I was a bit puzzled when I found out that Gnome Maps, which comes by default on PureOS, could pinpoint my exact location. The system settings, Privacy -> Location Services are turned off. I am connected via WiFi to a router that only allows connections to the web via PIA. Any tests I can come up with from the browser also show no location (ok, that’s also the browser configuration). I was wondering how come that Gnome Maps finds me still?
What hardware are you running on? I assume you are on a laptop, and not a phone - hence no cellular modem and no GPS (GNSS).
I would guess it is using a database of wireless access points. If you connect wired, rather than via wireless, and turn off the wireless access point, maybe you will disappear. A VPN has no effect on this. (I also note that a VPN has no effect on any application protocol that explicitly transmits an IP address. So it could in theory matter whether the VPN is implemented in the router or in the computer itself.)
However you may be asking “why doesn’t turning off Location Services prevent the application from locating you?” and that is a good question.
I’m on a librem 13, running PureOS. Good point, I’ll try connecting via Ethernet instead of wlan. As you put it though: I’m surprised too location services off does still allow that. More soon when I checked with the cable and WiFi off.
Don’t forget to turn off your wireless access point - although in an urban area, it could locate you using your neighbour’s wireless access point.
Maybe that guess is right, but I can say this:
I’m using GNOME Maps right now on a Librem 15v4 and Arch Linux. Location Services are off in settings.
When I am connected to WLAN without VPN, it point to my approximate area, but not pinpoint me.
When connected via VPN (Proton), it thinks I am in the city the VPN is associated with. For example, it thinks I’m in Chicago right now. I am nowhere near there.
kieran: this could be the VPN ipv6 issue we were discussing in the other thread.
@pfm Try disabling ipv6 and see if that resolves it. I’d be most interested to know.
Perhaps the Coast Guard has stood up the eLORAN system from the National Timing Resilience and Security Act of 2018? Is there an embedded LF receiver?
Don’t have an ethernet adapter handy, so I couldn’t test the wired connection.
Disabling IPv6 doesn’t seem to change anything, the location point is still right on the dot. Of course, there is like about a half block radius around it.
I looked a bit more into the privacy settings. It seems like they are really deactivated. Checking the variable manually by
dconf read /org/gnome/system/location/enabled
returns false, so that seems to be all okay. If I set it to enabled, I get a location. According to Mozilla Location Services, this is indeed via nearby WiFi, etc, so it makes sense that the VPN doesn’t do much. I’m still puzzled however, why it can see my location even with the location services off…
I had it a couple of times after some tests (but couldn’t find any patterns) that maps did put me at first to where my vpn is at. Hitting the “go to current location” button again however always ended up showing my actual location the second time around.
Just to make sure it’s not something gnome-maps saved at this point (which it actually did), I also cleared the recent locations via
dconf reset /org/gnome/maps/last-viewed-location
started again, it didn’t pop right to my address, but found it without any issues when asking for it with the “find my location” button.
Sounds to me like the local application is using the local computer wifi signal to identify nearby wifi to get your location. Being as this would be all things self contained by the application I’m not sure what more you would want. The initial location being the other end of the VPN tunnel makes sense as it’s initially checking where the public IP is as that’s faster, but once it finds the local wifi in its database that is the more accurate location and when you refresh it updates with that more precise location.
This would likely either be a setting within the app OR require a wired connection so the app doesn’t have access to the wifi connection. You may have to turn off the wireless entirely, that’s going to depend on if the app has access to the adapter or just the connection it’s using.
It is interesting that an application would have direct access to WiFi information, if a maps program can do this what’s to stop a browser from doing the same and knowing your actual location even when the OS doesn’t…
surely there are bigger monsters under the bed than this …
If it isn’t IPv6, I’m not sure what it could be really… I’d be interested in knowing which VPN service you’re using. I’m on a similar setup and haven’t had that issue. Even when I was using PureOS, I never had that issue…
I’m using PIA. As an access point I use an RPi that has a wired connection to the modem. It has PiHole on it and a permanent PIA VPN connection with a killswitch set via iptables. Just to make sure that that didn’t go wrong, I also simply used the PIA application to build up a tunnel straight from my computer, the same issue though.
To disable IPv6, I assume I just go to the WiFi preferences and set IPv6 in the specific tab to disabled, correct? Just to double check I didn’t miss something here.
@OpojOJirYAlG I agree, it likely uses the local WiFi. Actually, I don’t think it’s limited to Maps. Using the stock PureBrowser, opening OpenStreetMap, and allowing it to detect my location (I see the irony in allowing it, but stay with me) also gives my actual location, and not the location associated with my IP.
PureOS says in the Privacy settings that Location Services are based off WiFi and mobile broadband. So that would be WiFi in my case. It also seems like Mozilla Location Services (MLS) is used. Is maps simply ignoring that setting and using MLS or a similar service in the background? Seems kind of useless to have that setting if a standard software simply ignores it anyway. Or am I understanding something wrong here? I guess @dc3p doesn’t have the issue on Arch…
That sounds correct.
Actually, I just realized that I can at least check the queries using the PiHole to see, how it gets the location. Indeed, Maps directly queries location.services.mozilla.com
Simply blacklisting those queries makes Maps not able to detect the location anymore. Even allowing PureBrowser to access my location in OpenStreetMap now gives me the error “Geolocation unavailable”. So it seems like it’s clearly the queries to MLS, which is what “Location Services Off” should take care off.
How do I prevent my wireless access point from being collected?
Mozilla’s client applications do not collect information about WiFi access points whose SSID … ends with the string “_nomap”.
That may or may not be convenient to you i.e. depending on how many wireless clients you have.
It is also unclear whether that would have any retrospective effect.
An alternative is to set your SSID to be hidden but I don’t think that that is recommended because a) it isn’t really hidden, and b) it causes other problems.
Again though any change to your own wireless access point(s) will achieve very little if you have a near neighbour with an access point that has been logged (unless you can persuade your neighbour to follow your example).
Sounds like Mozilla Location Services is a separate service from whatever OS location service is used? And even if that’s not entirely true, what prevents another application from favoring its own service to bypass OS settings… That’s kind of a nuisance.