location tracking

[ergo owl]

In case @a-wai stops by to drop the mic here are my two cents in regards to the Settings >Privacy >Location Services option and how I thought it would work.





Expected outcome when off: Third party apps like Maps, Weather, Firefox, Geary, Chess, 2048, Chromium, etc. No longer have access to the location of the device (which is provided by geoclue and Mozilla Location Services.)





Actuall outcome when off: Maps can still pinpoint my location within 100 metres due to settings in /etc/geoclue/geoclue.conf:

Code:

# WiFi source configuration options
[wifi]

# Enable WiFi source
enable=true

Weather (and Maps and who knows what else) can also get location from:

Code:

# Network NMEA source configuration options
[network-nmea]

# Fetch location from NMEA sources on local network?
enable=true

More likely than not they can also get location from other sources within the geoclue.conf file if connected with SIM to 3G.




Current solution: Manually change the geoclue.conf file:

Code:

# Network NMEA source configuration options
[network-nmea]

# Fetch location from NMEA sources on local network?
enable=false

# 3G source configuration options
[3g]

# Enable 3G source
enable=false

# CDMA source configuration options
[cdma]

# Enable CDMA source
enable=false

# Modem GPS source configuration options
[modem-gps]

# Enable Modem-GPS source
enable=false

# WiFi source configuration options
[wifi]

# Enable WiFi source
enable=false

------

[gnome-datetime-panel]
allowed=true
system=true
users=

[gnome-color-panel]
allowed=true
system=true
users=

[org.gnome.Shell]
allowed=true
system=true
users=

[io.elementary.desktop.agent-geoclue2]
allowed=true
system=true
users=

[epiphany]
allowed=false
system=false
users=

[firefox]
allowed=false
system=false
users=

The above code is how I run my Pinephone right now, I suppose allowing the system applications but at the same time setting all the geoclue location sources to =false in effect disables them as well but so far I havnt noticed any issues and im unaware of what else to do.




-----------------------------------------------------------------------------------------------------
Open quesstions to anyone with insight:





Should the Settings >Privacy >Location Services turned off option, make changes in the geoclue.conf file instead of the user doing it manually?





Is there a better way to limit third party applications from accessing device location?





Are apps like Maps and Weather not considered Third party applications?





What settings in regards to location does the location services setting actually impact if not apps like these?





Maybe apps that use geoclue / Mozilla Location Services should show as a list under > Location Services for transparancy, perhaps including system applications like Date and Time?





Is there no problem here at all and am I just carrying over paranoia from having been a windows / apple user for far too many years in the past?

[Cree]

In case @a-wai stops by to drop the mic here are my two cents in regards to the Settings >Privacy >Location Services option and how I thought it would work.





Expected outcome when off: Third party apps like Maps, Weather, Firefox, Geary, Chess, 2048, Chromium, etc. No longer have access to the location of the device (which is provided by geoclue and Mozilla Location Services.)





Actuall outcome when off: Maps can still pinpoint my location within 100 metres due to settings in /etc/geoclue/geoclue.conf:

Code:

# WiFi source configuration options
[wifi]

# Enable WiFi source
enable=true

Weather (and Maps and who knows what else) can also get location from:

Code:

# Network NMEA source configuration options
[network-nmea]

# Fetch location from NMEA sources on local network?
enable=true

More likely than not they can also get location from other sources within the geoclue.conf file if connected with SIM to 3G.




Current solution: Manually change the geoclue.conf file:

Code:

# Network NMEA source configuration options
[network-nmea]

# Fetch location from NMEA sources on local network?
enable=false

# 3G source configuration options
[3g]

# Enable 3G source
enable=false

# CDMA source configuration options
[cdma]

# Enable CDMA source
enable=false

# Modem GPS source configuration options
[modem-gps]

# Enable Modem-GPS source
enable=false

# WiFi source configuration options
[wifi]

# Enable WiFi source
enable=false

------

[gnome-datetime-panel]
allowed=true
system=true
users=

[gnome-color-panel]
allowed=true
system=true
users=

[org.gnome.Shell]
allowed=true
system=true
users=

[io.elementary.desktop.agent-geoclue2]
allowed=true
system=true
users=

[epiphany]
allowed=false
system=false
users=

[firefox]
allowed=false
system=false
users=

The above code is how I run my Pinephone right now, I suppose allowing the system applications but at the same time setting all the geoclue location sources to =false in effect disables them as well but so far I havnt noticed any issues and im unaware of what else to do.




-----------------------------------------------------------------------------------------------------
Open quesstions to anyone with insight:





Should the Settings >Privacy >Location Services turned off option, make changes in the geoclue.conf file instead of the user doing it manually?





Is there a better way to limit third party applications from accessing device location?





Are apps like Maps and Weather not considered Third party applications?





What settings in regards to location does the location services setting actually impact if not apps like these?





Maybe apps that use geoclue / Mozilla Location Services should show as a list under > Location Services for transparancy, perhaps including system applications like Date and Time?





Is there no problem here at all and am I just carrying over paranoia from having been a windows / apple user for far too many years in the past?

I wouldnt say paranoia isnt warranted. Windows and apple did a lot to cause lasting trauma on the psyche. Also, linux can certainly be hacked too and this sort of data could compromise you if keeping your location private is of personal importance. Having said that, that's why we have the hardware kill switches. Might just want to leave a few of them off and save yourself the trouble? I do of course get that you May wish to be selective.

[LinAdmin2]

Relevant wiki article

Thanks devrtz  !   Very informative.

  I love my Pine phone(s), but if the GPS is not the exclusive source of my location, ie: 
  cell towers and wifi triangulation is included in finding my location,
     I am very very  disappointed in this device.

I do also own a $50. handheld Garmin GPS that gives my exact location with absolutely no connection
to any outside "services".

My handheld GPS is a receive only device, it uses only the satellite signals for location. 

I thought the phone only needed the internet to display the maps.

This could open a whole new subject on privacy,

**  Should I remove the maps app ?

  Would that help prevent wifi triangulation ?

Why so disappointed now? If you had carefully read before in this forum you would have known all that.

[Humid Stylus]

This thread got me curious so I replaced the url parameter of the geoclue.conf with my own server and made a simple script to read the POST:ed data and save it to a file. So far I have seen long lists of WiFi access points.

I believe it is very easy to fingerprint this data and follow someone around as WiFi networks would disappear one at a time and others appear. This is more information than I like to share with Mozilla or any of it's partners.

I'm ok with using GPS and it is not clear to me if geoclue is needed for that or not but the setting the url to http://127.0.0.1 should atleast keep external parties out of the loop. As an extra precaution one might also blacklist the known location services in the local DNS resolver  to add another layer of defence.

[ergo owl]

This thread got me curious so I replaced the url parameter of the geoclue.conf with my own server and made a simple script to read the POST:ed data and save it to a file. So far I have seen long lists of WiFi access points.

I believe it is very easy to fingerprint this data and follow someone around as WiFi networks would disappear one at a time and others appear. This is more information than I like to share with Mozilla or any of it's partners.

I'm ok with using GPS and it is not clear to me if geoclue is needed for that or not but the setting the url to http://127.0.0.1 should atleast keep external parties out of the loop. As an extra precaution one might also blacklist the known location services in the local DNS resolver  to add another layer of defence.

Thats really good detective work, wish I had the knowledge to set up a test like that myself.

Would be really interesting to know if changing the setting:

Code:

# Enable WiFi source
enable=false

would stop all data collection of WiFi access points as you described in your first paragraph. Also besides the BSSID is there other information being sent along as well? Say for example the MAC address of the different APs?

[bcnaz]

This is definitely out of my league,  but are not the maps keyed to specific gps co-ordinates or possibly are there maps that are available that are gps keyed ? 

The onboard gps should have a co-ordinate fix of where it is in relation to the satellites,  yes ?

It seems along the way some of the software started relying on Googles idea of using every wifi router and cell tower on earth to define locations. (?)

IF .... a fifty dollar hand held gps receiver can pin point its own location ?
                  Then what is all this Microsoft style bloatware still doing in an "open source" program.?

 >  I DO apologize if this sounds a bit like a "rant"  but when I think of "Linux"  I have always thought it was free of all this Google/Apple/ Microsoft style
         Hidden tracking services.

 >  I DO appreciate all the digging into this you have done here,  pointing out so much,   ...   though there is likely even more within...

   Guess, for the time being I should just delete the invasive app's and carry my handheld gps,   if I need directions.

    Thank you for all your efforts, and for sharing,  very informative.   Today our privacy (or lack of)  depends on our own devices...

[ergo owl]

 >  I DO apologize if this sounds a bit like a "rant"  but when I think of "Linux"  I have always thought it was free of all this Google/Apple/ Microsoft style
         Hidden tracking services.

Me too brother. I guess my current view have evolved into one where even some linux distributions sacrifice privacy for mainstream user experience. However, I still believe that there are some hope for privacy focused users on Linux to modify their own device software to suit their personal preferences, something that definetly is not an option while using Apple/Microsoft devices. That said, removing geoclue is not as simple as doing an "apt remove geoclue" as thats not the name it is installed under. I have yet to find out the scope of all files installed related to geoclue and their locations and which other software depend on it to function. Hopefully none because if I cant purge geoclue from my system entirely or at least render it useless by masking its data without breaking the system then its on to another distro or maybe even better, start taking handwriting classes for writing letters instead of sms.

Guess, for the time being I should just delete the invasive app's and carry my handheld gps,   if I need directions.

I fear that would just be a blindfold for what is anyway going on underneath the hood. In time the chess app might start using geoclue aswell to "find players in your area" or any other seemingly harmless app. We already know that the location services option in mobian doesnt effect geoclue and as of yet there is no way to find out which individual apps draw data from it since Maps and Weather are not even listed in the geoclue.conf file yet they make use of it somehow as changing values in the file have a direct effect on their ability to use location. We need to find the root of this evil and purge it.

Edit: Little bit overdramatic there at the end. All of this is of course just my opinion, I appriciate other people having a different take on the subject.

[bcnaz]

I AGREE with you I am not giving up on the Pine phone.

But for the time being I am glad to use it for the things it does so well.
I have wanted a Linux or some alternative phone for a very long time.

My old operator assisted radio phone had more privacy that most of today's phones.

The Pine phone is a step in the right direction for privacy, we just need to be cautious of the software we run on it.

On a similar "side note" I have rented a dozen cars for trips in the last several years, I am sure all new cars have privacy invasion issues,
BUT only Enterprise car rental has had the warning disclosure stating "your conversations and locations may not be secure". (?)

[KC9UDX]

What makes me pine for a PinePhone are all those "What's it doing?" moments when I try to do something useful quickly on my G6 Play, and it's off doing something it believes is more important, with the screen off.

[ergo owl]

Eureka!

sudo apt purge geoclue-2.0

also removes gnome-clocks, gnome-maps and gnome weather.

system is running fine after systemctl reboot and after sudo apt autoremove into another systemctl reboot things are looking as stable as ever. 

cd /etc/geoclue/: No such file or directory

No trace of Geoclue Demo Agent