W3C home > Mailing lists > Public > public-geolocation@w3.org > June 2008

Re: Geolocation: Security and Privacy

From: Doug Turner <doug.turner@gmail.com>
Date: Tue, 10 Jun 2008 21:09:37 -0700
Cc: "Chris Butler" <cbutler@dash.net>, <public-geolocation@w3.org>
Message-Id: <441A5BB7-FD4C-436E-8CA0-D793E6E455A7@gmail.com>
To: Kartikaya Gupta <lists.geolocation@stakface.com>

On Jun 10, 2008, at 7:43 PM, Kartikaya Gupta wrote:

>
> On Tue, 10 Jun 2008 12:50:31 -0700, "Chris Butler"  
> <cbutler@dash.net> wrote:
>>
>> One way that might be simpler is to introduce rounding errors into  
>> the
>> actual lat/lon.  Basically, you build a bounding box and then remove
>> accuracy digits.
>>
>
> It seems to me that any approach of this sort would be vulnerable to  
> attacks. As somebody mentioned in a previous post, random fuzzing  
> can be defeated by doing multiple requests and averaging the results.

>
>
> In the snap-to-grid approach I think you're describing, a more  
> precise position can be pinpointed if you poll the location  
> repeatedly and record the exact moment you switch from one grid-line  
> to another. i.e. If your fuzzing reduces precision by rounding down,  
> say from 3.19 to 3.1, then the moment that value switches to 3.2  
> means the actual location has switched from 3.19 to 3.20, and you  
> have your precision back.
>
> kats
>



Why can't you just remove/round precision from the lat/long?

For example, this:  37.41857,-122.08769, becomes 37.4, -122.1
Received on Wednesday, 11 June 2008 04:15:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 22 March 2012 18:13:39 GMT