{"id":1108,"date":"2010-06-05T16:16:31","date_gmt":"2010-06-06T00:16:31","guid":{"rendered":"\/?p=1108"},"modified":"2010-06-19T23:23:31","modified_gmt":"2010-06-20T07:23:31","slug":"are-ssids-and-mac-addresses-like-house-numbers","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=1108","title":{"rendered":"Are SSIDs and MAC addresses like house numbers?"},"content":{"rendered":"<p>Architect Conor Cahill <a href=\"http:\/\/conorcahill.blogspot.com\/2010\/06\/privacy-theatre.html\">writes<\/a>:<\/p>\n<p style=\"padding-left: 30px;\">Kim&#39;s assertion that Google was wrong to do so is based upon two primary factors:<\/p>\n<ul style=\"padding-left: 30px;\">\n<li>Google intended to capture the SSID and\u00a0<a href=\"http:\/\/en.wikipedia.org\/wiki\/MAC_address\">MAC address<\/a> of the access points<\/li>\n<li>SSIDs and MAC addresses are persistent identifiers<\/li>\n<\/ul>\n<p style=\"padding-left: 30px;\">And it seems that this has at least gotten Ben re-thinking his assertion that this was all about privacy theater and even him giving Kim a get-out-of-jail-free card.<\/p>\n<p style=\"padding-left: 30px;\">While I agree that Kim&#39;s asserted facts are true, I disagree with his conclusion.<\/p>\n<ul style=\"padding-left: 30px;\">\n<li>I don&#39;t believe Google did anything wrong in collecting SSIDs and MAC addresses (capturing data, perhaps). The SSIDs were configured to *broadcast* (to make something known widely). However, SSIDs and\u00a0MAC addresses are local identifiers more like house numbers. They identify entities within the local wireless network and are generally not re-transmitted beyond that wireless network.<\/li>\n<li>I don&#39;t believe that what they did had an impact on the user&#39;s privacy. As I pointed out above, it&#39;s like capturing house numbers and associating them with a location. That, in itself, has little to do with the user&#39;s privacy unless something else associates the location with the user&#8230;<\/li>\n<\/ul>\n<p>Let&#39;s think about this.\u00a0 Are SSIDs and MAC addresses like house numbers?<\/p>\n<p>Your house number is used &#8211; by anyone in the world who wants to find it\u00a0&#8211; to get to your house.\u00a0\u00a0Your house\u00a0was\u00a0given a number\u00a0for that purpose.\u00a0 The people who live in the houses like this.\u00a0 They actually run out and buy little house number things, and nail them up on the side of their houses, to advertise clearly what number they are.<\/p>\n<p>So let&#39;s see:<\/p>\n<ol>\n<li>Are SSIDS and MAC addresses used by anyone in the world to get through to your network?\u00a0 No.\u00a0 A DNS name would be used for that.\u00a0 In residential neighborhoods,\u00a0you\u00a0employ a\u00a0SSID\u00a0for only one reason &#8211; to make\u00a0it easier to get wireless working for members of your\u00a0family and their visitors.\u00a0\u00a0Your intent is for the wireless access point&#39;s MAC address\u00a0to be\u00a0used only by\u00a0your family&#39;s\u00a0devices, and the MACs of their\u00a0devices only by\u00a0the other\u00a0devices in the house.<\/li>\n<li>Were SSIDS and MAC addressed invented\u00a0to allow anyone in the world to find\u00a0the\u00a0devices in your house?\u00a0\u00a0 No, nothing like that.\u00a0 The MAC is used only within the confines of the local network segment.<\/li>\n<li>Do people consciously try to advertise their SSIDs and MAC addresses to the world by running to the store, buying them, and nailing them to their metaphorical porches?\u00a0 Nope again.\u00a0 Zero analogy.<\/li>\n<\/ol>\n<p><strong>So what is similar?\u00a0 Nothing.<\/strong>\u00a0<\/p>\n<p>That&#39;s because house addresses are what, in Law Four of the <a href=\"\/wp-content\/images\/2009\/06\/7_Laws.htm\" class=\"broken_link\">Laws of Identity<\/a>, were called &#8220;universal identifiers&#8221;,\u00a0while SSIDs and MAC addresses are what were called &#8220;unidirectional identifiers&#8221; &#8211; meaning that they were intended to be constrained\u00a0to use in\u00a0a single context.\u00a0<\/p>\n<p>Keeping &#8220;unidirectional identifiers&#8221; private to their context is essential for privacy.\u00a0 And\u00a0let me be clear:\u00a0I&#39;m not refering only to the privacy of individuals, but also that of enterprises, governments and organizations.\u00a0 Protecting unidirectional identifiers\u00a0is essential for building a secure and trustworthy Internet.<\/p>\n<p>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Do people consciously try to advertise their SSIDs and MAC addresses to the world by running to the store, buying them, and nailing them to their metaphorical porches?<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[70,6,17,3,47,77],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1108"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1108"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1108\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1108"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}