W3C home > Mailing lists > Public > public-geolocation@w3.org > June 2008

Re: Geolocation: Security and Privacy

From: Doug Turner <doug.turner@gmail.com>
Date: Tue, 10 Jun 2008 22:18:57 -0700
Cc: public-geolocation@w3.org
Message-Id: <C59539B3-97CC-4A35-92BC-77F9552984A9@gmail.com>
To: timeless@gmail.com

On Jun 10, 2008, at 9:52 PM, timeless wrote:

> On Jun 10, 2008, at 7:43 PM, Kartikaya Gupta wrote:
>> It seems to me that any approach of this sort would be vulnerable to
>> attacks. As somebody mentioned in a previous post, random fuzzing  
>> can be
>> defeated by doing multiple requests and averaging the results.
>
>> In the snap-to-grid approach I think you're describing, a more  
>> precise
>> position can be pinpointed if you poll the location repeatedly and  
>> record
>> the exact moment you switch from one grid-line to another. i.e. If  
>> your
>> fuzzing reduces precision by rounding down, say from 3.19 to 3.1,  
>> then the
>> moment that value switches to 3.2 means the actual location has  
>> switched
>> from 3.19 to 3.20, and you have your precision back.
>
> On Wed, Jun 11, 2008 at 7:09 AM, Doug Turner <doug.turner@gmail.com>  
> wrote:
>> Why can't you just remove/round precision from the lat/long?
>>
>> For example, this:  37.41857,-122.08769, becomes 37.4, -122.1
>
> this was already explained, in fact in the precise message to which  
> you replied.


> we're not talking about users sending one fixed data point to a  
> server once.
>
> we're talking about users engaged in a dialog where their client will
> send updates, and as soon as the update needs to cross from one
> truncated value to another, the service can determine with precision
> where the user is (one axis at a time, true, but still with
> precision).

yeah, I guess I don't see that happening.  I  think we are talking  
about rounding of a bunch of places on the lat-long.  for example,  
everything in 37.4, -122.1 is a large area.  When I move to the next  
box, the system we be able to tell  that I am at the board between the  
two regions.  Is that the worry?

Doug
Received on Wednesday, 11 June 2008 05:41:02 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 22 March 2012 18:13:39 GMT