Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

On Tue, 23 Dec 2025 10:00:36 -0000 (UTC), Chris <ithinkiam@gmail.com>
wrote:

Char Jackson <none@none.invalid> wrote:

On Mon, 22 Dec 2025 18:00:14 +0000, Andy Burns <usenet@andyburns.uk>
wrote:

Marian wrote:

I (can) have every access point location
in the world (over 2 billion) if I felt like getting it (and storing it). >>>

But which of those 2 billion belong to me?

Well, *you* know which it is, and ve haf vays of making you talk, so...

Do *you* know your MAC address if presented with a list? I certainly don't.

I actually don't know my WAN MAC, but I know where to find it and could
do so in a few seconds if I needed it. I was just joking with Andy,
though.


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

As long as that BSSID is not openly linked to you, the person, than there
is no privacy issue present.

Since I have already posted a half dozen security research papers and articles that expressly claim otherwise

As you have thrown claims around that you refuse to substanciate in any way since forever I'm not going to believe the above either.

you're entitled to your own opinion which isn't backed up by a single security
researcher on earth

And neither is, as always, yours. Your point ?

The research shows that BSSID + geolocation enables inference attacks, movement tracking,

Yep. Which is rather useless as long as you have no clue who you are targetting/tracking.

and household identification even without explicit personal identifiers.

Yes. And than you have identified a random household. Thats as meaningless
as the above.

Kiddo, come back when you figure out how you can identify a *specific*
person / household from whats in that database. *Than* you have something
to complain about.

For those lurking and learning, this isn't what people like Rudy think it is, since A-GPS has absolutely nothing directly to do with any of this.

:-)

A-GPS is simply a method for a phone to speed up its own location fix
using network assistance.

:-) And what does that "network assistance" look like ? Riddle me dat batman.

Kiddo, have you *ever* stopped to think about why Apple would have spend
money to create that database you have been free to access and now
complaining about ? What's is purpose ? Can you answer me that ?

No, I don't think so.

And something else to think about : You have tracked the movement of a BSSID in real-time. Where do those updated coordinates come from ? Who / what is providing them ?

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

I'm simply informing you and others on this newsgroup of this problem set.

And I'm informing you that you have dreamed up a problem where none exists.

And I'm asking for solutions (in another thread) for resolving the
problem.

Maybe you should start with clarifying the problem, instead of having us
guess what you think it might be.

but my point is that being able to easily track it from anywhere in the world means anyone can essentially atrack you.

Ehhh.... If someone can do "x" that someone can essentially do "x" ? Yeah duh!

But as I already explained to you and you refused to respond to, from whats
in that database you can only track a *random* person. Which, as I
mentioned earlier, is useless.

To prove how easy it is to track anyone's movements from place to place,
I'm setting up these three routers to prove that I can easily be tracked:

You still don't get it, do you. You are still working your way backwards from the answer (you know what your BSSID is) to the question (find your BSSID and read your own location next to it). Anyone can do that.

Doing it the other way around however ...

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

The key point is that Apple's WPS endpoint returns hundreds of nearby GPS:BSSIDs pairs for any submitted BSSID, not just the one requested.

Kiddo, you have changed your story. From a privacy issue to a "I can get
the whole database".

You have not given me/us any explanation to why knowing *a random BSSID* and its location would be a privacy issue, and now not why you think that being able to get all the Apple databases contents would be one.

Lest you claim "I don't get it", it's important to reiterate that the insecurity of Apple's Wi-Fi Positioning System (WPS) isn't speculative.

And as I've told you a number of times before, I'm not going on a wild goose hunt for something you *could* be meaning. You have it as a fact in your
head, *you* explain it. I'm not going to play a ten guesses game with you.

I'm all about helping everyone -

No, you're not.

If you would be than you would take the time to make sure that your intended audience gets the facts instead of some guesswork as well as getting
something thats easy to read and follow and thus understand.

I've told you that many times, but you have disregarded that for years now. Thats not something an /actual/ helpfull person would do.

Though I must say I was pleasantly surprised that your last "tutorial" was about a single subject and not multiple together, poored out after having
gone to a food-blender. Yes, I remember those. :-(

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

Rudolph, let's keep this focused on the technical issue rather than tone.

Answer my questions, and I will consider it.

So, when are you going to explain how you being able to read BSSID's and coordinates from Apples database is a privacy problem ?

For you to tell me "I don't get it" a hundreds times, doesn't mean that I don't get it when I simply reproduced what researchers said could be done.

Kiddo, being able to repeat what others have detailed doesn't mean you understood what you where doing.

Worse, I, myself, could easily track any BSSID in the world.

Kiddo, I've asked you several times to explain why, according to you, that that is a problem. You have refused to do so every time. No, *YOU DO NOT
GET IT*.

Proof of that ? If you would than you would have been able to explain yourself to me/us. The fact that you don't ...

That's not random.

Yes, it is. Tell me, what is *the name of the person* behind the BSSID's
you have been tracking ?

Ofcourse, you have no idea.

These flaws effectively exposes large portions of Apple's WPS database
to anyone who knows how to query it, which is what the researchers said.

Its not a flaw, its on purpose. Kiddo, you have *NO* idea what that
database is for, but you have already drawn your conclusions. You are, as I mentioned a few times, *WILLFULLY IGNORANT*.

And it doesn't help that *I already asked you* to consider what the purpose
of that database is, and you simply refuse to do so.

I have no intention of tracking people, but I proved it's trivial to do. Just like the security researchers said it was.

Is that true ? So, if I pick a name than you can, assiming he's got a BSSID with him, tell me where that person is traveling ? Yes or no ? And ofcourse, explain your answer. :-)

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Marian wrote on 12/28/2025 6:24 PM:

Marian wrote:

Anyone can do this for any home in the United States.
Which is why this is so dangerous to privacy.

Apologies for the unit 2-a on every name and address in the previous list. Only the first line was that unit.

I used gVIM to munge the record, slightly, for privacy, since the exact
unit didn't matter for our purposes, but I made an editing redaction error.

The point is anyone in the world can track these people by their GPS:BSSID. Jeffrey Devin ......................... 4306 Josey Circle
Ronda and Alfred Beel ................ 4310 Josey Circle
James and Dollie Henson Smythe ....... 4314 Josey Circle
Rosemary Ellerbee Jones .............. 4317 Josey Circle
Benjamin and Eric Choyica ............ 4318 Josey Circle
Lonzie D. Groniger .................... 4321 Josey Circle
Terrince Steedman ..................... 4326 Josey Circle
Lutrisher Walton Hill ................ 4329 Josey Circle
Shane Jameson Sr. ..................... 4330 Josey Circle
Flora Ann Jackson Gellion ............ 4338 Josey Circle
Mary E. Gebbs Hendy ................... 4816 Josey Circle
Sherryn Marie Smythe .................. 4820 Josey Circle
Melvin Hawthorn, Jr. ................. 4823 Josey Circle
Charles Nesh .......................... 4824 Josey Circle
Trivia Yashica Watken ................ 4827 Josey Circle
Pamela Tomas .......................... 4828 Josey Circle
etc.

The papers explained how anyone in the world could track every owner of
every home in the United States by their GPS:BSSID using the highly
insecure Apple WPS database like could for the above people (which I have
no plans on doing but which is why I understand how badly designed Apple's WPS implementation is - which Google's WPS & Mozilla's WPS isn't).

I couldn't figure out which of these people are YOU.


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

That's not random.

Yes, it is. Tell me, what is *the name of the person* behind the BSSID's >> you have been tracking ?

Ofcourse, you have no idea.

Ah, but I do.

Another claim without anything to support it. Ignored.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

Apologies for the unit 2-a on every name and address in the previous list. Only the first line was that unit.

...

The point is anyone in the world can track these people by their
GPS:BSSID.
Jeffrey Devin ......................... 4306 Josey Circle
Ronda and Alfred Beel ................ 4310 Josey Circle
James and Dollie Henson Smythe ....... 4314 Josey Circle

[snip rest of list]

So, you have a list of person names and, I assume, street adresses - but no (GPS.)BSSIDs. iow, nothing to track any of those persons with.

Kiddo, you *really need to* explain how you convert BSSIDs into a persons name, or a persons name into a BSSID.

And lets not forget, I asked you a simple Yes/No question about it which you still have not answered :

[quote=me]
So, if I pick a name than you can, assiming he's got a BSSID with him, tell
me where that person is traveling ? Yes or no ? And ofcourse, explain
your answer. :-)
[/quote]

Ofcourse, when I pick a name of someone/place I know the BSSID of it would
be *very* evident when you would give me a random BSSID for it ...

The same would happen when I give you a known-to-me BSSID and you come back with some random persons name.

Yeah, your best shot at not falling into that "trap" is by simply refusing
to answer the question.

The only problem with that is that *not* giving an answer is an answer in itself : YOU HAVE NO CLUE.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

And lets not forget, I asked you a simple Yes/No question about it which
you still have not answered :

...

f. This derived linkage is not present in Apple's data itself.

So, your initial accusation that the contents of Apples database constitutes to a privacy violation is false.

Kiddo, thats what I've been trying to tell you all along, but you have been dancing around, trying to evade having to say that. You infact still do.
:-)

2. How the location association works
a. Apples WPS database stores BSSID-to-location pairs.
b. In practice, these coordinates almost always correspond to a specific building.
c. That building is associated with an owner through public
property records (in the USA anyway)

In short, you need to access *other* publicly available databases to *try
to* link a BSSID to a specific person.

"Try to" as it will still fail when muliple persons live close together (appartment building, GPS is *very* bad at altitude measurement, or even a
row of appartments against each other), or when Apple has "seeded" those coordinates, randomly shifting them away from the actual ones. Just a few meters (inside the precision tolerance) is enough to make them point to a neighbour.

Kiddo, you are WILLFULLY IGNORANT, as you refuse to consider the
implications of what you try to claim.

But ok, now you have found a *random person*. What good does that do ?

My question still stands :

[quote=me]
So, if I pick a name than you can, assiming he's got a BSSID with him, tell
me where that person is traveling ? Yes or no ? And ofcourse, explain
your answer. :-)
[/quote]

If you can answer that one *than* you perhaps have something to complain about.

... but than the question is : complain to whom ? Why have you been accusing Apple of spilling the beans when those "public property records"
are spilling /whole bags/ of them ?

Also, I've been telling you that getting personal information - like
location information - can be bought by anyone who is willing to spend a
buck.

But *if* you can find the home-addres of *a specific person* - which is not
a given - and from there the BSSID of devices owned by that person - which
is also not a given - you have merely found /another way/ to track that person. Congratulations.


And another question you have refused to answer : how does Apples database
get the real-time coordinates of those BSSIDs (so you can track their
movment) ? If its not the persons own devices that upload them, than how does that work ?

... An when a persons own device is doing it, why not point at that person (you?) for being a dumbass for not understanding how his phone works.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

And yet I proved it's trivial to obtain the named owner of every building
in the United States

I've got a name for you :John Smith. Now tell me, where does he live and whats his BSSID ?

Do I have to explain the above to you or are you smart enough to figure it
out for yourself ?

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

Essentially... 1. Every home in the USA is tied to an owner in a public database

You have adjusted your claim to mean only a small part of the world. Your claim that everyone all over the world could be followed is therefore false.

Also, the owner doesn't need to live in that house or being the person carrying the BSSID with him. Your claim that everyone all over the world could be followed is therefore false.

2. Every BSSID in every home in the USA is in the Apple public database

Nope. And I'm not even going to explain that to you.

BSSID <-> GPS <-> Address <-> Owner

Only an extremely unimaginative person wouldn't be able to connect the
dots

Kiddo, you have both been shrinking the reach of your claim as well as refusing to consider any of the problems I've mentioned in regard to your above chain - making your "connect the dots" a farce.

Kiddo, I say it again : YOU ARE WILLFULLY IGNORANT. And you know it.

[quote=me]
So, if I pick a name than you can, assiming he's got a BSSID with him, tell
me where that person is traveling ? Yes or no ? And ofcourse, explain
your answer. :-)
[/quote]

You can't do the above, its as simple as that.

And than there are ofcourse all my other hints and questions you have
refused to respond to.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

I've got a name for you :John Smith. Now tell me, where does he live and >> whats his BSSID ?

Do I have to explain the above to you or are you smart enough to figure
it out for yourself ?

BSSID <-> GPS <=> Address <-> Owner

Every person who knows anything understands that every owner of every
home in the United States is in a public database

Every person who know anything knows that

the owner might not live in the house he owns. (1)

there might be multiple - unrelated - people living in the house (2)

the "GPS" coordinates in Apples database just might not be exactly pointing
to the device itself

(1) Good luck with find out where a person who is *not* the owner actually lives.

(2) Good luck with pin-pointing "the person-of-interest".

Kiddo, you keep presenting your "facts" while forcefully refusing to
consider the problems with them. You are WILLFULLY IGNORANT.

Which in itself isn't much of a problem, but you keep posting your fantasies as tutorials. With which you could greatly damage someone who takes your fantasies as facts.

Forgive me if I will keep making that FACT clear to anyone who might stumble over your science-fiction scribblings.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

"R.Wieser" wrote

Arlen,

Apologies for the unit 2-a on every name and address in the previous
list.
Only the first line was that unit.

...

The point is anyone in the world can track these people by their
GPS:BSSID.
Jeffrey Devin ......................... 4306 Josey Circle
Ronda and Alfred Beel ................ 4310 Josey Circle
James and Dollie Henson Smythe ....... 4314 Josey Circle

[snip rest of list]

So, you have a list of person names and, I assume, street adresses - but
no (GPS.)BSSIDs. iow, nothing to track any of those persons with.

I see I fully forgot to point out the most obvious : that list doesn't seem
to contain coordinates of the property. iow, nothing to compare the coordinates outof Apples database with.

Yet another "connect the dots" of yours that, with the information your provided us, simply doesn't, cannot work.

... or you would need to use /yet another/ information source as a bridge.

So, you would have three(?) databases(?) that will *only* when combined -
and only as long as you ignore all the other problems with it I've posted - devulge the info you're after.

But you still want to blame Apple, and Apple alone for leaking your privacy
?

Yeah, right.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,

And, you understand that if they move, they take their router with them.

Are you disputing any of that?

Wishfull thinking much ? If he doesn't I will.

I know the owner of every home on Josey Circle in Shreveport, LA, right?

Which is pretty useless.

And, in another post, I showed the BSSID nearest to each of those
buildings, right? (I'm not going to put it together here for reasons that I'm not trying to dox people.)

:-) You're just telling us exactly what you've done, so we can repeat it ourselves. In my country thats called "aiding and abedding" - which can easily land you into jail.

a. Are you disputing I have the named owner of every home in the USA?

You already asked that.

b. Or are you disputing I have the BSSID of every home in the USA?

If he doesn't I will. Also, *the* BSSID ? Just a single one ? What are
you ? Poor ?

Note that by tracking the BSSID and knowing the owner of every home in the USA (since that's a public record), I could tie it to you "if" you're the owner.

Thats a rather big "if", don't you think ? It certainly trashes your initial claim that you could track *everyone* (all over the world).

But in the USA, overwhelmingly, people own the home they live in.

Tell that to all the poor city-dwellers who predominanty rent they places.

Who are, by the way, in close proximity and often stacked several layers
ontop of each other. Which ofcourse makes a mockery of any claim that a certain location will al;ways point to a single home.

So it's tied to the owner.

:-) You're "cooking the books" there.

Who, in this case, would be you.

Would it not?

Chances are - for multiple reasons as indicated in the above - he's not.

You're playing the "no true Scotsman" falacy there* : when you do not like a certain result you just discard it - leaving you with a meaningless, small subset, but all confirming what you wish to claim. Duh. Also, blergh.

* https://en.wikipedia.org/wiki/No_true_Scotsman

Bottom line : you *might* be able to track someone when you are given a persons name. - if the stars align just right.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

On Tue, 30 Dec 2025 22:24:03 +0100, "R.Wieser" <address@is.invalid>
wrote:

Arlen,

And, you understand that if they move, they take their router with them.

Are you disputing any of that?

Wishfull thinking much ? If he doesn't I will.

I know the owner of every home on Josey Circle in Shreveport, LA, right?

Which is pretty useless.

And, in another post, I showed the BSSID nearest to each of those
buildings, right? (I'm not going to put it together here for reasons that >> I'm not trying to dox people.)

:-) You're just telling us exactly what you've done, so we can repeat it >ourselves. In my country thats called "aiding and abedding" - which can >easily land you into jail.

a. Are you disputing I have the named owner of every home in the USA?

You already asked that.

b. Or are you disputing I have the BSSID of every home in the USA?

If he doesn't I will. Also, *the* BSSID ? Just a single one ? What are >you ? Poor ?

Note that by tracking the BSSID and knowing the owner of every home in the >> USA (since that's a public record), I could tie it to you "if" you're the >> owner.

Thats a rather big "if", don't you think ? It certainly trashes your
initial claim that you could track *everyone* (all over the world).

But in the USA, overwhelmingly, people own the home they live in.

Tell that to all the poor city-dwellers who predominanty rent they places.

Who are, by the way, in close proximity and often stacked several layers >ontop of each other. Which ofcourse makes a mockery of any claim that a >certain location will al;ways point to a single home.

So it's tied to the owner.

:-) You're "cooking the books" there.

Who, in this case, would be you.

Would it not?

Chances are - for multiple reasons as indicated in the above - he's not.

You're playing the "no true Scotsman" falacy there* : when you do not like a >certain result you just discard it - leaving you with a meaningless, small >subset, but all confirming what you wish to claim. Duh. Also, blergh.

* https://en.wikipedia.org/wiki/No_true_Scotsman

Bottom line : you *might* be able to track someone when you are given a >persons name. - if the stars align just right.

Some random thoughts...

A BSSID is typically based on the interface's MAC address. Each MAC
address is assumed, by many people, to be globally unique, but they
don't have to be.* It helps greatly if a MAC address is unique within
its local network segment, but a duplicate MAC appearing somewhere else shouldn't cause any problems. By extension, a duplicate BSSID appearing somewhere else shouldn't cause any problems that I can think of.

So my question is, would it help Arlen's quest for privacy if he were to
choose a MAC, and thus a BSSID, that already exists somewhere else and
is already present in the database? When someone does a query on that
BSSID, would they get the first result, or all results? I wonder if
Arlen has checked for duplicate BSSID entries in his favorite database.

*Many years ago, where I worked we trialed a piece of software that intentionally used the same IP address and MAC address on every server
in the pool. That violates everything we're taught about network
addressing, but it didn't cause any problems. It simply moved certain
tasks farther up the network stack. We ended up buying and deploying
that software into our production network.


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Char,

It helps greatly if a MAC address is unique within its local
network segment,

I would say that!

Examples of 'puters who could not communicate over the LAN because either their ethernet-cards MAC was already present, or they had a hard-set IP that clashed are aplenty.

but a duplicate MAC appearing somewhere else shouldn't cause
any problems.

As long as it would not be a duplicate there, you would be correct. :-)

There are a few problems with your suggestion though : it only works for devices that do not move around, which would make Arlens statement that he
can track anyone a bit of a joke.

If they hoever *do* move around (hello smartphones!) there is a rather good chance that they will, sometimes, enter a network segment where their BSSID
is alread present - which could lead to a denial of service for one, or even all of the devices being copies of each other.

*Many years ago,

...

it didn't cause any problems. It simply moved certain
tasks farther up the network stack

I think it did a bit more. Like negotiating which server would handle the request, and how to mark it that a certain ethernet packet was part of an ongoing conversation with a specific server.

iow, all those servers would need to /activily work together/ so they would not yell over each other and try to hijack each others conversations.

You know, it does sound odd : that sofware (that was bought) would need to
add markers to make sure ongoing conversations would go to the server which first serviced it, in effect duplicating what the ethernet MAC and the
puters IP are for ...

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Arlen,


[quote=me]

Tell that to all the poor city-dwellers who predominanty rent they places.

Who are, by the way, in close proximity and often stacked several
layers ontop of each other.

As my thoughts went over to the "well off" city-dwellers who own the appartments they live in, I realized that they too often live stacked that
way, sometimes in high-rises of 20 stories or more, with penthouses ontop.

Your Apple-database location data in such cases ? Useless.

Regards,
Rudy Wieser





--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

On Wed, 31 Dec 2025 08:03:36 +0100, "R.Wieser" <address@is.invalid>
wrote:

Char,

It helps greatly if a MAC address is unique within its local
network segment,

I would say that!

Yes, :) Unless of course if it's done intentionally, which should very
rarely be the case.

Examples of 'puters who could not communicate over the LAN because either >their ethernet-cards MAC was already present, or they had a hard-set IP that >clashed are aplenty.

When I was in college/university, someone in the computer lab
intentionally enabled a DHCP server, knowing that there was already an
active DHCP server. With over 300 workstations affected, we were all
dismissed for the day while the lab team figured out what had happened.

but a duplicate MAC appearing somewhere else shouldn't cause
any problems.

As long as it would not be a duplicate there, you would be correct. :-)

I was thinking that the chance of that kind of collision would be
exceedingly low, but statistics were never my strength.

There are a few problems with your suggestion though : it only works for >devices that do not move around, which would make Arlens statement that he >can track anyone a bit of a joke.

If they hoever *do* move around (hello smartphones!) there is a rather good >chance that they will, sometimes, enter a network segment where their BSSID >is alread present - which could lead to a denial of service for one, or even >all of the devices being copies of each other.

*Many years ago,

...

it didn't cause any problems. It simply moved certain
tasks farther up the network stack

I think it did a bit more. Like negotiating which server would handle the >request, and how to mark it that a certain ethernet packet was part of an >ongoing conversation with a specific server.

iow, all those servers would need to /activily work together/ so they would >not yell over each other and try to hijack each others conversations.

You know, it does sound odd : that sofware (that was bought) would need to >add markers to make sure ongoing conversations would go to the server which >first serviced it, in effect duplicating what the ethernet MAC and the >puters IP are for ...

We thought it was odd, as well, but in the end we implemented it and it
worked, so there's that. That was more than 20 years ago, but I remember
the servers having dual NICs, with one dedicated as sort of a mesh,
where they disambiguated and de-duped everything, and the other
interface being for the actual subscriber traffic. Looking back, perhaps
it was overly complicated. I'm sure it has been replaced several times
by now.

Arlen says the whole idea that I tossed out above is a non-starter, so
thanks for the discussion. Happy New Year!


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Char,

but I remember the servers having dual NICs, with one dedicated
as sort of a mesh, where they disambiguated and de-duped everything,

That makes it likely that my (educated) guess that all servers would need to work together is what happened. :-)

Arlen says the whole idea that I tossed out above is a non-starter,

Arlen says a lot of things, most of it - lets put it nicely - not thought
thru.

Happy New Year!

And happy year to you - and everyone else here. :-)

Regards,
Rudy Wieser





--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Char,

but a duplicate MAC appearing somewhere else shouldn't
cause any problems.

As long as it would not be a duplicate there, you would be
correct. :-)

I was thinking that the chance of that kind of collision would
be exceedingly low, but statistics were never my strength.

Mine neither, and that is why I saved a copy of the explanation to the "birthday paradox" : The chance that in a rather small group of people two would have the same birthday.

https://www.scientificamerican.com/article/bring-science-home-probability-birthday-paradox/

It turns out that that chance is above 50% for a group of just 23 people. Which is, to me, remarkable.


Ofcourse, the range of possible "birthdays" for BSSIDs is a "bit" (understatement)larger* (but would it be if we would have started with your idea ? I don't think so), but as the BSSID is moving around the "group" becomes much larger too.

* If we choose our BSSIDs ourselves, the actual range drops dramatically.
Take passwords as an example. Most of us have to be forced not to use our own name or birthdate. :-)

Bottom line, those clashes would probably be much more likely than you
think.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

On Wed, 31 Dec 2025 08:17:06 +0100, "R.Wieser" <address@is.invalid>
wrote:

Arlen,

[quote=me]

Tell that to all the poor city-dwellers who predominanty rent they places. >>
Who are, by the way, in close proximity and often stacked several
layers ontop of each other.

As my thoughts went over to the "well off" city-dwellers who own the >appartments they live in, I realized that they too often live stacked that >way, sometimes in high-rises of 20 stories or more, with penthouses ontop.

Your Apple-database location data in such cases ? Useless.

Regards,
Rudy Wieser

Adding location information to DNS, DHCP, SNMP etc have been proposed.
Go to:
<https://www.rfc-editor.org/search/rfc_search.php>
and search for "location". You will find 165 RFC's involving
location.

An early scheme is RFC 1712
<https://www.rfc-editor.org/info/rfc1712> <https://www.rfc-editor.org/rfc/pdfrfc/rfc1712.txt.pdf>
The location data was limited to "level", which translates to floor
number, and "room" which provides horizontal location data for a
specific "level". Note that the data does not need to be derived from
GPS data. Since it doesn't change (often), it could be entered into
the database when the DNS record was created.

Among the later schemes is RFC 5870 <https://en.wikipedia.org/wiki/Geo_URI_scheme> <https://www.rfc-editor.org/rfc/pdfrfc/rfc5870.txt.pdf>


--
Jeff Liebermann jeffl@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272 AE6KS 831-336-2558


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Jeff,

Adding location information to DNS, DHCP, SNMP etc have been proposed.

...

An early scheme is RFC 1712

proposed in 1994. Its now more than 36 years later (which is, for
technology, a loooong time), and nothing like it has been implemented.


Maybe that is because there is no automated way to determine the "floor number". Especially for devices which task it is to do DNS, DHCP and so
on - those do not even contain hardware to determine their own X/Y location.

I must say that that RFC does have a joke smell to it. You know, like the "I'm a teapot" HTTP status, the "evil bit" for ethernet packets and lets not forget "IP over avian carriers" (which, by the way /does/ work).

And although most/all smartphones do have a GPS, those are notoriously bad
at determing elevation (which is not really a surprise, if you look at where the GPS satelites are located in relation to the GPS receiver).

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

[quote=me]

proposed in 1994. Its now more than 36 years later

My apologies, its only 32 years ago.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

On Dec 23, 2025, Chris wrote
(in article <10idp84$67nc$1@dont-email.me>):

Char Jackson <none@none.invalid> wrote:

On Mon, 22 Dec 2025 18:00:14 +0000, Andy Burns <usenet@andyburns.uk>
wrote:

Marian wrote:

I (can) have every access point location
in the world (over 2 billion) if I felt like getting it (and storing it).

But which of those 2 billion belong to me?

Well, *you* know which it is, and ve haf vays of making you talk, so...

Do *you* know your MAC address if presented with a list? I certainly don't.

It would be easier just to ask me for my physical address.

https://en.wiktionary.org/wiki/ve_haf_vays_of_making_you_talk

Am surprised there isn't a reference to the 80's comedy show 'Allo 'Allo!

Listen very carefully, I shall say this only once.


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

On Thu, 1 Jan 2026 21:05:12 +0100, "R.Wieser" <address@is.invalid>
wrote:

Jeff,

Adding location information to DNS, DHCP, SNMP etc have been proposed.

...

An early scheme is RFC 1712

proposed in 1994. Its now more than 36 years later (which is, for >technology, a loooong time), and nothing like it has been implemented.

I'm 77 years old and am still proposing ideas which could easily be
labeled as science fiction. I've also seen projects that were
proposed, complete with detailed documentation, that didn't function
until funding was found many years later. I suggest you not pass
judgment on technology that you might consider old and instead
concentrate on whether they might actually work. Also, if you wish to
pass judgment on whether some technology is worth doing, there are
seats in the various houses of government awaiting your political
involvement.

Maybe that is because there is no automated way to determine the "floor >number". Especially for devices which task it is to do DNS, DHCP and so
on - those do not even contain hardware to determine their own X/Y location.

Quoting myself: "Note that the data does not need to be derived from
GPS data. Since it doesn't change (often), it could be entered into
the database when the DNS record was created."

That means that in 1994, there was no requirement to identify the
location of a router, server, computer, etc using GPS. Merely
entering the location data the SNMP MIB (management information base)
would be sufficient. Obviously, that won't work for moving objects,
but GPS was not fully operational until 1995 and was not useable for
indoor applications until High Sensitivity GPS arrived in about 1999 <https://www.furuno.com/en/gnss/technical/tec_high>
and Selective Availability was disabled in May 2000. If someone
proposes a geographic network equipment location system prior to about
2000, it wouldn't have worked very well.

I must say that that RFC does have a joke smell to it. You know, like the >"I'm a teapot" HTTP status, the "evil bit" for ethernet packets and lets not >forget "IP over avian carriers" (which, by the way /does/ work).

The RFC's I mentioned don't seem to be in the official book of April
Fools RFC's.
<https://www.rfchumor.com>

And although most/all smartphones do have a GPS, those are notoriously bad >at determing elevation (which is not really a surprise, if you look at where >the GPS satelites are located in relation to the GPS receiver).

That's true which is why sports GPS receivers often include a
barometric altimeter: <https://support.garmin.com/en-US/?faq=WlvNrOungC28xGtwB7hLY5>
"With proper calibration, the barometric altimeter of a Garmin watch
or outdoor handheld will report elevation readings ranging from -2,000
to 30,000 feet with an accuracy of +/-10 feet at any given point."
"Elevation calibrated by GPS is accurate to +/-400 feet at any given
point with a strong GPS signal"

Regards,
Rudy Wieser

--
Jeff Liebermann jeffl@cruzio.com
PO Box 272 http://www.LearnByDestroying.com
Ben Lomond CA 95005-0272 AE6KS 831-336-2558


--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

R.Wieser wrote:

And happy year to you - and everyone else here. :-)

Happy New Year!

Every January 1st, I change the moniker on many of my accounts for privacy. Maria Sophia <mariasophia@comprehension.com> is what the moniker is now.

The rest of the headers are completely random from dictionary lookups
(as my "newsreader" is actually a bunch of scripts using telnet & gVim).

I'm not "hiding from you". I change nothing but the headers. Hence, if you can't figure out who I am in less than about ten seconds based on what I
write and how I write it and how I post excellent research often backed up
by detailed annotated screenshots & photos, please don't exclaim a thousand posts from now that you finally eventually figured it out - as when you do
that - it's absurd you think I'm "hiding" from you.

If you have no understanding of privacy, then save us all the trouble and
just put me in your killfile because anyone saying that they "found me" is someone who has nothing to offer because if it's that difficult for anyone
to figure out what is never hidden, then they have no right to exclaim
they're a genius for finally figuring out what was never hidden from them.

Note that while the headers are dictionary lookups, I did take what Andy & Chris suggested into account by adding scripts to identify the fontset.
--
My goal on these Usenet newsgroups is to teach, learn and to help others.
I post so many thousands of times a year, that privacy is inherently key.

--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)

Subject: Re: Tutorial: Query the Apple database with Python for your access point BSSID

Jeff,

Maybe that is because there is no automated way to determine the
"floor number". Especially for devices which task it is to do
DNS, DHCP and so on - those do not even contain hardware to
determine their own X/Y location.

Quoting myself: "Note that the data does not need to be derived
from GPS data. Since it doesn't change (often), it could be
entered into the database when the DNS record was created."

Two things about that :

1) You are talking about *users*, the ones who cannot even be arsed to
change a default password.

2) There is no reason to put the truth in there - it has zero function for them.

Worse, privacy-concious people would leave it at its default on purpose (I certainly would).

And than there is the problem how a human would determine the floor number he's on. Besides all the houses/buildings that have a half-sunken/elevated "cellar" (where you have to go up half a flight of stairs to reach the front door) there are also houses where going up/down half a flight of stairs gets you to the next room.

I suggest you not pass judgment on technology that you
might consider old and instead concentrate on whether
they might actually work.

You misunderstood : I did not say it was old, I indicated that it had a
*lot* of time to come to fruition, but that has not happened.

As for "might actually work" ? It doesn't bring any benefits to the user,
so most of them will simply not bother with it.

As I assume that the people who wrote that RFC where aware of the "if /everybody/ has to do it to make it work, than it won't work" saying I have
to assume it was put up as a joke.

That's true which is why sports GPS receivers often include a
barometric altimeter:

Which are also a problem : it relies on air pressure, which varies under the different weather types. /Way/ enough to make the measurement go up/down a number of floors. Its also a relative measurement, and needs to be
calibrated before use.

Regards,
Rudy Wieser



--- PyGate Linux v1.5.2
* Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)