W3C home > Mailing lists > Public > public-geolocation@w3.org > June 2008

RE: Geolocation: Security and Privacy

From: Kartikaya Gupta <lists.geolocation@stakface.com>
Date: Wed, 11 Jun 2008 02:43:07 +0000
To: "Chris Butler" <cbutler@dash.net>
Cc: <public-geolocation@w3.org>
Message-ID: <E1K6GJD-0007US-L3@bart.w3.org>

On Tue, 10 Jun 2008 12:50:31 -0700, "Chris Butler" <cbutler@dash.net> wrote:
> 
> One way that might be simpler is to introduce rounding errors into the
> actual lat/lon.  Basically, you build a bounding box and then remove
> accuracy digits.
> 

It seems to me that any approach of this sort would be vulnerable to attacks. As somebody mentioned in a previous post, random fuzzing can be defeated by doing multiple requests and averaging the results.

In the snap-to-grid approach I think you're describing, a more precise position can be pinpointed if you poll the location repeatedly and record the exact moment you switch from one grid-line to another. i.e. If your fuzzing reduces precision by rounding down, say from 3.19 to 3.1, then the moment that value switches to 3.2 means the actual location has switched from 3.19 to 3.20, and you have your precision back.

kats
Received on Wednesday, 11 June 2008 02:43:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 22 March 2012 18:13:39 GMT