web. He joke that my biggest fear should be not listening to his advise on this. However, I am a lot more scared of something else.

The previous day at MetaPlaces, I heard a lot about mobile advertising and the targeting operators can provide. What was most scary for me was the amount of information operators have and their use of this information to place you into a very detailed market segmentation… all of this without your expressed permission…

One company was able to take a two week data drop from an undisclosed operator and tell you the sort of lifestyle, socioeconomic status, age range, and other demographics of the phone owner. The data drop merely consisted of longitudes and latitudes of where the phone was at given times. Following a single phone you are able to known where the person lives, what kind of coffee he drinks, what area the person works, what stores he shops at, what their work hours are like, are they hitting clubs at night or are going home, and do they spend time at the library. And the user is aware that this sort of tracking is happening!

This is wrong. Operators should always be up front about this. The location data is yours. Where you take your phone, like who you call, is personal information.

Recently, a group of privacy advocates are calling on Congress to address some of these concerns. Some of the more interesting requests are:

* Sensitive information should not be collected or used for behavioral tracking or targeting.

* Individuals should be protected even if the information collected about them in behavioral tracking cannot be linked to their names, addresses, or other traditional “personally identifiable information,” as long as they can be distinguished as a particular computer user based on their profile.

* Individuals should have the right to confirm whether a data controller has their personal or behavioral
data, request such data, and delete it.

For more information about this effort, please check out the CDD press release.

Posted in General | Tagged , | Leave a comment

how i made the 192 pushlog ugly

By dougt | Published: September 30, 2009

in other words, how i screwed up a hg push. I wanted to push changes from mozilla-central to mozilla-1.9.2. The standard way is to:

=============================================================
how to apply a m-c committed patch to a release branch
=============================================================
hg qimport http://hg.mozilla.org/mozilla-central/raw-rev/
hg qpush
hg qref -e # add approval information
hg qfin .
hg push

What I did was basically the same thing, with a few shortcuts (insert your favorite story about how cutting corners can cause harm).

Basically I started out with a bug report. It has the information about what it fixed, who reviewed it, who approved it, etc. The first thing to do is verify that it all checks out and is a reasonable thing to do. In the bug, there usually a comment with the hg changeset information. Here was my first shortcut; I copied the url to the html version of the changeset from the bug, and run the qimport command. `hg qimport` has no problem with importing that patch (which should probably generate an error, but anywayz). What this did was imported a big html file — not what I wanted at all.

I then jumped over the `hg qref -e` command. This would have allowed me to see the changeset’s original comment. I would have been able to see that the qimport terribly failed. Also, this is a good idea to do so that you can add the appropriate a=foopy approval flag(s).

The last shortcut I took was I didn’t do a sanity check by running `hg out -p` which would have shown me what I was pushing. This is always a good idea to see what you are pushing. Sure reliance on the tools is fine and dandy, but actually seeing what hg thinks it is going to push doesn’t hurt and only takes a few seconds.

3 shortcuts resulted in a skidmark on the 191 push log:

http://hg.mozilla.org/releases/mozilla-1.9.2/rev/739c7a69d412
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/1898753917d5

Sure there are worse things (e.g. patch bomb, pushing without testing, breaking trees), but I thought I would write this up both for clarification of how I messed up as well as a warning. :-)

Posted in mozilla | Tagged , | 3 Comments

CoreLocation in 10.6

By dougt | Published: September 21, 2009

I took a really quick look at the built-in location services on Mac 10.6.  I wanted to determine what sort of accuracy the feature had out-of-the-box, and what the API looked like.

The code is pretty simple.  Just something like:

CLLocationManager* locationManager = [[CLLocationManager alloc] init];
locationManager.delegate                = self;
locationManager.desiredAccuracy = kCLLocationAccuracyBest;
[locationManager startUpdatingLocation];

The delagate is just two functions:

- (void)locationManager: (CLLocationManager *)manager
didUpdateToLocation: (CLLocation *)newLocation
fromLocation: (CLLocation *)oldLocation
{
}

- (void)locationManager: (CLLocationManager *)manager
didFailWithError: (NSError *)error
{
}

If you put this in your code, you magically get a prompt that looks like this.  “Untitled” is the name of my application.

Location Request for "Untitled" application

Location Request for "Untitled" application

Clicking on the Help icon, you get the following:

Help screenshot

Help screenshot

The network requests goes to mac-services.apple.com.  The good news is that it is over a secure network channel.  The bad news is that the content is also hidden from inspection.  (eg.  since this is close source, Apple could be passing anything.  The thing that worries me is that it might be passing the application name which would give unfair Apple insight into what applications are popular).

The accuracy is pretty good — it places me at the building I am working from.  Now where is the support for Geolocation in Safari?  :-)

Posted in General, mozilla | Tagged , , , | 3 Comments

Using CoreWLAN on MacOS 10.5

By dougt | Published: September 16, 2009

When Apple’s OS X version 10.6 shipped, they broke compatibility will all 3rd party geolocation applications.  This wasn’t entirely unexpected as we all were using a private framework which wasn’t documented.  So, Firefox 3.5 and Gears, and probably Skyhook, are busted right now on OS X 10.6.

Apple has provided, with limited documentation, a new public framework called CoreWLAN.  It looks pretty easy to use.  To do a scan of the WIFI access points, you can simply do:

#import <Cocoa/Cocoa.h>
#import <CoreWLAN/CoreWLAN.h>

NSError *err = nil;
NSDictionary *params = nil;

NSArray* scan = [NSMutableArray arrayWithArray:[[CWInterface interface] scanForNetworksWithParameters:params error:&err]];

This is all fine and dandy.  However, Firefox uses 10.5, and so using the above code will not compile using the old SDK.  Unfortunately, Apple didn’t provide any C apis – only exposing this objective-C API.  So, what I had to do was some objective-c magic.  Check out the reference (http://developer.apple.com/mac/library/documentation/Cocoa/Reference/ObjCRuntimeRef/Reference/reference.html)

Basically, we needed to be able to dynamically load the CoreWLAN library, that is simple enough:

void *corewlan_library = dlopen(“/System/Library/Frameworks/CoreWLAN.framework/CoreWLAN”,  RTLD_LOCAL);

Now that this library has been loaded, we want to simulate the objective-c call “[CWInterface interface]“.

// get the class
Class CWI_class = objc_getClass(“CWInterface”);
// register the selector name
SEL interfaceSel = sel_registerName(“interface”);
// make the call
id interface = objc_msgSend(CWI_class, interfaceSel);

This mess above is the same as:

id interface = [CWInterface interface];

As you probably can see, it isn’t that hard to do this, just it is syntactically nasty.  Here is the source to the little application I was testing with:

#include <mach-o/dyld.h>
#include <dlfcn.h>
#include <unistd.h>

#include <objc/objc.h>
#include <objc/objc-runtime.h>

Class CWI_class = objc_getClass(“CWInterface”);
printf(“cwi class %x\n”, CWI_class);

SEL interfaceSel = sel_registerName(“interface”);
printf(“sel: %x\n”, interfaceSel);

SEL scanSel = sel_registerName(“scanForNetworksWithParameters:error:”);
printf(“scanSel: %x\n”, interfaceSel);

id interface = objc_msgSend(CWI_class, interfaceSel);
printf(“interface: %x\n”, interface);

id scanResult = objc_msgSend(interface, scanSel, 0, 0);
printf(“scanResult: %x\n”, scanResult);

Hope this helps.  Please let me know of an easier way, if one exists.

Posted in mozilla | Tagged , , , | 5 Comments