On Tue, Jun 06, 2017 at 06:38:00PM -0400, Donald Eastlake wrote: > bssid/macs are manufacturer based but there are companies that provide > positioning services based on learning where those MACs are -- typically > combining such MAC based Wi-Fi/Bluetooth information with IP, GPS, ... > information to try to get an accurate location. If you happen to be in a > hotel function room and can only see meeting provided APs, so you can't see > any fixed local APs, you can easily get Geolocated to the previous meeting > site. What really surprises me is that it should be relatively easy for these geolocation services to detect that BSSID/MAC's for the Access Points belong to conference / rental services. The pattern is pretty obvious, even if the conference isn't kind enough to provide the BSSID/MAC list to geolocation service. The IETF AP's go active for a short-time, and then go dark, and when they come back, they are obviously in a different location --- users who geolocate to those AP's quickly shown to be in the "wrong" place, in that when they get Cell Tower information, it conflicts with the geolocation hint associated with the AP. If they are rental AP's, perhaps the only go dark for a day or two before they come up in a different location, but the pattern of "these AP does not have a stable geolocation" should be really easy to spot. (At least, until Star Trek style transporters or some other matter teleporter comes a Thing.) The service could keep them on a list of AP's where after they go dark for say, 24 hours, when they come back on-line the system should try to use location services based on cell tower, GPS, etc., to figure out where they are on a real-time basis. And if the system isn't able to do that kind of automatical location deduction on a real-time basis, it could simply blacklist those AP's for use as a geolocation hint. This doesn't seem hard.... - Ted