From Newsgroup: misc.phone.mobile.iphone

Andy Burns wrote:

If you have a free unused/old router or access point, you could set it
up with a hidden _nomap SSID, and without connecting any of your phones
to it, wait to see if the BSSID appears listed after a month or two. It
would be interesting to check every day with a script, to see how fast
they update.

Ask some friends who use iPhones to come round for a coffee, the more devices hoovering up data the better? They may only add BSSIDs to the
DB if they've seen them via multiple devices.

Hi Andy,

I respect you so I am explaining that I'm taking your suggestion to heart.
Yet we don't need any Apple devices to run this test, it's that easy to do.

Jan 1st I'm putting 3 old routers (which you may recognize) in Palo Alto.
<https://i.postimg.cc/44WKMKpJ/apple-wps-testing.jpg>

1. Normal SSID
2. _nomap SSID
3. _nomap SSID + hidden broadcast frames

I have a friend in Palo Alto who is willing to host these three routers for about a month, starting on January 1st, 2026. Then we will move the three routers to Cupertino on February 1st to simulate moving to a new flat.
From: Marian <marianjones@helpfulpeople.com>
Newsgroups: alt.comp.os.windows-10,comp.mobile.android,alt.internet.wireless
Subject: Help! How do we get Apple to care about privacy for entities who own access points?
Date: Tue, 23 Dec 2025 23:42:17 -0700
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Message-ID: <10ig209$29kr$1@nnrp.usenet.blueworldhosting.com>

I already know EXACTLY what will happen, but this is simply the test
results that I will show to Apple when the time comes to show it to them.

Given virtually every router in the world has the HIDDEN broadcast frame feature, we can assume hundreds of millions of people use that feature.

Apple does not intend to honor their own published privacy policy, so the routers with that feature will be included in the public Apple WPS
database, which is expressly against the wishes of the people who do that.

What Apple "is doing" is the antithesis of what Apple "says" they will do.

To me, that's morally, ethically & legally reprehensible for Apple to do
that, and Apple can't say they're unaware because I know they're aware.
--
It used to be Apple only told the truth in court, but with Judge Gonzalez' case with Apple execs, it may be Apple doen't even tell the truth in court.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: misc.phone.mobile.iphone

Andy Burns wrote:

Nor mine, by SSID name (not hidden or _nomap suffix)

I wouldn't really expect anyone to have wardriven around here with a
laptop running Vistumbler, but you never know ...

Hi Andy,

In the United States, it's a public record where everyone who owns a home lives, so there's a 1:1 relationship between them and their router.

Cybernews: *Anyone can tap into your WiFi location data to track you*
explains how Apple's WPS can be exploited for mass surveillance. <https://cybernews.com/privacy/apple-beams-wifi-location-data-privacy-risk/>

The researchers already showed anyone in the world is already able to use Apple's WPS db to track Loretta Anne Jameson's AP which is currently
located at 4302 Josey Circle, Shreveport, LA 71109.

When she moves, I'll let you know where she moves her router to.
Likewise with any of her neighbors.

Ronda and Alfred Beel, 4310 Josey Cir, Unit #2-A
Benjamin and Eric Choyica 1/4 and, 4318 Josey Cir, Unit #2-A
Jeffrey Devin, 4306 Josey Cir, Unit #2-A
Flora Ann Jackson Gellion, 4338 Josey Cir, Unit #2-A
Lonzie D. Groniger, 4321 Josey Cir, Unit #2-A
Lutrisher Walton Hill, 4329 Josey Cir, Unit #2-A
Melvin Hawthorn, Jr. 1/2 and, 4823 Josey Cir, Unit #2-A
Mary E. Gebbs Hendy, 4816 Josey Cir, Unit #2-A
Shane Jameson Sr., 4330 Josey Cir, Unit #2-A
Rosemary Ellerbee Jones, 4317 Josey Cir, Unit #2-A
Charles Nesh, 4824 Josey Cir, Unit #2-A
James and Dollie Henson Smythe, 4314 Josey Cir, Unit #2-A
Sherryn Marie Smythe, 4820 Josey Cir, Unit #2-A
Terrince Steedman, 4326 Josey Cir, Unit #2-A
Pamela Tomas, 4828 Josey Cir, Unit #2-A
Trivia Yashica Watken, 4827 Josey Cir, Unit #2-A
etc.

Anyone can do this for any home in the United States.
Which is why this is so dangerous to privacy.
--
I'm here to help others understand the deeper mechanics of WPS that
most people never comprehend (& that Apple marketing never explains).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: misc.phone.mobile.iphone

On 2025-12-28 16:14, Marian wrote:

Andy Burns wrote:

Nor mine, by SSID name (not hidden or _nomap suffix)

I wouldn't really expect anyone to have wardriven around here with a
laptop running Vistumbler, but you never know ...

Hi Andy,
In the United States, it's a public record where everyone who owns a home lives, so there's a 1:1 relationship between them and their router.

Only assuming the accuracy of the database...

...which isn't accurate...

...because devices that AREN'T in the supposed location of an AP are
reporting that one is NEAR their actual location.

Cybernews: *Anyone can tap into your WiFi location data to track you* explains how Apple's WPS can be exploited for mass surveillance. <https://cybernews.com/privacy/apple-beams-wifi-location-data-privacy- risk/>

The researchers already showed anyone in the world is already able to use Apple's WPS db to track Loretta Anne Jameson's AP which is currently
located at 4302 Josey Circle, Shreveport, LA 71109.

How do you know that?

When she moves, I'll let you know where she moves her router to.
Likewise with any of her neighbors.

Ronda and Alfred Beel, 4310 Josey Cir, Unit #2-A
Benjamin and Eric Choyica 1/4 and, 4318 Josey Cir, Unit #2-A
Jeffrey Devin, 4306 Josey Cir, Unit #2-A
Flora Ann Jackson Gellion, 4338 Josey Cir, Unit #2-A
Lonzie D. Groniger, 4321 Josey Cir, Unit #2-A
Lutrisher Walton Hill, 4329 Josey Cir, Unit #2-A
Melvin Hawthorn, Jr. 1/2 and, 4823 Josey Cir, Unit #2-A
Mary E. Gebbs Hendy, 4816 Josey Cir, Unit #2-A
Shane Jameson Sr., 4330 Josey Cir, Unit #2-A
Rosemary Ellerbee Jones, 4317 Josey Cir, Unit #2-A
Charles Nesh, 4824 Josey Cir, Unit #2-A
James and Dollie Henson Smythe, 4314 Josey Cir, Unit #2-A
Sherryn Marie Smythe, 4820 Josey Cir, Unit #2-A
Terrince Steedman, 4326 Josey Cir, Unit #2-A
Pamela Tomas, 4828 Josey Cir, Unit #2-A
Trivia Yashica Watken, 4827 Josey Cir, Unit #2-A
etc.

Anyone can do this for any home in the United States.
Which is why this is so dangerous to privacy.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: misc.phone.mobile.iphone

On Dec 28, 2025 at 11:55:12rC>PM EST, "Alan" <nuh-uh@nope.com> wrote:

On 2025-12-28 16:14, Marian wrote:

Andy Burns wrote:

Nor mine, by SSID name (not hidden or _nomap suffix)

I wouldn't really expect anyone to have wardriven around here with a
laptop running Vistumbler, but you never know ...

Hi Andy,
In the United States, it's a public record where everyone who owns a home
lives, so there's a 1:1 relationship between them and their router.

Only assuming the accuracy of the database...

...which isn't accurate...

...because devices that AREN'T in the supposed location of an AP are reporting that one is NEAR their actual location.

And STILL assuming that a moving router ALWAYS indicates the person moved. MUCH more likely that the router was sold/given away.

Not to mention that since their are "public records where everyone who owns a home
lives" then what is this router adding anyway? If you know where I live, why does the router even matter?

The answer to that is obvious. It only matters because Arlen thinks it makes Apple "look bad".

Which is Arlen's lifelong quest.
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: misc.phone.mobile.iphone

Tyrone wrote:

it makes Apple "look bad".

What Apple does is what "makes Apple look bad", not me.

What's important is that Apple's WPS database implementation is insecure. That's not opinion. That's fact which was described in the research.

Google's WPS database access is nothing like Apple's WPS database access. Anyone in the world can access Apple's entire WPS db without restriction.

All I did was reproduce what the researchers said was easily possible.
And it was.

What the researchers didn't note, and which I learned, and I'm likely only
one out of millions who knows this, was not only does Apple not respect
their own published privacy policy on opting out, but they have no
intention of respecting their published privacy opt-out policy.

This is not opinion.
This is fact.

Only one out of millions of people know what I just said above.
We know it because we're extremely intelligent and well informed.

Bear in mind if Google or Mozilla did what Apple did, I would be on their
case too, because what Apple is doing is the antithesis of what Apple
"says" it does.

It's legally, morally & ethically reprehensible what Apple is doing.
If Google or Mozilla did what Apple does, I'd say the same of them.

But they didn't.
Only Apple does this.
--
I'm here to help others understand the deeper mechanics of WPS that
most people never comprehend (& that Apple marketing never explains).
--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: misc.phone.mobile.iphone

Marian wrote on 12/29/2025 4:04 PM:

Tyrone wrote:

it makes Apple "look bad".

What Apple does is what "makes Apple look bad", not me.

What's important is that Apple's WPS database implementation is
insecure. That's not opinion. That's fact which was described in the research.

Google's WPS database access is nothing like Apple's WPS database access. Anyone in the world can access Apple's entire WPS db without restriction.

All I did was reproduce what the researchers said was easily possible.
And it was.

What the researchers didn't note, and which I learned, and I'm likely only one out of millions who knows this, was not only does Apple not respect
their own published privacy policy on opting out, but they have no
intention of respecting their published privacy opt-out policy.

This is not opinion.
This is fact.

Only one out of millions of people know what I just said above.
We know it because we're extremely intelligent and well informed.

Bear in mind if Google or Mozilla did what Apple did, I would be on their case too, because what Apple is doing is the antithesis of what Apple
"says" it does.

It's legally, morally & ethically reprehensible what Apple is doing.
If Google or Mozilla did what Apple does, I'd say the same of them.

But they didn't.
Only Apple does this.

So, I have to ask ... WHY aren't you taking any positive action marion?

Anonymously Posting rubbish on usenet will not help us, nor you. Apple doesn't even read it, let alone anyone that could intervene.

I realize you are a secret agent and must maintain your privacy to top
secret level, but surely you realize few can even read your secret stuff.

You are pissing up a rainpipe, Marion 007.

This message will self-destruct in 3 seconds ... sssssss.

--- Synchronet 3.21a-Linux NewsLink 1.2

From Newsgroup: misc.phone.mobile.iphone

Marian wrote on 12/29/2025 4:04 PM:

Tyrone wrote:

it makes Apple "look bad".

What Apple does is what "makes Apple look bad", not me.

What's important is that Apple's WPS database implementation is
insecure. That's not opinion. That's fact which was described in the research.

Google's WPS database access is nothing like Apple's WPS database access. Anyone in the world can access Apple's entire WPS db without restriction.

All I did was reproduce what the researchers said was easily possible.
And it was.

What the researchers didn't note, and which I learned, and I'm likely only one out of millions who knows this, was not only does Apple not respect
their own published privacy policy on opting out, but they have no
intention of respecting their published privacy opt-out policy.

This is not opinion.
This is fact.

Only one out of millions of people know what I just said above.

Thank goodness! If only a few people and yourself know this, the rest
of us likely have some time left.

We know it because we're extremely intelligent and well informed.

Your superior intellect is well known Marion. But who are the others in
the "We"?

I'm sure everyone would like to thank this genius cadre for their efforts.

No, on second thought perhaps not. I'm sure all these people are
cloaked in secrecy, and we should do nothing to blow their cover.


This message will self destruct in 3 seconds.



--- Synchronet 3.21a-Linux NewsLink 1.2